Mageia 2022-0084: libxml2 security update
valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes. (CVE-2022-23308) References: - https://bugs.mageia.org/show_bug.cgi?id=30094
valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes. (CVE-2022-23308) References: - https://bugs.mageia.org/show_bug.cgi?id=30094
Security update for php. See changelog for details. References: - https://bugs.mageia.org/show_bug.cgi?id=30056 - https://www.php.net/ChangeLog-8.php#8.0.16
A vulnerability was found in htmldoc version 1.9.15 where the stack out-of-bounds read takes place in gif_get_code() and occurs when opening a malicious GIF file, which can result in a crash (segmentation fault). (CVE-2022-0534)
Passing malformed 2- and 3-byte UTF-8 sequences (e.g. from start tag names) to the XML processing application on top of Expat can cause arbitrary damage (e.g. code execution) depending on how invalid UTF-8 is handled inside the XML processor; validation was not their job but Expat's. Exploits with code execution are known to exist. (CVE-2022-25235)
There is a file descriptor leak in polkit, which can enable an unprivileged user to cause polkit to crash, due to file descriptor exhaustion. (CVE-2021-4115) References:
In Varnish Cache before 6.6.2 and 7.x before 7.0.2, Varnish Cache 6.0 LTS before 6.0.10, and and Varnish Enterprise (Cache Plus) 4.1.x before 4.1.11r6 and 6.0.x before 6.0.9r4, request smuggling can occur for HTTP/1 connections. (CVE-2022-23959)
The App::cpanminus package 1.7044 for Perl allows Signature Verification Bypass. (CVE-2020-16154) References: - https://bugs.mageia.org/show_bug.cgi?id=30019
Improper handling of URI Subject Alternative Names (Medium). Accepting arbitrary Subject Alternative Name (SAN) types, unless a PKI is specifically defined to use a particular SAN type, can result in bypassing name-constrained intermediates. Node.js was accepting URI SAN types, which PKIs are often not defined to use. Additionally, when a protocol allows URI
An integer overflow in util-linux through 2.37.1 can potentially cause a buffer overflow if an attacker were able to use system resources in a way that leads to a large number in the /proc/sysvipc/sem file. NOTE: this is unexploitable in GNU C Library environments, and possibly in all realistic environments. (CVE-2021-37600)
Fix accessibility not working when the Bubblewrap sandbox is enabled. Fix rendering of scrollbars when overlay scrollbars are disabled. Fix the build when the X11 support is disabled. Fix the build in a number of situations where the main OpenGL library is not called libGL or libgl, as is the case on systems that use libglvnd.
Buffer overflow vulnerability in function stbi__extend_receive in stb_image.h in stb 2.26 via a crafted JPEG file. (CVE-2021-28021) An issue was discovered in stb stb_image.h 1.33 through 2.27. The HDR loader parsed truncated end-of-file RLE scanlines as an infinite sequence of
In zsh before 5.8.1, an attacker can achieve code execution if they control a command output inside the prompt, as demonstrated by a %F argument. This occurs because of recursive PROMPT_SUBST expansion. (CVE-2021-45444) References:
Crafted email could trigger an out-of-bounds write. (CVE-2022-0566) References: - https://bugs.mageia.org/show_bug.cgi?id=30055 - https://www.thunderbird.net/en-US/thunderbird/91.6.1/releasenotes/
Unprivileged pod may bind mount any privileged regular file on disk (CVE-2021-43816) References: - https://bugs.mageia.org/show_bug.cgi?id=30050
rlwrap update fixes use of /tmp/rlwrap.debug causing a denial of service for other users on the same system. References: - https://bugs.mageia.org/show_bug.cgi?id=30036
Kafka dissector infinite loop (CVE-2021-4190). RTMPT dissector infinite loop (wnpa-sec-2022-01). Large loops in multiple dissectors (wnpa-sec-2022-02).
phoronix-test-suite is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'). (CVE-2022-0157) phoronix-test-suite is vulnerable to Cross-Site Request Forgery (CSRF). (CVE-2022-0196, CVE-2022-0197, CVE-2022-0238)
Stack-based buffer overflow in auphone.c that can be triggered by an environment variable. Also, the x11-util-cf-files package has been patched to allow building nas.
This update provides new and updated nonfree firmwares and fixes atleast the following security issues: Improper input validation in firmware for Intel(R) PROSet/Wireless Wi-Fi may allow an unauthenticated user to potentially enable escalation of
Updated microcodes for Intel processors, fixing various functional issues, and atleast the following security issues: Insufficient control flow management in some Intel(R) Processors may allow an authenticated user to potentially enable a denial of service via local
Sign up to get the latest security news affecting Linux and
open source delivered straight to your inbox
Powered By
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.