INFOSEC | USERSPACE-Linux Aggregate Info

OS: Scientific

SciLinux: SLSA-2020-2824-1 Important: firefox on SL6.x i386/x86_64

Mozilla: Information disclosure due to manipulated URL object (CVE-2020-12418) * Mozilla: Use-after-free in nsGlobalWindowInner (CVE-2020-12419) * Mozilla: Use-After-Free when trying to connect to a STUN server (CVE-2020-12420) * Mozilla: Add-On updates did not respect the same certificate trust rules as software updates (CVE-2020-12421) SL6 x86_64 firefox-68.10.0-1.el6_10.x86_64.rpm [More...]

SciLinux: SLSA-2020-2827-1 Important: firefox on SL7.x x86_64

Mozilla: Memory corruption due to missing sign-extension for ValueTags on ARM64 (CVE-2020-12417) * Mozilla: Information disclosure due to manipulated URL object (CVE-2020-12418) * Mozilla: Use-after-free in nsGlobalWindowInner (CVE-2020-12419) * Mozilla: Use-After-Free when trying to connect to a STUN server (CVE-2020-12420) * Mozilla: Add-On updates did not respect the same certificate tr [More...]

SciLinux: SLSA-2020-2664-1 Important: kernel on SL7.x x86_64

Kernel: vfio: access to disabled MMIO space of some devices may lead to DoS scenario (CVE-2020-12888) SL7 x86_64 bpftool-3.10.0-1127.13.1.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1127.13.1.el7.x86_64.rpm kernel-3.10.0-1127.13.1.el7.x86_64.rpm kernel-debug-3.10.0-1127.13.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1127.13.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-1 [More...]

SciLinux: SLSA-2020-2663-1 Moderate: ntp on SL7.x x86_64

ntp: ntpd using highly predictable transmit timestamps could result in time change or DoS (CVE-2020-13817) * ntp: DoS on client ntpd using server mode packet (CVE-2020-11868) SL7 x86_64 ntp-4.2.6p5-29.el7_8.2.x86_64.rpm ntp-debuginfo-4.2.6p5-29.el7_8.2.x86_64.rpm ntpdate-4.2.6p5-29.el7_8.2.x86_64.rpm sntp-4.2.6p5-29.el7_8.2.x86_64.rpm noarch ntp-doc-4.2.6p5-29.el7_8.2 [More...]

NIST Vulnerability Database

CVE-2020-2034An OS Command Injection vulnerability in the PAN-OS GlobalProtect portal allows an unauthenticated network based attacker to execute arbitrary OS commands with root privileges. An attacker requires some knowledge of the firewall to exploit this issue. This issue can not be exploited if GlobalProtect portal feature is not enabled. This issue impacts PAN-OS 9.1 versions earlier than PAN-OS 9.1.3; PAN-OS 8.1 versions earlier than PAN-OS 8.1.15; PAN-OS 9.0 versions earlier than PAN-OS 9.0.9; all versions of PAN-OS 8.0 and PAN-OS 7.1. Prisma Access services are not impacted by this vulnerability.

CVE-2019-19415The SIP module of some Huawei products have a denial of service (DoS) vulnerability. A remote attacker could exploit these three vulnerabilities by sending the specially crafted messages to the affected device. Due to the insufficient verification of the packets, successful exploit could allow the attacker to cause buffer overflow and dead loop, leading to DoS condition. Affected products can be found in https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-sip-en.

CVE-2020-1982Certain communication between PAN-OS and cloud-delivered services inadvertently use TLS 1.0, which is known to be a cryptographically weak protocol. These cloud services include Cortex Data Lake, the Customer Support Portal, and the Prisma Access infrastructure. Conditions required for exploitation of known TLS 1.0 weaknesses do not exist for the communication between PAN-OS and cloud-delivered services. We do not believe that any communication is impacted as a result of known attacks against TLS 1.0. This issue impacts: All versions of PAN-OS 8.0; PAN-OS 8.1 versions earlier than PAN-OS 8.1.14; PAN-OS 9.0 versions earlier than PAN-OS 9.0.9; PAN-OS 9.1 versions earlier than PAN-OS 9.1.3. PAN-OS 7.1 is not impacted by this issue.

CVE-2020-2031An integer underflow vulnerability in the dnsproxyd component of the PAN-OS management interface allows authenticated administrators to issue a command from the command line interface that causes the component to stop responding. Repeated attempts to send this request result in denial of service to all PAN-OS services by restarting the device and putting it into maintenance mode. This issue impacts: PAN-OS 9.1 versions earlier than PAN-OS 9.1.3. This issue does not impact PAN-OS 8.1, PAN-OS 9.0, or Prisma Access services.

OS: Redhat

RedHat: RHSA-2020-2870:01 Important: Red Hat OpenShift Service Mesh 1.0

An update for servicemesh-cni is now available for OpenShift Service Mesh 1.0. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

RedHat: RHSA-2020-2863:01 Important: Red Hat OpenShift Service Mesh 1.0

An update for servicemesh-prometheus is now available for OpenShift Service Mesh 1.0. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

RedHat: RHSA-2020-2861:01 Important: Red Hat OpenShift Service Mesh 1.0

An update for servicemesh-grafana is now available for OpenShift Service Mesh 1.0. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

RedHat: RHSA-2020-2864:01 Important: Red Hat OpenShift Service Mesh 1.0

An update for servicemesh-proxy is now available for OpenShift Service Mesh 1.0. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

NIST Vulnerability Database

CVEMAP.ORG: Vulnerabilities & Exposures

Low CVE-2020-15469: QEMU QEMUIn QEMU 4.2.0, a MemoryRegionOps object may lack read/write callback methods, leading to a NULL pointer dereference.

Low CVE-2020-8179: Nextcloud DECKImproper access control in Nextcloud Deck 1.0.0 allowed an attacker to inject tasks into other users decks.

Medium CVE-2020-8161: Rack project RACKA directory traversal vulnerability exists in rack

Medium CVE-2020-8163: Rubyonrails RailsThe is a code injection vulnerability in versions of Rails prior to 5.0.1 that wouldallow an attacker who controlled the `locals` argument of a `render` call to perform a RCE.

OS: Gentoo

Gentoo: GLSA-202006-23: Cyrus IMAP Server: Access restriction bypass

An error in Cyrus IMAP Server allows mailboxes to be created with administrative privileges.

Gentoo: GLSA-202006-22: OpenJDK, IcedTea: Multiple vulnerabilities

Multiple vulnerabilities have been found in OpenJDK and IcedTea, the worst of which could result in the arbitrary execution of code.

Gentoo: GLSA-202006-21: Apache Tomcat: Remote code execution

A vulnerability has been discovered in Apache Tomcat which could result in the arbitrary execution of code.

Gentoo: GLSA-202006-20: Asterisk: Root privilege escalation

A vulnerability was discovered in Asterisk which may allow local attackers to gain root privileges.

OS: Fedora

Fedora 31: firefox 2020-8ba9376229

Update to latest upstream version

Fedora 31: ngircd 2020-8c33e3a771

Update to version 26, a bugfix and security release. FIxes CVE-2020-14148.

Fedora 31: chromium 2020-77f89ab772

Update to 83.0.4103.116. Fixes CVE-2020-6509. ---- Black Lives Matter. Saying this does not mean that other lives do not matter. It should not be controversial to say this. If I say Chromium updates matter, it does not mean that other Fedora packages do not matter, it means that a Chromium update is needed to fix this giant pile of severe security vulnerabilities, here, today,

Fedora 32: ngircd 2020-e6d1d849c5

Update to version 26, a bugfix and security release. FIxes CVE-2020-14148.

OS: Arch

ArchLinux: 202006-16: tomcat8: denial of service

The package tomcat8 before version 8.5.56-1 is vulnerable to denial of service.

ArchLinux: 202006-15: freerdp: multiple issues

The package freerdp before version 2:2.1.2-1 is vulnerable to multiple issues including arbitrary code execution and information disclosure.

ArchLinux: 202006-14: imagemagick: information disclosure

The package imagemagick before version 7.0.10.20-1 is vulnerable to information disclosure.

ArchLinux: 202006-13: bind: denial of service

The package bind before version 9.16.4-1 is vulnerable to denial of service.

OS: Debian

Debian: DSA-4721-1: ruby2.5 security update

Several vulnerabilities have been discovered in the interpreter for the Ruby language. CVE-2020-10663

Debian: DSA-4720-1: roundcube security update

It was discovered that roundcube, a skinnable AJAX based webmail solution for IMAP servers, did not properly sanitize incoming mail messages. This would allow a remote attacker to perform a Cross-Side Scripting (XSS) attack.

Debian: DSA-4719-1: php7.3 security update

Multiple security issues were found in PHP, a widely-used open source general purpose scripting language which could result in information disclosure, denial of service or potentially the execution of arbitrary code.

Debian: DSA-4718-1: thunderbird security update

Multiple security issues have been found in Thunderbird which could result in denial of service or potentially the execution of arbitrary code.

OS: Mageia

Mageia 2020-0286: pdns-recursor security update

Updated pdns-recursor package fixes security vulnerability: An issue has been found in PowerDNS Recursor where the ACL applied to the internal web server via webserver-allow-from is not properly enforced, allowing a remote attacker to send HTTP queries to the internal web server,

Mageia 2020-0285: ruby security update

Updated ruby packages fix security vulnerability: An issue was discovered in Ruby through 2.5.7. If a victim calls BasicSocket#read_nonblock(requested_size, buffer, exception: false), the method resizes the buffer to fit the requested size, but no data is copied. Thus, the

Mageia 2020-0284: mariadb security update

Updated mariadb packages fix security vulnerabilities: Vulnerability in the MariaDB Client product of MariaDB (component: C API) Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MariaDB Client.

Mageia 2020-0283: libvirt security update

Updated libvirt packages fix security vulnerability: A flaw was found in the way the libvirtd daemon issued the 'suspend' command to a QEMU guest-agent running inside a guest, where it holds a monitor job while issuing the 'suspend' command to a guest-agent.

OS: Slackware

Slackware: 2020-189-01: seamonkey Security Update

New seamonkey packages are available for Slackware 14.2 and -current to fix security issues.

Slackware: 2020-186-01: libvorbis Security Update

New libvorbis packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.

Slackware: 2020-181-01: mozilla-firefox Security Update

New mozilla-firefox packages are available for Slackware 14.2 and -current to fix security issues.

Slackware: 2020-176-02: libjpeg-turbo Security Update

New libjpeg-turbo packages are available for Slackware 14.2 and -current to fix a security issue.

OS: Debian LTS

Debian LTS: DLA-2268-2: mutt regression update

Two vulnerabilities have been discovered in mutt, a console email client. CVE-2020-14093

Debian LTS: DLA-2268-1: mutt security update

Two vulnerabilities have been discovered in mutt, a console email client. CVE-2020-14093

Debian LTS: DLA-2267-1: libmatio security update

In libmatio, a library to read and write Matlab MAT files, a vulnerability was fixed in Mat_VarReadNextInfo4 in mat4.c that could lead to a heap-based buffer over-read in strdup_vprintf.

Debian LTS: DLA-2266-1: nss security update

Several vulnerabilities were fixed in nss, the Network Security Service libraries. CVE-2020-12399