kernel-6.6.6-100.fc38
The 6.6.6 stable kernel update reverts the problematic cfg80211 patch that was brought into the 6.6.5 kernel
The 6.6.5 stable kernel update contains a number of important fixes across the tree.
kernel-6.6.6-200.fc39
The 6.6.6 stable kernel update reverts the problematic cfg80211 patch that was brought into the 6.6.5 kernel
The 6.6.5 stable kernel update contains a number of important fixes across the tree.
it was discovered that Python incorrectly handled null bytes when
normalizing pathnames. An attacker could possibly use this issue to bypass
certain filename checks.
Cisco Talos said Operation Blacksmith leveraged the flaw in publicly facing VMWare Horizon servers
Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Successful exploitation of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
A vulnerability has been discovered in Apache Struts 2, which could allow for remote code execution. Apache Struts 2 is an open-source web application framework for developing Java EE web applications. Successful exploitation could allow for remote code execution in the context of underlying operating system. Depending on the privileges associated with the logged on user, an attacker could then install programs; view, change, or delete data. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
The traditional testing approach for non-voting technology constrains election security. Learn how RABET-V does things differently.
The traditional testing approach for non-voting technology constrains election security. Learn how RABET-V does things differently.
Reginaldo Silva discovered that LibreOffice incorrectly handled filenames
when passing embedded videos to GStreamer. If a user were tricked into
opening a specially crafted file, a remote attacker could possibly use this
issue to execute arbitrary GStreamer plugins. (CVE-2023-6185)
Reginaldo Silva discovered that LibreOffice incorrectly handled certain
non-typical hyperlinks. If a user were tricked into opening a specially
crafted file, a remote attacker could possibly use this issue to execute
arbitrary scripts. (CVE-2023-6186)
