Read Time:6 Second
FEDORA-2022-a3edad0ab6
Packages in this update:
pcre2-10.40-1.fc35
Update description:
Rebase to version 10.40
Category Archives: Advisories
pcre2-10.40-1.fc36
Read Time:6 Second
FEDORA-2022-e56085ba31
Packages in this update:
pcre2-10.40-1.fc36
Update description:
Rebase to version 10.40
CVE-2021-26339
Read Time:15 Second
A bug in AMD CPU’s core logic may allow for an attacker, using specific code from an unprivileged VM, to trigger a CPU core hang resulting in a potential denial of service. AMD believes the specific code includes a specific x86 instruction sequence that would not be generated by compilers.
CVE-2021-26342
Read Time:21 Second
In SEV guest VMs, the CPU may fail to flush the Translation Lookaside Buffer (TLB) following a particular sequence of operations that includes creation of a new virtual machine control block (VMCB). The failure to flush the TLB may cause the microcode to use stale TLB translations which may allow for disclosure of SEV guest memory contents. Users of SEV-ES/SEV-SNP guest VMs are not impacted by this vulnerability.
CVE-2021-26347
Read Time:10 Second
TOCTOU (time-of-check to time-of-use) issue in the System Management Unit (SMU) may result in a DMA (Direct Memory Access) to invalid DRAM address that could result in denial of service.
CVE-2021-26348
Read Time:12 Second
Failure to flush the Translation Lookaside Buffer (TLB) of the I/O memory management unit (IOMMU) may lead an IO device to write to memory it should not be able to access, resulting in a potential loss of integrity.
golang-1.17.7-1.el7
Read Time:12 Second
FEDORA-EPEL-2022-f64d777807
Packages in this update:
golang-1.17.7-1.el7
Update description:
Update to 1.17.7, including fixes for CVE-2021-29923, CVE-2021-43565, CVE-2022-23806, CVE-2022-23772, and CVE-2022-23773
USN-5411-1: Firefox vulnerabilities
Read Time:14 Second
Multiple security issues were discovered in Firefox. If a user were
tricked into opening a specially crafted website, an attacker could
potentially exploit these to cause a denial of service, spoof the
browser UI, bypass permission prompts, obtain sensitive information,
bypass security restrictions, or execute arbitrary code.
curl-7.79.1-4.fc35
Read Time:19 Second
FEDORA-2022-3d8f00cde2
Packages in this update:
curl-7.79.1-4.fc35
Update description:
fix too eager reuse of TLS and SSH connections (CVE-2022-27782)
fix credential leak on redirect (CVE-2022-27774)
fix auth/cookie leak on redirect (CVE-2022-27776)
fix bad local IPv6 connection reuse (CVE-2022-27775)
fix OAUTH2 bearer bypass in connection re-use (CVE-2022-22576)
curl-7.76.1-16.fc34
Read Time:19 Second
FEDORA-2022-8277bef335
Packages in this update:
curl-7.76.1-16.fc34
Update description:
fix too eager reuse of TLS and SSH connections (CVE-2022-27782)
fix credential leak on redirect (CVE-2022-27774)
fix auth/cookie leak on redirect (CVE-2022-27776)
fix bad local IPv6 connection reuse (CVE-2022-27775)
fix OAUTH2 bearer bypass in connection re-use (CVE-2022-22576)