Category Archives: Advisories

USN-7173-1: Linux kernel vulnerabilities

Read Time:42 Second

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not
properly handle certain error conditions, leading to a NULL pointer
dereference. A local attacker could possibly trigger this vulnerability to
cause a denial of service. (CVE-2022-38096)

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
– GPU drivers;
– Network drivers;
– SCSI subsystem;
– Ext4 file system;
– Bluetooth subsystem;
– Memory management;
– Amateur Radio drivers;
– Network traffic control;
– Sun RPC protocol;
– VMware vSockets driver;
(CVE-2023-52821, CVE-2024-40910, CVE-2024-43892, CVE-2024-49967,
CVE-2024-50264, CVE-2024-36952, CVE-2024-38553, CVE-2021-47101,
CVE-2021-47001, CVE-2024-35965, CVE-2024-35963, CVE-2024-35966,
CVE-2024-35967, CVE-2024-53057, CVE-2024-38597)

Read More

USN-7170-1: Linux kernel (OEM) vulnerabilities

Read Time:38 Second

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
– GPU drivers;
– Ext4 file system;
– Network traffic control;
– VMware vSockets driver;
(CVE-2024-49914, CVE-2024-49912, CVE-2024-49919, CVE-2024-49905,
CVE-2024-49909, CVE-2024-47704, CVE-2024-49916, CVE-2024-49908,
CVE-2024-49899, CVE-2024-49923, CVE-2024-49921, CVE-2024-50264,
CVE-2024-49911, CVE-2024-49893, CVE-2024-53057, CVE-2024-49904,
CVE-2024-49898, CVE-2024-49907, CVE-2024-49897, CVE-2024-49913,
CVE-2024-49967, CVE-2024-49922, CVE-2024-49920, CVE-2024-49896,
CVE-2024-49906, CVE-2024-49917, CVE-2024-49910, CVE-2024-49915,
CVE-2024-49918)

Read More

USN-7169-1: Linux kernel vulnerabilities

Read Time:14 Second

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
– Ext4 file system;
– Network traffic control;
– VMware vSockets driver;
(CVE-2024-49967, CVE-2024-53057, CVE-2024-50264)

Read More

dr_libs-0-0.27.20241217git660795b.el8

Read Time:20 Second

FEDORA-EPEL-2024-073915237b

Packages in this update:

dr_libs-0-0.27.20241217git660795b.el8

Update description:

Update to 0^20241216git660795b

dr_flac 0.12.43: Fix a possible buffer overflow during decoding. Improve detection of ARM64EC.
dr_mp3 0.6.40: Improve detection of ARM64EC
dr_wav 0.13.17: Fix a possible crash when reading from MS-ADPCM encoded files. Improve detection of ARM64EC.

Read More

dr_libs-0^20241216git660795b-1.el9

Read Time:21 Second

FEDORA-EPEL-2024-55f18fb87f

Packages in this update:

dr_libs-0^20241216git660795b-1.el9

Update description:

Update to 0^20241216git660795b

dr_flac 0.12.43: Fix a possible buffer overflow during decoding. Improve detection of ARM64EC.
dr_mp3 0.6.40: Improve detection of ARM64EC
dr_wav 0.13.17: Fix a possible crash when reading from MS-ADPCM encoded files. Improve detection of ARM64EC.

Add a SourceLicense field

Read More

USN-7167-1: Linux kernel vulnerabilities

Read Time:14 Second

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
– Ext4 file system;
– Network traffic control;
– VMware vSockets driver;
(CVE-2024-50264, CVE-2024-49967, CVE-2024-53057)

Read More

USN-7159-2: Linux kernel (AWS) vulnerabilities

Read Time:44 Second

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
– ARM32 architecture;
– ARM64 architecture;
– S390 architecture;
– x86 architecture;
– Power management core;
– GPU drivers;
– InfiniBand drivers;
– Network drivers;
– S/390 drivers;
– TTY drivers;
– BTRFS file system;
– EROFS file system;
– F2FS file system;
– File systems infrastructure;
– BPF subsystem;
– Socket messages infrastructure;
– Bluetooth subsystem;
– Ethernet bridge;
– Networking core;
– IPv4 networking;
– SELinux security module;
(CVE-2022-48938, CVE-2024-42156, CVE-2024-36953, CVE-2024-38538,
CVE-2021-47501, CVE-2024-42068, CVE-2024-26947, CVE-2024-46724,
CVE-2024-36968, CVE-2023-52497, CVE-2024-35951, CVE-2023-52488,
CVE-2024-44940, CVE-2022-48733, CVE-2023-52498, CVE-2022-48943,
CVE-2024-35904, CVE-2024-42077, CVE-2024-36938, CVE-2023-52639,
CVE-2024-42240, CVE-2024-44942, CVE-2021-47076)

Read More

dr_libs-0^20241216git660795b-1.el10_0

Read Time:21 Second

FEDORA-EPEL-2024-704d471aec

Packages in this update:

dr_libs-0^20241216git660795b-1.el10_0

Update description:

Update to 0^20241216git660795b

dr_flac 0.12.43: Fix a possible buffer overflow during decoding. Improve detection of ARM64EC.
dr_mp3 0.6.40: Improve detection of ARM64EC
dr_wav 0.13.17: Fix a possible crash when reading from MS-ADPCM encoded files. Improve detection of ARM64EC.

Add a SourceLicense field

Read More