Mageia 2022-0071: docker-containerd security update
Unprivileged pod may bind mount any privileged regular file on disk (CVE-2021-43816) References: - https://bugs.mageia.org/show_bug.cgi?id=30050
Unprivileged pod may bind mount any privileged regular file on disk (CVE-2021-43816) References: - https://bugs.mageia.org/show_bug.cgi?id=30050
rlwrap update fixes use of /tmp/rlwrap.debug causing a denial of service for other users on the same system. References: - https://bugs.mageia.org/show_bug.cgi?id=30036
Kafka dissector infinite loop (CVE-2021-4190). RTMPT dissector infinite loop (wnpa-sec-2022-01). Large loops in multiple dissectors (wnpa-sec-2022-02).
phoronix-test-suite is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'). (CVE-2022-0157) phoronix-test-suite is vulnerable to Cross-Site Request Forgery (CSRF). (CVE-2022-0196, CVE-2022-0197, CVE-2022-0238)
Stack-based buffer overflow in auphone.c that can be triggered by an environment variable. Also, the x11-util-cf-files package has been patched to allow building nas.
This update provides new and updated nonfree firmwares and fixes atleast the following security issues: Improper input validation in firmware for Intel(R) PROSet/Wireless Wi-Fi may allow an unauthenticated user to potentially enable escalation of
Updated microcodes for Intel processors, fixing various functional issues, and atleast the following security issues: Insufficient control flow management in some Intel(R) Processors may allow an authenticated user to potentially enable a denial of service via local
This kernel-linus update is based on upstream 5.15.23 and fixes atleast the following security issues: A stack overflow flaw was found in the Linux kernel TIPC protocol functionality in the way a user sends a packet with malicious content
This kernel update is based on upstream 5.15.23 and fixes atleast the following security issues: A stack overflow flaw was found in the Linux kernel TIPC protocol functionality in the way a user sends a packet with malicious content
If a user installed an extension of a particular type, the extension could have auto-updated itself and while doing so, bypass the prompt which grants the new version the new requested permissions (CVE-2022-22754). If a user was convinced to drag and drop an image to their desktop or other
Processing fixup entries may follow symbolic links. (CVE-2021-31566) libarchive 3.4.1 through 3.5.1 has a use-after-free in copy_string (called from do_uncompress_block and process_block). (CVE-2021-36976)
Processing a maliciously crafted mail message may lead to running arbitrary javascript. Description: A validation issue was addressed with improved input sanitization. (CVE-2022-22589) Processing maliciously crafted web content may lead to arbitrary code
Ziming Zhang discovered that BlueZ incorrectly handled memory write operations in its gatt server. A remote attacker could possibly use this to cause BlueZ to crash leading to a denial of service, or potentially remotely execute code. (CVE-2022-0204)
If a user installed an extension of a particular type, the extension could have auto-updated itself and while doing so, bypass the prompt which grants the new version the new requested permissions (CVE-2022-22754). If a user was convinced to drag and drop an image to their desktop or other
Security hotfix release addressing a critical vulnerability in PostgreSQL connections (CVE-2021-3850) Additional fixes: Fix usage of get_magic_* functions #619 #657
private-cwd leaks access to the entire filesystem References: - https://bugs.mageia.org/show_bug.cgi?id=30007 - https://github.com/netblue30/firejail/issues/4780
For CVE-2021-20316 and CVE-2021-44141, there is only a workaround and mitigation: All versions of Samba prior to 4.15.5 are vulnerable to a malicious client using a server symlink to determine if a file or directory
XSS can occur in GNOME Web (aka Epiphany) before 40.4 and 41.x before 41.1 via an about: page, as demonstrated by ephy-about:overview when a user visits an XSS payload page often enough to place that page on the Most Visited list (CVE-2021-45085).
Updated glibc packages fix security vulnerability: An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program
xterm through Patch 370, when Sixel support is enabled, allows attackers to trigger a buffer overflow in set_sixel in graphics_sixel.c via crafted text. (CVE-2022-24130) References:
Sign up to get the latest security news affecting Linux and
open source delivered straight to your inbox
Powered By
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.