Fedoraproject

Fedora

5357 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.57%
  • Veröffentlicht 20.03.2021 22:15:11
  • Zuletzt bearbeitet 21.11.2024 05:20:48

An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information fr...

  • EPSS 0.38%
  • Veröffentlicht 20.03.2021 21:15:11
  • Zuletzt bearbeitet 21.11.2024 06:00:25

An issue was discovered in the Linux kernel through 5.11.8. The sound/soc/qcom/sdm845.c soundwire device driver has a buffer overflow when an unexpected port ID number is encountered, aka CID-1c668e1c0a0f. (This has been fixed in 5.12-rc4.)

  • EPSS 0.36%
  • Veröffentlicht 20.03.2021 20:15:13
  • Zuletzt bearbeitet 21.11.2024 06:00:25

An issue was discovered in fs/fuse/fuse_i.h in the Linux kernel before 5.11.8. A "stall on CPU" can occur because a retry loop continually finds the same bad inode, aka CID-775c5033a0d1.

  • EPSS 0.28%
  • Veröffentlicht 20.03.2021 20:15:13
  • Zuletzt bearbeitet 21.11.2024 06:00:25

An issue was discovered in fs/io_uring.c in the Linux kernel through 5.11.8. It allows attackers to cause a denial of service (deadlock) because exit may be waiting to park a SQPOLL thread, but concurrently that SQPOLL thread is waiting for a signal ...

  • EPSS 1.39%
  • Veröffentlicht 19.03.2021 20:15:13
  • Zuletzt bearbeitet 21.11.2024 04:18:37

A flaw was found in http-proxy-agent, prior to version 2.1.0. It was discovered http-proxy-agent passes an auth option to the Buffer constructor without proper sanitization. This could result in a Denial of Service through the usage of all available ...

  • EPSS 2.98%
  • Veröffentlicht 19.03.2021 16:15:13
  • Zuletzt bearbeitet 21.11.2024 05:58:36

A carefully crafted PDF file can trigger an infinite loop while loading the file. This issue affects Apache PDFBox version 2.0.22 and prior 2.0.x versions.

  • EPSS 3.34%
  • Veröffentlicht 19.03.2021 16:15:13
  • Zuletzt bearbeitet 21.11.2024 05:58:45

A carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file. This issue affects Apache PDFBox version 2.0.22 and prior 2.0.x versions.

Exploit
  • EPSS 2.81%
  • Veröffentlicht 19.03.2021 07:15:13
  • Zuletzt bearbeitet 21.11.2024 06:00:17

Kramdown before 2.3.1 does not restrict Rouge formatters to the Rouge::Formatters namespace, and thus arbitrary classes can be instantiated.

  • EPSS 2.72%
  • Veröffentlicht 19.03.2021 05:15:13
  • Zuletzt bearbeitet 17.12.2025 22:15:56

decompress_gunzip.c in BusyBox through 1.32.1 mishandles the error bit on the huft_build result pointer, with a resultant invalid free or segmentation fault, via malformed gzip data.

  • EPSS 8.16%
  • Veröffentlicht 19.03.2021 05:15:12
  • Zuletzt bearbeitet 21.11.2024 05:17:19

An issue was discovered in Squid through 4.13 and 5.x through 5.0.4. Due to improper input validation, it allows a trusted client to perform HTTP Request Smuggling and access services otherwise forbidden by the security controls. This occurs for cert...