Jan Engelhardt, Tavis Ormandy, and others discovered that the GNU C Library
iconv feature incorrectly handled certain input sequences. An attacker
could possibly use this issue to cause the GNU C Library to hang or crash,
resulting in a denial of service. (CVE-2021-3326)
It was discovered that the GNU C Library nscd daemon incorrectly handled
certain netgroup lookups. An attacker could possibly use this issue to
cause the GNU C Library to crash, resulting in a denial of service.
(CVE-2021-35942)
USN-5698-1 fixed a vulnerability in Open. This update provides
the corresponding update for Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that Open vSwitch incorrectly handled comparison of
certain minimasks. A remote attacker could use this issue to cause Open
vSwitch to crash, resulting in a denial of service, or possibly execute
arbitrary code.
It was discovered that Open vSwitch incorrectly handled comparison of
certain minimasks. A remote attacker could use this issue to cause Open
vSwitch to crash, resulting in a denial of service, or possibly execute
arbitrary code.
Douglas Mendizabal discovered that Barbican incorrectly handled certain
query strings. A remote attacker could possibly use this issue to bypass
the access policy.
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link TL-WR841N routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of GnuPG libksba. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of GnuPG libksba. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation.
