libsolv: heap-based buffer overflow in prune_to_recommended() in src/policy.c

A flaw was found in libsolv. A buffer overflow vulnerability in the prunetorecommend function allows attackers to cause a denial of service. The highest threat from this vulnerability is to system availability...

Heap-based Buffer Overflow

libsolv.so is vulnerable to heap-based buffer overflow. The vulnerability exists in prefersuggested function in policy.c as it doesn't properly handle the size of the map variables which causes an application crash...

RHEL 8 : libsolv (RHSA-2021:4060)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:4060 advisory. The libsolv packages provide a library for resolving package dependencies using a satisfiability algorithm. Security Fixes: libsolv:...

CVE-2021-33938

Buffer overflow vulnerability in function prunetorecommended in src/policy.c in libsolv before 0.7.17 allows attackers to cause a Denial of Service...

Code injection

The makelockdirname function in policy.c in pmount 0.9.18 allow local users to overwrite arbitrary files via a symlink attack on a file in /var/lock/...