It was discovered that klibc did not properly perform
some mathematical operations, leading to an integer overflow.
An attacker could possibly use this issue to cause a crash,
resulting in a denial of service, or possibly execute
arbitrary code. (CVE-2021-31870)
It was discovered that klibc did not properly handled some
memory allocations on 64 bit systems. An attacker could
possibly use this issue to cause a crash, resulting in a
denial of service, or possibly execute arbitrary code.
(CVE-2021-31871)
It was discovered that klibc did not properly handled some file
sizes values on 32 bit systems. An attacker could possibly use
this issue to cause a crash, resulting in a denial of service,
or possibly execute arbitrary code. (CVE-2021-31872)
It was discovered that klibc did not properly handled some
memory allocations. An attacker could possibly use this issue
to cause a crash, resulting in a denial of service, or possibly
execute arbitrary code. (CVE-2021-31873)
* Mon Apr 18 2022 Sandipan Roy <bytehackr@fedoraproject.org> – 1:1.2022.4-1
– Updated version to 1.2022.4
– Added fix for rhbz#2076162
– Added fix for rhbz#2076163
cleemy desu wayo reported that incorrect handling of filenames by xzgrep
in xz-utils, the XZ-format compression utilities, can result in
overwrite of arbitrary files or execution of arbitrary code if a file
with a specially crafted filename is processed.
cleemy desu wayo reported that incorrect handling of filenames by zgrep
in gzip, the GNU compression utilities, can result in overwrite of
arbitrary files or execution of arbitrary code if a file with a
specially crafted filename is processed.
