Read Time:8 Second
FEDORA-2024-a84c59eedc
Packages in this update:
lua-mpack-1.0.12-1.fc39
Update description:
Fix buffer overrun when giving an offset to Session:receive
Category Archives: Advisories
flatpak-1.15.10-1.fc40
Read Time:7 Second
FEDORA-2024-7b8a05a5d1
Packages in this update:
flatpak-1.15.10-1.fc40
Update description:
Update to 1.15.10 (CVE-2024-42472)
flatpak-1.15.10-1.fc41
Read Time:7 Second
FEDORA-2024-0c6db96fc3
Packages in this update:
flatpak-1.15.10-1.fc41
Update description:
Update to 1.15.10 (CVE-2024-42472)
vim-9.1.703-1.fc39
Read Time:8 Second
FEDORA-2024-e4b68c962c
Packages in this update:
vim-9.1.703-1.fc39
Update description:
patchlevel 703
Security fixes for CVE-2024-43374, CVE-2024-43802
vim-9.1.703-1.fc40
Read Time:8 Second
FEDORA-2024-bb4b6da0b6
Packages in this update:
vim-9.1.703-1.fc40
Update description:
patchlevel 703
Security fixes for CVE-2024-43374, CVE-2024-43802
vim-9.1.703-1.fc41
Read Time:8 Second
FEDORA-2024-2960d36420
Packages in this update:
vim-9.1.703-1.fc41
Update description:
patchlevel 703
Security fixes for CVE-2024-43374, CVE-2024-43802
ZDI-24-1192: (0Day) Visteon Infotainment REFLASH_DDU_ExtractFile Command Injection Remote Code Execution Vulnerability
Read Time:13 Second
This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Visteon Infotainment systems. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 6.8. The following CVEs are assigned: CVE-2024-8360.
ZDI-24-1191: (0Day) Visteon Infotainment REFLASH_DDU_FindFile Command Injection Remote Code Execution Vulnerability
Read Time:13 Second
This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Visteon Infotainment systems. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 6.8. The following CVEs are assigned: CVE-2024-8359.
ZDI-24-1190: (0Day) Visteon Infotainment UPDATES_ExtractFile Command Injection Remote Code Execution Vulnerability
Read Time:13 Second
This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Visteon Infotainment systems. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 6.8. The following CVEs are assigned: CVE-2024-8358.
ZDI-24-1189: (0Day) Visteon Infotainment App SoC Missing Immutable Root of Trust in Hardware Local Privilege Escalation Vulnerability
Read Time:15 Second
This vulnerability allows local attackers to escalate privileges on affected installations of Visteon Infotainment systems. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-8357.