Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux
kernel contained an integer overflow vulnerability. A local attacker could
use this to cause a denial of service (system crash). (CVE-2022-36402)

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
– ARM64 architecture;
– PowerPC architecture;
– User-Mode Linux (UML);
– x86 architecture;
– Block layer subsystem;
– Cryptographic API;
– Android drivers;
– Serial ATA and Parallel ATA drivers;
– ATM drivers;
– Drivers core;
– CPU frequency scaling framework;
– Device frequency scaling framework;
– GPU drivers;
– HID subsystem;
– Hardware monitoring drivers;
– InfiniBand drivers;
– Input Device core drivers;
– IOMMU subsystem;
– IRQ chip drivers;
– ISDN/mISDN subsystem;
– LED subsystem;
– Multiple devices driver;
– Media drivers;
– EEPROM drivers;
– VMware VMCI Driver;
– MMC subsystem;
– Network drivers;
– Near Field Communication (NFC) drivers;
– NVME drivers;
– Device tree and open firmware driver;
– Parport drivers;
– PCI subsystem;
– Pin controllers subsystem;
– Remote Processor subsystem;
– S/390 drivers;
– SCSI drivers;
– QCOM SoC drivers;
– Direct Digital Synthesis drivers;
– TTY drivers;
– Userspace I/O drivers;
– DesignWare USB3 driver;
– USB subsystem;
– BTRFS file system;
– File systems infrastructure;
– Ext4 file system;
– F2FS file system;
– JFS file system;
– NILFS2 file system;
– BPF subsystem;
– Core kernel;
– DMA mapping infrastructure;
– Tracing infrastructure;
– Radix Tree data structure library;
– Kernel userspace event delivery library;
– Objagg library;
– Memory management;
– Amateur Radio drivers;
– Bluetooth subsystem;
– CAN network layer;
– Networking core;
– Ethtool driver;
– IPv4 networking;
– IPv6 networking;
– IUCV driver;
– KCM (Kernel Connection Multiplexor) sockets driver;
– MAC80211 subsystem;
– Netfilter;
– Network traffic control;
– SCTP protocol;
– Sun RPC protocol;
– TIPC protocol;
– TLS protocol;
– Wireless networking;
– AppArmor security module;
– Simplified Mandatory Access Control Kernel framework;
– SoC audio core drivers;
– USB sound devices;
(CVE-2024-43894, CVE-2024-46737, CVE-2024-46828, CVE-2024-42244,
CVE-2024-46723, CVE-2024-41073, CVE-2024-46756, CVE-2024-42288,
CVE-2024-46840, CVE-2024-46771, CVE-2024-46757, CVE-2024-43860,
CVE-2024-46747, CVE-2024-41017, CVE-2024-42246, CVE-2024-44988,
CVE-2024-42281, CVE-2024-36484, CVE-2024-43856, CVE-2024-47668,
CVE-2024-46759, CVE-2024-46744, CVE-2024-42289, CVE-2024-42131,
CVE-2024-46679, CVE-2024-42304, CVE-2024-46818, CVE-2024-43858,
CVE-2024-44960, CVE-2024-45028, CVE-2024-26885, CVE-2024-46676,
CVE-2024-46780, CVE-2024-42310, CVE-2024-44987, CVE-2024-41090,
CVE-2024-44954, CVE-2024-45026, CVE-2024-42285, CVE-2023-52614,
CVE-2024-27051, CVE-2024-43880, CVE-2024-43839, CVE-2024-43884,
CVE-2024-42311, CVE-2024-43893, CVE-2024-41072, CVE-2024-41091,
CVE-2024-46758, CVE-2024-41022, CVE-2024-46745, CVE-2024-42305,
CVE-2024-46673, CVE-2024-42284, CVE-2024-46844, CVE-2024-46677,
CVE-2024-45025, CVE-2024-43861, CVE-2024-43914, CVE-2024-46783,
CVE-2024-41012, CVE-2024-44999, CVE-2024-44946, CVE-2024-42276,
CVE-2024-46740, CVE-2024-42295, CVE-2024-44947, CVE-2024-41059,
CVE-2024-26669, CVE-2024-38602, CVE-2024-42306, CVE-2023-52918,
CVE-2024-42297, CVE-2024-42229, CVE-2024-43853, CVE-2024-45006,
CVE-2024-44998, CVE-2024-42283, CVE-2024-44952, CVE-2024-46761,
CVE-2024-43841, CVE-2024-44944, CVE-2024-42313, CVE-2024-45008,
CVE-2024-46714, CVE-2024-41065, CVE-2024-43883, CVE-2024-43867,
CVE-2024-42286, CVE-2024-43879, CVE-2024-43846, CVE-2024-42280,
CVE-2024-43854, CVE-2021-47212, CVE-2024-35848, CVE-2024-41020,
CVE-2024-41068, CVE-2024-45021, CVE-2024-41098, CVE-2024-44965,
CVE-2024-43890, CVE-2024-45003, CVE-2024-44969, CVE-2024-41011,
CVE-2024-46738, CVE-2024-41071, CVE-2024-26800, CVE-2024-46721,
CVE-2024-42292, CVE-2024-41081, CVE-2024-44948, CVE-2023-52531,
CVE-2024-26891, CVE-2024-26641, CVE-2024-42287, CVE-2024-46722,
CVE-2024-41042, CVE-2024-46675, CVE-2024-46743, CVE-2024-42259,
CVE-2024-41015, CVE-2024-43908, CVE-2024-46719, CVE-2024-43871,
CVE-2024-46739, CVE-2024-42301, CVE-2024-47659, CVE-2024-42271,
CVE-2024-26668, CVE-2024-43835, CVE-2024-46829, CVE-2024-47667,
CVE-2024-44995, CVE-2024-47669, CVE-2024-38611, CVE-2024-40929,
CVE-2024-46815, CVE-2024-43830, CVE-2024-42309, CVE-2024-41063,
CVE-2024-46782, CVE-2024-46777, CVE-2024-42265, CVE-2024-46781,
CVE-2024-26607, CVE-2024-41064, CVE-2024-46685, CVE-2024-43882,
CVE-2024-44935, CVE-2024-46800, CVE-2024-46822, CVE-2024-46755,
CVE-2024-46817, CVE-2024-43829, CVE-2024-46798, CVE-2024-46689,
CVE-2024-42290, CVE-2024-46750, CVE-2024-26640, CVE-2024-47663,
CVE-2024-41070)

Read More

FEDORA-2024-d2e583eab4

Packages in this update:

polkit-125-1.fc41.1

Update description:

Setting loglevels and target via LogControl now allowed to root only
https://github.com/polkit-org/polkit/issues/506
https://github.com/polkit-org/polkit/issues/507

Read More

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
– Microsoft Azure Network Adapter (MANA) driver;
– Watchdog drivers;
– Netfilter;
– Network traffic control;
(CVE-2024-45016, CVE-2024-38630, CVE-2024-45001, CVE-2024-27397)

Read More

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
– GPU drivers;
– BTRFS file system;
– F2FS file system;
– GFS2 file system;
– BPF subsystem;
– Netfilter;
– RxRPC session sockets;
– Integrity Measurement Architecture(IMA) framework;
(CVE-2024-27012, CVE-2024-38570, CVE-2024-42228, CVE-2024-41009,
CVE-2024-39494, CVE-2024-42160, CVE-2024-39496, CVE-2024-26677)

Read More

FEDORA-2024-4d940908db

Packages in this update:

webkitgtk-2.46.3-1.fc40

Update description:

Update to WebKitGTK 2.46.3:

Flatten layers to a plane when preseve-3d style is set.
Fix DuckDuckGo links by adding a user agent quirk.
Fix several crashes and rendering issues.
Fixes: CVE-2024-44244, CVE-2024-44296

Changes from WebKitGTK 2.46.2:

Own well-known bus name on a11y bus.
Improve memory consumption when putImageData is used repeatedly on accelerated canvas.
Disable cached web process suspension for now to prevent leaks.
Improve text kerning with different combinations of antialias and hinting settings.
Destroy all network sessions on process exit.
Fix visible rectangle calculation when there are animations.
Fix the build with ENABLE_NOTIFICATIONS=OFF.
Fix several crashes and rendering issues.

Read More

FEDORA-2024-4e0b4ce6ad

Packages in this update:

webkitgtk-2.46.3-1.fc41

Update description:

Update to WebKitGTK 2.46.3:

Flatten layers to a plane when preseve-3d style is set.
Fix DuckDuckGo links by adding a user agent quirk.
Fix several crashes and rendering issues.
Fixes: CVE-2024-44244, CVE-2024-44296

Changes from WebKitGTK 2.46.2:

Own well-known bus name on a11y bus.
Improve memory consumption when putImageData is used repeatedly on accelerated canvas.
Disable cached web process suspension for now to prevent leaks.
Improve text kerning with different combinations of antialias and hinting settings.
Destroy all network sessions on process exit.
Fix visible rectangle calculation when there are animations.
Fix the build with ENABLE_NOTIFICATIONS=OFF.
Fix several crashes and rendering issues.

Read More

FEDORA-2024-0f8a88da75

Packages in this update:

webkitgtk-2.46.3-1.fc39

Update description:

Update to WebKitGTK 2.46.3:

Flatten layers to a plane when preseve-3d style is set.
Fix DuckDuckGo links by adding a user agent quirk.
Fix several crashes and rendering issues.
Fixes: CVE-2024-44244, CVE-2024-44296

Changes from WebKitGTK 2.46.2:

Own well-known bus name on a11y bus.
Improve memory consumption when putImageData is used repeatedly on accelerated canvas.
Disable cached web process suspension for now to prevent leaks.
Improve text kerning with different combinations of antialias and hinting settings.
Destroy all network sessions on process exit.
Fix visible rectangle calculation when there are animations.
Fix the build with ENABLE_NOTIFICATIONS=OFF.
Fix several crashes and rendering issues.

Read More

Multiple security issues were discovered in Firefox. If a user were
tricked into opening a specially crafted website, an attacker could
potentially exploit these to cause a denial of service, obtain sensitive
information across domains, or execute arbitrary code. (CVE-2024-10458
CVE-2024-10459, CVE-2024-10460, CVE-2024-10461, CVE-2024-10462,
CVE-2024-10463, CVE-2024-10464, CVE-2024-10465, CVE-2024-10466,
CVE-2024-10467, CVE-2024-10468)

Read More

It was discovered that libarchive incorrectly handled certain RAR archive
files. If a user or automated system were tricked into processing a
specially crafted RAR archive, an attacker could use this issue to cause
libarchive to crash, resulting in a denial of service, or possibly execute
arbitrary code.

Read More

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-44284.

Read More