Aggregator

USN-6701-2: Linux kernel (GCP) vulnerabilities

1 week 1 day ago
Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service (bluetooth communication). (CVE-2023-2002) It was discovered that the NVIDIA Tegra XUSB pad controller driver in the Linux kernel did not properly handle return values in certain error conditions. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-23000) It was discovered that Spectre-BHB mitigations were missing for Ampere processors. A local attacker could potentially use this to expose sensitive information. (CVE-2023-3006) It was discovered that the ext4 file system implementation in the Linux kernel did not properly handle block device modification while it is mounted. A privileged attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-34256) Eric Dumazet discovered that the netfilter subsystem in the Linux kernel did not properly handle DCCP conntrack buffers in certain situations, leading to an out-of-bounds read vulnerability. An attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2023-39197) It was discovered that the Siano USB MDTV receiver device driver in the Linux kernel did not properly handle device initialization failures in certain situations, leading to a use-after-free vulnerability. A physically proximate attacker could use this cause a denial of service (system crash). (CVE-2023-4132) Pratyush Yadav discovered that the Xen network backend implementation in the Linux kernel did not properly handle zero length data request, leading to a null pointer dereference vulnerability. An attacker in a guest VM could possibly use this to cause a denial of service (host domain crash). (CVE-2023-46838) It was discovered that a race condition existed in the AppleTalk networking subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51781) Alon Zahavi discovered that the NVMe-oF/TCP subsystem of the Linux kernel did not properly handle connect command payloads in certain situations, leading to an out-of-bounds read vulnerability. A remote attacker could use this to expose sensitive information (kernel memory). (CVE-2023-6121) It was discovered that the ext4 file system implementation in the Linux kernel did not properly handle the remount operation in certain cases, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2024-0775) Notselwyn discovered that the netfilter subsystem in the Linux kernel did not properly handle verdict parameters in certain cases, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-1086) It was discovered that a race condition existed in the SCSI Emulex LightPulse Fibre Channel driver in the Linux kernel when unregistering FCF and re-scanning an HBA FCF table, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2024-24855)

xen-4.18.1-1.fc40

1 week 1 day ago
FEDORA-2024-3a36322c4b Packages in this update:
  • xen-4.18.1-1.fc40
Update description:

update to xen-4.18.1 rebase xen.gcc12.fixes.patch remove patches now included or superceded upstream

x86: Register File Data Sampling [XSA-452, CVE-2023-28746] GhostRace: Speculative Race Conditions [XSA-453, CVE-2024-2193]

x86: shadow stack vs exceptions from emulation stubs - [XSA-451, CVE-2023-46841] (#2266326)

USN-6707-1: Linux kernel vulnerabilities

1 week 1 day ago
Lonial Con discovered that the netfilter subsystem in the Linux kernel did not properly handle element deactivation in certain cases, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-1085) Notselwyn discovered that the netfilter subsystem in the Linux kernel did not properly handle verdict parameters in certain cases, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-1086) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network drivers; - PWM drivers; (CVE-2024-26597, CVE-2024-26599)

USN-6706-1: Linux kernel (OEM) vulnerability

1 week 1 day ago
It was discovered that the Microchip USB Ethernet driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash).

ghc-base64-0.4.2.4-28.fc40 ghc-hakyll-4.16.2.0-4.fc40 ghc-isocline-1.0.9-28.fc40 ghc-toml-parser-1.3.2.0-29.fc40 gitit-0.15.1.1-6.fc40 pandoc-3.1.3-29.fc40 pandoc-cli-3.1.3-29.fc40 patat-0.11.0.0-1.fc40

1 week 1 day ago
FEDORA-2024-7d83cbccb6 Packages in this update:
  • ghc-base64-0.4.2.4-28.fc40
  • ghc-hakyll-4.16.2.0-4.fc40
  • ghc-isocline-1.0.9-28.fc40
  • ghc-toml-parser-1.3.2.0-29.fc40
  • gitit-0.15.1.1-6.fc40
  • pandoc-3.1.3-29.fc40
  • pandoc-cli-3.1.3-29.fc40
  • patat-0.11.0.0-1.fc40
Update description:

Security fix for CVE-2023-35936 and CVE-2023-38745

pandoc:

  • backport fixes for CVE-2023-35936 and CVE-2023-38745

pandoc-cli:

  • new package for pandoc binary

patat:

  • update to 0.11.0.0 and enable tests

base64, isocline, toml-parser: now packaged in Fedora

USN-6705-1: Linux kernel (AWS) vulnerabilities

1 week 1 day ago
It was discovered that the DesignWare USB3 for Qualcomm SoCs driver in the Linux kernel did not properly handle certain error conditions during device registration. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-22995) It was discovered that the NVIDIA Tegra XUSB pad controller driver in the Linux kernel did not properly handle return values in certain error conditions. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-23000) Quentin Minster discovered that the KSMBD implementation in the Linux kernel did not properly handle session setup requests. A remote attacker could possibly use this to cause a denial of service (memory exhaustion). (CVE-2023-32247) It was discovered that a race condition existed in the Cypress touchscreen driver in the Linux kernel during device removal, leading to a use-after- free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4134) 黄思聪 discovered that the NFC Controller Interface (NCI) implementation in the Linux kernel did not properly handle certain memory allocation failure conditions, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-46343) It was discovered that the io_uring subsystem in the Linux kernel contained a race condition, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-46862) It was discovered that a race condition existed in the Bluetooth subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51779) It was discovered that a race condition existed in the Rose X.25 protocol implementation in the Linux kernel, leading to a use-after- free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51782) Alon Zahavi discovered that the NVMe-oF/TCP subsystem of the Linux kernel did not properly handle connect command payloads in certain situations, leading to an out-of-bounds read vulnerability. A remote attacker could use this to expose sensitive information (kernel memory). (CVE-2023-6121) It was discovered that the VirtIO subsystem in the Linux kernel did not properly initialize memory in some situations. A local attacker could use this to possibly expose sensitive information (kernel memory). (CVE-2024-0340) Dan Carpenter discovered that the netfilter subsystem in the Linux kernel did not store data in properly sized memory locations. A local user could use this to cause a denial of service (system crash). (CVE-2024-0607) Lonial Con discovered that the netfilter subsystem in the Linux kernel did not properly handle element deactivation in certain cases, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-1085) Notselwyn discovered that the netfilter subsystem in the Linux kernel did not properly handle verdict parameters in certain cases, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-1086) It was discovered that a race condition existed in the SCSI Emulex LightPulse Fibre Channel driver in the Linux kernel when unregistering FCF and re-scanning an HBA FCF table, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2024-24855)

USN-6704-1: Linux kernel vulnerabilities

1 week 1 day ago
It was discovered that the NVIDIA Tegra XUSB pad controller driver in the Linux kernel did not properly handle return values in certain error conditions. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-23000) Quentin Minster discovered that the KSMBD implementation in the Linux kernel did not properly handle session setup requests. A remote attacker could possibly use this to cause a denial of service (memory exhaustion). (CVE-2023-32247) Lonial Con discovered that the netfilter subsystem in the Linux kernel did not properly handle element deactivation in certain cases, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-1085) Notselwyn discovered that the netfilter subsystem in the Linux kernel did not properly handle verdict parameters in certain cases, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-1086) It was discovered that a race condition existed in the SCSI Emulex LightPulse Fibre Channel driver in the Linux kernel when unregistering FCF and re-scanning an HBA FCF table, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2024-24855)

gnutls-3.8.4-1.fc38

1 week 1 day ago
FEDORA-2024-af55471f75 Packages in this update:
  • gnutls-3.8.4-1.fc38
Update description:

Rebase gnutls to version 3.8.4 - contains fixes for CVE-2024-28834 and CVE-2024-28835

gnutls-3.8.4-1.fc39

1 week 1 day ago
FEDORA-2024-0459dcd356 Packages in this update:
  • gnutls-3.8.4-1.fc39
Update description:

Rebase gnutls to version 3.8.4 - contains fixes for CVE-2024-28834 and CVE-2024-28835

gnutls-3.8.4-1.fc40

1 week 1 day ago
FEDORA-2024-d736bf394f Packages in this update:
  • gnutls-3.8.4-1.fc40
Update description:

Rebase gnutls to version 3.8.4 - contains fixes for CVE-2024-28834 and CVE-2024-28835

Automatic update for gnutls-3.8.3-3.fc40.

USN-6686-4: Linux kernel (KVM) vulnerabilities

1 week 1 day ago
It was discovered that the DesignWare USB3 for Qualcomm SoCs driver in the Linux kernel did not properly handle certain error conditions during device registration. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-22995) It was discovered that a race condition existed in the Cypress touchscreen driver in the Linux kernel during device removal, leading to a use-after- free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4134) 黄思聪 discovered that the NFC Controller Interface (NCI) implementation in the Linux kernel did not properly handle certain memory allocation failure conditions, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-46343) It was discovered that the io_uring subsystem in the Linux kernel contained a race condition, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-46862) It was discovered that a race condition existed in the Bluetooth subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51779) It was discovered that a race condition existed in the Rose X.25 protocol implementation in the Linux kernel, leading to a use-after- free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51782) Alon Zahavi discovered that the NVMe-oF/TCP subsystem of the Linux kernel did not properly handle connect command payloads in certain situations, leading to an out-of-bounds read vulnerability. A remote attacker could use this to expose sensitive information (kernel memory). (CVE-2023-6121) It was discovered that the VirtIO subsystem in the Linux kernel did not properly initialize memory in some situations. A local attacker could use this to possibly expose sensitive information (kernel memory). (CVE-2024-0340) Dan Carpenter discovered that the netfilter subsystem in the Linux kernel did not store data in properly sized memory locations. A local user could use this to cause a denial of service (system crash). (CVE-2024-0607)

containers-common-0.58.0-2.fc40 netavark-1.10.3-3.fc40 podman-5.0.0-1.fc40

1 week 1 day ago
FEDORA-2024-a267e93f8c Packages in this update:
  • containers-common-0.58.0-2.fc40
  • netavark-1.10.3-3.fc40
  • podman-5.0.0-1.fc40
Update description:

Security fix for CVE-2024-1753

Automatic update for podman-5.0.0-1.fc40.

Changelog for podman * Tue Mar 19 2024 Packit <hello@packit.dev> - 5:5.0.0-1 - [packit] 5.0.0 upstream release * Fri Mar 15 2024 Packit <hello@packit.dev> - 5:5.0.0~rc7-1 - [packit] 5.0.0-rc7 upstream release * Wed Mar 13 2024 Lokesh Mandvekar <lsm5@redhat.com> - 5:5.0.0~rc6-2 - Resolves: #2269148 - make passt a hard dep * Mon Mar 11 2024 Packit <hello@packit.dev> - 5:5.0.0~rc6-1 - [packit] 5.0.0-rc6 upstream release * Fri Mar 08 2024 Packit <hello@packit.dev> - 5:5.0.0~rc5-1 - [packit] 5.0.0-rc5 upstream release * Tue Mar 05 2024 Packit <hello@packit.dev> - 5:5.0.0~rc4-1 - [packit] 5.0.0-rc4 upstream release * Fri Mar 01 2024 Debarshi Ray <rishi@fedoraproject.org> - 5:5.0.0~rc3-5 - Show the toolbox RPMs used to run the tests * Fri Mar 01 2024 Debarshi Ray <rishi@fedoraproject.org> - 5:5.0.0~rc3-4 - Avoid running out of storage space when running the Toolbx tests * Fri Mar 01 2024 Debarshi Ray <rishi@fedoraproject.org> - 5:5.0.0~rc3-3 - Silence warnings about deprecated grep(1) use in test logs * Fri Mar 01 2024 Debarshi Ray <rishi@fedoraproject.org> - 5:5.0.0~rc3-2 - Update how Toolbx is spelt * Thu Feb 22 2024 Packit <hello@packit.dev> - 5:5.0.0~rc3-1 - [packit] 5.0.0-rc3 upstream release

Automatic update for podman-5.0.0~rc7-1.fc40.

Changelog for podman * Fri Mar 15 2024 Packit <hello@packit.dev> - 5:5.0.0~rc7-1 - [packit] 5.0.0-rc7 upstream release * Wed Mar 13 2024 Lokesh Mandvekar <lsm5@redhat.com> - 5:5.0.0~rc6-2 - Resolves: #2269148 - make passt a hard dep * Mon Mar 11 2024 Packit <hello@packit.dev> - 5:5.0.0~rc6-1 - [packit] 5.0.0-rc6 upstream release * Fri Mar 08 2024 Packit <hello@packit.dev> - 5:5.0.0~rc5-1 - [packit] 5.0.0-rc5 upstream release * Tue Mar 05 2024 Packit <hello@packit.dev> - 5:5.0.0~rc4-1 - [packit] 5.0.0-rc4 upstream release * Fri Mar 01 2024 Debarshi Ray <rishi@fedoraproject.org> - 5:5.0.0~rc3-5 - Show the toolbox RPMs used to run the tests * Fri Mar 01 2024 Debarshi Ray <rishi@fedoraproject.org> - 5:5.0.0~rc3-4 - Avoid running out of storage space when running the Toolbx tests * Fri Mar 01 2024 Debarshi Ray <rishi@fedoraproject.org> - 5:5.0.0~rc3-3 - Silence warnings about deprecated grep(1) use in test logs * Fri Mar 01 2024 Debarshi Ray <rishi@fedoraproject.org> - 5:5.0.0~rc3-2 - Update how Toolbx is spelt * Thu Feb 22 2024 Packit <hello@packit.dev> - 5:5.0.0~rc3-1 - [packit] 5.0.0-rc3 upstream release

make passt and netavark hard dependencies for podman

Automatic update for podman-5.0.0~rc6-1.fc40.

Changelog for podman * Mon Mar 11 2024 Packit <hello@packit.dev> - 5:5.0.0~rc6-1 - [packit] 5.0.0-rc6 upstream release * Fri Mar 08 2024 Packit <hello@packit.dev> - 5:5.0.0~rc5-1 - [packit] 5.0.0-rc5 upstream release * Tue Mar 05 2024 Packit <hello@packit.dev> - 5:5.0.0~rc4-1 - [packit] 5.0.0-rc4 upstream release * Fri Mar 01 2024 Debarshi Ray <rishi@fedoraproject.org> - 5:5.0.0~rc3-5 - Show the toolbox RPMs used to run the tests * Fri Mar 01 2024 Debarshi Ray <rishi@fedoraproject.org> - 5:5.0.0~rc3-4 - Avoid running out of storage space when running the Toolbx tests * Fri Mar 01 2024 Debarshi Ray <rishi@fedoraproject.org> - 5:5.0.0~rc3-3 - Silence warnings about deprecated grep(1) use in test logs * Fri Mar 01 2024 Debarshi Ray <rishi@fedoraproject.org> - 5:5.0.0~rc3-2 - Update how Toolbx is spelt * Thu Feb 22 2024 Packit <hello@packit.dev> - 5:5.0.0~rc3-1 - [packit] 5.0.0-rc3 upstream release

Automatic update for podman-5.0.0~rc5-1.fc40.

Changelog for podman * Fri Mar 08 2024 Packit <hello@packit.dev> - 5:5.0.0~rc5-1 - [packit] 5.0.0-rc5 upstream release * Tue Mar 05 2024 Packit <hello@packit.dev> - 5:5.0.0~rc4-1 - [packit] 5.0.0-rc4 upstream release * Fri Mar 01 2024 Debarshi Ray <rishi@fedoraproject.org> - 5:5.0.0~rc3-5 - Show the toolbox RPMs used to run the tests * Fri Mar 01 2024 Debarshi Ray <rishi@fedoraproject.org> - 5:5.0.0~rc3-4 - Avoid running out of storage space when running the Toolbx tests * Fri Mar 01 2024 Debarshi Ray <rishi@fedoraproject.org> - 5:5.0.0~rc3-3 - Silence warnings about deprecated grep(1) use in test logs * Fri Mar 01 2024 Debarshi Ray <rishi@fedoraproject.org> - 5:5.0.0~rc3-2 - Update how Toolbx is spelt * Thu Feb 22 2024 Packit <hello@packit.dev> - 5:5.0.0~rc3-1 - [packit] 5.0.0-rc3 upstream release

Automatic update for podman-5.0.0~rc4-1.fc40.

Automatic update for podman-5.0.0~rc3-1.fc40.

Removing podman 5.0.0-rc6 build to let the rest of this get past gating. We already have v5.0.0 bodhi for f40.