Tag
#dos
Ubuntu Security Notice 7089-4 - Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kernel did not properly check for the device to be enabled before writing. A local attacker could possibly use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
Ubuntu Security Notice 7105-1 - It was discovered that the NrbfDecoder component in .NET did not properly handle an instance of a type confusion vulnerability. An authenticated attacker could possibly use this issue to gain the privileges of another user and execute arbitrary code. It was discovered that the NrbfDecoder component in .NET did not properly perform input validation. An unauthenticated remote attacker could possibly use this issue to cause a denial of service.
Ubuntu Security Notice 7103-1 - It was discovered that Ghostscript incorrectly handled parsing certain PS files. An attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code. It was discovered that Ghostscript incorrectly handled parsing certain PDF files. An attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, and Ubuntu 24.10.
Ubuntu Security Notice 7101-1 - It was discovered that Pydantic incorrectly handled certain regular expressions. A remote attacker could possibly use this issue to cause a denial of service via a crafted email string.
Ubuntu Security Notice 7100-2 - Supraja Sridhara, Benedict Schlüter, Mark Kuhne, Andrin Bertschi, and Shweta Shinde discovered that the Confidential Computing framework in the Linux kernel for x86 platforms did not properly handle 32-bit emulation on TDX and SEV. An attacker with access to the VMM could use this to cause a denial of service or possibly execute arbitrary code. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
Red Hat Security Advisory 2024-9502-03 - An update for expat is now available for Red Hat Enterprise Linux 8. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2024-9481-03 - An update for python-django is now available for Red Hat OpenStack Platform 18.0.3 . Issues addressed include a traversal vulnerability.
Red Hat Security Advisory 2024-9459-03 - An update for buildah is now available for Red Hat Enterprise Linux 9. Issues addressed include denial of service and traversal vulnerabilities.
Despite having only a scant focus on cybersecurity regulations a decade ago, countries in the Middle East — led by Saudi Arabia and other Gulf nations — have adopted mature frameworks and regulations amid escalating volumes of attacks.
The Patch Tuesday for November of 2024 includes 91 vulnerabilities, including two that Microsoft marked as “critical.” The remaining 89 vulnerabilities listed are classified as “important.”