It was discovered that the Layer 2 Tunneling Protocol (L2TP) implementation
in the Linux kernel contained a race condition when releasing PPPoL2TP
sockets in certain conditions, leading to a use-after-free vulnerability. A
local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code. (CVE-2022-20567)

It was discovered that the ext4 file system implementation in the Linux
kernel did not properly handle block device modification while it is
mounted. A privileged attacker could use this to cause a denial of service
(system crash) or possibly expose sensitive information. (CVE-2023-34256)

Eric Dumazet discovered that the netfilter subsystem in the Linux kernel
did not properly handle DCCP conntrack buffers in certain situations,
leading to an out-of-bounds read vulnerability. An attacker could possibly
use this to expose sensitive information (kernel memory). (CVE-2023-39197)

It was discovered that a race condition existed in the AppleTalk networking
subsystem of the Linux kernel, leading to a use-after-free vulnerability. A
local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code. (CVE-2023-51781)

It was discovered that the ext4 file system implementation in the Linux
kernel did not properly handle the remount operation in certain cases,
leading to a use-after-free vulnerability. A local attacker could use this
to cause a denial of service (system crash) or possibly expose sensitive
information. (CVE-2024-0775)

Notselwyn discovered that the netfilter subsystem in the Linux kernel did
not properly handle verdict parameters in certain cases, leading to a use-
after-free vulnerability. A local attacker could use this to cause a denial
of service (system crash) or possibly execute arbitrary code.
(CVE-2024-1086)

It was discovered that a race condition existed in the SCSI Emulex
LightPulse Fibre Channel driver in the Linux kernel when unregistering FCF
and re-scanning an HBA FCF table, leading to a null pointer dereference
vulnerability. A local attacker could use this to cause a denial of service
(system crash). (CVE-2024-24855)

Read More

It was discovered that checking excessively long DH keys or parameters
may be very slow. A remote attacker could possibly use this issue to
cause OpenSSL to consume resources, resulting in a denial of service.
(CVE-2023-3446)

After the fix for CVE-2023-3446 Bernd Edlinger discovered that a large
q parameter value can also trigger an overly long computation during
some of these checks. A remote attacker could possibly use this issue
to cause OpenSSL to consume resources, resulting in a denial of
service. (CVE-2023-3817)

David Benjamin discovered that generating excessively long X9.42 DH
keys or checking excessively long X9.42 DH keys or parameters may be
very slow. A remote attacker could possibly use this issue to cause
OpenSSL to consume resources, resulting in a denial of service.
(CVE-2023-5678)

Bahaa Naamneh discovered that processing a maliciously formatted
PKCS12 file may lead OpenSSL to crash leading to a potential Denial of
Service attack. (CVE-2024-0727)

Read More

FEDORA-2024-fa7b758114

Packages in this update:

apache-commons-configuration-2.10.1-1.fc39

Update description:

This update contains security fixes for CVE-2024-29131 and CVE-2024-29133.

See https://github.com/apache/commons-configuration/blob/master/RELEASE-NOTES.txt for changes in versions 2.10.0 and 2.10.1.

Read More

Lonial Con discovered that the netfilter subsystem in the Linux kernel did
not properly handle element deactivation in certain cases, leading to a
use-after-free vulnerability. A local attacker could use this to cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2024-1085)

Notselwyn discovered that the netfilter subsystem in the Linux kernel did
not properly handle verdict parameters in certain cases, leading to a use-
after-free vulnerability. A local attacker could use this to cause a denial
of service (system crash) or possibly execute arbitrary code.
(CVE-2024-1086)

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
– Network drivers;
– PWM drivers;
(CVE-2024-26597, CVE-2024-26599)

Read More

It was discovered that the NVIDIA Tegra XUSB pad controller driver in the
Linux kernel did not properly handle return values in certain error
conditions. A local attacker could use this to cause a denial of service
(system crash). (CVE-2023-23000)

Quentin Minster discovered that the KSMBD implementation in the Linux
kernel did not properly handle session setup requests. A remote attacker
could possibly use this to cause a denial of service (memory exhaustion).
(CVE-2023-32247)

Lonial Con discovered that the netfilter subsystem in the Linux kernel did
not properly handle element deactivation in certain cases, leading to a
use-after-free vulnerability. A local attacker could use this to cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2024-1085)

Notselwyn discovered that the netfilter subsystem in the Linux kernel did
not properly handle verdict parameters in certain cases, leading to a use-
after-free vulnerability. A local attacker could use this to cause a denial
of service (system crash) or possibly execute arbitrary code.
(CVE-2024-1086)

It was discovered that a race condition existed in the SCSI Emulex
LightPulse Fibre Channel driver in the Linux kernel when unregistering FCF
and re-scanning an HBA FCF table, leading to a null pointer dereference
vulnerability. A local attacker could use this to cause a denial of service
(system crash). (CVE-2024-24855)

Read More

It was discovered that Graphviz incorrectly handled certain config6a files.
An attacker could possibly use this issue to cause a denial of service.

Read More

FEDORA-2024-534c900eff

Packages in this update:

python-cryptography-42.0.5-1.fc40

Update description:

Update to upstream version 42.0.5
Fixes CVE-2024-26130

Read More

FEDORA-2024-b458482d48

Packages in this update:

ghc-base64-0.4.2.4-28.fc39
ghc-hakyll-4.16.2.0-4.fc39
ghc-isocline-1.0.9-28.fc39
ghc-toml-parser-1.3.2.0-29.fc39
gitit-0.15.1.1-6.fc39
pandoc-3.1.3-29.fc39
pandoc-cli-3.1.3-29.fc39
patat-0.11.0.0-1.fc39

Update description:

Security fix for CVE-2023-35936 and CVE-2023-38745

pandoc:

backport fixes for CVE-2023-35936 and CVE-2023-38745

pandoc-cli:

new package for pandoc binary

patat:

update to 0.11.0.0 and enable tests

base64, isocline, toml-parser: now packaged in Fedora

Read More

FEDORA-2024-bc7d40eb2e

Packages in this update:

php-tcpdf-6.7.4-1.fc40

Update description:

Version 6.7.4 (2024-03-21)

Upgrade tcpdf tag encryption algorithm.

Version 6.7.3 (2024-03-20)

Fix regression issue #699.

Version 6.7.2 (2024-03-18)

Fix security issue.
[BREAKING CHANGE] The tcpdf HTML tag syntax has changed, see example_049.php.
New K_ALLOWED_TCPDF_TAGS configuration constant to set the allowed methods for the tcdpf HTML tag.
Raised minimum PHP version to PHP 5.5.0.

Read More

FEDORA-2024-22f1e313dd

Packages in this update:

podman-tui-1.0.0-1.fc39

Update description:

podman-tui release v1.0.0

Security fix for [CVE-2024-28180]

Read More