Fedoraproject Fedora vulnerabilities

CVE-2024-0690 [MEDIUM] CWE-117 CVE-2024-0690: An information disclosure flaw was found in ansible-core due to a failure to respect the ANSIBLE_NO_ An information disclosure flaw was found in ansible-core due to a failure to respect the ANSIBLE_NO_LOG configuration in some scenarios. Information is still included in the output in certain tasks, such as loop items. Depending on the task, this issue may include sensitive information, such as decrypted secret values.

CVE-2024-1048 [LOW] CVE-2024-1048: A flaw was found in the grub2-set-bootflag utility of grub2. After the fix of CVE-2019-14865, grub2- A flaw was found in the grub2-set-bootflag utility of grub2. After the fix of CVE-2019-14865, grub2-set-bootflag will create a temporary file with the new grubenv content and rename it to the original grubenv file. If the program is killed before the rename operation, the temporary file will not be removed and may fill the filesystem when invoked multiple times,

CVE-2024-22667 [HIGH] CWE-787 CVE-2024-22667: Vim before 9.0.2142 has a stack-based buffer overflow because did_set_langmap in map.c calls sprintf Vim before 9.0.2142 has a stack-based buffer overflow because did_set_langmap in map.c calls sprintf to write to the error buffer that is passed down to the option callback functions.

CVE-2024-21626 [HIGH] CWE-403 CVE-2024-21626: runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. In runc 1.1.11 and earlier, due to an internal file descriptor leak, an attacker could cause a newly-spawned container process (from runc exec) to have a working directory in the host filesystem namespace, allowing for a container escape by giving access

CVE-2023-6779 [HIGH] CWE-122 CVE-2023-6779: An off-by-one heap-based buffer overflow was found in the __vsyslog_internal function of the glibc l An off-by-one heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a message bigger than INT_MAX bytes, leading to an incorrect calculation of the buffer size to store the message, resulting in an a

CVE-2024-1086 [HIGH] CWE-416 CVE-2024-1086: A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_verdict_init() function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow() function can cause a double free vulnerability when NF_DROP is issued with a drop error whi

CVE-2023-6246 [HIGH] CWE-122 CVE-2023-6246: A heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. This A heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when the openlog function was not called, or called with the ident argument set to NULL, and the program name (the basename of argv[0]) is bigger than 1024 bytes, resulting in an a

CVE-2023-6780 [MEDIUM] CWE-131 CVE-2023-6780: An integer overflow was found in the __vsyslog_internal function of the glibc library. This function An integer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a very long message, leading to an incorrect calculation of the buffer size to store the message, resulting in undefined behavior. This issue affects

CVE-2024-1077 [HIGH] CWE-416 CVE-2024-1077: Use after free in Network in Google Chrome prior to 121.0.6167.139 allowed a remote attacker to pote Use after free in Network in Google Chrome prior to 121.0.6167.139 allowed a remote attacker to potentially exploit heap corruption via a malicious file. (Chromium security severity: High)

CVE-2024-1060 [HIGH] CWE-416 CVE-2024-1060: Use after free in Canvas in Google Chrome prior to 121.0.6167.139 allowed a remote attacker to poten Use after free in Canvas in Google Chrome prior to 121.0.6167.139 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE-2024-1059 [HIGH] CWE-416 CVE-2024-1059: Use after free in Peer Connection in Google Chrome prior to 121.0.6167.139 allowed a remote attacker Use after free in Peer Connection in Google Chrome prior to 121.0.6167.139 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page. (Chromium security severity: High)

CVE-2023-46838 [HIGH] CWE-476 CVE-2023-46838: Transmit requests in Xen's virtual network protocol can consist of multiple parts. While not really Transmit requests in Xen's virtual network protocol can consist of multiple parts. While not really useful, except for the initial part any of them may be of zero length, i.e. carry no data at all. Besides a certain initial portion of the to be transferred data, these parts are directly translated into what Linux calls SKB fragments. Such converted re

CVE-2023-40548 [HIGH] CWE-787 CVE-2023-40548: A buffer overflow was found in Shim in the 32-bit system. The overflow happens due to an addition op A buffer overflow was found in Shim in the 32-bit system. The overflow happens due to an addition operation involving a user-controlled value parsed from the PE binary being used by Shim. This value is further used for memory allocation operations, leading to a heap-based buffer overflow. This flaw causes memory corruption and can lead to a crash or d

CVE-2024-23334 [HIGH] CWE-22 CVE-2024-23334: aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. When using aiohttp a aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. When using aiohttp as a web server and configuring static routes, it is necessary to specify the root path for static files. Additionally, the option 'follow_symlinks' can be used to determine whether to follow symbolic links outside the static root directory. When 'follow_

CVE-2024-23829 [MEDIUM] CVE-2024-23829: aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. Security-sensitive p aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. Security-sensitive parts of the Python HTTP parser retained minor differences in allowable character sets, that must trigger error handling to robustly match frame boundaries of proxies in order to protect against injection of additional requests. Additionally, validation could

CVE-2023-40546 [MEDIUM] CWE-476 CVE-2023-40546: A flaw was found in Shim when an error happened while creating a new ESL variable. If Shim fails to A flaw was found in Shim when an error happened while creating a new ESL variable. If Shim fails to create the new variable, it tries to print an error message to the user; however, the number of parameters used by the logging function doesn't match the format string used by it, leading to a crash under certain circumstances.

CVE-2023-40551 [MEDIUM] CWE-125 CVE-2023-40551: A flaw was found in the MZ binary format in Shim. An out-of-bounds read may occur, leading to a cras A flaw was found in the MZ binary format in Shim. An out-of-bounds read may occur, leading to a crash or possible exposure of sensitive data during the system's boot phase.

CVE-2023-40549 [MEDIUM] CWE-125 CVE-2023-40549: An out-of-bounds read flaw was found in Shim due to the lack of proper boundary verification during An out-of-bounds read flaw was found in Shim due to the lack of proper boundary verification during the load of a PE binary. This flaw allows an attacker to load a crafted PE binary, triggering the issue and crashing Shim, resulting in a denial of service.

CVE-2023-40550 [MEDIUM] CWE-125 CVE-2023-40550: An out-of-bounds read flaw was found in Shim when it tried to validate the SBAT information. This is An out-of-bounds read flaw was found in Shim when it tried to validate the SBAT information. This issue may expose sensitive data during the system's boot phase.

CVE-2024-0808 [CRITICAL] CWE-191 CVE-2024-0808: Integer underflow in WebUI in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to pote Integer underflow in WebUI in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to potentially exploit heap corruption via a malicious file. (Chromium security severity: High)