Happy Friday fellow Linux geeks! This week, multiple vulnerabilities have been fixed in VLC, the streaming video player, including a potential buffer overflow in the vnc module that could trigger remote code execution if a malicious vnc URL is deliberately played. With a base score of 7.8 out of 10, it's critical that all users update their systems now.
Have you customized your LinuxSecurity advisories based on the distro(s) you use? If not, we encourage you to do so now!
Yours in Open Source,
BCELThe DiscoveryAn important out-of-bounds writing vulnerability (CVE-2022-42920) has been found in The Byte Code Engineering Library (Apache Commons BCEL). |
webkit2gtk3The DiscoveryNine important security issues have been discovered in webkit2gtk3. The ImpactThese vulnerabilities could lead to the disclosure of process memory and sensitive user information, and arbitrary code execution caused by memory corruption. The FixAn update has been released for webkit2gtk3 that fixes these bugs. We urge you to update immediately to protect the security and integrity of your systems and the privacy of your sensitive information. Your Related Advisories:Register to Customize Your Advisories |
VLCThe DiscoveryAn important integer overflow vulnerability in the VNC module in VideoLAN VLC Media Player through 3.0.17.4 has been identified (CVE-2022-41325). |
