Fedoraproject Fedora vulnerabilities

CVE-2022-0924 [MEDIUM] CWE-125 CVE-2022-0924: Out-of-bounds Read error in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service vi Out-of-bounds Read error in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 408976c4.

CVE-2022-0516 [HIGH] CWE-200 CVE-2022-0516: A vulnerability was found in kvm_s390_guest_sida_op in the arch/s390/kvm/kvm-s390.c function in KVM A vulnerability was found in kvm_s390_guest_sida_op in the arch/s390/kvm/kvm-s390.c function in KVM for s390 in the Linux kernel. This flaw allows a local attacker with a normal user privilege to obtain unauthorized memory write access. This flaw affects Linux kernel versions prior to 5.17-rc4.

CVE-2022-0725 [HIGH] CWE-200 CVE-2022-0725: A flaw was found in keepass. The vulnerability occurs due to logging the plain text passwords in sys A flaw was found in keepass. The vulnerability occurs due to logging the plain text passwords in system log and leads to an Information Exposure vulnerability. This flaw allows an attacker to interact and read sensitive passwords and logs.

CVE-2022-0204 [HIGH] CWE-119 CVE-2022-0204: A heap overflow vulnerability was found in bluez in versions prior to 5.63. An attacker with local n A heap overflow vulnerability was found in bluez in versions prior to 5.63. An attacker with local network access could pass specially crafted files causing an application to halt or crash, leading to a denial of service.

CVE-2022-0891 [HIGH] CWE-787 CVE-2022-0891: A heap buffer overflow in ExtractImageSection function in tiffcrop.c in libtiff library Version 4.3. A heap buffer overflow in ExtractImageSection function in tiffcrop.c in libtiff library Version 4.3.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any other context-dependent impact

CVE-2021-3739 [HIGH] CWE-476 CVE-2021-3739: A NULL pointer dereference flaw was found in the btrfs_rm_device function in fs/btrfs/volumes.c in t A NULL pointer dereference flaw was found in the btrfs_rm_device function in fs/btrfs/volumes.c in the Linux Kernel, where triggering the bug requires ‘CAP_SYS_ADMIN’. This flaw allows a local attacker to crash the system or leak kernel internal information. The highest threat from this vulnerability is to system availability.

CVE-2022-0847 [HIGH] CWE-665 CVE-2022-0847: A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper i A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to pages in the page cache backed by read only files and as such escalate thei

CVE-2021-34340 [MEDIUM] CWE-125 CVE-2021-34340: Ming 0.4.8 has an out-of-bounds buffer access issue in the function decompileINCR_DECR() in decompil Ming 0.4.8 has an out-of-bounds buffer access issue in the function decompileINCR_DECR() in decompiler.c file that causes a direct segmentation fault and leads to denial of service.

CVE-2021-4095 [MEDIUM] CWE-476 CVE-2021-4095: A NULL pointer dereference was found in the Linux kernel's KVM when dirty ring logging is enabled wi A NULL pointer dereference was found in the Linux kernel's KVM when dirty ring logging is enabled without an active vCPU context. An unprivileged local attacker on the host may use this flaw to cause a kernel oops condition and thus a denial of service by issuing a KVM_XEN_HVM_SET_ATTR ioctl. This flaw affects Linux kernel versions prior to 5.17-rc1.

CVE-2021-44269 [MEDIUM] CWE-125 CVE-2021-44269: An out of bounds read was found in Wavpack 5.4.0 in processing *.WAV files. This issue triggered in An out of bounds read was found in Wavpack 5.4.0 in processing *.WAV files. This issue triggered in function WavpackPackSamples of file src/pack_utils.c, tainted variable cnt is too large, that makes pointer sptr read beyond heap bound.

CVE-2021-34339 [MEDIUM] CWE-125 CVE-2021-34339: Ming 0.4.8 has an out-of-bounds buffer access issue in the function getString() in decompiler.c file Ming 0.4.8 has an out-of-bounds buffer access issue in the function getString() in decompiler.c file that causes a direct segmentation fault and leads to denial of service.

CVE-2022-0433 [MEDIUM] CWE-908 CVE-2022-0433: A NULL pointer dereference flaw was found in the Linux kernel's BPF subsystem in the way a user trig A NULL pointer dereference flaw was found in the Linux kernel's BPF subsystem in the way a user triggers the map_get_next_key function of the BPF bloom filter. This flaw allows a local user to crash the system. This flaw affects Linux kernel versions prior to 5.17-rc1.

CVE-2021-34342 [MEDIUM] CWE-125 CVE-2021-34342: Ming 0.4.8 has an out-of-bounds read vulnerability in the function newVar_N() in decompile.c which c Ming 0.4.8 has an out-of-bounds read vulnerability in the function newVar_N() in decompile.c which causes a huge information leak.

CVE-2021-32434 [MEDIUM] CWE-125 CVE-2021-32434: abcm2ps v8.14.11 was discovered to contain an out-of-bounds read in the function calculate_beam at d abcm2ps v8.14.11 was discovered to contain an out-of-bounds read in the function calculate_beam at draw.c.

CVE-2021-34341 [MEDIUM] CWE-125 CVE-2021-34341: Ming 0.4.8 has an out-of-bounds read vulnerability in the function decompileIF() in the decompile.c Ming 0.4.8 has an out-of-bounds read vulnerability in the function decompileIF() in the decompile.c file that causes a direct segmentation fault and leads to denial of service.

CVE-2021-32436 [MEDIUM] CWE-125 CVE-2021-32436: An out-of-bounds read in the function write_title() in subs.c of abcm2ps v8.14.11 allows remote atta An out-of-bounds read in the function write_title() in subs.c of abcm2ps v8.14.11 allows remote attackers to cause a Denial of Service (DoS) via unspecified vectors.

CVE-2021-34338 [MEDIUM] CWE-125 CVE-2021-34338: Ming 0.4.8 has an out-of-bounds buffer overwrite issue in the function getName() in decompiler.c fil Ming 0.4.8 has an out-of-bounds buffer overwrite issue in the function getName() in decompiler.c file that causes a direct segmentation fault and leads to denial of service.

CVE-2021-4023 [MEDIUM] CWE-200 CVE-2021-4023: A flaw was found in the io-workqueue implementation in the Linux kernel versions prior to 5.15-rc1. A flaw was found in the io-workqueue implementation in the Linux kernel versions prior to 5.15-rc1. The kernel can panic when an improper cancellation operation triggers the submission of new io-uring operations during a shortage of free space. This flaw allows a local user with permissions to execute io-uring requests to possibly crash the system.

CVE-2021-32435 [MEDIUM] CWE-787 CVE-2021-32435: Stack-based buffer overflow in the function get_key in parse.c of abcm2ps v8.14.11 allows remote att Stack-based buffer overflow in the function get_key in parse.c of abcm2ps v8.14.11 allows remote attackers to cause a Denial of Service (DoS) via unspecified vectors.

CVE-2022-0865 [MEDIUM] CWE-617 CVE-2022-0865: Reachable Assertion in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via a c Reachable Assertion in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 5e180045.