Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -3 articles for you...
198
security advisoryremote accesslow severityArch Linux: ASA-202106-19 Low Severity: Keycloak Session Takeover Risk
The package keycloak before version 13.0.1-1 is vulnerable to incorrect calculation. . Arch Linux Security Advisory ASA-202106-19 ========================================= Severity: Low Date : 2021-06-01 CVE-ID : CVE-2021-3461 Package : keycloak Type : incorrect calculation Remote : Yes Link : https://security.archlinux.org/AVG-1994 Summary ====== The package keycloak before version 13.0.1-1 is vulnerable to incorrect calculation. Resolution ========= Upgrade to 13.0.1-1. # pacman -Syu "keycloak> =13.0.1-1" The problem has been fixed upstream in version 13.0.1. Workaround ========= None. Description ========== Keycloak may fail to logout a user session if the logout request comes from an external SAML identity provider that is set up to identify the principal via attributes rather than by Subject Name ID. Impact ===== A remote attacker could take over a logged out user session if they manage to obtain the old session token. References ========= https://bugzilla.redhat.com/show_bug.cgi?id=1941565 https://github.com/keycloak/keycloak/commit/f014299e7c781dff2b492b81bc81adcf717bd530 https://security.archlinux.org/CVE-2021-3461 . The recent Debian Security Advisory DSA-2023-45 addresses a medium severity issue found in OpenLDAP that enables possible information disclosure risks.. Arch Linux, Keycloak, Remote Access, Security Advisory, Calculation Issue. . Severity: Low. LinuxSecurity.com Team
Jun 03, 2021
•Low
ArchLinux
198
security advisorymedium severitydata handlingUbuntu Security Advisory: USN-4339-1 Medium Level Python-Cryptography Issue
The package python-cryptography before version 3.4-1 is vulnerable to incorrect calculation. . Arch Linux Security Advisory ASA-202102-36 ========================================= Severity: Medium Date : 2021-02-27 CVE-ID : CVE-2020-36242 Package : python-cryptography Type : incorrect calculation Remote : No Link : https://security.archlinux.org/AVG-1541 Summary ====== The package python-cryptography before version 3.4-1 is vulnerable to incorrect calculation. Resolution ========= Upgrade to 3.4-1. # pacman -Syu "python-cryptography> =3.4-1" The problem has been fixed upstream in version 3.4. Workaround ========= None. Description ========== In python-cryptography before version 3.3.2, certain sequences of update calls to symmetrically encrypt multiple gigabytes of data could result in an integer overflow, leading to mishandling of buffers. Impact ===== Unintentional use of the API could lead to buffer mishandling, causing application crashes or incorrectly encrypted data. References ========= https://github.com/pyca/cryptography/security/advisories/GHSA-rhm9-p9w5-fwm7 https://github.com/pyca/cryptography/issues/5615 https://github.com/pyca/cryptography/pull/5747 https://github.com/pyca/cryptography/commit/82b6ce28389f0a317bc55ba2091a74b346db7cae https://security.archlinux.org/CVE-2020-36242 . The Arch Linux Security Advisory ASA-202102-36 addresses erroneous computations found in the python-cryptography library.. python Cryptography, Arch Linux Advisory, Buffer Mishandling. . Severity: Medium. LinuxSecurity.com Team
Mar 01, 2021
•Medium
ArchLinux
198
security advisorycriticalremote accessArchLinux: 202102-6 Critical Advisory for Chromium Remote Threat
The package chromium before version 88.0.4324.150-1 is vulnerable to multiple issues including arbitrary code execution and incorrect calculation. . Arch Linux Security Advisory ASA-202102-6 ======================================== Severity: Critical Date : 2021-02-06 CVE-ID : CVE-2021-21142 CVE-2021-21143 CVE-2021-21144 CVE-2021-21145 CVE-2021-21146 CVE-2021-21147 CVE-2021-21148 Package : chromium Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-1525 Summary ====== The package chromium before version 88.0.4324.150-1 is vulnerable to multiple issues including arbitrary code execution and incorrect calculation. Resolution ========= Upgrade to 88.0.4324.150-1. # pacman -Syu "chromium> =88.0.4324.150-1" The problems have been fixed upstream in version 88.0.4324.150. Workaround ========= None. Description ========== - CVE-2021-21142 (arbitrary code execution) A use after free security issue was found in the Payments component of the Chromium browser before version 88.0.4324.146. - CVE-2021-21143 (arbitrary code execution) A heap buffer overflow security issue was found in the Extensions component of the Chromium browser before version 88.0.4324.146. - CVE-2021-21144 (arbitrary code execution) A heap buffer overflow security issue was found in the Tab Groups component of the Chromium browser before version 88.0.4324.146. - CVE-2021-21145 (arbitrary code execution) A use after free security issue was found in the Fonts component of the Chromium browser before version 88.0.4324.146. - CVE-2021-21146 (arbitrary code execution) A use after free security issue was found in the Navigation component of the Chromium browser before version 88.0.4324.146. - CVE-2021-21147 (incorrect calculation) An inappropriate implementation security issue was found in the Skia component of the Chromium browser before version 88.0.4324.146. - CVE-2021-21148 (arbitrary code execution) A heap buffer overflowsecurity issue was found in the V8 component of the Chromium browser before version 88.0.4324.150. Impact ===== A remote attacker might be able to bypass security measures or execute arbitrary code. References ========= https://chromereleases.googleblog.com/2021/02/stable-channel-update-for-desktop.html https://chromereleases.googleblog.com/2021/02/stable-channel-update-for-desktop_4.html https://security.archlinux.org/CVE-2021-21142 https://security.archlinux.org/CVE-2021-21143 https://security.archlinux.org/CVE-2021-21144 https://security.archlinux.org/CVE-2021-21145 https://security.archlinux.org/CVE-2021-21146 https://security.archlinux.org/CVE-2021-21147 https://security.archlinux.org/CVE-2021-21148 . Arch Linux Security Notice: Severe vulnerabilities found in Chromium resolved through update. Prompt action necessary.. Chromium Update, ArchLinux Security, Critical Issues, Remote Code Execution. . Severity: Critical. LinuxSecurity.com Team
Feb 12, 2021
•Critical
ArchLinux
198
security advisorycommand executionarbitrary code executionArch Linux: ASA-202101-27 Medium: Go Package Command Execution Threat
The package go before version 2:1.15.7-1 is vulnerable to multiple issues including arbitrary command execution and incorrect calculation. . Arch Linux Security Advisory ASA-202101-27 ========================================= Severity: Medium Date : 2021-01-20 CVE-ID : CVE-2021-3114 CVE-2021-3115 Package : go Type : multiple issues Remote : No Link : https://security.archlinux.org/AVG-1481 Summary ====== The package go before version 2:1.15.7-1 is vulnerable to multiple issues including arbitrary command execution and incorrect calculation. Resolution ========= Upgrade to 2:1.15.7-1. # pacman -Syu "go> =2:1.15.7-1" The problems have been fixed upstream in version 1.15.7. Workaround ========= None. Description ========== - CVE-2021-3114 (incorrect calculation) A security issue was found in Go and fixed in versions 1.15.7 and 1.14.14. The P224() Curve implementation can in rare circumstances generate incorrect outputs, including returning invalid points from ScalarMult. The crypto/x509 and golang.org/x/crypto/ocsp (but not crypto/tls) packages support P-224 ECDSA keys, but they are not supported by publicly trusted certificate authorities. No other standard library or golang.org/x/crypto package supports or uses the P-224 curve. - CVE-2021-3115 (arbitrary command execution) A security issue was found in Go and fixed in versions 1.15.7 and 1.14.14. The go command may execute arbitrary code at build time when using cgo on Windows. This can be triggered by running go get for a malicious package, or any other time the code is built. This can be triggered by malicious packages which contain specifically named binaries which are executed when cgo is executed in the context of the malicious package directory. This is due to the path lookup behavior of os/exec.LookPath on Windows. This will also affect Unix users who have “.” listed explicitly in their PATH and are running “go get” outside of a module or with module mode disabled. This hasbeen fixed by altering the usage of os/exec.LookPath by the go command to reject the usage of any binaries that reside in the current directory. Impact ===== The handling of P-224 ECDSA keys could produce incorrect outputs, leading to potentially incorrect results of encryption, decryption, or signature verification operations. Downloading a maliciously crafted binary package using "go get" can execute arbitrary code if the user's $PATH explicitly contains the current directory. References ========= https://groups.google.com/g/golang-announce/c/mperVMGa98w/m/yo5W5wnvAAAJ https://github.com/golang/go/issues/43788 https://github.com/golang/go/commit/5c8fd727c41e31273923c32b33d4f25855f4e123 https://go.dev/blog/path-security https://github.com/golang/go/issues/43785 https://github.com/golang/go/commit/e8e7facfaa47bf21007c0a1c679debba52ec3ea0 https://github.com/golang/go/commit/07e3195293ec510171d7d43ec8ac2bcb9cf00df4 https://security.archlinux.org/CVE-2021-3114 https://security.archlinux.org/CVE-2021-3115 . The Debian Security Advisory DSA-2022-32 highlights multiple security issues found in the libxml2 library, recommending immediate updates.. Arch Linux, Go Package, Security Advisory, Command Execution, Medium Severity. . Severity: Medium. LinuxSecurity.com Team
Jan 28, 2021
•Medium
ArchLinux
198
security advisorycode executionmedium severityArch Linux: ASA-201701-11 Medium: lib32-libcurl-gnutls Multiple Threats
The package lib32-libcurl-gnutls before version 7.52.1-1 is vulnerable to multiple issues including arbitrary code execution and incorrect calculation. . Arch Linux Security Advisory ASA-201701-11 ========================================= Severity: Medium Date : 2017-01-03 CVE-ID : CVE-2016-9586 CVE-2016-9594 Package : lib32-libcurl-gnutls Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-117 Summary ====== The package lib32-libcurl-gnutls before version 7.52.1-1 is vulnerable to multiple issues including arbitrary code execution and incorrect calculation. Resolution ========= Upgrade to 7.52.1-1. # pacman -Syu "lib32-libcurl-gnutls> =7.52.1-1" The problems have been fixed upstream in version 7.52.1. Workaround ========= None. Description ========== - CVE-2016-9586 (arbitrary code execution) libcurl's implementation of the printf() functions triggers a buffer overflow when doing a large floating point output. The bug occurs when the conversion outputs more than 255 bytes. The flaw happens because the floating point conversion is using system functions without the correct boundary checks. The functions have been documented as deprecated for a long time and users are discouraged from using them in "new programs" as they are planned to get removed at a future point. But as the functions are present and there's nothing preventing users from using them, we expect there to be a certain amount of existing users in the wild. If there are any application that accepts a format string from the outside without necessary input filtering, it could allow remote attacks. - CVE-2016-9594 (incorrect calculation) libcurl's (new) internal function that returns a good 32bit random value was implemented poorly and overwrote the pointer instead of writing the value into the buffer the pointer pointed to. This random value is used to generate nonces for Digest and NTLM authentication, for generating boundary strings in HTTP formpostsand more. Having a weak or virtually non-existent random there makes these operations vulnerable. This function has been introduced in 7.52.0 Impact ===== A remote attacker is able to execute arbitrary code on a target machine by sending crafted data to the server. In addition, the nonces generated by libcurl 7.52.0 were not truly random, which allowed for an attacker to derive sensitive information (e.g., session keys). References ========= https://bugs.archlinux.org/task/52247 https://bugs.archlinux.org/task/52250 https://curl.se/docs/CVE-2016-9586.html https://curl.se/docs/CVE-2016-9594.html https://security.archlinux.org/CVE-2016-9586 https://security.archlinux.org/CVE-2016-9594 . Arch Linux Security Announcement ASA-202107-15 addresses several vulnerabilities within lib32-libcurl-openssl, affecting remote system integrity.. libcurl GnuTLS issues, Arch Linux advisory, code execution risks. . Severity: Medium. LinuxSecurity.com Team
Jan 04, 2017
•Medium
ArchLinux
198
security advisorydenial of servicentpArch Linux 2016-11-26 High: NTP Denial Of Service Issues
The package ntp before version 4.2.8.p9-1 is vulnerable to multiple issues including denial of service, insufficient validation and incorrect calculation. . Arch Linux Security Advisory ASA-201611-28 ========================================= Severity: High Date : 2016-11-26 CVE-ID : CVE-2016-7426 CVE-2016-7427 CVE-2016-7428 CVE-2016-7429 CVE-2016-7431 CVE-2016-7433 CVE-2016-7434 CVE-2016-9310 CVE-2016-9311 Package : ntp Type : multiple issues Remote : Yes Link : https://wiki.archlinux.org/title/CVE Summary ====== The package ntp before version 4.2.8.p9-1 is vulnerable to multiple issues including denial of service, insufficient validation and incorrect calculation. Resolution ========= Upgrade to 4.2.8.p9-1. # pacman -Syu "ntp> =4.2.8.p9-1" The problems have been fixed upstream in version 4.2.8.p9. Workaround ========= A partial fix to some of the issues is to implement BCP-38, use "restrict default noquery ..." in your ntp.conf file and only allow mode 6 queries from trusted networks and hosts. Description ========== - CVE-2016-7426 (denial of service) When ntpd is configured with rate limiting for all associations (restrict default limited in ntp.conf), the limits are applied also to responses received from its configured sources. An attacker who knows the sources (e.g., from an IPv4 refid in server response) and knows the system is (mis)configured in this way can periodically send packets with spoofed source address to keep the rate limiting activated and prevent ntpd from accepting valid responses from its sources. - CVE-2016-7427 (denial of service) The broadcast mode of NTP is expected to only be used in a trusted network. If the broadcast network is accessible to an attacker, a potentially exploitable denial of service vulnerability in ntpd's broadcast mode replay prevention functionality can be abused. An attacker with access to the NTP broadcast domain can periodically inject specially crafted broadcast mode NTP packets into the broadcast domain which, whilebeing logged by ntpd, can cause ntpd to reject broadcast mode packets from legitimate NTP broadcast servers. - CVE-2016-7428 (denial of service) The broadcast mode of NTP is expected to only be used in a trusted network. If the broadcast network is accessible to an attacker, a potentially exploitable denial of service vulnerability in ntpd's broadcast mode poll interval enforcement functionality can be abused. To limit abuse, ntpd restricts the rate at which each broadcast association will process incoming packets. ntpd will reject broadcast mode packets that arrive before the poll interval specified in the preceding broadcast packet expires. An attacker with access to the NTP broadcast domain can send specially crafted broadcast mode NTP packets to the broadcast domain which, while being logged by ntpd, will cause ntpd to reject broadcast mode packets from legitimate NTP broadcast servers. - CVE-2016-7429 (denial of service) When ntpd receives a server response on a socket that corresponds to a different interface than was used for the request, the peer structure is updated to use the interface for new requests. If ntpd is running on a host with multiple interfaces in separate networks and the operating system doesn't check source address in received packets (e.g. rp_filter on Linux is set to 0), an attacker that knows the address of the source can send a packet with spoofed source address which will cause ntpd to select wrong interface for the source and prevent it from sending new requests until the list of interfaces is refreshed, which happens on routing changes or every 5 minutes by default. If the attack is repeated often enough (once per second), ntpd will not be able to synchronize with the source. - CVE-2016-7431 (insufficient validation) Zero Origin timestamp problems were fixed by Bug 2945 in ntp-4.2.8p6. However, subsequent timestamp validation checks introduced a regression in the handling of some Zero origin timestamp checks. - CVE-2016-7433 (incorrect calculation) ntpd Bug 2085 describeda condition where the root delay was included twice, causing the jitter value to be higher than expected. Due to a misinterpretation of a small-print variable in The Book, the fix for this problem was incorrect, resulting in a root distance that did not include the peer dispersion. The calculations and formula have been reviewed and reconciled, and the code has been updated accordingly. - CVE-2016-7434 (denial of service) If ntpd is configured to allow mrulist query requests from a server that sends a crafted malicious packet, ntpd will crash on receipt of that crafted malicious mrulist query packet. - CVE-2016-9310 (denial of service) An exploitable configuration modification vulnerability exists in the control mode (mode 6) functionality of ntpd. If, against long-standing BCP recommendations, "restrict default noquery ..." is not specified, a specially crafted control mode packet can set ntpd traps, providing information disclosure and DDoS amplification, and unset ntpd traps, disabling legitimate monitoring. A remote, unauthenticated, network attacker can trigger this vulnerability. - CVE-2016-9311 (denial of service) ntpd does not enable trap service by default. If trap service has been explicitly enabled, an attacker can send a specially crafted packet to cause a null pointer dereference that will crash ntpd, resulting in a denial of service. Impact ===== A remote unauthenticated attacker may be able to perform a denial of service attack on ntpd via multiplevectors. References ========= http://www.ntp.org/support/securitynotice/ http://www.kb.cert.org/vuls/id/633847 http://www.ntp.org/support/securitynotice/ntpbug3071/ http://www.ntp.org/support/securitynotice/ntpbug3114/ http://www.ntp.org/support/securitynotice/ntpbug3113/ http://www.ntp.org/support/securitynotice/ntpbug3072/ http://www.ntp.org/support/securitynotice/ntpbug3102/ http://www.ntp.org/support/securitynotice/ntpbug3067/ https://bugs.ntp.org/show_bug.cgi http://www.ntp.org/support/securitynotice/ntpbug3082/ http://www.ntp.org/support/securitynotice/ntpbug3118/ http://www.ntp.org/support/securitynotice/ntpbug3119/ https://access.redhat.com/security/cve/CVE-2016-7426 https://access.redhat.com/security/cve/CVE-2016-7427 https://access.redhat.com/security/cve/CVE-2016-7428 https://access.redhat.com/security/cve/CVE-2016-7429 https://access.redhat.com/security/cve/CVE-2016-7431 https://access.redhat.com/security/cve/CVE-2016-7433 https://access.redhat.com/security/cve/CVE-2016-7434 https://access.redhat.com/security/cve/CVE-2016-9310 https://access.redhat.com/security/cve/CVE-2016-9311 . Numerous vulnerabilities in ntp before version 4.2.8.p9-1 can result in denial of service and security validation issues. An upgrade is advised.. NTP Security Issues, Arch Linux Advisories, Denial of Service Risks. . LinuxSecurity.com Team
Nov 26, 2016
ArchLinux
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!