Read Time:9 Second
Several vulnerabilities have been discovered in the Linux kernel that
may lead to a privilege escalation, denial of service or information
leaks.
Category Archives: Advisories
chromium-125.0.6422.141-1.el8
Read Time:28 Second
FEDORA-EPEL-2024-d00a65eda0
Packages in this update:
chromium-125.0.6422.141-1.el8
Update description:
update to 125.0.6422.141
High CVE-2024-5493: Heap buffer overflow in WebRTC
High CVE-2024-5494: Use after free in Dawn
High CVE-2024-5495: Use after free in Dawn
High CVE-2024-5496: Use after free in Media Session
High CVE-2024-5497: Out of bounds memory access in Keyboard Inputs
High CVE-2024-5498: Use after free in Presentation API
High CVE-2024-5499: Out of bounds write in Streams API
chromium-125.0.6422.141-1.el9
Read Time:28 Second
FEDORA-EPEL-2024-35fab49640
Packages in this update:
chromium-125.0.6422.141-1.el9
Update description:
update to 125.0.6422.141
High CVE-2024-5493: Heap buffer overflow in WebRTC
High CVE-2024-5494: Use after free in Dawn
High CVE-2024-5495: Use after free in Dawn
High CVE-2024-5496: Use after free in Media Session
High CVE-2024-5497: Out of bounds memory access in Keyboard Inputs
High CVE-2024-5498: Use after free in Presentation API
High CVE-2024-5499: Out of bounds write in Streams API
chromium-125.0.6422.141-1.el7
Read Time:28 Second
FEDORA-EPEL-2024-f1162cb3bf
Packages in this update:
chromium-125.0.6422.141-1.el7
Update description:
update to 125.0.6422.141
High CVE-2024-5493: Heap buffer overflow in WebRTC
High CVE-2024-5494: Use after free in Dawn
High CVE-2024-5495: Use after free in Dawn
High CVE-2024-5496: Use after free in Media Session
High CVE-2024-5497: Out of bounds memory access in Keyboard Inputs
High CVE-2024-5498: Use after free in Presentation API
High CVE-2024-5499: Out of bounds write in Streams API
strongswan-5.9.14-1.fc41
Read Time:28 Second
FEDORA-2024-dc9e695c3a
Packages in this update:
strongswan-5.9.14-1.fc41
Update description:
Automatic update for strongswan-5.9.14-1.fc41.
Changelog
* Fri May 31 2024 Paul Wouters <paul.wouters@aiven.io> – 5.9.14-1
– Resolves: rhbz#2254560 CVE-2023-41913 buffer overflow and possible RCE
– Resolved: rhbz#2250666 Update to 5.9.14 (IKEv2 OCSP extensions, seqno/regno overflow handling
– Update to 5.9.13 (OCSP nonce set regression configuration option charon.ocsp_nonce_len)
– Update to 5.9.12 (CVE-2023-41913 fix, various IKEv2 fixes)
DSA-5702-1 gst-plugins-base1.0 – security update
Read Time:13 Second
An integer overflow in the EXIF metadata parsing was discovered in the
GStreamer media framework, which may result in denial of service or
potentially the execution of arbitrary code if a malformed file is
processed.
chromium-125.0.6422.141-1.fc40
Read Time:28 Second
FEDORA-2024-bb52629e6c
Packages in this update:
chromium-125.0.6422.141-1.fc40
Update description:
update to 125.0.6422.141
High CVE-2024-5493: Heap buffer overflow in WebRTC
High CVE-2024-5494: Use after free in Dawn
High CVE-2024-5495: Use after free in Dawn
High CVE-2024-5496: Use after free in Media Session
High CVE-2024-5497: Out of bounds memory access in Keyboard Inputs
High CVE-2024-5498: Use after free in Presentation API
High CVE-2024-5499: Out of bounds write in Streams API
chromium-125.0.6422.141-1.fc39
Read Time:28 Second
FEDORA-2024-4e0ea1c22e
Packages in this update:
chromium-125.0.6422.141-1.fc39
Update description:
update to 125.0.6422.141
High CVE-2024-5493: Heap buffer overflow in WebRTC
High CVE-2024-5494: Use after free in Dawn
High CVE-2024-5495: Use after free in Dawn
High CVE-2024-5496: Use after free in Media Session
High CVE-2024-5497: Out of bounds memory access in Keyboard Inputs
High CVE-2024-5498: Use after free in Presentation API
High CVE-2024-5499: Out of bounds write in Streams API
syncthing-1.27.7-1.el8
Read Time:7 Second
FEDORA-EPEL-2024-9ef042c689
Packages in this update:
syncthing-1.27.7-1.el8
Update description:
Update to version 1.27.7.
A Vulnerability in Check Point Security Gateways Could Allow for Credential Access
Read Time:37 Second
A vulnerability has been discovered in Check Point Security Gateway Products that could allow for credential access. A Check Point Security Gateway sits between an organization’s environment and the Internet to enforce policy and block threats and malware. Successful exploitation of this vulnerability could allow for credential access to local accounts due to an arbitrary file read vulnerability. Other sensitive files such as SSH keys and certificates may also be read. Depending on the privileges associated with the accounts, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Local accounts that are configured to have fewer rights on the system could be less impacted than those that operate with administrative rights.