Read Time:8 Second
FEDORA-2023-c69a2a8f8b
Packages in this update:
xen-4.16.3-2.fc37
Update description:
x86: Cross-Thread Return Address Predictions [XSA-426, CVE-2022-27672]
Category Archives: Advisories
USN-5875-1: Linux kernel (GKE) vulnerabilities
Read Time:2 Minute, 24 Second
It was discovered that the NFSD implementation in the Linux kernel did not
properly handle some RPC messages, leading to a buffer overflow. A remote
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2022-43945)
Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation
in the Linux kernel contained multiple use-after-free vulnerabilities. A
physically proximate attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2022-42896)
It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux
kernel did not properly perform bounds checking in some situations. A
physically proximate attacker could use this to craft a malicious USB
device that when inserted, could cause a denial of service (system crash)
or possibly execute arbitrary code. (CVE-2022-3628)
It was discovered that a use-after-free vulnerability existed in the
Bluetooth stack in the Linux kernel. A local attacker could use this to
cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2022-3640)
It was discovered that the Xen netback driver in the Linux kernel did not
properly handle packets structured in certain ways. An attacker in a guest
VM could possibly use this to cause a denial of service (host NIC
availability). (CVE-2022-3643)
Khalid Masum discovered that the NILFS2 file system implementation in the
Linux kernel did not properly handle certain error conditions, leading to a
use-after-free vulnerability. A local attacker could use this to cause a
denial of service or possibly execute arbitrary code. (CVE-2022-3649)
It was discovered that a race condition existed in the SMSC UFX USB driver
implementation in the Linux kernel, leading to a use-after-free
vulnerability. A physically proximate attacker could use this to cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2022-41849)
It was discovered that a race condition existed in the Roccat HID driver in
the Linux kernel, leading to a use-after-free vulnerability. A local
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2022-41850)
Tamás Koczka discovered that the Bluetooth L2CAP implementation in the
Linux kernel did not properly initialize memory in some situations. A
physically proximate attacker could possibly use this to expose sensitive
information (kernel memory). (CVE-2022-42895)
It was discovered that an integer overflow vulnerability existed in the
Bluetooth subsystem in the Linux kernel. A physically proximate attacker
could use this to cause a denial of service (system crash).
(CVE-2022-45934)
It was discovered that the binder IPC implementation in the Linux kernel
contained a use-after-free vulnerability. A local attacker could use this
to cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2023-20928)
USN-5874-1: Linux kernel vulnerabilities
Read Time:1 Minute, 34 Second
It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux
kernel did not properly perform bounds checking in some situations. A
physically proximate attacker could use this to craft a malicious USB
device that when inserted, could cause a denial of service (system crash)
or possibly execute arbitrary code. (CVE-2022-3628)
It was discovered that a use-after-free vulnerability existed in the
Bluetooth stack in the Linux kernel. A local attacker could use this to
cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2022-3640)
Khalid Masum discovered that the NILFS2 file system implementation in the
Linux kernel did not properly handle certain error conditions, leading to a
use-after-free vulnerability. A local attacker could use this to cause a
denial of service or possibly execute arbitrary code. (CVE-2022-3649)
It was discovered that a race condition existed in the SMSC UFX USB driver
implementation in the Linux kernel, leading to a use-after-free
vulnerability. A physically proximate attacker could use this to cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2022-41849)
It was discovered that a race condition existed in the Roccat HID driver in
the Linux kernel, leading to a use-after-free vulnerability. A local
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2022-41850)
Tamás Koczka discovered that the Bluetooth L2CAP implementation in the
Linux kernel did not properly initialize memory in some situations. A
physically proximate attacker could possibly use this to expose sensitive
information (kernel memory). (CVE-2022-42895)
It was discovered that the binder IPC implementation in the Linux kernel
contained a use-after-free vulnerability. A local attacker could use this
to cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2023-20928)
kernel-6.1.12-200.fc37
Read Time:9 Second
FEDORA-2023-b67c3bf65d
Packages in this update:
kernel-6.1.12-200.fc37
Update description:
The 6.1.12 stable kernel update contains a number of important fixes across the tree.
kernel-6.1.12-100.fc36
Read Time:9 Second
FEDORA-2023-457955ce13
Packages in this update:
kernel-6.1.12-100.fc36
Update description:
The 6.1.12 stable kernel update contains a number of important fixes across the tree.
flatpak-runtime-f37-3720230215003302.1 flatpak-sdk-f37-3720230215003302.1
Read Time:17 Second
FEDORA-FLATPAK-2023-7d1076912b
Packages in this update:
flatpak-runtime-f37-3720230215003302.1
flatpak-sdk-f37-3720230215003302.1
Update description:
Updated flatpak runtime and SDK, including latest Fedora 37 security and bug-fix errata.
In addition to regular package updates, this also adds double-conversion package to the runtime as it’s a new dep of qt5-qtbase.
USN-5872-1: NSS vulnerabilities
Read Time:21 Second
Tavis Ormandy discovered that NSS incorrectly handled an empty pkcs7
sequence. A remote attacker could possibly use this issue to cause NSS to
crash, resulting in a denial of service. (CVE-2022-22747)
Ronald Crane discovered that NSS incorrectly handled certain memory
operations. A remote attacker could use this issue to cause NSS to crash,
resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2022-34480)
firefox-110.0-3.fc37
Read Time:6 Second
FEDORA-2023-75b98848b2
Packages in this update:
firefox-110.0-3.fc37
Update description:
New upstream release (110.0)
firefox-110.0-3.fc36
Read Time:6 Second
FEDORA-2023-578506ae4b
Packages in this update:
firefox-110.0-3.fc36
Update description:
New upstream release (110.0)
php-8.1.16-1.fc36
Read Time:23 Second
FEDORA-2023-d12ff09d38
Packages in this update:
php-8.1.16-1.fc36
Update description:
PHP version 8.1.16 (14 Feb 2023)
Core:
Fixed bug php#81744 (Password_verify() always return true with some hash). (CVE-2023-0567). (Tim Düsterhus)
Fixed bug php#81746 (1-byte array overrun in common path resolve code). (CVE-2023-0568). (Niels Dossche)
Fixed bug GHSA-54hq-v5wp-fqgv (DOS vulnerability when parsing multipart request body). (CVE-2023-0662) (Jakub Zelenka)