Category Archives: Advisories

USN-6809-1: BlueZ vulnerabilities

Read Time:24 Second

It was discovered that BlueZ could be made to dereference invalid memory.
An attacker could possibly use this issue to cause a denial of service.
This issue only affected Ubuntu 22.04 LTS. (CVE-2022-3563)

It was discovered that BlueZ could be made to write out of bounds. If a
user were tricked into connecting to a malicious device, an attacker could
possibly use this issue to cause a denial of service or execute arbitrary
code. (CVE-2023-27349)

Read More

USN-6807-1: FRR vulnerabilities

Read Time:31 Second

It was discovered that FRR incorrectly handled certain network traffic.
A remote attacker could possibly use this issue to cause FRR to crash,
resulting in a denial of service. (CVE-2022-26126, CVE-2022-26127,
CVE-2022-26128, CVE-2022-26129, CVE-2022-37032, CVE-2022-37035,
CVE-2023-31490, CVE-2023-38406, CVE-2023-38407, CVE-2023-46752,
CVE-2023-46753, CVE-2023-47234, CVE-2023-47235, CVE-2024-31948)

Ben Cartwright-Cox discovered that FRR incorrectly handled certain
network traffic. A remote attacker could possibly use this issue to cause
FRR to crash, resulting in a denial of service. (CVE-2023-38802)

Read More

libvirt-9.7.0-4.fc39

Read Time:13 Second

FEDORA-2024-c2e7b82022

Packages in this update:

libvirt-9.7.0-4.fc39

Update description:

Fix crash in event loop (CVE-2024-4418)
Fix I/O stall when multiple threads issue RPC calls
Fix leak of GSource object
Fix leak of udev object reference

Read More

cyrus-imapd-3.8.3-1.fc41

Read Time:16 Second

FEDORA-2024-cfbdc342a2

Packages in this update:

cyrus-imapd-3.8.3-1.fc41

Update description:

Automatic update for cyrus-imapd-3.8.3-1.fc41.

Changelog

* Wed Jun 5 2024 Martin Osvald <mosvald@redhat.com> – 3.8.3-1
– Fix CVE-2024-34055 (rhbz#2290512)
– Convert to %autorelease and %autochangelog

Read More

USN-6806-1: GDK-PixBuf vulnerability

Read Time:13 Second

Pedro Ribeiro and Vitor Pedreira discovered that the GDK-PixBuf
library did not properly handle certain ANI files. An attacker
could use this flaw to cause GDK-PixBuf to crash, resulting in
a denial of service, or to possibly execute arbitrary code.

Read More

USN-6715-2: unixODBC vulnerability

Read Time:14 Second

USN-6715-1 fixed a vulnerability in unixODBC. This update provides the
corresponding fix for Ubuntu 24.04 LTS.

Original advisory details:

It was discovered that unixODBC incorrectly handled certain bytes.
An attacker could use this issue to execute arbitrary code or cause
a crash.

Read More

libvirt-10.1.0-2.fc40

Read Time:10 Second

FEDORA-2024-ee96e0c470

Packages in this update:

libvirt-10.1.0-2.fc40

Update description:

Fix crash in event loop (CVE-2024-4418)
Fix leak of GSource object
Fix leak of udev object reference

Read More