In pkgconf through 1.9.3, variable duplication can cause unbounded string expansion due to incorrect checks in libpkgconf/tuple.c:pkgconf_tuple_parse. For example, a .pc file containing a few hundred bytes can expand to one billion bytes. (CVE-2023-24056)
Chromium updated Chromium to 110.0.5481.177 to fix vulnerabilities including [CVE-2023-0927] Use after free in Web Payments API. [CVE-2023-0928] Use after free in SwiftShader. [CVE-2023-0929] Use after free in Vulkan. [CVE-2023-0930] Heap buffer overflow in Video.
A null pointer dereference issue was discovered in function gui_x11_create_blank_mouse in gui_x11.c in vim 8.1.2269 thru 9.0.0339 allows attackers to cause denial of service or other unspecified impacts. (CVE-2022-47024)
Remote code execution using crafted PFS filesystem. (CVE-2022-4510) References: - https://bugs.mageia.org/show_bug.cgi?id=31375 - https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./thread/M2TTCIDC6ZNFMU5XFFFDFZEBHO2CU5NG/
Privilege escalation (CVE-2021-3020) and other fixes. References: - https://bugs.mageia.org/show_bug.cgi?id=29047 - https://lists.opensuse.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./thread/BNDVFBI7G272LNZ2QQZ4MY56KX2J4C36/
The config_sortlist function is missing checks about the validity of the input string, which allows a possible arbitrary length stack overflow and thus may cause a denial of service. (CVE-2022-47516) References:
Cipher.update_into would accept Python objects which implement the buffer protocol, but provide only immutable buffers. This would allow immutable objects (such as 'bytes') to be mutated, thus violating fundamental rules of Python and resulting in corrupted output. This now correctly raises an exception. (CVE-2023-23931)
Denial of service with a malicious upload or series of uploads. (CVE-2023-24998) References: - https://bugs.mageia.org/show_bug.cgi?id=31580
The config_sortlist function is missing checks about the validity of the input string, which allows a possible arbitrary length stack overflow and thus may cause a denial of service. (CVE-2022-4904) References:
A possible remote code execution vulnerability in the HFS+ file parser. (CVE-2023-20032) A possible remote information leak vulnerability in the DMG file parser. (CVE-2023-20052)
Timing side channel in the RSA decryption implementation of the GNU TLS library. (CVE-2023-0361) References: - https://bugs.mageia.org/show_bug.cgi?id=31558
Using a specially-crafted repository, Git can be tricked into using its local clone optimization even when using a non-local transport. Though Git will abort local clones whose source $GIT_DIR/objects directory contains symbolic links, the objects directory itself may still be a symbolic link. These two may be combined to include arbitrary files based on known paths on the
The password_verify() function may accept some invalid Blowfish hashes as valid. If such invalid hash ever ends up in the password database, it may lead to an application allowing any password for this entry as valid. (CVE-2023-0567) The core path resolution function allocates a buffer one byte too small.
Client memory disclosure when connecting, with Kerberos, to modified server. (CVE-2022-41862) References: - https://bugs.mageia.org/show_bug.cgi?id=31531
Integer Overflow or Wraparound vulnerability in apr_encode functions of Apache Portable Runtime (APR) allows an attacker to write beyond bounds of a buffer. (CVE-2022-24963) References:
Arbitrary code execution when loading configuration files (CVE-2022-39286) References: - https://bugs.mageia.org/show_bug.cgi?id=31156 - https://www.debian.org/lts/security/2022/dla-3195
When the host header does not match a configured host twisted.web.vhost.NameVirtualHost will return a NoResource resource which renders the Host header unescaped into the 404 response allowing HTML and script injection. (CVE-2022-39348)
Remote code execution, but requires user action to open a notebook. (CVE-2021-32797), and other bug fixes. References: - https://bugs.mageia.org/show_bug.cgi?id=30699
CVE-2019-13590: sox-fmt validation CVE-2021-3643 and CVE-2021-23210: voc validation CVE-2021-23159 and CVE-2021-23172: hcom validation CVE-2021-33844: wav validation CVE-2021-40426: sphere validation
Executed config files from the current working directory, which could result in cross-user attacks if run from a directory multiple users may write to. (CVE-2022-21699) References:
Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.
Cloud Security Cryptography Desktop Security Firewall Government Hacks/Cracks IoT Security Network Security Organizations/Events Privacy Security Projects Security Trends Security Vulnerabilities Server Security Vendors/Products
Debian Debian LTS Fedora Gentoo Mageia Oracle openSUSE RockyLinux Slackware SuSE Ubuntu
Harden My Filesystem Learn Tips and Tricks Secure My E-mail Secure My Firewall Secure My Network Secure My Webserver Strengthen My Privacy
Best Secure Linux Distros for Enhanced Privacy & Security The Truth About Linux Malware & How to Protect Your System Is Linux A More Secure Option Than Windows For Businesses? How Secure Is Linux? Top Tips for Securing Your Linux System
Advertise Contribute Your Article Legal Notice RSS Feeds Contact Us Terms of Service Privacy Policy
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.
