1st Gen AMD EPYC™ Security Vulnerabilities

GHSA-8R3F-844C-MC37 vulnerabilities

Vulnerabilities for packages: osv-scanner, flux-helm-controller, tkn, kyverno-policy-reporter-kyverno-plugin, goreleaser, gh, restic, atlantis, terraform-provider-azurerm, nats, ollama, prometheus-node-exporter, trivy, cri-tools, cilium, envoy-ratelimit, kube-bench, rekor, thanos-operator,...

CVE-2023-45289 vulnerabilities

Vulnerabilities for packages: tailscale, delve, flux-helm-controller, vt-cli, kyverno-policy-reporter-kyverno-plugin, pombump, goreleaser, helm-push, s5cmd, gh, gops, nats, prometheus-node-exporter, fq, cri-tools, envoy-ratelimit, kube-bench, nats-server, thanos-operator, go-md2man, cue,...

CVE-2023-45285 vulnerabilities

Vulnerabilities for packages: aws-flb-cloudwatch, dgraph, gobuster, goreleaser, helm-push, docker-credential-ecr-login, cilium-envoy, prometheus-bind-exporter, sops, vertical-pod-autoscaler, gops, nats, nsc, kind, aws-flb-firehose, go-bindata, grpcurl, go-md2man, metrics-server, oras, cortex,...

GHSA-RR6R-CFGF-GC6H vulnerabilities

Vulnerabilities for packages: tailscale, delve, flux-helm-controller, vt-cli, kyverno-policy-reporter-kyverno-plugin, pombump, goreleaser, helm-push, s5cmd, gh, gops, nats, prometheus-node-exporter, fq, cri-tools, envoy-ratelimit, kube-bench, nats-server, thanos-operator, go-md2man, cue,...

CVE-2024-24784 vulnerabilities

Vulnerabilities for packages: tailscale, delve, flux-helm-controller, vt-cli, kyverno-policy-reporter-kyverno-plugin, pombump, goreleaser, helm-push, s5cmd, gh, gops, nats, prometheus-node-exporter, fq, cri-tools, envoy-ratelimit, kube-bench, nats-server, thanos-operator, go-md2man, cue,...

CVE-2024-24786 vulnerabilities

Vulnerabilities for packages: osv-scanner, flux-helm-controller, tkn, kyverno-policy-reporter-kyverno-plugin, goreleaser, gh, restic, atlantis, terraform-provider-azurerm, nats, ollama, prometheus-node-exporter, trivy, cri-tools, cilium, envoy-ratelimit, kube-bench, rekor, thanos-operator,...

CVE-2023-45288 vulnerabilities

Vulnerabilities for packages: tkn, restic, atlantis, terraform-provider-azurerm, ollama, prometheus-node-exporter, fq, kube-bench, crossplane-provider-aws, multus-cni, bazelisk, nri-postgresql, vault-k8s, tigera-operator, harbor, temporal-server, prometheus-stackdriver-exporter, sbom-scorecard,...

GHSA-4V7X-PQXF-CX7M vulnerabilities

Vulnerabilities for packages: tkn, restic, atlantis, terraform-provider-azurerm, ollama, prometheus-node-exporter, fq, kube-bench, crossplane-provider-aws, multus-cni, bazelisk, nri-postgresql, vault-k8s, tigera-operator, harbor, temporal-server, prometheus-stackdriver-exporter, sbom-scorecard,...

GHSA-FGQ5-Q76C-GX78 vulnerabilities

Vulnerabilities for packages: tailscale, delve, flux-helm-controller, vt-cli, kyverno-policy-reporter-kyverno-plugin, pombump, goreleaser, helm-push, s5cmd, gh, gops, nats, prometheus-node-exporter, fq, cri-tools, envoy-ratelimit, kube-bench, nats-server, thanos-operator, go-md2man, cue,...

GHSA-J6M3-GC37-6R6Q vulnerabilities

Vulnerabilities for packages: tailscale, delve, flux-helm-controller, vt-cli, kyverno-policy-reporter-kyverno-plugin, pombump, goreleaser, helm-push, s5cmd, gh, gops, nats, prometheus-node-exporter, fq, cri-tools, envoy-ratelimit, kube-bench, nats-server, thanos-operator, go-md2man, cue,...

GHSA-3Q2C-PVP5-3CQP vulnerabilities

Vulnerabilities for packages: tailscale, delve, flux-helm-controller, vt-cli, kyverno-policy-reporter-kyverno-plugin, pombump, goreleaser, helm-push, s5cmd, gh, gops, nats, prometheus-node-exporter, fq, cri-tools, envoy-ratelimit, kube-bench, nats-server, thanos-operator, go-md2man, cue,...

CVE-2024-24783 vulnerabilities

Vulnerabilities for packages: tailscale, delve, flux-helm-controller, vt-cli, kyverno-policy-reporter-kyverno-plugin, pombump, goreleaser, helm-push, s5cmd, gh, gops, nats, prometheus-node-exporter, fq, cri-tools, envoy-ratelimit, kube-bench, nats-server, thanos-operator, go-md2man, cue,...

CVE-2023-39326 vulnerabilities

Vulnerabilities for packages: aws-flb-cloudwatch, dgraph, gobuster, goreleaser, helm-push, docker-credential-ecr-login, cilium-envoy, prometheus-bind-exporter, sops, vertical-pod-autoscaler, gops, nats, nsc, kind, aws-flb-firehose, go-bindata, grpcurl, go-md2man, metrics-server, oras, cortex,...

GHSA-9F76-WG39-X86H vulnerabilities

Vulnerabilities for packages: aws-flb-cloudwatch, dgraph, gobuster, goreleaser, helm-push, docker-credential-ecr-login, cilium-envoy, prometheus-bind-exporter, sops, vertical-pod-autoscaler, gops, nats, nsc, kind, aws-flb-firehose, go-bindata, grpcurl, go-md2man, metrics-server, oras, cortex,...

GHSA-5F94-VHJQ-RPG8 vulnerabilities

Vulnerabilities for packages: aws-flb-cloudwatch, dgraph, gobuster, goreleaser, helm-push, docker-credential-ecr-login, cilium-envoy, prometheus-bind-exporter, sops, vertical-pod-autoscaler, gops, nats, nsc, kind, aws-flb-firehose, go-bindata, grpcurl, go-md2man, metrics-server, oras, cortex,...

GHSA-32CH-6X54-Q4H9 vulnerabilities

Vulnerabilities for packages: tailscale, delve, flux-helm-controller, vt-cli, kyverno-policy-reporter-kyverno-plugin, pombump, goreleaser, helm-push, s5cmd, gh, gops, nats, prometheus-node-exporter, fq, cri-tools, envoy-ratelimit, kube-bench, nats-server, thanos-operator, go-md2man, cue,...

CVE-2024-24785 vulnerabilities

Vulnerabilities for packages: tailscale, delve, flux-helm-controller, vt-cli, kyverno-policy-reporter-kyverno-plugin, pombump, goreleaser, helm-push, s5cmd, gh, gops, nats, prometheus-node-exporter, fq, cri-tools, envoy-ratelimit, kube-bench, nats-server, thanos-operator, go-md2man, cue,...

CVE-2023-45290 vulnerabilities

Vulnerabilities for packages: tailscale, delve, flux-helm-controller, vt-cli, kyverno-policy-reporter-kyverno-plugin, pombump, goreleaser, helm-push, s5cmd, gh, gops, nats, prometheus-node-exporter, fq, cri-tools, envoy-ratelimit, kube-bench, nats-server, thanos-operator, go-md2man, cue,...

GHSA-8R3F-844C-MC37 vulnerabilities

Vulnerabilities for packages: prometheus-alertmanager, nri-kubernetes, boring-registry-fips, kubernetes-fips, scorecard, cortex, kyverno, kubernetes-csi-external-provisioner, kube-state-metrics, crossplane-provider-azure, k3d, atlantis, kubernetes-csi-external-resizer, cluster-autoscaler-fips,...

CVE-2023-45290 vulnerabilities

Vulnerabilities for packages: prometheus-alertmanager, nri-kubernetes, boring-registry-fips, kubernetes-fips, kubebuilder, scorecard, gcsfuse, cortex, pombump, kubernetes-csi-external-provisioner, kube-state-metrics, crossplane-provider-azure, k3d, cni-plugins-fips,...

GHSA-3Q2C-PVP5-3CQP vulnerabilities

Vulnerabilities for packages: prometheus-alertmanager, nri-kubernetes, boring-registry-fips, kubernetes-fips, kubebuilder, scorecard, gcsfuse, cortex, pombump, kubernetes-csi-external-provisioner, kube-state-metrics, crossplane-provider-azure, k3d, cni-plugins-fips,...

CVE-2024-24785 vulnerabilities

Vulnerabilities for packages: prometheus-alertmanager, nri-kubernetes, boring-registry-fips, kubernetes-fips, kubebuilder, scorecard, gcsfuse, cortex, pombump, kubernetes-csi-external-provisioner, kube-state-metrics, crossplane-provider-azure, k3d, cni-plugins-fips,...

CVE-2023-45285 vulnerabilities

Vulnerabilities for packages: scorecard, cortex, kyverno, protoc-gen-go-grpc, k3d, smarter-device-manager, go-licenses, kubernetes-csi-livenessprobe, cni-plugins-fips, tigera-operator, kubernetes-csi-external-resizer, cluster-autoscaler-fips, gke-gcloud-auth-plugin, calico-fips, goreleaser, mage,.....

CVE-2024-24786 vulnerabilities

Vulnerabilities for packages: prometheus-alertmanager, nri-kubernetes, boring-registry-fips, kubernetes-fips, scorecard, cortex, kyverno, kubernetes-csi-external-provisioner, kube-state-metrics, crossplane-provider-azure, k3d, atlantis, kubernetes-csi-external-resizer, cluster-autoscaler-fips,...

GHSA-32CH-6X54-Q4H9 vulnerabilities

Vulnerabilities for packages: prometheus-alertmanager, nri-kubernetes, boring-registry-fips, kubernetes-fips, kubebuilder, scorecard, gcsfuse, cortex, pombump, kubernetes-csi-external-provisioner, kube-state-metrics, crossplane-provider-azure, k3d, cni-plugins-fips,...

CVE-2023-45289 vulnerabilities

Vulnerabilities for packages: prometheus-alertmanager, nri-kubernetes, boring-registry-fips, kubernetes-fips, kubebuilder, scorecard, gcsfuse, cortex, pombump, kubernetes-csi-external-provisioner, kube-state-metrics, crossplane-provider-azure, k3d, cni-plugins-fips,...

CVE-2024-24783 vulnerabilities

Vulnerabilities for packages: prometheus-alertmanager, nri-kubernetes, boring-registry-fips, kubernetes-fips, kubebuilder, scorecard, gcsfuse, cortex, pombump, kubernetes-csi-external-provisioner, kube-state-metrics, crossplane-provider-azure, k3d, cni-plugins-fips,...

GHSA-5F94-VHJQ-RPG8 vulnerabilities

Vulnerabilities for packages: scorecard, cortex, kyverno, protoc-gen-go-grpc, k3d, smarter-device-manager, go-licenses, kubernetes-csi-livenessprobe, cni-plugins-fips, tigera-operator, kubernetes-csi-external-resizer, cluster-autoscaler-fips, gke-gcloud-auth-plugin, calico-fips, goreleaser, mage,.....

CVE-2023-45288 vulnerabilities

Vulnerabilities for packages: newrelic-nri-statsd, prometheus-alertmanager, nri-kubernetes, boring-registry-fips, kubernetes-fips, kubebuilder, scorecard, cortex, kyverno, pombump, kubernetes-csi-external-provisioner, kube-state-metrics, crossplane-provider-azure, k3d, atlantis,...

GHSA-4V7X-PQXF-CX7M vulnerabilities

Vulnerabilities for packages: newrelic-nri-statsd, prometheus-alertmanager, nri-kubernetes, boring-registry-fips, kubernetes-fips, kubebuilder, scorecard, cortex, kyverno, pombump, kubernetes-csi-external-provisioner, kube-state-metrics, crossplane-provider-azure, k3d, atlantis,...

GHSA-RR6R-CFGF-GC6H vulnerabilities

Vulnerabilities for packages: prometheus-alertmanager, nri-kubernetes, boring-registry-fips, kubernetes-fips, kubebuilder, scorecard, gcsfuse, cortex, pombump, kubernetes-csi-external-provisioner, kube-state-metrics, crossplane-provider-azure, k3d, cni-plugins-fips,...

CVE-2024-24784 vulnerabilities

Vulnerabilities for packages: prometheus-alertmanager, nri-kubernetes, boring-registry-fips, kubernetes-fips, kubebuilder, scorecard, gcsfuse, cortex, pombump, kubernetes-csi-external-provisioner, kube-state-metrics, crossplane-provider-azure, k3d, cni-plugins-fips,...

GHSA-J6M3-GC37-6R6Q vulnerabilities

Vulnerabilities for packages: prometheus-alertmanager, nri-kubernetes, boring-registry-fips, kubernetes-fips, kubebuilder, scorecard, gcsfuse, cortex, pombump, kubernetes-csi-external-provisioner, kube-state-metrics, crossplane-provider-azure, k3d, cni-plugins-fips,...

CVE-2023-39326 vulnerabilities

Vulnerabilities for packages: scorecard, cortex, kyverno, protoc-gen-go-grpc, k3d, smarter-device-manager, go-licenses, kubernetes-csi-livenessprobe, cni-plugins-fips, tigera-operator, kubernetes-csi-external-resizer, cluster-autoscaler-fips, gke-gcloud-auth-plugin, calico-fips, goreleaser, mage,.....

GHSA-FGQ5-Q76C-GX78 vulnerabilities

Vulnerabilities for packages: prometheus-alertmanager, nri-kubernetes, boring-registry-fips, kubernetes-fips, kubebuilder, scorecard, gcsfuse, cortex, pombump, kubernetes-csi-external-provisioner, kube-state-metrics, crossplane-provider-azure, k3d, cni-plugins-fips,...

GHSA-9F76-WG39-X86H vulnerabilities

Vulnerabilities for packages: scorecard, cortex, kyverno, protoc-gen-go-grpc, k3d, smarter-device-manager, go-licenses, kubernetes-csi-livenessprobe, cni-plugins-fips, tigera-operator, kubernetes-csi-external-resizer, cluster-autoscaler-fips, gke-gcloud-auth-plugin, calico-fips, goreleaser, mage,.....

(RHSA-2024:2758) Moderate: kernel security and bug fix update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): kernel: Marvin vulnerability side-channel leakage in the RSA decryption operation (CVE-2023-6240) CVE-2024-25743 hw: amd: Instruction raise #VC exception at exit...

CVE-2023-31347

A flaw was found in some AMD Hardware due to a code bug in the Secure_TSC, SEV firmware. This flaw allows an attacker with high privileges to cause a guest to observe an incorrect TSC when Secure TSC is enabled, potentially resulting in a loss of guest integrity. Mitigation Mitigation for this...

CVE-2023-31346

A flaw was found in some AMD CPUs where the guest message responses have not been zero-initialized. This issue may allow a local attacker with the ability to run arbitrary code on a container or virtual machine to discover sensitive information contained in the host system's memory. Mitigation...

Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): kernel: vmwgfx: NULL pointer dereference in vmw_cmd_dx_define_query (CVE-2022-38096) kernel: Out of boundary write in perf_read_group() as result of overflow a perf_event's read_size...

kernel security, bug fix, and enhancement update

An update is available for kernel. This update affects Rocky Linux SIG Cloud 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux....

CVE-2022-48698

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix memory leak when using debugfs_lookup() When calling debugfs_lookup() the result must have dput() called on it, otherwise the memory will leak over time. Fix this up by properly calling...

Apache Commons BCEL: Remote Code Execution

Background The Byte Code Engineering Library (Apache Commons BCEL™) is intended to give users a convenient way to analyze, create, and manipulate (binary) Java class files (those ending with .class). Description A vulnerability has been discovered in U-Boot tools. Please review the CVE identifier.....

CVE-2022-48698

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix memory leak when using debugfs_lookup() When calling debugfs_lookup() the result must have dput() called on it, otherwise the memory will leak over time. Fix this up by properly calling...

CVE-2022-48698

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix memory leak when using debugfs_lookup() When calling debugfs_lookup() the result must have dput() called on it, otherwise the memory will leak over time. Fix this up by properly calling...

CVE-2022-48698

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix memory leak when using debugfs_lookup() When calling debugfs_lookup() the result must have dput() called on it, otherwise the memory will leak over time. Fix this up by properly calling...

CVE-2023-6363

Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations. If the system’s memory is carefully prepared by the user, then this in turn could give them...

CVE-2024-1067

Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations. On Armv8.0 cores, there are certain combinations of the...

CVE-2024-1395

Use After Free vulnerability in Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations. If the system’s memory is carefully prepared by the user, then this in turn could give them access to already freed memory. This.....

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affecting Tivoli Netcool/OMNIbus.

Summary Multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 8 that is used by Tivoli Netcool/OMNIbus running on Solaris. Vulnerability Details ** CVEID: CVE-2022-40609 DESCRIPTION: **IBM SDK, Java Technology Edition 7.1.5.18 and 8.0.8.0 could allow a remote...