An input validation issue in WhatsApp Desktop versions prior to v0.3.4932 could have allowed Cross-Site Scripting (XSS) upon clicking on a link from a specially crafted live location message.
Category: Alerts
ASA-2020-00040 – Canonical Ubuntu: Arbitrary file read and arbitrary module loading due to incorrectly handled module loading in the ppp package
The ppp package in Ubuntu contains a patch to load the ppp_generic kernel module when it's not built by default in the Linux kernel. The patch has a vulnerability that allows an attacker to influence the behavior of the modprobe binary using MODPROBE_OPTIONS environment variable. This vulnerability leads to arbitrary file read or arbitrary kernel module loading.
ASA-2020-00039 – Linux kernel: SELinux netlink permission check bypass due to SELinux incorrectly assume that an skb would only contain a single netlink message
A flaw was found in the Linux kernels SELinux LSM hook implementation, where it incorrectly assumed that an skb would only contain a single netlink message. The hook would incorrectly only validate the first netlink message in the skb and allow or deny the rest of the messages within the skb with the granted permission without further processing.
ASA-2020-00038 – Linux kernel: Memory corruption due to the lack of validation of an sk_family field in vhost subsystem
In the Linux kernel, get_raw_socket() in drivers/vhost/net.c lacks validation of an sk_family field, which might allow attackers to trigger kernel stack corruption via crafted system calls.
ASA-2020-00001 – MikroTik WinBox: Path traversal vulnerability in the parameter name from the list of files
MikroTik WinBox before 3.21 is vulnerable to a path traversal issue that allows an attacker to write files anywhere on the system where WinBox has write privileges.
ASA-2019-00669 – OpenBSD: Dynamic Loader Privilege Escalation
OpenBSD allows local users to escalate to root because a check for LD_LIBRARY_PATH in setuid programs can be defeated by setting a very small RLIMIT_DATA resource limit. When executing chpass or passwd (which are setuid root), _dl_setup_env in ld.so tries to strip LD_LIBRARY_PATH from the environment, but fails when it cannot allocate memory. Thus, the attacker is able to execute their own library code as root.
ASA-2019-00668 – Git: Remote Code Execution (RCE) in recursive clones
Recursive clones are currently affected by a vulnerability that is caused by too-lax validation of submodule names, allowing very targeted attacks via remote code execution in recursive clones.
ASA-2019-00667 – Git: Git does not refuse to write out tracked files with backlashes in filenames
Filenames on Linux/Unix can contain backslashes. On Windows, backslashes are directory separators. Git did not use to refuse to write out tracked files with such filenames.