It was discovered that OpenLDAP was not properly performing bounds checks
when executing functions related to LDAP URLs. An attacker could possibly
use this issue to cause a denial of service.

Read More

Multiple security issues were discovered in MySQL and this update includes
new upstream MySQL versions to fix these issues.

MySQL has been updated to 8.0.36 in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS,
and Ubuntu 23.10.

In addition to security fixes, the updated packages contain bug fixes, new
features, and possibly incompatible changes.

Please see the following for more information:

https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-36.html
https://www.oracle.com/security-alerts/cpujan2024.html

Read More

It was discovered that amanda did not properly check certain arguments. A
local unprivileged attacker could possibly use this issue to perform a
privilege escalation attack.

Read More

A vulnerability has been discovered in Trend Micro uiAirSupport, that could allow for arbitrary code execution. Trend Micro uiAirSupport is a support tool product made by Trend Micro. Successful exploitation of this vulnerability could allow for arbitrary code execution in the context of the affected service account. Depending on the privileges associated with the service account an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Service accounts that are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

Read More

The Qualys Research Labs discovered several vulnerabilities in the GNU C
Library’s __vsyslog_internal() function (called by syslog() and
vsyslog()). A heap-based buffer overflow (CVE-2023-6246), an off-by-one
heap overflow (CVE-2023-6779) and an integer overflow (CVE-2023-6780)
can be exploited for privilege escalation or denial of service.

Details can be found in the Qualys advisory at
https://www.qualys.com/2024/01/30/syslog

Additionally a memory corruption was discovered in the glibc’s qsort()
function, due to missing bounds check and when called by a program
with a non-transitive comparison function and a large number of
attacker-controlled elements. As the use of qsort() with a
non-transitive comparison function is undefined according to POSIX and
ISO C standards, this is not considered a vulnerability in the glibc
itself. However the qsort() implementation was hardened against
misbehaving callers.

Details can be found in the Qualys advisory at
https://www.qualys.com/2024/01/30/qsort

https://security-tracker.debian.org/tracker/DSA-5611-1

Read More

Lin Ma discovered that the netfilter subsystem in the Linux kernel did not
properly validate network family support while creating a new netfilter
table. A local attacker could use this to cause a denial of service or
possibly execute arbitrary code. (CVE-2023-6040)

It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly validate the server frame size in certain
situation, leading to an out-of-bounds read vulnerability. An attacker
could use this to construct a malicious CIFS image that, when operated on,
could cause a denial of service (system crash) or possibly expose sensitive
information. (CVE-2023-6606)

Budimir Markovic, Lucas De Marchi, and Pengfei Xu discovered that the perf
subsystem in the Linux kernel did not properly validate all event sizes
when attaching new events, leading to an out-of-bounds write vulnerability.
A local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code. (CVE-2023-6931)

It was discovered that the IGMP protocol implementation in the Linux kernel
contained a race condition, leading to a use-after-free vulnerability. A
local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code. (CVE-2023-6932)

Read More

It was discovered that the ASUS HID driver in the Linux kernel did not
properly handle device removal, leading to a use-after-free vulnerability.
A local attacker with physical access could plug in a specially crafted USB
device to cause a denial of service (system crash). (CVE-2023-1079)

Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii
Oleksenko discovered that some AMD processors could leak stale data from
division operations in certain situations. A local attacker could possibly
use this to expose sensitive information. (CVE-2023-20588)

It was discovered that a race condition existed in the Linux kernel when
performing operations with kernel objects, leading to an out-of-bounds
write. A local attacker could use this to cause a denial of service (system
crash) or execute arbitrary code. (CVE-2023-45863)

It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly validate the server frame size in certain
situation, leading to an out-of-bounds read vulnerability. An attacker
could use this to construct a malicious CIFS image that, when operated on,
could cause a denial of service (system crash) or possibly expose sensitive
information. (CVE-2023-6606)

Budimir Markovic, Lucas De Marchi, and Pengfei Xu discovered that the perf
subsystem in the Linux kernel did not properly validate all event sizes
when attaching new events, leading to an out-of-bounds write vulnerability.
A local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code. (CVE-2023-6931)

It was discovered that the IGMP protocol implementation in the Linux kernel
contained a race condition, leading to a use-after-free vulnerability. A
local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code. (CVE-2023-6932)

Read More

Lucas Henry discovered that Ceph incorrectly handled specially
crafted POST requests. An uprivileged user could use this to
bypass Ceph’s authorization checks and upload a file to any bucket.

Read More

It was discovered that TinyXML incorrectly handled certain inputs. If a
user or an automated system were tricked into opening a specially crafted
XML file, a remote attacker could possibly use this issue to cause a
denial of service.

Read More

Multiple vulnerabilities have been discovered in Jenkins, the most severe of which could allow for remote code execution.

Jenkins (Core) is an open source automation server which is used for building, testing, and deploying software.
Git Server Plugin provides fundamental git operations for Jenkins projects.
GitLab Branch Source Plugin provides branch source and folder organization functionality for GitLab Repositories in Jenkins.
Log Command Plugin adds a command for the CLI that shows the log for a job’s build.
Matrix Project Plugin allows for multi configuration job management.
Qualys Policy Compliance Scanning Connector Plugin is used to automate host or cloud instance compliance scans from Jenkins.
Red Hat Dependency Analytics Plugin is used to scan the dependency stack and give information related to vulnerabilities, popularity, maintainability, and compatibility.

Successful exploitation of the most severe of these vulnerabilities could allow for remote code execution in the context of the affected service account. Depending on the privileges associated with the service account, an attacker could then install programs; view, change, or delete data. Service accounts that are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

Read More