FEDORA-2023-41bdb7dba8
Packages in this update:
polkit-122-3.fc38.1
Update description:
config file permission change to increase security of polkitd
polkit-122-3.fc38.1
config file permission change to increase security of polkitd
This vulnerability allows network-adjacent attackers to disclose sensitive information on Microsoft Azure. Authentication is not required to exploit this vulnerability.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Office Word. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Office Word. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must connect a malicious Bluetooth device.
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft SharePoint. Authentication is required to exploit this vulnerability.
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must open a remote desktop session to a host that has been compromised or otherwise under control of an attacker.
Posted by Apple Product Security via Fulldisclosure on Apr 10
APPLE-SA-2023-04-10-3 macOS Big Sur 11.7.6
macOS Big Sur 11.7.6 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213725.
IOSurfaceAccelerator
Available for: macOS Big Sur
Impact: An app may be able to execute arbitrary code with kernel
privileges. Apple is aware of a report that this issue may have been
actively exploited.
Description: An out-of-bounds write issue was…
Posted by Apple Product Security via Fulldisclosure on Apr 10
APPLE-SA-2023-04-10-1 iOS 15.7.5 and iPadOS 15.7.5
iOS 15.7.5 and iPadOS 15.7.5 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213723.
IOSurfaceAccelerator
Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone
SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod
touch (7th generation)
Impact: An app may be able to execute arbitrary code with…
Posted by Apple Product Security via Fulldisclosure on Apr 10
APPLE-SA-2023-04-10-2 macOS Monterey 12.6.5
macOS Monterey 12.6.5 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213724.
IOSurfaceAccelerator
Available for: macOS Monterey
Impact: An app may be able to execute arbitrary code with kernel
privileges. Apple is aware of a report that this issue may have been
actively exploited.
Description: An out-of-bounds write issue was…