Red Hat Security Advisory 2015-0782-01 – The kernel packages contain the Linux kernel, the core of any Linux operating system. It was found that the Linux kernel’s Infiniband subsystem did not properly sanitize input parameters while registering memory regions from user space via the verbs API. A local user with access to a /dev/infiniband/uverbsX device could use this flaw to crash the system or, potentially, escalate their privileges on the system. A use-after-free flaw was found in the way the Linux kernel’s SCTP implementation handled authentication key reference counting during INIT collisions. A remote attacker could use this flaw to crash the system or, potentially, escalate their privileges on the system.

Red Hat Security Advisory 2015-0783-01 – The kernel packages contain the Linux kernel, the core of any Linux operating system. It was found that the Linux kernel’s Infiniband subsystem did not properly sanitize input parameters while registering memory regions from user space via the verbs API. A local user with access to a /dev/infiniband/uverbsX device could use this flaw to crash the system or, potentially, escalate their privileges on the system. An insufficient bound checking flaw was found in the Xen hypervisor’s implementation of acceleration support for the “REP MOVS” instructions. A privileged HVM guest user could potentially use this flaw to crash the host.

Gentoo Linux Security Advisory 201504-1 – Multiple vulnerabilities have been found in Mozilla Firefox, Thunderbird, and SeaMonkey, the worst of which may allow user-assisted execution of arbitrary code. Versions less than 31.5.3 are affected.

Mandriva Linux Security Advisory 2015-193 – The libtasn1 library before version 4.4 is vulnerable to a two-byte stack overflow in asn1_der_decoding.

Mandriva Linux Security Advisory 2015-195 – The utils.http.is_safe_url function in Django before 1.4.20, 1.5.x, 1.6.x before 1.6.11, 1.7.x before 1.7.7, and 1.8.x before 1.8c1 does not properly validate URLs, which allows remote attackers to conduct cross-site scripting attacks via a control character in a URL, as demonstrated by a x08javascript: URL. The updated packages provides a solution for this security issue.

Mandriva Linux Security Advisory 2015-196 – cups-browsed in cups-filters before 1.0.66 contained a bug in the remove_bad_chars function, where it failed to reliably filter out illegal characters if there were two or more subsequent illegal characters, allowing execution of arbitrary commands with the rights of the lp user, using forged print service announcements on DNS-SD servers.

HP Security Bulletin HPSBGN03306 1 – Potential security vulnerabilities have been identified with HP IceWall SSO MCRP, SSO Dfw, and SSO Agent running OpenSSL. The vulnerabilities could be exploited remotely resulting in Denial of Service (DoS). Revision 1 of this advisory.