Category: Advisories

Marek Marczykowski-Górecki discovered that the Xen event channel infrastructure implementation in the Linux kernel contained a race condition. An attacker in a guest VM could...

FEDORA-FLATPAK-2024-0572e6f545 Packages in this update: flatpak-kde6-runtime-f39-18 flatpak-kde6-sdk-f39-13 Update description: Refresh including latest Fedora 39 security and bug-fix errata. Read More

FEDORA-FLATPAK-2024-99fadaeb5e Packages in this update: flatpak-kde5-runtime-f39-25 flatpak-kde5-sdk-f39-12 Update description: Refresh including latest Fedora 39 security and bug-fix errata. Read More

It was discovered that LibTIFF incorrectly handled certain files. If a user were tricked into opening a specially crafted file, an attacker could possibly use...

FEDORA-FLATPAK-2024-cd3bcdb139 Packages in this update: flatpak-runtime-f39-22 flatpak-sdk-f39-13 Update description: Updated flatpak runtime and SDK, including latest Fedora 39 security and bug-fix errata. In addition, this...

Emre Durmaz discovered that NPM IP package incorrectly distinguished between private and public IP addresses. A remote attacker could possibly use this issue to perform...

Shoham Danino, Anat Bremler-Barr, Yehuda Afek, and Yuval Shavitt discovered that Bind incorrectly handled parsing large DNS messages. A remote attacker could possibly use this...

FEDORA-2024-28fc0c2ef4 Packages in this update: yarnpkg-1.22.21-2.fc39 Update description: Update to 1.22.21, add fixes for CVE-2022-37599, CVE-2023-26136, CVE-2023-46234. Read More

FEDORA-2024-5ecc250449 Packages in this update: yarnpkg-1.22.21-2.fc38 Update description: Update to 1.22.21, add fixes for CVE-2022-37599, CVE-2023-26136, CVE-2023-46234. Read More

Harry Sintonen discovered that curl incorrectly handled mixed case cookie domains. A remote attacker could possibly use this issue to set cookies that get sent...