Red Hat Security Advisory 2017-0794-01 – The quagga packages contain Quagga, the free network-routing software suite that manages TCP/IP based protocols. Quagga supports the BGP4, BGP4+, OSPFv2, OSPFv3, RIPv1, RIPv2, and RIPng protocols, and is intended to be used as a Route Server and Route Reflector. Security Fix: A stack-based buffer overflow flaw was found in the way Quagga handled IPv6 router advertisement messages. A remote attacker could use this flaw to crash the zebra daemon resulting in denial of service.

Red Hat Security Advisory 2017-0641-01 – OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fix: It was discovered that the OpenSSH sshd daemon fetched PAM environment settings before running the login program. In configurations with UseLogin=yes and the pam_env PAM module configured to read user environment settings, a local user could use this flaw to execute arbitrary code as root.

Red Hat Security Advisory 2017-0662-01 – Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix: It was found that Samba always requested forwardable tickets when using Kerberos authentication. A service to which Samba authenticated using Kerberos could subsequently use the ticket to impersonate Samba to other services or domain users.

Red Hat Security Advisory 2017-0654-01 – The coreutils packages contain the GNU Core Utilities and represent a combination of the previously used GNU fileutils, sh-utils, and textutils packages. Security Fix: A race condition was found in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill other processes with root privileges under specific conditions.

Ubuntu Security Notice 3173-2 – USN-3173-1 fixed a vulnerability in nvidia-graphics-drivers-304 and nvidia-graphics-drivers-340. This update provides the corresponding update for nvidia-graphics-drivers-375. It was discovered that the NVIDIA graphics drivers contained a flaw in the kernel mode layer. A local attacker could use this issue to cause a denial of service. Various other issues were also addressed.

Red Hat Security Advisory 2017-0630-01 – Virtual Network Computing is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients. The tigervnc packages contain a client which allows users to connect to other desktops running a VNC server. Security Fix: A denial of service flaw was found in the TigerVNC’s Xvnc server. A remote unauthenticated attacker could use this flaw to make Xvnc crash by terminating the TLS handshake process early.

Red Hat Security Advisory 2017-0631-01 – The wireshark packages contain a network protocol analyzer used to capture and browse the traffic running on a computer network. Security Fix: Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file.