Category Archives: Advisories

Advisories

xen-4.16.1-1.fc36

Read Time:25 Second

FEDORA-2022-b50023a180

Packages in this update:

xen-4.16.1-1.fc36

Update description:

update to xen-4.16.1
strip .efi file to help EFI partitions with limited space

Racy interactions between dirty vram tracking and paging log dirty
hypercalls [XSA-397, CVE-2022-26356]
race in VT-d domain ID cleanup [XSA-399, CVE-2022-26357]
IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues [XSA-400,
CVE-2022-26358, CVE-2022-26359, CVE-2022-26360, CVE-2022-26361]

Read More

Advisories

gzip-1.10-6.fc35

Read Time:19 Second

FEDORA-2022-6746dde2a0

Packages in this update:

gzip-1.10-6.fc35

Update description:

zgrep applied to a crafted file name with two or more newlines can no longer overwrite an arbitrary, attacker-selected file.

reproducer:

$ touch foo.gz
$ echo foo | gzip > “$(printf ‘|n;e touch pwnedn#.gz’)”
$ zgrep foo *.gz

(the unfixed version of zgrep creates the file called pwned)

Read More

Advisories

gzip-1.11-3.fc36

Read Time:19 Second

FEDORA-2022-eeb6c686c7

Packages in this update:

gzip-1.11-3.fc36

Update description:

zgrep applied to a crafted file name with two or more newlines can no longer overwrite an arbitrary, attacker-selected file.

reproducer:

$ touch foo.gz
$ echo foo | gzip > “$(printf ‘|n;e touch pwnedn#.gz’)”
$ zgrep foo *.gz

(the unfixed version of zgrep creates the file called pwned)

Read More

Advisories

gzip-1.10-5.fc34

Read Time:19 Second

FEDORA-2022-6b512ae9e5

Packages in this update:

gzip-1.10-5.fc34

Update description:

zgrep applied to a crafted file name with two or more newlines can no longer overwrite an arbitrary, attacker-selected file.

reproducer:

$ touch foo.gz
$ echo foo | gzip > “$(printf ‘|n;e touch pwnedn#.gz’)”
$ zgrep foo *.gz

(the unfixed version of zgrep creates the file called pwned)

Read More