Happy Friday fellow Linux geeks! This week, important updates have been issued for webkit2gtk, Xen and exiv2. Read on to learn about these vulnerabilities and how to secure your system against them.
Have a question about or comment on one of the vulnerabilities highlighted in today's newsletter? Let's discuss!
Check out the new Remote Access Plus solution from ManageEngine to help admins secure their servers against vulnerabilities like these by automating security patches.
Yours in Open Source,
webkit2gtkThe DiscoveryMultiple security vulnerabilities were discovered in webkit2gtk (CVE-2022-42799, CVE-2022-42823 and CVE-2022-42824). |
XenThe DiscoveryMultiple vulnerabilities have been discovered in the Xen hypervisor.
The ImpactThese issues could result in privilege escalation, denial of service (DoS), or information leaks. The FixA Xen security update mitigates these flaws. We recommend that you upgrade your Xen packages promptly to protect the security, integrity and availability of your systems and the privacy of your sensitive information. Your Related Advisories:Register to Customize Your Advisories |
exiv2The DiscoveryThree security bugs have been found in exiv2 including a reachable assertion on crafted input (CVE-2017-11683), a buffer overflow when handling crafted meta-data of CRW images (CVE-2020-19716), and potential integer overflow in the QuickTime component (CVE-2022-3756). The ImpactThese issues could result in denial of service (DoS) attacks. |
