Fedora Security Advisories

util-linux-2.41.4-7.fc44

Fedora Security Advisories
9 hours 3 minutes ago
FEDORA-2026-67cf3d6cca Packages in this update:
  • util-linux-2.41.4-7.fc44
Update description:

upstream update, fixes security-related bugs

CVE-2026-27456 - mount(8) TOCTOU symlink attack via loop device. The SUID mount follows symlinks when resolving loop backing file paths. On systems where non-root users are permitted to mount loop devices (via 'user' option in fstab), this allows access to arbitrary files.

CWE-190 - Integer overflow in libblkid parse_dos_extended(). A crafted MBR disk image can cause uint32_t wraparound in EBR chain processing, causing reported partitions to not match the on-disk layout. Tools like udisks may then register a partition at logical sector 0.

util-linux-2.41.4-7.fc43

Fedora Security Advisories
9 hours 11 minutes ago
FEDORA-2026-840b40ef4c Packages in this update:
  • util-linux-2.41.4-7.fc43
Update description:

upstream update, fixes security-related bugs

CVE-2026-27456 - mount(8) TOCTOU symlink attack via loop device. The SUID mount follows symlinks when resolving loop backing file paths. On systems where non-root users are permitted to mount loop devices (via 'user' option in fstab), this allows access to arbitrary files.

CWE-190 - Integer overflow in libblkid parse_dos_extended(). A crafted MBR disk image can cause uint32_t wraparound in EBR chain processing, causing reported partitions to not match the on-disk layout. Tools like udisks may then register a partition at logical sector 0.

fido-device-onboard-0.5.5-8.fc44

Fedora Security Advisories
11 hours 59 minutes ago
FEDORA-2026-9e223ca14f Packages in this update:
  • fido-device-onboard-0.5.5-8.fc44
Update description:

Automatic update for fido-device-onboard-0.5.5-8.fc44.

Changelog for fido-device-onboard * Wed Apr 01 2026 Peter Robinson <pbrobinson@fedoraproject.org> - 0.5.5-8 - Rebuild for CVE-2026-25727, CVE-2026-33056 * Sun Mar 15 2026 Benjamin A. Beasley <code@musicinmybrain.net> - 0.5.5-7 - In Fedora, update nix dependency from 0.26 to 0.31

fido-device-onboard-0.5.5-8.fc43

Fedora Security Advisories
12 hours 3 minutes ago
FEDORA-2026-e6237c2efe Packages in this update:
  • fido-device-onboard-0.5.5-8.fc43
Update description:

Automatic update for fido-device-onboard-0.5.5-8.fc43.

Changelog for fido-device-onboard * Wed Apr 01 2026 Peter Robinson <pbrobinson@fedoraproject.org> - 0.5.5-8 - Rebuild for CVE-2026-25727, CVE-2026-33056 * Sun Mar 15 2026 Benjamin A. Beasley <code@musicinmybrain.net> - 0.5.5-7 - In Fedora, update nix dependency from 0.26 to 0.31 * Mon Feb 02 2026 Maxwell G <maxwell@gtmx.me> - 0.5.5-6 - Rebuild for https://fedoraproject.org/wiki/Changes/golang1.26 * Fri Jan 16 2026 Fedora Release Engineering <releng@fedoraproject.org> - 0.5.5-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild * Fri Oct 10 2025 Maxwell G <maxwell@gtmx.me> - 0.5.5-4 - Rebuild for golang 1.25.2
Checked
23 minutes 16 seconds ago
URL
https://bodhi.fedoraproject.org/rss/updates/?type=security