Fedoraproject Fedora vulnerabilities

CVE-2022-1621 [HIGH] CWE-122 CVE-2022-1621: Heap buffer overflow in vim_strncpy find_word in GitHub repository vim/vim prior to 8.2.4919. This v Heap buffer overflow in vim_strncpy find_word in GitHub repository vim/vim prior to 8.2.4919. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution

CVE-2022-1620 [HIGH] CWE-476 CVE-2022-1620: NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 in GitHub repository vim/vi NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 in GitHub repository vim/vim prior to 8.2.4901. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 allows attackers to cause a denial of service (application crash) via a crafted input.

CVE-2022-1619 [HIGH] CWE-122 CVE-2022-1619: Heap-based Buffer Overflow in function cmdline_erase_chars in GitHub repository vim/vim prior to 8.2 Heap-based Buffer Overflow in function cmdline_erase_chars in GitHub repository vim/vim prior to 8.2.4899. This vulnerabilities are capable of crashing software, modify memory, and possible remote execution

CVE-2022-1616 [HIGH] CWE-416 CVE-2022-1616: Use after free in append_command in GitHub repository vim/vim prior to 8.2.4895. This vulnerability Use after free in append_command in GitHub repository vim/vim prior to 8.2.4895. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution

CVE-2022-1053 [CRITICAL] CWE-20 CVE-2022-1053: Keylime does not enforce that the agent registrar data is the same when the tenant uses it for valid Keylime does not enforce that the agent registrar data is the same when the tenant uses it for validation of the EK and identity quote and the verifier for validating the integrity quote. This allows an attacker to use one AK, EK pair from a real TPM to pass EK validation and give the verifier an AK of a software TPM. A successful attack breaks the e

CVE-2022-24903 [HIGH] CWE-120 CVE-2022-24903: Rsyslog is a rocket-fast system for log processing. Modules for TCP syslog reception have a potentia Rsyslog is a rocket-fast system for log processing. Modules for TCP syslog reception have a potential heap buffer overflow when octet-counted framing is used. This can result in a segfault or some other malfunction. As of our understanding, this vulnerability can not be used for remote code execution. But there may still be a slight chance for experts

CVE-2022-24884 [HIGH] CWE-347 CVE-2022-24884: ecdsautils is a tiny collection of programs used for ECDSA (keygen, sign, verify). `ecdsa_verify_[pr ecdsautils is a tiny collection of programs used for ECDSA (keygen, sign, verify). `ecdsa_verify_[prepare_]legacy()` does not check whether the signature values `r` and `s` are non-zero. A signature consisting only of zeroes is always considered valid, making it trivial to forge signatures. Requiring multiple signatures from different public keys does

CVE-2022-29502 [CRITICAL] CVE-2022-29502: SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Escalation of Privi SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Escalation of Privileges.

CVE-2022-29501 [HIGH] CVE-2022-29501: SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Escalation of Privi SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Escalation of Privileges and code execution.

CVE-2022-29500 [HIGH] CVE-2022-29500: SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Information Disclos SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Information Disclosure.

CVE-2022-27337 [MEDIUM] CVE-2022-27337: A logic error in the Hints::Hints function of Poppler v22.03.0 allows attackers to cause a Denial of A logic error in the Hints::Hints function of Poppler v22.03.0 allows attackers to cause a Denial of Service (DoS) via a crafted PDF file.

CVE-2022-30292 [CRITICAL] CWE-787 CVE-2022-30292: Heap-based buffer overflow in sqbaselib.cpp in SQUIRREL 3.2 due to lack of a certain sq_reservestack Heap-based buffer overflow in sqbaselib.cpp in SQUIRREL 3.2 due to lack of a certain sq_reservestack call.

CVE-2022-27470 [HIGH] CWE-787 CVE-2022-27470: SDL_ttf v2.0.18 and below was discovered to contain an arbitrary memory write via the function TTF_R SDL_ttf v2.0.18 and below was discovered to contain an arbitrary memory write via the function TTF_RenderText_Solid(). This vulnerability is triggered via a crafted TTF file.

CVE-2022-20771 [HIGH] CWE-399 CVE-2022-20771: On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and e On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in the TIFF file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an unauthenticated, remote attacker to cause a denia

CVE-2022-20785 [HIGH] CWE-401 CVE-2022-20785: On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and e On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in HTML file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an unauthenticated, remote attacker to cause a denial of

CVE-2022-28487 [HIGH] CWE-401 CVE-2022-28487: Tcpreplay version 4.4.1 contains a memory leakage flaw in fix_ipv6_checksums() function. The highest Tcpreplay version 4.4.1 contains a memory leakage flaw in fix_ipv6_checksums() function. The highest threat from this vulnerability is to data confidentiality.

CVE-2022-20770 [HIGH] CWE-399 CVE-2022-20770: On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and e On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in CHM file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an unauthenticated, remote attacker to cause a denial of

CVE-2022-20796 [MEDIUM] CWE-822 CVE-2022-20796: On May 4, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earl On May 4, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in Clam AntiVirus (ClamAV) versions 0.103.4, 0.103.5, 0.104.1, and 0.104.2 could allow an authenticated, local attacker to cause a denial of service condition on an affected device. For a desc

CVE-2022-1292 [HIGH] CWE-78 CVE-2022-1292: The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. Th The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete

CVE-2022-29824 [MEDIUM] CWE-190 CVE-2022-29824: In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for example libxslt through 1.1.35, is af