An improper signature verification vulnerability was found in coreos-installer. A specially crafted gzip installation image can bypass the image signature verification and as a consequence can lead to the installation of unsigned content. An attacker able to modify the original installation image can write arbitrary data, and achieve full access to the node being installed.
More Stories
ImageMagick-6.9.12.82-1.el8
FEDORA-EPEL-2023-30fee0c2cb Packages in this update: ImageMagick-6.9.12.82-1.el8 Update description: Update ImageMagick to 6.9.12.82 (#2176863,2176861,2176860) Read More
ImageMagick-6.9.12.82-1.el9
FEDORA-EPEL-2023-d071c1ad10 Packages in this update: ImageMagick-6.9.12.82-1.el9 Update description: Update ImageMagick to 6.9.12.82 (#2176863,2176861,2176860) Read More
ImageMagick-6.9.12.82-1.fc36
FEDORA-2023-e76c8fab34 Packages in this update: ImageMagick-6.9.12.82-1.fc36 Update description: Update ImageMagick to 6.9.12.82 (#2176863,2176861,2176860) Read More
ImageMagick-6.9.12.82-1.fc37
FEDORA-2023-41a537a9e1 Packages in this update: ImageMagick-6.9.12.82-1.fc37 Update description: Update ImageMagick to 6.9.12.82 (#2176863,2176861,2176860) Read More
netconsd-0.2-1.el8
FEDORA-EPEL-2023-347df5dde7 Packages in this update: netconsd-0.2-1.el8 Update description: Update to 0.2 to address CVE-2023-28753; Fixes: RHBZ#2181655 Read More
netconsd-0.2-1.el9
FEDORA-EPEL-2023-55df79c1ba Packages in this update: netconsd-0.2-1.el9 Update description: Update to 0.2 to address CVE-2023-28753; Fixes: RHBZ#2181655 Read More