Monthly Archives: October 2023

Advisories

kernel-6.5.6-100.fc37

Read Time:9 Second

FEDORA-2023-50bd7c9c12

Packages in this update:

kernel-6.5.6-100.fc37

Update description:

The 6.5.6 stable kernel update contains a number of important fixes across the tree.

Read More

Advisories

CVE-2022-34355

Read Time:14 Second

IBM Jazz Foundation (IBM Engineering Lifecycle Management 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2) could disclose sensitive version information to a user that could be used in further attacks against the system. IBM X-Force ID: 230498.

Read More

Advisories

fwupd-1.9.6-1.fc38

Read Time:1 Minute, 12 Second

FEDORA-2023-48c43df788

Packages in this update:

fwupd-1.9.6-1.fc38

Update description:

This release adds the following features:

Add a launchd agent for macOS
Add a new security attribute for BIOS capsule updates to be enabled
Add functionality to fix specific host security attributes
Add global information from the context into the report data
Add support for coSWID payload sections
Add support for parsing the EDID
Allow adding only-quirk instance IDs from quirk files
Install a sysusers.d systemd file when using -Dsystemd_unit_user

This release fixes the following bugs:

Allow devices to require a connected display
Allow Wacom modules to specify a status polling interval
Do not show Intel CET unsupported as success
Do not show multiple Genesys GL32xx devices for the same physical device
Fix a fuzzing timeout in the HID descriptor parser
Recalculate the SUPPORTED flag after adopting a child device
Reduce the amount of memory used when chunking large firmware
Speed up logitech-bulkcontroller firmware updates
Stop reading ownership and TPM flashes left in Dell plugin
Try to use the LVFS when using report-history –force
Write the coSWID TAG_ID as a bytestring when possible

This release adds support for the following hardware:

AMD dGPUs, Navi3x and above
Foxconn SDX12, SDX55 and SDX6X devices
Google Rex Intel USB-4 retimers
MediaTek DP AUX Scalers
Quectel EM160 module
Star Labs StarBook Mk VIr2
VLI VL105-VL109
Wacom DTH134 and DTC121 Tablets

Read More

Advisories

USN-6416-2: Linux kernel vulnerabilities

Read Time:3 Minute, 4 Second

It was discovered that the IPv6 implementation in the Linux kernel
contained a high rate of hash collisions in connection lookup table. A
remote attacker could use this to cause a denial of service (excessive CPU
consumption). (CVE-2023-1206)

Daniël Trujillo, Johannes Wikner, and Kaveh Razavi discovered that some AMD
processors utilising speculative execution and branch prediction may allow
unauthorised memory reads via a speculative side-channel attack. A local
attacker could use this to expose sensitive information, including kernel
memory. (CVE-2023-20569)

It was discovered that the IPv6 RPL protocol implementation in the Linux
kernel did not properly handle user-supplied data. A remote attacker could
use this to cause a denial of service (system crash). (CVE-2023-2156)

Davide Ornaghi discovered that the DECnet network protocol implementation
in the Linux kernel contained a null pointer dereference vulnerability. A
remote attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code. Please note that kernel support for the
DECnet has been removed to resolve this CVE. (CVE-2023-3338)

Chih-Yen Chang discovered that the KSMBD implementation in the Linux kernel
did not properly validate command payload size, leading to a out-of-bounds
read vulnerability. A remote attacker could possibly use this to cause a
denial of service (system crash). (CVE-2023-38432)

It was discovered that the NFC implementation in the Linux kernel contained
a use-after-free vulnerability when performing peer-to-peer communication
in certain conditions. A privileged attacker could use this to cause a
denial of service (system crash) or possibly expose sensitive information
(kernel memory). (CVE-2023-3863)

Laurence Wit discovered that the KSMBD implementation in the Linux kernel
did not properly validate a buffer size in certain situations, leading to
an out-of-bounds read vulnerability. A remote attacker could use this to
cause a denial of service (system crash) or possibly expose sensitive
information. (CVE-2023-3865)

Laurence Wit discovered that the KSMBD implementation in the Linux kernel
contained a null pointer dereference vulnerability when handling handling
chained requests. A remote attacker could use this to cause a denial of
service (system crash). (CVE-2023-3866)

It was discovered that the Siano USB MDTV receiver device driver in the
Linux kernel did not properly handle device initialization failures in
certain situations, leading to a use-after-free vulnerability. A physically
proximate attacker could use this cause a denial of service (system crash).
(CVE-2023-4132)

Andy Nguyen discovered that the KVM implementation for AMD processors in
the Linux kernel with Secure Encrypted Virtualization (SEV) contained a
race condition when accessing the GHCB page. A local attacker in a SEV
guest VM could possibly use this to cause a denial of service (host system
crash). (CVE-2023-4155)

It was discovered that the TUN/TAP driver in the Linux kernel did not
properly initialize socket data. A local attacker could use this to cause a
denial of service (system crash). (CVE-2023-4194)

Maxim Suhanov discovered that the exFAT file system implementation in the
Linux kernel did not properly check a file name length, leading to an out-
of-bounds write vulnerability. An attacker could use this to construct a
malicious exFAT image that, when mounted and operated on, could cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2023-4273)

Thelford Williams discovered that the Ceph file system messenger protocol
implementation in the Linux kernel did not properly validate frame segment
length in certain situation, leading to a buffer overflow vulnerability. A
remote attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code. (CVE-2023-44466)

Read More