Fedora: Security Advisory (FEDORA-2023-0abcfebecd)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-46316

In buc Traceroute 2.0.12 through 2.1.2 before 2.1.3, the wrapper scripts do not properly parse command lines...

CVE-2023-21400

In multiple functions of iouring.c, there is a possible kernel memory corruption due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-2908

A null pointer dereference issue was found in Libtiff's tifdir.c file. This issue may allow an attacker to pass a crafted TIFF image file to the tiffcp utility which triggers a runtime error that causes undefined behavior. This will result in an application crash, eventually leading to a denial o...

CVE-2023-22997

In the Linux kernel before 6.1.2, kernel/module/decompress.c misinterprets the modulegetnextpage return value expects it to be NULL in the error case, whereas it is actually an error pointer...

CVE-2022-1671

A NULL pointer dereference flaw was found in rxrpcpreparses in net/rxrpc/serverkey.c in the Linux kernel. This flaw allows a local attacker to crash the system or leak internal kernel information...

CVE-2021-43389

An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in the detachcapictr function in drivers/isdn/capi/kcapi.c...

CVE-2021-3748

A use-after-free vulnerability was found in the virtio-net device of QEMU. It could occur when the descriptor's address belongs to the non direct access region, due to numbuffers being set after the virtqueue elem has been unmapped. A malicious guest could use this flaw to crash QEMU, resulting i...

CVE-2021-3546

An out-of-bounds write vulnerability was found in the virtio vhost-user GPU device vhost-user-gpu of QEMU in versions up to and including 6.0. The flaw occurs while processing the 'VIRTIOGPUCMDGETCAPSET' command from the guest. It could allow a privileged guest user to crash the QEMU process on t...

Fedora 29 : community-mysql (2019-c1fab3f139)

MySQL 8.0.18 Release notes : https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-18.html CVEs fixed : CVE-2019-2911 CVE-2019-2914 CVE-2019-2938 CVE-2019-2946 CVE-2019-2957 CVE-2019-2960 CVE-2019-2963 CVE-2019-2966 CVE-2019-2967 CVE-2019-2968 CVE-2019-2974 CVE-2019-2982 CVE-2019-2991...

Fedora 28 : atomic-reactor (2019-782e6e61ce)

Fixes for https://bugzilla.redhat.com/showbug.cgi?id=1694523 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing addition...

CVE-2017-13729

There is an illegal address access in the ncsavestr function in allocentry.c in ncurses 6.0. It will lead to a remote denial of service attack...

CVE-2016-5027

dwarfform.c in libdwarf 20160115 allows remote attackers to cause a denial of service crash via a crafted elf file...

Fedora 22 : mediawiki-1.25.3-1.fc22 (2015-24fe8b66c9)

https://www.mediawiki.org/wiki/Releasenotes/1.25MediaWiki1.25.3 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additiona...

CVE-2015-9542

addpassword in pamradiusauth.c in pamradius 1.4.0 does not correctly check the length of the input password, and is vulnerable to a stack-based buffer overflow during memcpy. An attacker could send a crafted password to an application loading the pamradius library and crash it. Arbitrary code...

Fedora 22 : moodle-2.8.7-1.fc22 (2015-14988)

moodle-2.8.7-1.fc22 - Latest upstream release. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

Fedora 21 : python-jwt-1.3.0-1.fc21 (2015-10249)

Latest upstream with security fix for http://seclists.org/oss-sec/2015/q2/3 https://github.com/jpadilla/pyjwt/commit/88a9fc56bdc6c870aa6af93bda401 414a217db2a Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has...

Fedora 18 : freetype-2.4.10-3.fc18 (2013-1492)

This update fixes CVE-2012-5669. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...

Fedora 13 : dhcp-4.1.2-4.ESV.R2.fc13 (2011-0848)

This is a SECURITY release of ISC DHCP, which fixes two security related bugs: CVE-2011-0413: DHCPv6 server CVE-2011-0997: dhclient Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically...

Fedora 13 : sepostgresql-9.0.1-20101007.fc13 (2010-16004)

Upgrade base version to v9.0.1 which contains various bug and security fixes. - http://www.postgresql.org/docs/9.0/static/release-9-0.ht ml - http://www.postgresql.org/docs/9.0/static/release-9-0- 1.html Note that Tenable Network Security has extracted the preceding description block directly fro...