Computer vulnerabilities of Red Hat Fedora

Xen: infinite loop via Arm Atomics Operations
An attacker, inside a guest system, can trigger an infinite loop via Arm Atomics Operations of Xen, in order to trigger a denial of service on the host system...
CERTFR-2019-AVI-272, CVE-2019-17349, CVE-2019-17350, DSA-4602-1, FEDORA-2019-899ef6056c, FEDORA-2019-aeda234b68, VIGILANCE-VUL-29535, XSA-295

Chrome: use after free via Blink
An attacker can force the usage of a freed memory area via Blink of Chrome, in order to trigger a denial of service, and possibly to run code...
CERTFR-2019-AVI-274, CVE-2019-5842, DSA-4500-1, FEDORA-2019-8fb8240d14, openSUSE-SU-2019:1666-1, RHSA-2019:1553-01, VIGILANCE-VUL-29534

jQuery jsTree: code execution via eval
An attacker can use a vulnerability via eval() of jQuery jsTree, in order to run code...
2133, FEDORA-2019-38abc6b897, FEDORA-2019-a171291a47, VIGILANCE-VUL-29531

Libreswan: NULL pointer dereference via IKEv2 IKE_SA_INIT
An attacker can force a NULL pointer to be dereferenced via IKEv2 IKE_SA_INIT of Libreswan, in order to trigger a denial of service...
CVE-2019-12312, FEDORA-2019-f7fb531958, VIGILANCE-VUL-29525

Libreswan: Man-in-the-Middle via IKEv1 Informational Exchange Packets
An attacker can act as a Man-in-the-Middle via IKEv1 Informational Exchange Packets on Libreswan, in order to read or write data in the session...
CVE-2019-10155, FEDORA-2019-f7fb531958, RHSA-2019:3391-01, VIGILANCE-VUL-29524

Firefox: file reading via IE.HTTP Protocol
A local attacker can read a file via IE.HTTP Protocol of Firefox, in order to obtain sensitive information...
CERTFR-2019-AVI-260, CVE-2019-11702, FEDORA-2019-c22338aa23, MFSA-2019-16, VIGILANCE-VUL-29522

MediaWiki: multiple vulnerabilities
An attacker can use several vulnerabilities of MediaWiki...
CVE-2019-12466, CVE-2019-12467, CVE-2019-12468, CVE-2019-12469, CVE-2019-12470, CVE-2019-12471, CVE-2019-12472, CVE-2019-12473, CVE-2019-12474, DSA-4460-1, FEDORA-2019-02046db281, VIGILANCE-VUL-29517

podman: file reading via Symlink
A local attacker can read a file via Symlink of podman, in order to obtain sensitive information...
CVE-2019-10152, FEDORA-2019-0937bbf558, FEDORA-2019-886b4d2fb6, FEDORA-2019-b66d704846, openSUSE-SU-2019:2044-1, RHSA-2019:1907-01, SUSE-SU-2019:2223-1, VIGILANCE-VUL-29516

DBus: privilege escalation via DBUS_COOKIE_SHA1
An attacker can bypass restrictions via DBUS_COOKIE_SHA1 of DBus, in order to escalate his privileges...
CVE-2019-12749, DLA-1818-1, DSA-4462-1, FEDORA-2019-d5ded5326b, JSA10993, openSUSE-SU-2019:1604-1, openSUSE-SU-2019:1671-1, openSUSE-SU-2019:1750-1, RHSA-2019:1726-01, RHSA-2019:2868-01, RHSA-2019:2870-01, RHSA-2019:3707-01, RHSA-2020:4032-01, SUSE-SU-2019:14111-1, SUSE-SU-2019:1521-1, SUSE-SU-2019:1591-1, SUSE-SU-2019:1595-1, SUSE-SU-2019:1597-1, SUSE-SU-2019:2820-1, SUSE-SU-2019:2820-2, SUSE-SU-2020:1672-1, USN-4015-1, USN-4015-2, VIGILANCE-VUL-29515

Linux kernel: NULL pointer dereference via sunxi_divs_clk_setup
An attacker can force a NULL pointer to be dereferenced via sunxi_divs_clk_setup() of the Linux kernel, in order to trigger a denial of service...
CVE-2019-12455, FEDORA-2019-f40bd7826f, VIGILANCE-VUL-29494

Our database contains other pages. You can request a free trial to read them.

Display information about Red Hat Fedora:

https://getfedora.org/