Mageia Linux Local Security Checks : Mageia: Security Advisory (MGASA-2022-0260)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.1.10.2022.0260

Categoría: Mageia Linux Local Security Checks

Título: Mageia: Security Advisory (MGASA-2022-0260)

Resumen: The remote host is missing an update for the 'gerbv' package(s) announced via the MGASA-2022-0260 advisory.

Descripción: Summary:
The remote host is missing an update for the 'gerbv' package(s) announced via the MGASA-2022-0260 advisory.

Vulnerability Insight:
An out-of-bounds write vulnerability exists in the drill format T-code
tool number functionality of Gerbv 2.7.0, dev (commit b5f1eacd), and the
forked version of Gerbv (commit 71493260). (CVE-2021-40391)

An out-of-bounds write vulnerability exists in the RS-274X aperture macro
variables handling functionality of Gerbv 2.7.0 and dev (commit b5f1eacd)
and the forked version of Gerbv (commit 71493260). (CVE-2021-40393,
CVE-2021-40394)

An out-of-bounds read vulnerability exists in the RS-274X aperture macro
outline primitive functionality of Gerbv 2.7.0 and dev (commit b5f1eacd)
and the forked version of Gerbv (commit d7f42a9a). (CVE-2021-40400)

A use-after-free vulnerability exists in the RS-274X aperture definition
tokenization functionality of Gerbv 2.7.0 and dev (commit b5f1eacd) and
Gerbv forked 2.7.1. (CVE-2021-40401)

Affected Software/OS:
'gerbv' package(s) on Mageia 8.

Solution:
Please install the updated package(s).

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2021-40391
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TUM5GIUZJ7AVHVCXDZW6ZVCAPV2ISN47/
https://www.talosintelligence.com/vulnerability_reports/TALOS-2021-1402
https://lists.debian.org/debian-lts-announce/2021/12/msg00003.html
Common Vulnerability Exposure (CVE) ID: CVE-2021-40393
Debian Security Information: DSA-5306 (Google Search)
https://www.debian.org/security/2022/dsa-5306
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/37OSNNO5N5FJZP6ZBYRJMML5HYMJQIX7/
https://talosintelligence.com/vulnerability_reports/TALOS-2021-1404
https://lists.debian.org/debian-lts-announce/2023/09/msg00040.html
Common Vulnerability Exposure (CVE) ID: CVE-2021-40394
Common Vulnerability Exposure (CVE) ID: CVE-2021-40400
https://talosintelligence.com/vulnerability_reports/TALOS-2021-1413
Common Vulnerability Exposure (CVE) ID: CVE-2021-40401
https://talosintelligence.com/vulnerability_reports/TALOS-2021-1415

Copyright Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2022.0260
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2022-0260)
Resumen:	The remote host is missing an update for the 'gerbv' package(s) announced via the MGASA-2022-0260 advisory.
Descripción:	Summary: The remote host is missing an update for the 'gerbv' package(s) announced via the MGASA-2022-0260 advisory. Vulnerability Insight: An out-of-bounds write vulnerability exists in the drill format T-code tool number functionality of Gerbv 2.7.0, dev (commit b5f1eacd), and the forked version of Gerbv (commit 71493260). (CVE-2021-40391) An out-of-bounds write vulnerability exists in the RS-274X aperture macro variables handling functionality of Gerbv 2.7.0 and dev (commit b5f1eacd) and the forked version of Gerbv (commit 71493260). (CVE-2021-40393, CVE-2021-40394) An out-of-bounds read vulnerability exists in the RS-274X aperture macro outline primitive functionality of Gerbv 2.7.0 and dev (commit b5f1eacd) and the forked version of Gerbv (commit d7f42a9a). (CVE-2021-40400) A use-after-free vulnerability exists in the RS-274X aperture definition tokenization functionality of Gerbv 2.7.0 and dev (commit b5f1eacd) and Gerbv forked 2.7.1. (CVE-2021-40401) Affected Software/OS: 'gerbv' package(s) on Mageia 8. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2021-40391 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TUM5GIUZJ7AVHVCXDZW6ZVCAPV2ISN47/ https://www.talosintelligence.com/vulnerability_reports/TALOS-2021-1402 https://lists.debian.org/debian-lts-announce/2021/12/msg00003.html Common Vulnerability Exposure (CVE) ID: CVE-2021-40393 Debian Security Information: DSA-5306 (Google Search) https://www.debian.org/security/2022/dsa-5306 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/37OSNNO5N5FJZP6ZBYRJMML5HYMJQIX7/ https://talosintelligence.com/vulnerability_reports/TALOS-2021-1404 https://lists.debian.org/debian-lts-announce/2023/09/msg00040.html Common Vulnerability Exposure (CVE) ID: CVE-2021-40394 Common Vulnerability Exposure (CVE) ID: CVE-2021-40400 https://talosintelligence.com/vulnerability_reports/TALOS-2021-1413 Common Vulnerability Exposure (CVE) ID: CVE-2021-40401 https://talosintelligence.com/vulnerability_reports/TALOS-2021-1415
Copyright	Copyright (C) 2022 Greenbone AG