Format string vulnerability in panoFileOutputNamesCreate() in libpano13 2.9.20.rc2 and earlier can lead to read and write arbitrary memory values (CVE-2021-20307). References: - https://bugs.mageia.org/show_bug.cgi?id=28997 - https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./thread/JE6YZSXNVD6WZ3AG3ENL2DIHQFF24LYX/
An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading to calling of memmove() on a negative size argument, causing an out-of-bounds write and/or a crash. The greatest impact of this flaw is to availability, with some potential impact to confidentiality and integrity as well (CVE-2021-3520). References: - https://bugs.mageia.org/show_bug.cgi?id=28990 - https://www.debian.org/security/2021/dsa-4919
Buffer Overflow in Graphviz Graph Visualization Tools from commit ID f8b9e035 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by loading a crafted file into the "lib/common/shapes.c" component. (CVE-2020-18032) References: - https://bugs.mageia.org/show_bug.cgi?id=28989 - https://www.debian.org/security/2021/dsa-4914
A remote user could create a specifically crafted file that could trigger some various issues. It is possible to trigger a remote code execution through a specifically crafted playlist, and tricking the user into interacting with that playlist elements. It is also possible to trigger read or write buffer overflows with some crafted files or by a MITM attack on the automatic updater
Updated libebml packages fix security vulnerabilities: Heap use-after-free when parsing malformed file. A flaw was found in libebml before 1.4.2. A heap overflow bug exists in the implementation of EbmlString::ReadData and EbmlUnicodeString::ReadData in libebml (CVE-2021-3405).
This kernel-linus update is based on upstream 5.10.41 and fixes atleast the following security issue: kernel/bpf/verifier.c in the Linux kernel through 5.12.7 enforces incorrect limits for pointer arithmetic operations. This can be abused to perform
This kernel update is based on upstream 5.10.41 and fixes atleast the following security issues: A double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI
Updated ceph packages fix security vulnerability on rgw CVE-2021-3524 (as well as CVE-2021-3509 and CVE-2021-3531 from which Mageia was not affected). References: - https://bugs.mageia.org/show_bug.cgi?id=28928 - https://docs.ceph.com/en/latest/security/CVE-2021-3524/
The MS-WSP dissector could consume excessive amounts of memory (CVE-2021-22207). References: - https://bugs.mageia.org/show_bug.cgi?id=28915
Buffer overrun from integer overflow in array subscripting calculations (CVE-2021-32027). Memory disclosure in INSERT ... ON CONFLICT ... DO UPDATE. (CVE-2021-32028). Memory disclosure in partitioned-table UPDATE ... RETURNING. (CVE-2021-32029).
A broken inbound incremental zone update (IXFR) can cause named to terminate unexpectedly(CVE-2021-25214). Mageia 7 version not affected. An assertion check can fail while answering queries for DNAME records that require the DNAME to be processed to resolve itself (CVE-2021-25215). This affects both versions. A second vulnerability in BIND's GSSAPI security policy negotiation can be targeted by a buffer overflow attack (CVE-2021-25216). Mageia 7 version not affected.
XLookupColor() and other X libraries function lack proper validation of the length of their string parameters. If those parameters can be controlled by an external application (for instance a color name that can be emitted via a terminal control sequence) it can lead to the emission of extra X protocol requests to the X server
An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when performing syntax highlighting of a Standard ML (SML) source file, as demonstrated by input that only contains the "exception" keyword (CVE-2021-20270). A deadlock vulnerability was found in 'github.com/containers/storage' in versions before 1.28.1. When a container image is processed, each layer is unpacked using `tar`. If one of those layers is not a valid `tar` archive this causes an error leading to an unexpected situation where the code indefinitely waits for the tar unpacked stream, which never finishes. An attacker could use this vulnerability to craft a malicious image, which when downloaded and stored by an application using containers/storage, would then cause a deadlock leading to a Denial of Service (DoS) (CVE-2021-27291). An issue was discovered in MediaWiki before 1.31.13 and 1.32.x through 1.35.x before 1.35.2. When using the MediaWiki API to "protect" a page, a user is currently able to protect to a higher level than they currently have permissions for (CVE-2021-30152).
The updated packages fix security vulnerabilities: Thunderbird stored OpenPGP secret keys without master password protection (CVE-2021-29956).
There is a flaw in the opj2_compress program in openjpeg2. An attacker who is able to submit a large number of image files to be processed in a directory by opj2_compress, could trigger a heap out-of-bounds write due to an integer overflow, which is caused by the large number of image files. The greatest threat posed by this flaw is to confidentiality, integrity, and availability. This flaw affects the opj2_compress utility but is not in the openjpeg2 library. Therefore, the attack vector is local to the opj2_compress utility and would require an attacker to convince a user to open a directory with an extremely large number of files using opj2_compress, or a script to be feeding such arbitrary, untrusted files to opj2_compress (CVE-2021-29338). References:
This kernel-linus update is based on upstream 5.10.37 and fixes atleast the following security issues: It was discovered that the io_uring implementation of the Linux kernel did not properly enforce the MAX_RW_COUNT limit in some situations. A local
This kernel update is based on upstream 5.10.37 and fixes atleast the following security issues: It was discovered that the io_uring implementation of the Linux kernel did not properly enforce the MAX_RW_COUNT limit in some situations. A local
The updated packages fix security vulnerabilities: Use-after-free in xmlEncodeEntitiesInternal() in entities.c. (CVE-2021-3516)
Avoid infinite loop by handling HUP event in client_work. (CVE-2021-3468) References: - https://bugs.mageia.org/show_bug.cgi?id=28901 - https://lists.opensuse.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./message/VCPLDL2TVAMUG4CYPGSPUHQ3KJXENCPN/
Some severe exploitable vulnerabilities were discovered and fixed (CVE-2021-2154 and CVE-2021-2166). This is a regular update, which brings the usual improvements in innodb, galera. See upstream advisory.
Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.
Cloud Security Cryptography Desktop Security Firewall Government Hacks/Cracks IoT Security Network Security Organizations/Events Privacy Security Projects Security Trends Security Vulnerabilities Server Security Vendors/Products
Debian Debian LTS Fedora Gentoo Mageia Oracle openSUSE RockyLinux Slackware SuSE Ubuntu
Harden My Filesystem Learn Tips and Tricks Secure My E-mail Secure My Firewall Secure My Network Secure My Webserver Strengthen My Privacy
Best Secure Linux Distros for Enhanced Privacy & Security The Truth About Linux Malware & How to Protect Your System Is Linux A More Secure Option Than Windows For Businesses? How Secure Is Linux? Top Tips for Securing Your Linux System
Advertise Contribute Your Article Legal Notice RSS Feeds Contact Us Terms of Service Privacy Policy
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.
