Filtered by vendor Fedoraproject Subscriptions
Total 5183 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-43787 3 Fedoraproject, Redhat, X.org 3 Fedora, Enterprise Linux, Libx11 2024-08-20 7.8 High
A vulnerability was found in libX11 due to an integer overflow within the XCreateImage() function. This flaw allows a local user to trigger an integer overflow and execute arbitrary code with elevated privileges.
CVE-2023-43786 3 Fedoraproject, Redhat, X.org 3 Fedora, Enterprise Linux, Libx11 2024-08-20 5.5 Medium
A vulnerability was found in libX11 due to an infinite loop within the PutSubImage() function. This flaw allows a local user to consume all available system resources and cause a denial of service condition.
CVE-2023-43785 3 Fedoraproject, Redhat, X.org 3 Fedora, Enterprise Linux, Libx11 2024-08-20 6.5 Medium
A vulnerability was found in libX11 due to a boundary condition within the _XkbReadKeySyms() function. This flaw allows a local user to trigger an out-of-bounds read error and read the contents of memory on the system.
CVE-2023-42756 4 Debian, Fedoraproject, Linux and 1 more 4 Debian Linux, Fedora, Linux Kernel and 1 more 2024-08-20 4.4 Medium
A flaw was found in the Netfilter subsystem of the Linux kernel. A race condition between IPSET_CMD_ADD and IPSET_CMD_SWAP can lead to a kernel panic due to the invocation of `__ip_set_put` on a wrong `set`. This issue may allow a local user to crash the system.
CVE-2023-4813 4 Fedoraproject, Gnu, Netapp and 1 more 23 Fedora, Glibc, Active Iq Unified Manager and 20 more 2024-08-20 5.9 Medium
A flaw was found in glibc. In an uncommon situation, the gaih_inet function may use memory that has been freed, resulting in an application crash. This issue is only exploitable when the getaddrinfo function is called and the hosts database in /etc/nsswitch.conf is configured with SUCCESS=continue or SUCCESS=merge.
CVE-2023-4806 3 Fedoraproject, Gnu, Redhat 24 Fedora, Glibc, Codeready Linux Builder Eus and 21 more 2024-08-20 5.9 Medium
A flaw was found in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an application crash. This issue is only exploitable when a NSS module implements only the _nss_*_gethostbyname2_r and _nss_*_getcanonname_r hooks without implementing the _nss_*_gethostbyname3_r hook. The resolved name should return a large number of IPv6 and IPv4, and the call to the getaddrinfo function should have the AF_INET6 address family with AI_CANONNAME, AI_ALL and AI_V4MAPPED as flags.
CVE-2023-4535 3 Fedoraproject, Opensc Project, Redhat 3 Fedora, Opensc, Enterprise Linux 2024-08-20 4.5 Medium
An out-of-bounds read vulnerability was found in OpenSC packages within the MyEID driver when handling symmetric key encryption. Exploiting this flaw requires an attacker to have physical access to the computer and a specially crafted USB device or smart card. This flaw allows the attacker to manipulate APDU responses and potentially gain unauthorized access to sensitive data, compromising the system's security.
CVE-2023-4527 4 Fedoraproject, Gnu, Netapp and 1 more 32 Fedora, Glibc, H300s and 29 more 2024-08-20 6.5 Medium
A flaw was found in glibc. When the getaddrinfo function is called with the AF_UNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger than 2048 bytes can potentially disclose stack contents through the function returned address data, and may cause a crash.
CVE-2023-4273 5 Debian, Fedoraproject, Linux and 2 more 12 Debian Linux, Fedora, Linux Kernel and 9 more 2024-08-20 6 Medium
A flaw was found in the exFAT driver of the Linux kernel. The vulnerability exists in the implementation of the file name reconstruction function, which is responsible for reading file name entries from a directory index and merging file name parts belonging to one file into a single long file name. Since the file name characters are copied into a stack variable, a local privileged attacker could use this flaw to overflow the kernel stack.
CVE-2023-41175 3 Fedoraproject, Libtiff, Redhat 3 Fedora, Libtiff, Enterprise Linux 2024-08-20 6.5 Medium
A vulnerability was found in libtiff due to multiple potential integer overflows in raw2tiff.c. This flaw allows remote attackers to cause a denial of service or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow.
CVE-2023-40745 4 Fedoraproject, Libtiff, Netapp and 1 more 4 Fedora, Libtiff, Active Iq Unified Manager and 1 more 2024-08-20 6.5 Medium
LibTIFF is vulnerable to an integer overflow. This flaw allows remote attackers to cause a denial of service (application crash) or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow.
CVE-2023-40551 2 Fedoraproject, Redhat 7 Fedora, Enterprise Linux, Rhel Aus and 4 more 2024-08-20 5.1 Medium
A flaw was found in the MZ binary format in Shim. An out-of-bounds read may occur, leading to a crash or possible exposure of sensitive data during the system's boot phase.
CVE-2023-40550 2 Fedoraproject, Redhat 7 Fedora, Enterprise Linux, Rhel Aus and 4 more 2024-08-20 5.5 Medium
An out-of-bounds read flaw was found in Shim when it tried to validate the SBAT information. This issue may expose sensitive data during the system's boot phase.
CVE-2023-40549 2 Fedoraproject, Redhat 7 Fedora, Enterprise Linux, Rhel Aus and 4 more 2024-08-20 6.2 Medium
An out-of-bounds read flaw was found in Shim due to the lack of proper boundary verification during the load of a PE binary. This flaw allows an attacker to load a crafted PE binary, triggering the issue and crashing Shim, resulting in a denial of service.
CVE-2023-40546 2 Fedoraproject, Redhat 7 Fedora, Enterprise Linux, Rhel Aus and 4 more 2024-08-20 6.2 Medium
A flaw was found in Shim when an error happened while creating a new ESL variable. If Shim fails to create the new variable, it tries to print an error message to the user; however, the number of parameters used by the logging function doesn't match the format string used by it, leading to a crash under certain circumstances.
CVE-2023-38559 4 Artifex, Debian, Fedoraproject and 1 more 4 Ghostscript, Debian Linux, Fedora and 1 more 2024-08-20 5.5 Medium
A buffer overflow flaw was found in base/gdevdevn.c:1973 in devn_pcx_write_rle() in ghostscript. This issue may allow a local attacker to cause a denial of service via outputting a crafted PDF file for a DEVN device with gs.
CVE-2023-38252 3 Fedoraproject, Redhat, Tats 4 Extra Packages For Enterprise Linux, Fedora, Enterprise Linux and 1 more 2024-08-20 4.7 Medium
An out-of-bounds read flaw was found in w3m, in the Strnew_size function in Str.c. This issue may allow an attacker to cause a denial of service through a crafted HTML file.
CVE-2023-38201 3 Fedoraproject, Keylime, Redhat 9 Fedora, Keylime, Enterprise Linux and 6 more 2024-08-20 6.5 Medium
A flaw was found in the Keylime registrar that could allow a bypass of the challenge-response protocol during agent registration. This issue may allow an attacker to impersonate an agent and hide the true status of a monitored machine if the fake agent is added to the verifier list by a legitimate user, resulting in a breach of the integrity of the registrar database.
CVE-2023-38200 3 Fedoraproject, Keylime, Redhat 9 Fedora, Keylime, Enterprise Linux and 6 more 2024-08-20 7.5 High
A flaw was found in Keylime. Due to their blocking nature, the Keylime registrar is subject to a remote denial of service against its SSL connections. This flaw allows an attacker to exhaust all available connections.
CVE-2023-4091 3 Fedoraproject, Redhat, Samba 7 Fedora, Enterprise Linux, Enterprise Linux Eus and 4 more 2024-08-20 6.5 Medium
A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS module "acl_xattr" is configured with "acl_xattr:ignore system acls = yes". The SMB protocol allows opening files when the client requests read-only access but then implicitly truncates the opened file to 0 bytes if the client specifies a separate OVERWRITE create disposition request. The issue arises in configurations that bypass kernel file system permissions checks, relying solely on Samba's permissions.