Category Archives: Advisories

Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution

Read Time:27 Second

Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Successful exploitation of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

Read More

glibc-2.38-16.fc39

Read Time:39 Second

FEDORA-2024-aec80d6e8a

Packages in this update:

glibc-2.38-16.fc39

Update description:

Security fix for CVE-2023-6246, CVE-2023-6779, and CVE-2023-6780.

CVE-2023-6246: __vsyslog_internal did not handle a case where printing a SYSLOG_HEADER
containing a long program name failed to update the required buffer
size, leading to the allocation and overflow of a too-small buffer on
the heap.

CVE-2023-6779: __vsyslog_internal used the return value of snprintf/vsnprintf to
calculate buffer sizes for memory allocation. If these functions (for
any reason) failed and returned -1, the resulting buffer would be too
small to hold output.

CVE-2023-6780: __vsyslog_internal calculated a buffer size by adding two integers, but
did not first check if the addition would overflow.

Read More

glibc-2.37-18.fc38

Read Time:39 Second

FEDORA-2024-07597a0fb3

Packages in this update:

glibc-2.37-18.fc38

Update description:

Security fix for CVE-2023-6246, CVE-2023-6779, and CVE-2023-6780.

CVE-2023-6246: __vsyslog_internal did not handle a case where printing a SYSLOG_HEADER
containing a long program name failed to update the required buffer
size, leading to the allocation and overflow of a too-small buffer on
the heap.

CVE-2023-6779: __vsyslog_internal used the return value of snprintf/vsnprintf to
calculate buffer sizes for memory allocation. If these functions (for
any reason) failed and returned -1, the resulting buffer would be too
small to hold output.

CVE-2023-6780: __vsyslog_internal calculated a buffer size by adding two integers, but
did not first check if the addition would overflow.

Read More