Fedoraproject: >> Fedora >> 35 Security Vulnerabilities
A NULL pointer dereference was found in the Linux kernel's KVM when dirty ring logging is enabled without an active vCPU context. An unprivileged local attacker on the host may use this flaw to cause a kernel oops condition and thus a denial of service by issuing a KVM_XEN_HVM_SET_ATTR ioctl. This flaw affects Linux kernel versions prior to 5.17-rc1.
CVSS Score
5.5
EPSS Score
0.001
Published
2022-03-10
A flaw was found in the io-workqueue implementation in the Linux kernel versions prior to 5.15-rc1. The kernel can panic when an improper cancellation operation triggers the submission of new io-uring operations during a shortage of free space. This flaw allows a local user with permissions to execute io-uring requests to possibly crash the system.
CVSS Score
5.5
EPSS Score
0.0
Published
2022-03-10
An out of bounds read was found in Wavpack 5.4.0 in processing *.WAV files. This issue triggered in function WavpackPackSamples of file src/pack_utils.c, tainted variable cnt is too large, that makes pointer sptr read beyond heap bound.
CVSS Score
5.5
EPSS Score
0.002
Published
2022-03-10
There's a flaw in urllib's AbstractBasicAuthHandler class. An attacker who controls a malicious HTTP server that an HTTP client (such as web browser) connects to, could trigger a Regular Expression Denial of Service (ReDOS) during an authentication request with a specially crafted payload that is sent by the server to the client. The greatest threat that this flaw poses is to application availability.
CVSS Score
6.5
EPSS Score
0.089
Published
2022-03-10
Ming 0.4.8 has an out-of-bounds read vulnerability in the function newVar_N() in decompile.c which causes a huge information leak.
CVSS Score
6.5
EPSS Score
0.003
Published
2022-03-10
Ming 0.4.8 has an out-of-bounds buffer access issue in the function getString() in decompiler.c file that causes a direct segmentation fault and leads to denial of service.
CVSS Score
6.5
EPSS Score
0.002
Published
2022-03-10
Ming 0.4.8 has an out-of-bounds buffer access issue in the function decompileINCR_DECR() in decompiler.c file that causes a direct segmentation fault and leads to denial of service.
CVSS Score
6.5
EPSS Score
0.002
Published
2022-03-10
Ming 0.4.8 has an out-of-bounds read vulnerability in the function decompileIF() in the decompile.c file that causes a direct segmentation fault and leads to denial of service.
CVSS Score
6.5
EPSS Score
0.002
Published
2022-03-10
Ming 0.4.8 has an out-of-bounds buffer overwrite issue in the function getName() in decompiler.c file that causes a direct segmentation fault and leads to denial of service.
CVSS Score
6.5
EPSS Score
0.002
Published
2022-03-10
abcm2ps v8.14.11 was discovered to contain an out-of-bounds read in the function calculate_beam at draw.c.
CVSS Score
5.5
EPSS Score
0.003
Published
2022-03-10