Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
– ARM32 architecture;
– ARM64 architecture;
– S390 architecture;
– x86 architecture;
– Power management core;
– GPU drivers;
– InfiniBand drivers;
– Network drivers;
– S/390 drivers;
– TTY drivers;
– BTRFS file system;
– EROFS file system;
– F2FS file system;
– File systems infrastructure;
– BPF subsystem;
– Socket messages infrastructure;
– Bluetooth subsystem;
– Ethernet bridge;
– Networking core;
– IPv4 networking;
– SELinux security module;
(CVE-2022-48938, CVE-2024-42156, CVE-2024-36953, CVE-2024-38538,
CVE-2021-47501, CVE-2024-42068, CVE-2024-26947, CVE-2024-46724,
CVE-2024-36968, CVE-2023-52497, CVE-2024-35951, CVE-2023-52488,
CVE-2024-44940, CVE-2022-48733, CVE-2023-52498, CVE-2022-48943,
CVE-2024-35904, CVE-2024-42077, CVE-2024-36938, CVE-2023-52639,
CVE-2024-42240, CVE-2024-44942, CVE-2021-47076)
Category Archives: Advisories
chromium-131.0.6778.204-1.el10_0
FEDORA-EPEL-2024-b98ed0b39c
Packages in this update:
chromium-131.0.6778.204-1.el10_0
Update description:
Update to 131.0.6778.204
High CVE-2024-12692: Type Confusion in V8
High CVE-2024-12693: Out of bounds memory access in V8
High CVE-2024-12694: Use after free in Compositing
High CVE-2024-12695: Out of bounds write in V8
chromium-131.0.6778.204-1.el8
FEDORA-EPEL-2024-c27d1a40bc
Packages in this update:
chromium-131.0.6778.204-1.el8
Update description:
Update to 131.0.6778.204
High CVE-2024-12692: Type Confusion in V8
High CVE-2024-12693: Out of bounds memory access in V8
High CVE-2024-12694: Use after free in Compositing
High CVE-2024-12695: Out of bounds write in V8
chromium-131.0.6778.204-1.fc41
FEDORA-2024-21c7531146
Packages in this update:
chromium-131.0.6778.204-1.fc41
Update description:
Update to 131.0.6778.204
High CVE-2024-12692: Type Confusion in V8
High CVE-2024-12693: Out of bounds memory access in V8
High CVE-2024-12694: Use after free in Compositing
High CVE-2024-12695: Out of bounds write in V8
chromium-131.0.6778.204-1.fc40
FEDORA-2024-4808dce926
Packages in this update:
chromium-131.0.6778.204-1.fc40
Update description:
Update to 131.0.6778.204
High CVE-2024-12692: Type Confusion in V8
High CVE-2024-12693: Out of bounds memory access in V8
High CVE-2024-12694: Use after free in Compositing
High CVE-2024-12695: Out of bounds write in V8
chromium-131.0.6778.204-1.el9
FEDORA-EPEL-2024-74ea1d7890
Packages in this update:
chromium-131.0.6778.204-1.el9
Update description:
Update to 131.0.6778.204
High CVE-2024-12692: Type Confusion in V8
High CVE-2024-12693: Out of bounds memory access in V8
High CVE-2024-12694: Use after free in Compositing
High CVE-2024-12695: Out of bounds write in V8
ZDI-24-1724: (0Day) Delta Electronics DRASimuCAD STP File Parsing Type Confusion Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics DRASimuCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-12836.
ZDI-24-1723: (0Day) Delta Electronics DRASimuCAD ICS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics DRASimuCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-12835.
ZDI-24-1722: (0Day) Delta Electronics DRASimuCAD STP File Parsing Type Confusion Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics DRASimuCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-12834.
ZDI-24-1721: Delta Electronics DTM Soft BIN File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics DTM Soft. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-12677.