Read Time:6 Second
FEDORA-2023-d044484038
Packages in this update:
mingw-binutils-2.37-7.fc36
Update description:
Backport patch for CVE-2023-25587.
Category Archives: Advisories
USN-5928-1: systemd vulnerabilities
Read Time:47 Second
It was discovered that systemd did not properly validate the time and
accuracy values provided to the format_timespan() function. An attacker
could possibly use this issue to cause a buffer overrun, leading to a
denial of service attack. This issue only affected Ubuntu 14.04 ESM, Ubuntu
16.04 ESM, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS.
(CVE-2022-3821)
It was discovered that systemd did not properly manage the fs.suid_dumpable
kernel configurations. A local attacker could possibly use this issue to
expose sensitive information. This issue only affected Ubuntu 20.04 LTS,
Ubuntu 22.04 LTS, and Ubuntu 22.10. (CVE-2022-4415)
It was discovered that systemd did not properly manage a crash with long
backtrace data. A local attacker could possibly use this issue to cause a
deadlock, leading to a denial of service attack. This issue only affected
Ubuntu 22.10. (CVE-2022-45873)
ZDI-23-224: Omron CX-One CXP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
Read Time:12 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Omron CX-One. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
ZDI-23-223: Omron CX-One CXP File Parsing Memory Corruption Remote Code Execution Vulnerability
Read Time:12 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Omron CX-One. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
ZDI-23-222: Omron CX-One CXP File Parsing Memory Corruption Remote Code Execution Vulnerability
Read Time:12 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Omron CX-One. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
ZDI-23-221: Parallels Desktop Toolgate Directory Traversal Local Privilege Escalation Vulnerability
Read Time:11 Second
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability.
ZDI-23-220: Parallels Desktop Toolgate XML Injection Local Privilege Escalation Vulnerability
Read Time:11 Second
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability.
ZDI-23-219: Parallels Desktop Updater Improper Initialization Local Privilege Escalation Vulnerability
Read Time:11 Second
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target host system in order to exploit this vulnerability.
ZDI-23-218: Parallels Desktop Updater Improper Initialization Local Privilege Escalation Vulnerability
Read Time:11 Second
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target host system in order to exploit this vulnerability.
ZDI-23-217: Parallels Desktop Updater Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability
Read Time:11 Second
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target host system in order to exploit this vulnerability.