The following updates has been released for Ubuntu Linux:
USN-3658-2: procps-ng vulnerabilitiesProcPS-NG, Git, and Liblouis Updates for Ubuntu
This address two security issues: 1) It was discovered that libprocps incorrectly handled the file2strvec() function. A local attacker could possibly use this to execute
arbitrary code. (CVE-2018-1124). 2) It was discovered that procps-ng incorrectly handled memory. A local attacker could use this issue to cause a denial of service, or
possibly execute arbitrary code. (CVE-2018-1126)
This update is available for Ubuntu Linux 12.04 ESM
USN-3671-1: Git vulnerabilities
This address twe security issues: 1) A remote attacker could possibly use this to craft a git repo that causes arbitrary code execution when "git clone --recurse-submodules" is used. (CVE-2018-11235). 2) An attacker could use this to cause a denial of service or expose sensitive information. (CVE-2018-11233)
This update is available for Ubuntu Linux 14.04 LTS, 16.04 LTS, 17.10, and 18.04 LTS
USN-3672-1: Liblouis vulnerabilities
Henri Salo discovered that Liblouis incorrectly handled certain files. An attacker could possibly use this to execute arbitrary code.
This update is available for Ubuntu Linux 14.04 LTS, 16.04 LTS, 17.10, and 18.04 LTS
