Use-after-free in sampled_data_sample (called from sampled_data_continue and interp). (CVE-2021-45944) Heap-based buffer overflow in sampled_data_finish (called from sampled_data_continue and interp). (CVE-2021-45949)
UserAttributeSimilarityValidator incurred significant overhead evaluating submitted password that were artificially large in relative to the comparison values. On the assumption that access to user registration was unrestricted this provided a potential vector for a denial-of-service attack. (CVE-2021-45115)
squashfs_opendir in unsquash-1.c in Squashfs-Tools 4.5 stores the filename in the directory entry; this is then used by unsquashfs to create the new file during the unsquash. The filename is not validated for traversal outside of the destination directory, and thus allows writing to locations outside of the destination. (CVE-2021-40153)
When reading a specially crafted 7Z archive, the construction of the list of codecs that decompress an entry can result in an infinite loop. This could be used to mount a denial of service attack against services that use Compress' sevenz package. (CVE-2021-35515) When reading a specially crafted 7Z archive, Compress can be made to
Critical evasion in suricata (CVE-2021-35063) References: - https://bugs.mageia.org/show_bug.cgi?id=29012 - https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./thread/FO5R7STJBL3XHZDUREUDZ33DZA6MBITT/
Drop extra capabilities from gnome-shell. They're optional and they break shutdown from the login screen with new glibs. (CVE-2021-3982) References: - https://bugs.mageia.org/show_bug.cgi?id=29825
A dependency used to extract docker/OCI image layers can be tricked into modifying host files by creating a malicious layer that has a symlink with the name "." (or "/"), when running as root. (CVE-2021-29136) Dde to incorrect use of a default URL, `singularity` action commands (`run`/`shell`/`exec`) specifying a container using a `library://` URI
Fix missing TLS certificate verification. (CVE-2021-39359) References: - https://bugs.mageia.org/show_bug.cgi?id=29834 - https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./thread/HRPPP47WRCAPAEJGRMEKYYJZBQCYXTLQ/
Several wireshark vulnerabilities have been fixed. See the release notes for details. References: - https://bugs.mageia.org/show_bug.cgi?id=29832
Fix shell expansion via crafted pathname in the ImageMagick convert fallback References: - https://bugs.mageia.org/show_bug.cgi?id=29829
Apache Log4j2 is vulnerable to a remote code execution (RCE) attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code. This issue is fixed by limiting JNDI data source names to the java protocol
Security vulnerabilities were identified in the open source NTFS-3G and NTFSPROGS software. These vulnerabilities may allow an attacker using a maliciously crafted NTFS-formatted image file or external storage to potentially execute arbitrary privileged code, if the attacker has either local access and the ntfs-3g binary is setuid root, or if the attacker has
stack-based buffer overflow in handle_request() in DHT.c (CVE-2021-44847) References: - https://bugs.mageia.org/show_bug.cgi?id=29821 - https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./thread/S7EBS3NIRYJ7V3PTNINP3PJSVUHGZTGA/
HTML Cleaner allows crafted and SVG embedded scripts to pass through (CVE-2021-43818) References: - https://bugs.mageia.org/show_bug.cgi?id=29817
e2guardian did not validate TLS hostnames (CVE-2021-44273) References: - https://bugs.mageia.org/show_bug.cgi?id=29811 - https://www.openwall.com/lists/oss-security/2021/12/23/2
ReDoS vulnerability in html_preprocess_rules in ebooks/conversion/preprocess.py References: - https://bugs.mageia.org/show_bug.cgi?id=29803
HTTP Request Smuggling due to spaces in headers. The http parser accepts requests with a space (SP) right after the header name before the colon. This can lead to HTTP Request Smuggling (HRS). (CVE-2021-22959) HTTP Request Smuggling when parsing the body. The parse ignores chunk extensions when parsing the body of chunked requests. This leads to HTTP
Authenticate active help requests to the local help web server (CVE-2020-27225) References: - https://bugs.mageia.org/show_bug.cgi?id=29048
CryptSym: fix AES output IV (CVE-2021-3505). Fixed a context save and suspend/resume problem when public keys are loaded. Reset too large size indicators in TPM2B to avoid access beyond buffer (CVE-2021-3623)
This kernel-linus update is based on upstream 5.15.11 and fixes atleast the following security issues: Potentially malicious XEN PV backends can cause guest DoS due to unhardened frontends in the guests, even though this ought to have been prevented by
Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.
Cloud Security Cryptography Desktop Security Firewall Government Hacks/Cracks IoT Security Network Security Organizations/Events Privacy Security Projects Security Trends Security Vulnerabilities Server Security Vendors/Products
Debian Debian LTS Fedora Gentoo Mageia Oracle openSUSE RockyLinux Slackware SuSE Ubuntu
Harden My Filesystem Learn Tips and Tricks Secure My E-mail Secure My Firewall Secure My Network Secure My Webserver Strengthen My Privacy
Best Secure Linux Distros for Enhanced Privacy & Security The Truth About Linux Malware & How to Protect Your System Is Linux A More Secure Option Than Windows For Businesses? How Secure Is Linux? Top Tips for Securing Your Linux System
Advertise Contribute Your Article Legal Notice RSS Feeds Contact Us Terms of Service Privacy Policy
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.
