Read Time:12 Second

FEDORA-2023-949b1be59c

Packages in this update:

edk2-20221117gitfff6d81270b5-13.fc36

Update description:

update openssl (CVE-2023-0286, CVE-2023-0215, CVE-2022-4450, CVE-2022-4304).

cherry-pick aarch64 bugfixes,
set firmware build release date,
add ext4 sub-package

More Stories

Backdoor.Win32.Benju.a / Unauthenticated Remote Command Execution

Posted by malvuln on Sep 28 Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024 Original source: https://malvuln.com/advisory/88922242e8805bfbc5981e55fdfadd71.txt Contact:...

September 29, 2024

Backdoor.Win32.Prorat.jz / Remote Stack Buffer Overflow (SEH)

Posted by malvuln on Sep 28 Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024 Original source: https://malvuln.com/advisory/277f9a4db328476300c4da5f680902ea.txt Contact:...

September 29, 2024

Backdoor.Win32.Amatu.a / Remote Arbitrary File Write (RCE)

Posted by malvuln on Sep 28 Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024 Original source: https://malvuln.com/advisory/1e2d0b90ffc23e00b743c41064bdcc6b.txt Contact:...

September 29, 2024

Backdoor.Win32.Agent.pw / Remote Stack Buffer Overflow (SEH)

Posted by malvuln on Sep 28 Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024 Original source: https://malvuln.com/advisory/68dd7df213674e096d6ee255a7b90088.txt Contact:...

September 29, 2024

Backdoor.Win32.Boiling / Remote Command Execution

Posted by malvuln on Sep 28 Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024 Original source: https://malvuln.com/advisory/80cb490e5d3c4205434850eff6ef5f8f.txt Contact:...

September 29, 2024

Defense in depth — the Microsoft way (part 88): a SINGLE command line shows about 20, 000 instances of CWE-73

Posted by Stefan Kanthak on Sep 28 Hi @ll, <https://cwe.mitre.org/data/definitions/73.html> CWE-73: External Control of File Name or Path is a...

September 29, 2024