A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overlay window (aka COW), the Xserver would leave a dangling pointer to that window in the CompScreen structure, which will trigger a use-after-free later. (CVE-2023-1393)
A read buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate verification despite failure to construct a path to a trusted
Attackers can write to files that are typically unintended, such as ones with absolute pathnames or .. directory traversal. (CVE-2023-28371) References: - https://bugs.mageia.org/show_bug.cgi?id=31742
Buffer overrun in util.c (CVE-2022-4899) References: - https://bugs.mageia.org/show_bug.cgi?id=31740 - https://lists.suse.com/pipermail/sle-security-updates/2023-March/014246.html
Deletion of AD DC "dnsHostname" attribute by unprivileged authenticated users (CVE-2023-0225) Read access controlled AD LDAP attributes (CVE-2023-0614) Cleartext password sending by AD DC admin tool (CVE-2023-0922)
CairoSVG is an SVG converter based on Cairo, a 2D graphics library. Prior to version 2.7.0, Cairo can send requests to external hosts when processing SVG files. A malicious actor could send a specially crafted SVG file that allows them to perform a server-side request forgery or denial of service. Version 2.7.0 disables CairoSVG's ability to access other
/sys/fs/cgroup is writable when cgroupns isn't unshared (CVE-2023-25809) Regression that reintroduced CVE-2019-19921 - Incorrect Access Control leading to Escalation of Privileges (CVE-2023-27561) AppArmor/SELinux bypass with symlinked /proc (CVE-2023-28642)
Denial of service via the End of Archive tag function of the peazip/pea UNPEA feature. (CVE-2023-24785) References: - https://bugs.mageia.org/show_bug.cgi?id=31679
A flaw in Apache libapreq2 versions 2.16 and earlier could cause a buffer overflow while processing multipart form uploads. A remote attacker could send a request causing a process crash which could lead to a denial of service attack. (CVE-2022-22728)
When a Dino client receives a specifically crafted message from an unauthorized sender, it would use information from that message to add, update or remove entries in the userâs personal bookmark store without requiring further user interaction. (CVE-2023-28686)
Xapian database corruption on disk full is possible. It doesn't happen in every case as ENOSPC needs to happen on a particular operation during the commit but then not happen on a repeat attempt at that operation. (bdo#1032398)
Net-Server, when the reverse-lookups option is enabled, does not check if the hostname resolves to the source IP address, which might allow remote attackers to bypass ACL restrictions via the hostname parameter. (CVE-2013-1841)
Fixes some bugs including a security vulnerability when decoding hash keys without ending ':'. References: - https://bugs.mageia.org/show_bug.cgi?id=31666
DeepCopyPointerClasses use-after-free leads to privilege elevation. (CVE-2023-0494) References: - https://bugs.mageia.org/show_bug.cgi?id=31523
Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured File Policy for HTTP. The vulnerability is due to incorrect detection of modified HTTP packets used in chunked responses. An attacker could exploit this vulnerability by sending crafted HTTP packets
Incorrect code generation during JIT compilation. (CVE-2023-25751) Potential out-of-bounds when accessing throttled streams. (CVE-20223-25752) Invalid downcast in Worklets. (CVE-2023-28162) URL being dragged from a removed cross-origin iframe into the same tab triggered navigation. (CVE-2023-28164)
If a malicious Flatpak app is run on a Linux virtual console such as /dev/tty1, it can copy text from the virtual console and paste it back into the virtual console's input buffer, from which the command might be run by the user's shell after the Flatpak app has exited. This is similar to CVE-2017-5226, but using the TIOCLINUX ioctl command instead
In the MHD_PostProcessor, malformed inputs can be used to crash the server (for denial-of-service). References: - https://bugs.mageia.org/show_bug.cgi?id=31670
LibTIFF 4.4.0 has an out-of-bounds read in tiffcp in tools/tiffcp.c:948, allowing attackers to cause a denial-of-service via a crafted tiff file. (CVE-2022-4645) References:
XML External Entity (XXE) Injection (CVE-2023-27476) References: - https://bugs.mageia.org/show_bug.cgi?id=31667 - https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./thread/PYNYFUUI2JO56U35RT7DTZDQDCNCDAMH/
Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.
Cloud Security Cryptography Desktop Security Firewall Government Hacks/Cracks IoT Security Network Security Organizations/Events Privacy Security Projects Security Trends Security Vulnerabilities Server Security Vendors/Products
Debian Debian LTS Fedora Gentoo Mageia Oracle openSUSE RockyLinux Slackware SuSE Ubuntu
Harden My Filesystem Learn Tips and Tricks Secure My E-mail Secure My Firewall Secure My Network Secure My Webserver Strengthen My Privacy
Best Secure Linux Distros for Enhanced Privacy & Security The Truth About Linux Malware & How to Protect Your System Is Linux A More Secure Option Than Windows For Businesses? How Secure Is Linux? Top Tips for Securing Your Linux System
Advertise Contribute Your Article Legal Notice RSS Feeds Contact Us Terms of Service Privacy Policy
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.
