Ubuntu

Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.41 in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, and Ubuntu 24.10. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-41.html https://www.oracle.com/security-alerts/cpujan2025.html

Pierre Ernst discovered that the Tomcat JmxRemoteLifecycleListener did not implement a recommended fix. A remote attacker could possibly use this issue to execute arbitrary code.

It was discovered that Jinja2 incorrectly handled certain filenames when compiling template content. An attacker could possibly use this issue to execute arbitrary code. (CVE-2024-56201) It was discovered that Jinja2 incorrectly handled string formatting calls. An attacker could possibly use this issue to execute arbitrary code. (CVE-2024-56326)

It was discovered that VLC incorrectly handled memory when reading an MMS stream. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code.

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Netfilter; - Network traffic control; - VMware vSockets driver; (CVE-2024-53164, CVE-2024-53103, CVE-2024-53141)

Toshifumi Sakaguchi discovered that Bind incorrectly handled many records in the additional section. A remote attacker could possibly use this issue to cause Bind to consume CPU resources, leading to a denial of service. (CVE-2024-11187) Jean-François Billaud discovered that the Bind DNS-over-HTTPS implementation incorrectly handled a heavy query load. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service. (CVE-2024-12705)

USN-7157-1 fixed vulnerabilities in PHP versions 7.4, 8.1, and 8.3. This update provides the corresponding updates for PHP version 7.0. Original advisory details: It was discovered that PHP incorrectly handled certain inputs when processed with convert.quoted-printable decode filters. An attacker could possibly use this issue to expose sensitive information or cause a crash. (CVE-2024-11233) It was discovered that PHP incorrectly handled certain HTTP requests. An attacker could possibly use this issue to performing arbitrary HTTP requests originating from the server, thus potentially gaining access to resources not normally available to the external user. (CVE-2024-11234) It was discovered that PHP incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash or execute arbitrary code. (CVE-2024-8932) It was discovered that PHP incorrectly handled certain MySQL requests. An attacker could possibly use this issue to cause the client to disclose the content of its heap containing data from other SQL requests and possible other data belonging to different users of the same server. (CVE-2024-8929)

It was discovered that libxml2 incorrectly handled certain memory operations. A remote attacker could use this issue to cause libxml2 to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2022-49043) It was discovered that the libxml2 xmllint tool incorrectly handled certain memory operations. If a user or automated system were tricked into running xmllint on a specially crafted xml file, a remote attacker could cause xmllint to crash, resulting in a denial of service. (CVE-2024-34459)

It was discovered that libmicrodns could recursively follow the same compression pointer, leading to an infinite loop. An attacker could possibly use this issue to cause a denial of service. (CVE-2020-6071) It was discovered that libmicrodns did not check the return value of the rr_decode function, which could lead to a double free. An attacker could possibly use this issue to execute arbitrary code. (CVE-2020-6072) It was discovered that libmicrodns incorrectly handled certain inputs, which could lead to an integer overflow. An attacker could possibly use this issue to cause a denial of service. (CVE-2020-6073) It was discovered that libmicrodns incorrectly handled certain inputs, which could lead to a out-of-bounds read. An attacker could possibly use this issue to cause a denial of service. (CVE-2020-6077) It was discovered that libmicrodns incorrectly handled memory when parsing mDNS messages in mdns_recv, which could lead to a NULL pointer dereference. An attacker could possibly use this issue to cause a denial of service. (CVE-2020-6078) It was discovered that libmicrodns incorrectly handled memory, which could lead to excessive memory consumption due to memory leaks. An attacker could possibly use this issue to cause a denial of service. (CVE-2020-6079, CVE-2020-6080)

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network traffic control; - VMware vSockets driver; (CVE-2024-53103, CVE-2024-53164)

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network drivers; - Netfilter; - Network traffic control; - VMware vSockets driver; (CVE-2024-47715, CVE-2024-53103, CVE-2024-53164, CVE-2024-53141)

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Netfilter; - Network traffic control; - VMware vSockets driver; (CVE-2024-53164, CVE-2024-53103, CVE-2024-53141)

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Netfilter; - Network traffic control; - VMware vSockets driver; (CVE-2024-53164, CVE-2024-53103, CVE-2024-53141)

Ye Zhang and Nicolas Wu discovered that the io_uring subsystem in the Linux kernel did not properly handle locking for rings with IOPOLL, leading to a double-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-21400) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - TTY drivers; - Netfilter; - Network traffic control; - VMware vSockets driver; (CVE-2024-53141, CVE-2024-53103, CVE-2024-40967, CVE-2024-53164)

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Multiple devices driver; - Network drivers; - Mellanox network drivers; - S/390 drivers; - SCSI subsystem; - Sonic Silicon Backplane drivers; - File systems infrastructure; - Closures library; - Netfilter; - TIPC protocol; - VMware vSockets driver; (CVE-2024-26929, CVE-2024-40982, CVE-2024-42311, CVE-2024-53141, CVE-2024-41066, CVE-2024-38661, CVE-2024-38553, CVE-2024-43914, CVE-2024-26663, CVE-2024-42252, CVE-2024-38597, CVE-2024-53103, CVE-2024-41020, CVE-2024-41012, CVE-2024-26595)

A security issue was discovered in the Linux kernel. An attacker could possibly use this to compromise the system. This update corrects flaws in the following subsystem: - Netfilter; (CVE-2024-53141)

It was discovered that Tcpreplay incorrectly handled memory when using the tcprewrite utility. A remote attacker could possibly use this issue to cause Tcpreplay to crash, resulting in a denial of service. (CVE-2023-27783) It was discovered that Tcpreplay incorrectly validated external input. A remote attacker could possibly use this issue to cause Tcpreplay to crash, resulting in a denial of service. (CVE-2023-27784, CVE-2023-27785, CVE-2023-27786, CVE-2023-27787, CVE-2023-27788, CVE-2023-27789) It was discovered that Tcpreplay incorrectly handled memory when using the tcprewrite utility. An attacker could possibly use this issue to cause Tcpreplay to crash, resulting in a denial of service. (CVE-2023-4256, CVE-2023-43279)

USN-7206-1 fixed vulnerabilities in Ubuntu 14.04 LTS to Ubuntu 24.04 LTS. This update provides the corresponding updates for Ubuntu 24.10. Original advisory details: Simon Scannell, Pedro Gallegos, and Jasiel Spelman discovered that rsync did not properly handle checksum lengths. An attacker could use this issue to execute arbitrary code. (CVE-2024-12084) Simon Scannell, Pedro Gallegos, and Jasiel Spelman discovered that rsync compared checksums with uninitialized memory. An attacker could exploit this issue to leak sensitive information. (CVE-2024-12085) Simon Scannell, Pedro Gallegos, and Jasiel Spelman discovered that rsync incorrectly handled file checksums. A malicious server could use this to expose arbitrary client files. (CVE-2024-12086) Simon Scannell, Pedro Gallegos, and Jasiel Spelman discovered that rsync mishandled symlinks for some settings. An attacker could exploit this to write files outside the intended directory. (CVE-2024-12087) Simon Scannell, Pedro Gallegos, and Jasiel Spelman discovered that rsync failed to verify symbolic link destinations for some settings. An attacker could exploit this for path traversal attacks. (CVE-2024-12088) Aleksei Gorban discovered a race condition in rsync's handling of symbolic links. An attacker could use this to access sensitive information or escalate privileges. (CVE-2024-12747)

Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. A physically proximate remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-12351) Andy Nguyen discovered that the Bluetooth A2MP implementation in the Linux kernel did not properly initialize memory in some situations. A physically proximate remote attacker could use this to expose sensitive information (kernel memory). (CVE-2020-12352) Andy Nguyen discovered that the Bluetooth HCI event packet parser in the Linux kernel did not properly handle event advertisements of certain sizes, leading to a heap-based buffer overflow. A physically proximate remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-24490) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - Media drivers; - Network drivers; - SMB network file system; - Bluetooth subsystem; - Amateur Radio drivers; - Network traffic control; - VMware vSockets driver; (CVE-2024-43904, CVE-2024-35963, CVE-2024-35967, CVE-2024-40973, CVE-2024-26822, CVE-2024-35965, CVE-2024-40910, CVE-2024-38553, CVE-2024-53057, CVE-2024-50264, CVE-2024-35966)

Iggy Frankovic discovered that FRR incorrectly handled certain BGP messages. A remote attacker could possibly use this issue to cause FRR to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2024-44070) It was discovered that FRR re-validated all routes in certain instances when the internal socket's buffer size overflowed. A remote attacker could possibly use this issue to impact the performance of FRR, resulting in a denial of service. (CVE-2024-55553)