USN-5259-3: Cron regression
USN-5259-1 and USN-5259-2 fixed vulnerabilities in Cron. Unfortunately that update was incomplete and could introduce a regression. This update fixes the problem. We apologize for...
python3-lxml-4.2.5-5.el7
FEDORA-EPEL-2022-da4611426e Packages in this update: python3-lxml-4.2.5-5.el7 Update description: Add patch to fix pass through of certain crafted script content and SVG embedded scripts via HTML...
microcode_ctl-2.1-51.fc36
FEDORA-2022-688cbbf106 Packages in this update: microcode_ctl-2.1-51.fc36 Update description: Update to upstream 2.1-36. 20220510 Addition of 06-97-02/0x03 (ADL-HX C0) microcode at revision 0x1f; Addition of 06-97-05/0x03...
microcode_ctl-2.1-47.3.fc35
FEDORA-2022-9fdae2c607 Packages in this update: microcode_ctl-2.1-47.3.fc35 Update description: Update to upstream 2.1-36. 20220510 Addition of 06-97-02/0x03 (ADL-HX C0) microcode at revision 0x1f; Addition of 06-97-05/0x03...
microcode_ctl-2.1-46.3.fc34
FEDORA-2022-e718888c8b Packages in this update: microcode_ctl-2.1-46.3.fc34 Update description: Update to upstream 2.1-36. 20220510 Addition of 06-97-02/0x03 (ADL-HX C0) microcode at revision 0x1f; Addition of 06-97-05/0x03...
CVE-2021-26332
Failure to verify SEV-ES TMR is not in MMIO space, SEV-ES FW could result in a potential loss of integrity or availability. Read More
CVE-2021-26324
A bug with the SEV-ES TMR may lead to a potential loss of memory integrity for SNP-active VMs. Read More
Multiple Vulnerabilities in Google Chrome and Chrome OS Could Allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Google Chrome and Chrome OS, the most severe of which could allow for arbitrary code execution. Google Chrome is...
APT28 FancyBear / Code Execution
Posted by malvuln on May 10 Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022 Original source: https://malvuln.com/advisory/d6751b148461e0f863548be84020b879.txt Contact: malvuln13 () gmail com Media:...
Defense in depth — the Microsoft way (part 80): 25 (in words: TWENTY-FIVE) year old TRIVIAL bug crashes CMD.exe
Posted by Stefan Kanthak on May 10 Hi @ll, the subject says it all: a 25 year old TRIVIAL signed integer arithmetic bug (which may...