Category Archives: Advisories

CVE-2020-12775

Read Time:12 Second

Hicos citizen certificate client-side component does not filter special characters for command parameters in specific web URLs. An unauthenticated remote attacker can exploit this vulnerability to perform command injection attack to execute arbitrary system command, disrupt system or terminate service.

Read More

USN-5309-1: virglrenderer vulnerabilities

Read Time:19 Second

It was discovered that virglrenderer incorrectly handled memory. An
attacker inside a guest could use this issue to cause virglrenderer to
crash, resulting in a denial of service, or possibly execute arbitrary
code. (CVE-2022-0135)

It was discovered that virglrenderer incorrectly initialized memory. An
attacker inside a guest could possibly use this issue to obtain sensitive
host information. (CVE-2022-0175)

Read More

Dll Hijacking Vulnerability found in Rufus-3.17.1846 from Akeo Consulting

Read Time:24 Second

Posted by YEUNG, Tsz Ko on Feb 28

Hi all,

I would like to disclose a vulnerability that I just found today.

Details below:

Vulnerable Software and Version:

1. Rufus 3.17.1846 executable
2. Rufus 3.17.1846 portable executable

Vulnerable software download link:
https://rufus.ie/en/

https://github.com/pbatard/rufus/releases/tag/v3.17

Date discovered and reported:
25 Feb 2022

Description:
Both Rufus 3.17.1846 executable AND portable executable are suffering from DLL…

Read More

Dll Hijacking Vulnerability found in Rufus-3.17.1846 from Akeo Consulting

Read Time:24 Second

Posted by YEUNG, Tsz Ko on Feb 28

Hi all,

I would like to disclose a vulnerability that I just found today.

Details below:

Vulnerable Software and Version:

1. Rufus 3.17.1846 executable
2. Rufus 3.17.1846 portable executable

Vulnerable software download link:
https://rufus.ie/en/

https://github.com/pbatard/rufus/releases/tag/v3.17

Date discovered and reported:
25 Feb 2022

Description:
Both Rufus 3.17.1846 executable AND portable executable are suffering from DLL…

Read More

USN-5307-1: QEMU vulnerabilities

Read Time:1 Minute, 59 Second

Gaoning Pan discovered that QEMU incorrectly handled the floppy disk
emulator. An attacker inside the guest could use this issue to cause QEMU
to crash, resulting in a denial of service. (CVE-2021-20196)

Gaoning Pan discovered that the QEMU vmxnet3 NIC emulator incorrectly
handled certain values. An attacker inside the guest could use this issue
to cause QEMU to crash, resulting in a denial of service. (CVE-2021-20203)

It was discovered that the QEMU vhost-user GPU device contained several
security issues. An attacker inside the guest could use these issues to
cause QEMU to crash, resulting in a denial of service, leak sensitive
information, or possibly execute arbitrary code. This issue only affected
Ubuntu 21.10. (CVE-2021-3544, CVE-2021-3545, CVE-2021-3546)

It was discovered that QEMU incorrectly handled bulk transfers from SPICE
clients. A remote attacker could use this issue to cause QEMU to crash,
resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2021-3682)

It was discovered that the QEMU UAS device emulation incorrectly handled
certain stream numbers. An attacker inside the guest could use this issue
to cause QEMU to crash, resulting in a denial of service, or possibly
execute arbitrary code. This issue only affected Ubuntu 21.10.
(CVE-2021-3713)

It was discovered that the QEMU virtio-net device incorrectly handled
certain buffer addresses. An attacker inside the guest could use this issue
to cause QEMU to crash, resulting in a denial of service, or possibly
execute arbitrary code. (CVE-2021-3748)

It was discovered that the QEMU SCSI device emulation incorrectly handled
certain MODE SELECT commands. An attacker inside the guest could possibly
use this issue to cause QEMU to crash, resulting in a denial of service.
(CVE-2021-3930)

It was discovered that the QEMU ACPI logic incorrectly handled certain
values. An attacker inside the guest could possibly use this issue to cause
QEMU to crash, resulting in a denial of service. This issue only affected
Ubuntu 21.10. (CVE-2021-4158)

Jietao Xiao, Jinku Li, Wenbo Shen, and Nanzi Yang discovered that the QEMU
virtiofsd device incorrectly handled permissions when creating files. An
attacker inside the guest could use this issue to create files inside the
directory shared by virtiofs with unintended permissions, possibly allowing
privilege escalation. This issue only affected Ubuntu 21.10.
(CVE-2022-0358)

Read More

USN-5306-1: WebKitGTK vulnerabilities

Read Time:16 Second

A large number of security issues were discovered in the WebKitGTK Web and
JavaScript engines. If a user were tricked into viewing a malicious
website, a remote attacker could exploit a variety of issues related to web
browser security, including cross-site scripting attacks, denial of service
attacks, and arbitrary code execution.

Read More

USN-5305-1: MariaDB vulnerabilities

Read Time:18 Second

Several security issues were discovered in MariaDB and this update includes
new upstream MariaDB versions to fix these issues.

MariaDB has been updated to 10.3.34 in Ubuntu 20.04 LTS and to 10.5.15 in
Ubuntu 21.10.

In addition to security fixes, the updated packages contain bug fixes,
new features, and possibly incompatible changes.

Read More