FEDORA-2023-d044484038
Packages in this update:
mingw-binutils-2.37-7.fc36
Update description:
Backport patch for CVE-2023-25587.
mingw-binutils-2.37-7.fc36
Backport patch for CVE-2023-25587.
It was discovered that systemd did not properly validate the time and
accuracy values provided to the format_timespan() function. An attacker
could possibly use this issue to cause a buffer overrun, leading to a
denial of service attack. This issue only affected Ubuntu 14.04 ESM, Ubuntu
16.04 ESM, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS.
(CVE-2022-3821)
It was discovered that systemd did not properly manage the fs.suid_dumpable
kernel configurations. A local attacker could possibly use this issue to
expose sensitive information. This issue only affected Ubuntu 20.04 LTS,
Ubuntu 22.04 LTS, and Ubuntu 22.10. (CVE-2022-4415)
It was discovered that systemd did not properly manage a crash with long
backtrace data. A local attacker could possibly use this issue to cause a
deadlock, leading to a denial of service attack. This issue only affected
Ubuntu 22.10. (CVE-2022-45873)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Omron CX-One. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Omron CX-One. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Omron CX-One. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability.
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability.
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target host system in order to exploit this vulnerability.
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target host system in order to exploit this vulnerability.
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target host system in order to exploit this vulnerability.