It was discovered that svg-sanitizer, vendored in SPIP, did not properly
sanitize SVG/XML content. An attacker could possibly use this issue to
perform cross site scripting. This issue only affected Ubuntu 24.10.
(CVE-2022-23638)

It was discovered that SPIP did not properly sanitize certain inputs. A
remote attacker could possibly use this issue to perform cross site
scripting. This issue only affected Ubuntu 18.04 LTS. (CVE-2022-28959)

It was discovered that SPIP did not properly sanitize certain inputs. A
remote attacker could possibly use this issue to perform PHP injection
attacks. This issue only affected Ubuntu 18.04 LTS. (CVE-2022-28960)

It was discovered that SPIP did not properly sanitize certain inputs. A
remote attacker could possibly use this issue to perform SQL injection
attacks. This issue only affected Ubuntu 18.04 LTS. (CVE-2022-28961)

It was discovered that SPIP did not properly sanitize certain inputs. A
remote authenticated attacker could possibly use this issue to execute
arbitrary code. This issue only affected Ubuntu 18.04 LTS. (CVE-2022-37155)

It was discovered that SPIP did not properly sanitize certain inputs. A
remote attacker could possibly use this issue to perform SQL injection
attacks. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS.
(CVE-2023-24258)

It was discovered that SPIP did not properly handle serialization under
certain circumstances. A remote attacker could possibly use this issue to
execute arbitrary code. This issue only affected Ubuntu 18.04 LTS and
Ubuntu 20.04 LTS. (CVE-2023-27372)

It was discovered that SPIP did not properly sanitize HTTP requests. A
remote attacker could possibly use this issue to execute arbitrary code.
(CVE-2024-8517)

Read More

Amel Bouziane-Leblond discovered that insufficient validation of
“vnd.libreoffice.command” URI schemes could result in the execution of
arbitrary macro commands.

https://security-tracker.debian.org/tracker/DSA-5873-1

Read More

It was discovered that cmark-gfm’s autolink extension did not correctly
handle parsing large inputs. An attacker could possibly use this issue
to cause a denial of service. This issue only affected Ubuntu 20.04 LTS
and Ubuntu 22.04 LTS. (CVE-2022-39209)

It was discovered that cmark-gfm did not correctly handle parsing large
inputs. An attacker could possibly use this issue to cause a denial of
service. This issue only affected Ubuntu 22.04 LTS, Ubuntu 24.04 LTS and
Ubuntu 24.10. (CVE-2023-22483)

It was discovered that cmark-gfm did not correctly handle parsing large
inputs. An attacker could possibly use this issue to cause a denial of
service. This issue only affected Ubuntu 24.04 LTS and Ubuntu 24.10.
(CVE-2023-22484)

It was discovered that cmark-gfm did not correctly handle parsing large
inputs. An attacker could possibly use this issue to cause a denial of
service. (CVE-2023-22486, CVE-2023-26485)

Read More

George Chatzisofroniou and Panayiotis Kotzanikolaou discovered that
wpa_supplicant and hostapd reused encryption elements in the PKEX protocol.
An attacker could possibly use this issue to impersonate a wireless access
point, and obtain sensitive information. (CVE-2022-37660)

Daniel De Almeida Braga, Mohamed Sabt, and Pierre-Alain Fouque discovered
that wpa_supplicant and hostapd were vulnerable to side channel attacks due
to the cache access patterns. An attacker could possibly use this issue to
obtain sensitive information. This issue only affected Ubuntu 20.04 LTS.
(CVE-2022-23303, CVE-2022-23304)

Read More

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
– ARM64 architecture;
– Block layer subsystem;
– ACPI drivers;
– Drivers core;
– ATA over ethernet (AOE) driver;
– TPM device driver;
– GPIO subsystem;
– GPU drivers;
– HID subsystem;
– I2C subsystem;
– InfiniBand drivers;
– Mailbox framework;
– Multiple devices driver;
– Media drivers;
– Network drivers;
– NTB driver;
– Virtio pmem driver;
– Parport drivers;
– PCI subsystem;
– SPI subsystem;
– Direct Digital Synthesis drivers;
– USB Device Class drivers;
– USB Dual Role (OTG-ready) Controller drivers;
– USB Serial drivers;
– USB Type-C support driver;
– Framebuffer layer;
– BTRFS file system;
– Ceph distributed file system;
– Ext4 file system;
– F2FS file system;
– File systems infrastructure;
– JFS file system;
– Network file system (NFS) client;
– Network file system (NFS) server daemon;
– NILFS2 file system;
– SMB network file system;
– Network traffic control;
– Network sockets;
– TCP network protocol;
– BPF subsystem;
– Perf events;
– Arbitrary resource management;
– Timer substystem drivers;
– Tracing infrastructure;
– Closures library;
– Memory management;
– Amateur Radio drivers;
– Bluetooth subsystem;
– Ethernet bridge;
– CAN network layer;
– Networking core;
– IPv4 networking;
– IPv6 networking;
– MAC80211 subsystem;
– Netfilter;
– Netlink;
– SCTP protocol;
– TIPC protocol;
– Wireless networking;
– XFRM subsystem;
– Key management;
– FireWire sound drivers;
– AudioScience HPI driver;
– Amlogic Meson SoC drivers;
– KVM core;
(CVE-2024-47672, CVE-2024-50273, CVE-2024-49896, CVE-2024-49962,
CVE-2024-50007, CVE-2024-47706, CVE-2024-50302, CVE-2024-50299,
CVE-2024-49959, CVE-2024-49973, CVE-2024-47674, CVE-2024-50143,
CVE-2024-50278, CVE-2024-50184, CVE-2024-49892, CVE-2024-50044,
CVE-2024-47701, CVE-2024-49860, CVE-2024-47692, CVE-2024-49948,
CVE-2024-50039, CVE-2024-50006, CVE-2024-53066, CVE-2024-49944,
CVE-2024-43863, CVE-2024-47756, CVE-2024-50082, CVE-2024-50237,
CVE-2024-50262, CVE-2024-49900, CVE-2024-50059, CVE-2024-50194,
CVE-2024-53063, CVE-2024-47697, CVE-2024-49975, CVE-2024-50033,
CVE-2024-50148, CVE-2024-50116, CVE-2024-50168, CVE-2024-47747,
CVE-2024-53104, CVE-2024-50218, CVE-2024-50279, CVE-2024-46853,
CVE-2024-46854, CVE-2024-50127, CVE-2024-49995, CVE-2024-50282,
CVE-2024-47685, CVE-2024-50296, CVE-2024-50099, CVE-2024-50199,
CVE-2024-49879, CVE-2024-50287, CVE-2024-50265, CVE-2024-50269,
CVE-2024-47698, CVE-2024-49868, CVE-2024-50035, CVE-2024-47709,
CVE-2024-50024, CVE-2024-50301, CVE-2024-50142, CVE-2024-53059,
CVE-2024-50008, CVE-2024-49997, CVE-2024-46849, CVE-2024-50290,
CVE-2024-40953, CVE-2024-49985, CVE-2024-47737, CVE-2024-49883,
CVE-2024-50040, CVE-2024-49958, CVE-2024-50205, CVE-2024-47723,
CVE-2024-50180, CVE-2024-50229, CVE-2024-50131, CVE-2024-47713,
CVE-2024-49963, CVE-2024-44931, CVE-2024-47742, CVE-2024-49903,
CVE-2024-49949, CVE-2024-47684, CVE-2024-35896, CVE-2024-41016,
CVE-2024-49955, CVE-2024-50134, CVE-2024-49938, CVE-2024-49877,
CVE-2024-49981, CVE-2024-50234, CVE-2024-50096, CVE-2024-49952,
CVE-2024-49957, CVE-2024-49982, CVE-2024-47710, CVE-2024-53061,
CVE-2024-50267, CVE-2024-47712, CVE-2024-50195, CVE-2024-50236,
CVE-2024-47749, CVE-2024-47757, CVE-2024-49894, CVE-2024-50179,
CVE-2024-42252, CVE-2024-49851, CVE-2024-53101, CVE-2024-38544,
CVE-2024-50117, CVE-2023-52917, CVE-2024-50045, CVE-2024-40911,
CVE-2024-49882, CVE-2024-49867, CVE-2024-50202, CVE-2024-49878,
CVE-2024-50251, CVE-2024-50151, CVE-2024-50171, CVE-2024-47740,
CVE-2024-49965, CVE-2023-52458, CVE-2024-50233, CVE-2024-40965,
CVE-2024-49924, CVE-2024-50167, CVE-2024-47670, CVE-2021-47469,
CVE-2024-35887, CVE-2024-50074, CVE-2024-46731, CVE-2024-47671,
CVE-2024-41066, CVE-2024-49966, CVE-2024-50150, CVE-2024-50230,
CVE-2024-47696, CVE-2024-47699, CVE-2024-47679, CVE-2024-49902)

Read More

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
– ARM32 architecture;
– x86 architecture;
– Block layer subsystem;
– Cryptographic API;
– ACPI drivers;
– Drivers core;
– ATA over ethernet (AOE) driver;
– Network block device driver;
– TPM device driver;
– Hardware crypto device drivers;
– ARM SCMI message protocol;
– EFI core;
– GPU drivers;
– I2C subsystem;
– I3C subsystem;
– InfiniBand drivers;
– Input Device core drivers;
– IOMMU subsystem;
– Mailbox framework;
– Media drivers;
– Ethernet bonding driver;
– Network drivers;
– Mellanox network drivers;
– STMicroelectronics network drivers;
– NTB driver;
– PCI subsystem;
– Alibaba DDR Sub-System Driveway PMU driver;
– x86 platform drivers;
– Powercap sysfs driver;
– Remote Processor subsystem;
– SCSI subsystem;
– USB Device Class drivers;
– vDPA drivers;
– Virtio Host (VHOST) subsystem;
– Framebuffer layer;
– AFS file system;
– BTRFS file system;
– File systems infrastructure;
– Ceph distributed file system;
– Ext4 file system;
– F2FS file system;
– JFS file system;
– Network file systems library;
– Network file system (NFS) server daemon;
– NILFS2 file system;
– SMB network file system;
– BPF subsystem;
– Virtio network driver;
– TCP network protocol;
– Perf events;
– Padata parallel execution mechanism;
– RCU subsystem;
– Arbitrary resource management;
– Static call mechanism;
– Tracing infrastructure;
– Memory management;
– Bluetooth subsystem;
– CAN network layer;
– Networking core;
– Distributed Switch Architecture;
– IPv4 networking;
– IPv6 networking;
– MAC80211 subsystem;
– IEEE 802.15.4 subsystem;
– NCSI (Network Controller Sideband Interface) driver;
– RxRPC session sockets;
– SCTP protocol;
– TIPC protocol;
– Wireless networking;
– AudioScience HPI driver;
– KVM core;
(CVE-2024-47709, CVE-2024-49889, CVE-2024-49931, CVE-2024-50008,
CVE-2024-49969, CVE-2024-49975, CVE-2024-49958, CVE-2024-47756,
CVE-2024-49944, CVE-2024-47707, CVE-2024-47693, CVE-2024-47686,
CVE-2024-47734, CVE-2024-47750, CVE-2024-50179, CVE-2024-49942,
CVE-2024-49864, CVE-2024-49891, CVE-2024-49965, CVE-2024-49905,
CVE-2024-47719, CVE-2024-49877, CVE-2024-47688, CVE-2024-47691,
CVE-2024-47710, CVE-2024-47748, CVE-2024-49948, CVE-2024-49998,
CVE-2024-47673, CVE-2024-47738, CVE-2024-47701, CVE-2024-47705,
CVE-2024-49930, CVE-2024-49985, CVE-2024-50016, CVE-2024-53144,
CVE-2023-52917, CVE-2024-47690, CVE-2024-47675, CVE-2024-50176,
CVE-2024-49922, CVE-2024-47704, CVE-2024-49982, CVE-2024-47741,
CVE-2024-49991, CVE-2024-49902, CVE-2024-49883, CVE-2024-49892,
CVE-2024-50002, CVE-2024-49945, CVE-2024-49959, CVE-2024-47732,
CVE-2024-49856, CVE-2024-47677, CVE-2024-49978, CVE-2024-49966,
CVE-2024-49937, CVE-2024-47744, CVE-2024-49890, CVE-2024-47739,
CVE-2024-50012, CVE-2024-47742, CVE-2024-49980, CVE-2024-47706,
CVE-2024-49994, CVE-2024-50017, CVE-2024-47697, CVE-2024-49996,
CVE-2024-49953, CVE-2024-49871, CVE-2024-47723, CVE-2024-49987,
CVE-2024-49917, CVE-2024-49888, CVE-2024-49866, CVE-2024-50005,
CVE-2024-47681, CVE-2024-49870, CVE-2024-49898, CVE-2024-49981,
CVE-2024-49947, CVE-2024-49918, CVE-2024-49983, CVE-2024-47698,
CVE-2024-49850, CVE-2024-50007, CVE-2024-49900, CVE-2024-49923,
CVE-2024-49909, CVE-2024-47687, CVE-2024-50015, CVE-2024-47715,
CVE-2024-47745, CVE-2024-49926, CVE-2024-49879, CVE-2024-49986,
CVE-2024-49929, CVE-2024-49949, CVE-2024-49976, CVE-2024-47749,
CVE-2024-47689, CVE-2024-47720, CVE-2024-47743, CVE-2024-49878,
CVE-2024-49935, CVE-2024-49955, CVE-2024-49997, CVE-2024-49860,
CVE-2024-47703, CVE-2024-50175, CVE-2024-49855, CVE-2024-49861,
CVE-2024-49951, CVE-2024-49863, CVE-2024-49882, CVE-2024-50000,
CVE-2024-49912, CVE-2024-49974, CVE-2024-49977, CVE-2024-47752,
CVE-2024-47700, CVE-2024-49911, CVE-2024-49852, CVE-2024-47740,
CVE-2024-47671, CVE-2024-49988, CVE-2024-47699, CVE-2024-47757,
CVE-2024-49933, CVE-2024-49913, CVE-2024-49907, CVE-2024-49881,
CVE-2024-47751, CVE-2024-47753, CVE-2024-47731, CVE-2024-47730,
CVE-2024-49934, CVE-2024-49957, CVE-2024-49938, CVE-2024-47728,
CVE-2024-49867, CVE-2024-47754, CVE-2024-49919, CVE-2024-49992,
CVE-2024-49950, CVE-2024-49954, CVE-2024-49924, CVE-2024-47670,
CVE-2024-50014, CVE-2024-47684, CVE-2024-49884, CVE-2024-47678,
CVE-2024-49894, CVE-2024-49859, CVE-2024-47735, CVE-2024-47696,
CVE-2024-49999, CVE-2024-49880, CVE-2024-47747, CVE-2024-49885,
CVE-2024-49963, CVE-2024-49995, CVE-2024-49897, CVE-2024-49868,
CVE-2024-49862, CVE-2024-49928, CVE-2024-47685, CVE-2024-47692,
CVE-2024-49927, CVE-2024-47695, CVE-2024-49896, CVE-2024-49875,
CVE-2024-49853, CVE-2024-47714, CVE-2024-49989, CVE-2024-49858,
CVE-2024-49952, CVE-2024-49973, CVE-2024-49925, CVE-2024-49851,
CVE-2024-47712, CVE-2024-49961, CVE-2024-47713, CVE-2024-47718,
CVE-2024-49962, CVE-2024-47737, CVE-2024-50001, CVE-2024-49876,
CVE-2024-49903, CVE-2024-49939, CVE-2024-49886, CVE-2024-47679,
CVE-2024-50006, CVE-2024-49874, CVE-2024-47716, CVE-2024-49895,
CVE-2024-47727, CVE-2024-47672, CVE-2024-49901, CVE-2024-47733,
CVE-2024-47682, CVE-2024-47702, CVE-2024-50013, CVE-2024-41016,
CVE-2024-49960, CVE-2024-49936, CVE-2024-49946, CVE-2024-49915)

Read More

It was discovered that Raptor incorrectly handled memory operations when
processing certain input files. A remote attacker could possibly use this
issue to cause Raptor to crash, resulting in a denial of service. This
issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2020-25713)

It was discovered that Raptor incorrectly handled parsing certain tuples. A
remote attacker could possibly use this issue to cause Raptor to crash,
resulting in a denial of service. (CVE-2024-57822)

It was discovered that Raptor incorrectly handled parsing certain turtles.
A remote attacker could use this issue to cause Raptor to crash, resulting
in a denial of service, or possibly execute arbitrary code.
(CVE-2024-57823)

Read More

Stephen Fewer discovered that PostgreSQL incorrectly handled quoting syntax
in certain scenarios. A remote attacker could possibly use this issue to
perform SQL injection attacks.

Read More

It was discovered that Kerberos incorrectly handled certain memory
operations. A remote attacker could possibly use this issue to cause
Kerberos to consume memory,leading to a denial of service. (CVE-2024-26458,
CVE-2024-26461)

It was discovered that Kerberos incorrectly handled certain memory
operations. A remote attacker could possibly use this issue to cause
Kerberos to consume memory,leading to a denial of service. This issue only
affected Ubuntu 24.04 LTS. (CVE-2024-26462)

It was discovered that the Kerberos kadmind daemon incorrectly handled log
files when incremental propagation was enabled. An authenticated attacker
could use this issue to cause kadmind to crash, resulting in a denial of
service, or possibly execute arbitrary code. (CVE-2025-24528)

Read More

It was discovered that Erlang incorrectly handled SFTP packet sizes. A
remote attacker could possibly use this issue to cause Erlang to consume
resources, resulting in a denial of service.

Read More