Fedoraproject

Fedora

5357 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.26%
  • Veröffentlicht 11.10.2022 13:15:10
  • Zuletzt bearbeitet 21.11.2024 07:08:27

Arm: unbounded memory consumption for 2nd-level page tables Certain actions require e.g. removing pages from a guest's P2M (Physical-to-Machine) mapping. When large pages are in use to map guest pages in the 2nd-stage page tables, such a removal oper...

  • EPSS 0.25%
  • Veröffentlicht 11.10.2022 13:15:10
  • Zuletzt bearbeitet 21.11.2024 07:08:27

lock order inversion in transitive grant copy handling As part of XSA-226 a missing cleanup call was inserted on an error handling path. While doing so, locking requirements were not paid attention to. As a result two cooperating guests granting each...

Exploit
  • EPSS 0.83%
  • Veröffentlicht 10.10.2022 00:15:09
  • Zuletzt bearbeitet 09.06.2025 15:15:27

An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message with certain invalid typ...

Exploit
  • EPSS 1.31%
  • Veröffentlicht 10.10.2022 00:15:09
  • Zuletzt bearbeitet 09.06.2025 15:15:28

An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is...

Exploit
  • EPSS 1.31%
  • Veröffentlicht 10.10.2022 00:15:09
  • Zuletzt bearbeitet 09.06.2025 15:15:28

An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by sending a message with attached file descripto...

  • EPSS 3.68%
  • Veröffentlicht 08.10.2022 11:15:10
  • Zuletzt bearbeitet 21.11.2024 07:19:30

A vulnerability classified as problematic has been found in Linux Kernel. This affects the function fib_nh_match of the file net/ipv4/fib_semantics.c of the component IPv4 Handler. The manipulation leads to out-of-bounds read. It is possible to initi...

  • EPSS 2.09%
  • Veröffentlicht 07.10.2022 21:15:11
  • Zuletzt bearbeitet 21.11.2024 07:19:11

Command injection is possible in the puppetlabs-apt module prior to version 9.0.0. A malicious actor is able to exploit this vulnerability only if they are able to provide unsanitized input to the module. This condition is rare in most deployments of...

  • EPSS 0.62%
  • Veröffentlicht 07.10.2022 05:15:11
  • Zuletzt bearbeitet 21.11.2024 07:01:56

In ISC DHCP 1.0 -> 4.4.3, ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16-P1 a system with access to a DHCP server, sending DHCP packets crafted to include fqdn labels longer than 63 bytes, could eventually cause the server to run out of memory.

  • EPSS 0.66%
  • Veröffentlicht 07.10.2022 05:15:08
  • Zuletzt bearbeitet 21.11.2024 07:01:56

In ISC DHCP 4.4.0 -> 4.4.3, ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16-P1, when the function option_code_hash_lookup() is called from add_option(), it increases the option's refcount field. However, there is not a corresponding call to option_dereference() t...

Exploit
  • EPSS 2.71%
  • Veröffentlicht 06.10.2022 18:17:03
  • Zuletzt bearbeitet 21.11.2024 07:23:23

A resource leak in gw_backend.c in lighttpd 1.4.56 through 1.4.66 could lead to a denial of service (connection-slot exhaustion) after a large amount of anomalous TCP behavior by clients. It is related to RDHUP mishandling in certain HTTP/1.1 chunked...