Red Hat Security Advisory 2016-1809-01 – Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 45.3.0. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird.

Red Hat Security Advisory 2016-1814-01 – The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the way certain interfaces of the Linux kernel’s Infiniband subsystem used write() as bi-directional ioctl() replacement, which could lead to insufficient memory security checks when being invoked using the splice() system call. A local unprivileged user on a system with either Infiniband hardware present or RDMA Userspace Connection Manager Access module explicitly loaded, could use this flaw to escalate their privileges on the system.

Red Hat Security Advisory 2016-1815-01 – The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: It was found that the RFC 5961 challenge ACK rate limiting as implemented in the Linux kernel’s networking subsystem allowed an off-path attacker to leak certain information about a given connection by creating congestion on the global challenge ACK rate limit counter and then measuring the changes by probing packets. An off-path attacker could use this flaw to either terminate TCP connection and/or inject payload into non-secured TCP connection between two endpoints on the network.

Debian Linux Security Advisory 3659-1 – Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or have other impacts.