Fedoraproject: >> Fedora Security Vulnerabilities
A flaw was found in s390 eBPF JIT in bpf_jit_insn in arch/s390/net/bpf_jit_comp.c in the Linux kernel. In this flaw, a local attacker with special user privilege can circumvent the verifier and may lead to a confidentiality problem.
CVSS Score
5.5
EPSS Score
0.001
Published
2022-02-18
In Expat (aka libexpat) before 2.4.5, an attacker can trigger stack exhaustion in build_model via a large nesting depth in the DTD element.
CVSS Score
6.5
EPSS Score
0.001
Published
2022-02-18
In Expat (aka libexpat) before 2.4.5, there is an integer overflow in copyString.
CVSS Score
7.5
EPSS Score
0.004
Published
2022-02-18
In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames.
CVSS Score
9.8
EPSS Score
0.077
Published
2022-02-18
snapd 2.54.2 did not properly validate the location of the snap-confine binary. A local attacker who can hardlink this binary to another location to cause snap-confine to execute other arbitrary binaries and hence gain privilege escalation. Fixed in snapd versions 2.54.3+18.04, 2.54.3+20.04 and 2.54.3+21.10.1
CVSS Score
7.8
EPSS Score
0.0
Published
2022-02-17
A race condition existed in the snapd 2.54.2 snap-confine binary when preparing a private mount namespace for a snap. This could allow a local attacker to gain root privileges by bind-mounting their own contents inside the snap's private mount namespace and causing snap-confine to execute arbitrary code and hence gain privilege escalation. Fixed in snapd versions 2.54.3+18.04, 2.54.3+20.04 and 2.54.3+21.10.1
CVSS Score
7.8
EPSS Score
0.013
Published
2022-02-17
snapd 2.54.2 fails to perform sufficient validation of snap content interface and layout paths, resulting in the ability for snaps to inject arbitrary AppArmor policy rules via malformed content interface and layout declarations and hence escape strict snap confinement. Fixed in snapd versions 2.54.3+18.04, 2.54.3+20.04 and 2.54.3+21.10.1
CVSS Score
8.2
EPSS Score
0.001
Published
2022-02-17
Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
CVSS Score
8.4
EPSS Score
0.019
Published
2022-02-17
Drupal core's form API has a vulnerability where certain contributed or custom modules' forms may be vulnerable to improper input validation. This could allow an attacker to inject disallowed values or overwrite data. Affected forms are uncommon, but in certain cases an attacker could alter critical or sensitive data.
CVSS Score
7.5
EPSS Score
0.004
Published
2022-02-16
An issue was discovered in drivers/usb/gadget/composite.c in the Linux kernel before 5.16.10. The USB Gadget subsystem lacks certain validation of interface OS descriptor requests (ones with a large array index and ones associated with NULL function pointer retrieval). Memory corruption might occur.
CVSS Score
4.6
EPSS Score
0.002
Published
2022-02-16