Zheng Wang discovered that the Intel i915 graphics driver in the Linux
kernel did not properly handle certain error conditions, leading to a
double-free. A local attacker could possibly use this to cause a denial of
service (system crash). (CVE-2022-3707)

Jordy Zomer and Alexandra Sandulescu discovered that the Linux kernel did
not properly implement speculative execution barriers in usercopy functions
in certain situations. A local attacker could use this to expose sensitive
information (kernel memory). (CVE-2023-0459)

It was discovered that the TLS subsystem in the Linux kernel contained a
type confusion vulnerability in some situations. A local attacker could use
this to cause a denial of service (system crash) or possibly expose
sensitive information. (CVE-2023-1075)

It was discovered that the Reliable Datagram Sockets (RDS) protocol
implementation in the Linux kernel contained a type confusion vulnerability
in some situations. An attacker could use this to cause a denial of service
(system crash). (CVE-2023-1078)

Xingyuan Mo discovered that the x86 KVM implementation in the Linux kernel
did not properly initialize some data structures. A local attacker could
use this to expose sensitive information (kernel memory). (CVE-2023-1513)

It was discovered that a use-after-free vulnerability existed in the iSCSI
TCP implementation in the Linux kernel. A local attacker could possibly use
this to cause a denial of service (system crash). (CVE-2023-2162)

It was discovered that the NET/ROM protocol implementation in the Linux
kernel contained a race condition in some situations, leading to a use-
after-free vulnerability. A local attacker could use this to cause a denial
of service (system crash) or possibly execute arbitrary code.
(CVE-2023-32269)

Duoming Zhou discovered that a race condition existed in the infrared
receiver/transceiver driver in the Linux kernel, leading to a use-after-
free vulnerability. A privileged attacker could use this to cause a denial
of service (system crash) or possibly execute arbitrary code.
(CVE-2023-1118)

Read More

FEDORA-2023-309cadedc6

Packages in this update:

python3.10-3.10.11-2.fc37

Update description:

Fix for CVE-2023-24329

Read More

FEDORA-2023-71dc071847

Packages in this update:

python3.9-3.9.16-4.fc39

Update description:

Automatic update for python3.9-3.9.16-4.fc39.

Changelog

* Mon May 29 2023 Lumír Balhar <lbalhar@redhat.com> – 3.9.16-4
– Security fix for CVE-2023-24329
– Resolves: rhbz#2174016

Read More

FEDORA-2023-d53831b69d

Packages in this update:

ImageMagick-7.1.1.11-1.fc38

Update description:

Update to 7.1.1.11 (#2210875)

Update to 7.1.1.10 (#2207788)
Security fix for CVE-2023-34151
Security fix for CVE-2023-34152
Security fix for CVE-2023-34153

Read More

FEDORA-2023-d8b0003ecd

Packages in this update:

python3.8-3.8.16-4.fc38

Update description:

Fix for CVE-2023-24329

Read More

FEDORA-2023-31888c4781

Packages in this update:

python3.8-3.8.16-2.fc37

Update description:

Fix for CVE-2023-24329

Read More

FEDORA-2023-6382c223a5

Packages in this update:

python3.8-3.8.16-4.fc39

Update description:

Automatic update for python3.8-3.8.16-4.fc39.

Changelog

* Mon May 29 2023 Charalampos Stratakis <cstratak@redhat.com> – 3.8.16-4
– Fix for CVE-2023-24329
Resolves: rhbz#2174015

Read More

Posted by RedTeam Pentesting GmbH on May 30

For longer running processes, Pydio Cells allows for the creation of
jobs, which are run in the background. The job “remote-download” can be
used to cause the backend to send a HTTP GET request to a specified URL
and save the response to a new file. The response file is then available
in a user-specified folder in Pydio Cells.

Details
=======

Product: Pydio Cells
Affected Versions: 4.1.2 and earlier versions
Fixed Versions: 4.2.0,…

Read More

Posted by RedTeam Pentesting GmbH on May 30

Advisory: Pydio Cells: Cross-Site Scripting via File Download

Pydio Cells implements the download of files using presigned URLs which
are generated using the Amazon AWS SDK for JavaScript [1]. The secrets
used to sign these URLs are hardcoded and exposed through the JavaScript
files of the web application. Therefore, it is possible to generate
valid signatures for arbitrary download URLs. By uploading an HTML file
and modifying the download URL…

Read More

Posted by RedTeam Pentesting GmbH on May 30

Advisory: Pydio Cells: Unauthorised Role Assignments

Pydio Cells allows users by default to create so-called external users
in order to share files with them. By modifying the HTTP request sent
when creating such an external user, it is possible to assign the new
user arbitrary roles. By assigning all roles to a newly created user, access to
all cells and non-personal workspaces is granted.

Details
=======

Product: Pydio Cells
Affected…

Read More