Category Archives: Advisories

USN-7159-4: Linux kernel (IoT) vulnerabilities

Read Time:44 Second

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
– ARM32 architecture;
– ARM64 architecture;
– S390 architecture;
– x86 architecture;
– Power management core;
– GPU drivers;
– InfiniBand drivers;
– Network drivers;
– S/390 drivers;
– TTY drivers;
– BTRFS file system;
– EROFS file system;
– F2FS file system;
– File systems infrastructure;
– BPF subsystem;
– Socket messages infrastructure;
– Bluetooth subsystem;
– Ethernet bridge;
– Networking core;
– IPv4 networking;
– SELinux security module;
(CVE-2022-48938, CVE-2024-42156, CVE-2024-36953, CVE-2024-38538,
CVE-2021-47501, CVE-2024-42068, CVE-2024-26947, CVE-2024-46724,
CVE-2024-36968, CVE-2023-52497, CVE-2024-35951, CVE-2023-52488,
CVE-2024-44940, CVE-2022-48733, CVE-2023-52498, CVE-2022-48943,
CVE-2024-35904, CVE-2024-42077, CVE-2024-36938, CVE-2023-52639,
CVE-2024-42240, CVE-2024-44942, CVE-2021-47076)

Read More

chromium-131.0.6778.204-1.el10_0

Read Time:19 Second

FEDORA-EPEL-2024-b98ed0b39c

Packages in this update:

chromium-131.0.6778.204-1.el10_0

Update description:

Update to 131.0.6778.204

High CVE-2024-12692: Type Confusion in V8
High CVE-2024-12693: Out of bounds memory access in V8
High CVE-2024-12694: Use after free in Compositing
High CVE-2024-12695: Out of bounds write in V8

Read More

chromium-131.0.6778.204-1.el8

Read Time:18 Second

FEDORA-EPEL-2024-c27d1a40bc

Packages in this update:

chromium-131.0.6778.204-1.el8

Update description:

Update to 131.0.6778.204

High CVE-2024-12692: Type Confusion in V8
High CVE-2024-12693: Out of bounds memory access in V8
High CVE-2024-12694: Use after free in Compositing
High CVE-2024-12695: Out of bounds write in V8

Read More

chromium-131.0.6778.204-1.fc41

Read Time:18 Second

FEDORA-2024-21c7531146

Packages in this update:

chromium-131.0.6778.204-1.fc41

Update description:

Update to 131.0.6778.204

High CVE-2024-12692: Type Confusion in V8
High CVE-2024-12693: Out of bounds memory access in V8
High CVE-2024-12694: Use after free in Compositing
High CVE-2024-12695: Out of bounds write in V8

Read More

chromium-131.0.6778.204-1.fc40

Read Time:18 Second

FEDORA-2024-4808dce926

Packages in this update:

chromium-131.0.6778.204-1.fc40

Update description:

Update to 131.0.6778.204

High CVE-2024-12692: Type Confusion in V8
High CVE-2024-12693: Out of bounds memory access in V8
High CVE-2024-12694: Use after free in Compositing
High CVE-2024-12695: Out of bounds write in V8

Read More

chromium-131.0.6778.204-1.el9

Read Time:18 Second

FEDORA-EPEL-2024-74ea1d7890

Packages in this update:

chromium-131.0.6778.204-1.el9

Update description:

Update to 131.0.6778.204

High CVE-2024-12692: Type Confusion in V8
High CVE-2024-12693: Out of bounds memory access in V8
High CVE-2024-12694: Use after free in Compositing
High CVE-2024-12695: Out of bounds write in V8

Read More

ZDI-24-1724: (0Day) Delta Electronics DRASimuCAD STP File Parsing Type Confusion Remote Code Execution Vulnerability

Read Time:17 Second

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics DRASimuCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-12836.

Read More

ZDI-24-1723: (0Day) Delta Electronics DRASimuCAD ICS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

Read Time:17 Second

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics DRASimuCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-12835.

Read More

ZDI-24-1722: (0Day) Delta Electronics DRASimuCAD STP File Parsing Type Confusion Remote Code Execution Vulnerability

Read Time:17 Second

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics DRASimuCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-12834.

Read More

ZDI-24-1721: Delta Electronics DTM Soft BIN File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability

Read Time:17 Second

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics DTM Soft. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-12677.

Read More