ZDI-24-1646: Epic Games Launcher Incorrect Default Permissions Local Privilege Escalation Vulnerability

Read Time:17 Second

This vulnerability allows local attackers to escalate privileges on affected installations of Epic Games Launcher. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-11872.

webkitgtk-2.46.5-1.fc40

FEDORA-2024-03a1955920 Packages in this update: webkitgtk-2.46.5-1.fc40 Update description: Update to 2.46.5: Fix several crashes and rendering issues. CVE-2024-54479, CVE-2024-54502, CVE-2024-54508,...

December 19, 2024

webkitgtk-2.46.5-1.fc41

FEDORA-2024-32bc143584 Packages in this update: webkitgtk-2.46.5-1.fc41 Update description: Update to 2.46.5: Fix several crashes and rendering issues. CVE-2024-54479, CVE-2024-54502, CVE-2024-54508,...

December 19, 2024

incus-6.8-1.fc41

FEDORA-2024-0912cd3ad9 Packages in this update: incus-6.8-1.fc41 Update description: Update to 6.8 to get various features and fixes Read More

December 18, 2024

USN-7177-1: YARA vulnerability

It was discovered that YARA did not properly sanitize its configuration settings. An attacker could potentially exploit this issue to...

December 18, 2024

USN-7169-2: Linux kernel (GCP) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This...

December 18, 2024

age-1.2.1-1.fc41

FEDORA-2024-4f08c1a90a Packages in this update: age-1.2.1-1.fc41 Update description: Update to 1.2.1 to fix https://github.com/FiloSottile/age/security/advisories/GHSA-32gq-x56h-299c security issue. Read More

December 18, 2024

New Advances in the Understanding of Prime Numbers

US Government Issues Cloud Security Requirements for Federal Agencies

Phishing Attacks Double in 2024

New Attacks Exploit VSCode Extensions and npm Packages

It’s time to stop calling it “pig butchering”

How to Lose a Fortune with Just One Bad Click

Attacker Distributes DarkGate Using MS Teams Vishing Technique

Nigeria Cracks Down on Cryptocurrency Investment Fraud and Romance Scams

Meta Hit with Massive $263m GDPR Fine

ZDI-24-1646: Epic Games Launcher Incorrect Default Permissions Local Privilege Escalation Vulnerability

webkitgtk-2.46.5-1.fc40

webkitgtk-2.46.5-1.fc41

incus-6.8-1.fc41

USN-7177-1: YARA vulnerability

USN-7169-2: Linux kernel (GCP) vulnerabilities

age-1.2.1-1.fc41