Attention Linux Security Enthusiasts! Guess what? Distros continue to release updates addressing multiple important vulnerabilities discovered in Chromium, and they're not something to ignore! These stealthy bugs, including use-after-free and type confusion issues, could let remote attackers exploit heap corruption. And with low attack complexity and high impact on confidentiality, integrity, and availability, they've earned a "High" severity rating from the National Vulnerability Database. Don't wait - update your systems now to stay safe and secure!
But wait, there's more! We uncover other significant discoveries and fixes, including several important OpenJDK denial of service (DoS) and information disclosure vulnerabilities, and a DoS bug in c-ares that could lead to downtime due to loss of access to impacted systems if unaddressed. Keep reading to learn more about these issues and how to protect against them.
Yours in Open Source,
OpenJDKThe DiscoverySeveral important denial of service (DoS) and information disclosure vulnerabilities have been discovered in the OpenJDK Java runtime. These bugs require no privileges or user interaction to exploit, and have been classified by the National Vulnerability Database as having a high confidentiality, integrity and availability impact on affected systems. |
ChromiumThe DiscoveryDistros continue to release advisories for several important vulnerabilities that have been found in Chromium, including multiple use-after-free and type confusion bugs. With a low attack complexity and a high confidentiality, integrity and availability impact, these issues have received a National Vulnerability Database severity rating of “High”. |
c-aresThe DiscoveryA significant denial of services (DoS) vulnerability has been discovered in c-ares. With low attack complexity, no privileges or user interaction required to exploit, and a high availability impact, this flaw should not be left unaddressed. |
