FEDORA-2024-d120dc28b8
Packages in this update:
plasma-workspace-5.27.11.1-1.fc39
Update description:
CVE-2024-36041
plasma-workspace-5.27.11.1-1.fc39
CVE-2024-36041
plasma-workspace-6.0.5.1-1.fc40
CVE-2024-36041
It was discovered that GNU C Library nscd daemon contained a stack-based buffer
overflow. A local attacker could use this to cause a denial of service
(system crash). (CVE-2024-33599)
It was discovered that GNU C Library nscd daemon did not properly check the
cache content, leading to a null pointer dereference vulnerability. A local
attacker could use this to cause a denial of service (system crash).
(CVE-2024-33600)
It was discovered that GNU C Library nscd daemon did not properly validate
memory allocation in certain situations, leading to a null pointer dereference
vulnerability. A local attacker could use this to cause a denial of service
(system crash). (CVE-2024-33601)
It was discovered that GNU C Library nscd daemon did not properly handle memory
allocation, which could lead to memory corruption. A local attacker could use
this to cause a denial of service (system crash). (CVE-2024-33602)
This vulnerability allows local attackers to disclose sensitive information on affected installations of VMware Workstation. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 6.0. The following CVEs are assigned: CVE-2024-22269.
This vulnerability allows local attackers to disclose sensitive information on affected installations of VMware Workstation. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 6.0. The following CVEs are assigned: CVE-2024-22270.
This vulnerability allows local attackers to escalate privileges on affected installations of VMWare Workstation. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.2. The following CVEs are assigned: CVE-2024-22267.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Alpha5 Smart. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-34579.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Alpha5 Smart. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-34579.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Monitouch V-SFT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-34171.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Monitouch V-SFT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-34171.