Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Fedora
(Fedoraproject)Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2022-08-25 | CVE-2021-3929 | A DMA reentrancy issue was found in the NVM Express Controller (NVME) emulation in QEMU. This CVE is similar to CVE-2021-3750 and, just like it, when the reentrancy write triggers the reset function nvme_ctrl_reset(), data structs will be freed leading to a use-after-free issue. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition or, potentially, executing arbitrary code within the context of the QEMU process on the host. | Fedora, Qemu | 8.2 | ||
2022-08-25 | CVE-2022-2980 | NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0259. | Fedora, Vim | 5.5 | ||
2022-08-25 | CVE-2022-2982 | Use After Free in GitHub repository vim/vim prior to 9.0.0260. | Fedora, Vim | 7.8 | ||
2022-08-26 | CVE-2022-38533 | In GNU Binutils before 2.40, there is a heap-buffer-overflow in the error function bfd_getl32 when called from the strip_main function in strip-new via a crafted file. | Fedora, Binutils | 5.5 | ||
2022-08-26 | CVE-2021-3574 | A vulnerability was found in ImageMagick-7.0.11-5, where executing a crafted file with the convert command, ASAN detects memory leaks. | Fedora, Imagemagick | 3.3 | ||
2022-08-27 | CVE-2022-38791 | In MariaDB before 10.9.2, compress_write in extra/mariabackup/ds_compress.cc does not release data_mutex upon a stream write failure, which allows local users to trigger a deadlock. | Fedora, Mariadb | 5.5 | ||
2022-08-28 | CVE-2022-3016 | Use After Free in GitHub repository vim/vim prior to 9.0.0286. | Fedora, Vim | 7.8 | ||
2022-08-29 | CVE-2022-35014 | Advancecomp v2.3 contains a segmentation fault. | Advancecomp, Fedora | 5.5 | ||
2022-08-29 | CVE-2022-35015 | Advancecomp v2.3 was discovered to contain a heap buffer overflow via le_uint32_read at /lib/endianrw.h. | Advancecomp, Fedora | 5.5 | ||
2022-08-29 | CVE-2022-35016 | Advancecomp v2.3 was discovered to contain a heap buffer overflow. | Advancecomp, Fedora | 5.5 |