2nd Gen AMD Ryzen™ Threadripper™ Processors “Colfax” Security Vulnerabilities

CVE-2023-45289 vulnerabilities

Vulnerabilities for packages: grype, cluster-autoscaler, temporal, flannel-cni-plugin, external-dns, kubernetes-csi-external-attacher, go-md2man, hubble-ui, gomplate, terraform, prometheus, k8sgpt-operator, cni-plugins, cluster-api-controller, ctop, aws-flb-cloudwatch, kwok, kubernetes, caddy, up,....

GHSA-8R3F-844C-MC37 vulnerabilities

Vulnerabilities for packages: grype, cluster-autoscaler, temporal, external-dns, influxd, kubernetes-csi-external-attacher, terraform-provider-aws, osv-scanner, containerd, hubble-ui, gomplate, terraform, boring-registry, prometheus, k8sgpt-operator, ctop, cilium, kwok, crossplane-provider-aws,...

CVE-2023-45285 vulnerabilities

Vulnerabilities for packages: slsa-verifier, smarter-device-manager, flannel-cni-plugin, grpcurl, scorecard, dgraph, aactl, go-md2man, k3d, mage, protoc-gen-go-grpc, cni-plugins, ctop, sops, aws-flb-cloudwatch, gosu, aws-flb-kinesis, helm-push, metrics-server, prometheus-bind-exporter, petname,...

CVE-2024-24786 vulnerabilities

Vulnerabilities for packages: grype, cluster-autoscaler, temporal, external-dns, influxd, kubernetes-csi-external-attacher, terraform-provider-aws, osv-scanner, containerd, hubble-ui, gomplate, terraform, boring-registry, prometheus, k8sgpt-operator, ctop, cilium, kwok, crossplane-provider-aws,...

GHSA-RR6R-CFGF-GC6H vulnerabilities

Vulnerabilities for packages: grype, cluster-autoscaler, temporal, flannel-cni-plugin, external-dns, kubernetes-csi-external-attacher, go-md2man, hubble-ui, gomplate, terraform, prometheus, k8sgpt-operator, cni-plugins, cluster-api-controller, ctop, aws-flb-cloudwatch, kwok, kubernetes, caddy, up,....

CVE-2024-24784 vulnerabilities

Vulnerabilities for packages: grype, cluster-autoscaler, temporal, flannel-cni-plugin, external-dns, kubernetes-csi-external-attacher, go-md2man, hubble-ui, gomplate, terraform, prometheus, k8sgpt-operator, cni-plugins, cluster-api-controller, ctop, aws-flb-cloudwatch, kwok, kubernetes, caddy, up,....

CVE-2023-45288 vulnerabilities

Vulnerabilities for packages: kubernetes-csi-external-attacher, osv-scanner, containerd, gomplate, k8sgpt-operator, cluster-api-controller, crossplane-provider-aws, kubernetes-ingress-defaultbackend, neuvector-scanner, newrelic-nri-statsd, prometheus-node-exporter, bank-vaults, go,...

GHSA-4V7X-PQXF-CX7M vulnerabilities

Vulnerabilities for packages: kubernetes-csi-external-attacher, osv-scanner, containerd, gomplate, k8sgpt-operator, cluster-api-controller, crossplane-provider-aws, kubernetes-ingress-defaultbackend, neuvector-scanner, newrelic-nri-statsd, prometheus-node-exporter, bank-vaults, go,...

GHSA-3Q2C-PVP5-3CQP vulnerabilities

Vulnerabilities for packages: grype, cluster-autoscaler, temporal, flannel-cni-plugin, external-dns, kubernetes-csi-external-attacher, go-md2man, hubble-ui, gomplate, terraform, prometheus, k8sgpt-operator, cni-plugins, cluster-api-controller, ctop, aws-flb-cloudwatch, kwok, kubernetes, caddy, up,....

GHSA-FGQ5-Q76C-GX78 vulnerabilities

Vulnerabilities for packages: grype, cluster-autoscaler, temporal, flannel-cni-plugin, external-dns, kubernetes-csi-external-attacher, go-md2man, hubble-ui, gomplate, terraform, prometheus, k8sgpt-operator, cni-plugins, cluster-api-controller, ctop, aws-flb-cloudwatch, kwok, kubernetes, caddy, up,....

GHSA-J6M3-GC37-6R6Q vulnerabilities

Vulnerabilities for packages: grype, cluster-autoscaler, temporal, flannel-cni-plugin, external-dns, kubernetes-csi-external-attacher, go-md2man, hubble-ui, gomplate, terraform, prometheus, k8sgpt-operator, cni-plugins, cluster-api-controller, ctop, aws-flb-cloudwatch, kwok, kubernetes, caddy, up,....

GHSA-9F76-WG39-X86H vulnerabilities

Vulnerabilities for packages: slsa-verifier, smarter-device-manager, flannel-cni-plugin, grpcurl, scorecard, dgraph, aactl, go-md2man, k3d, mage, protoc-gen-go-grpc, cni-plugins, ctop, sops, aws-flb-cloudwatch, gosu, aws-flb-kinesis, helm-push, metrics-server, prometheus-bind-exporter, petname,...

GHSA-5F94-VHJQ-RPG8 vulnerabilities

Vulnerabilities for packages: slsa-verifier, smarter-device-manager, flannel-cni-plugin, grpcurl, scorecard, dgraph, aactl, go-md2man, k3d, mage, protoc-gen-go-grpc, cni-plugins, ctop, sops, aws-flb-cloudwatch, gosu, aws-flb-kinesis, helm-push, metrics-server, prometheus-bind-exporter, petname,...

CVE-2023-39326 vulnerabilities

Vulnerabilities for packages: slsa-verifier, smarter-device-manager, flannel-cni-plugin, grpcurl, scorecard, dgraph, aactl, go-md2man, k3d, mage, protoc-gen-go-grpc, cni-plugins, ctop, sops, aws-flb-cloudwatch, gosu, aws-flb-kinesis, helm-push, metrics-server, prometheus-bind-exporter, petname,...

GHSA-32CH-6X54-Q4H9 vulnerabilities

Vulnerabilities for packages: grype, cluster-autoscaler, temporal, flannel-cni-plugin, external-dns, kubernetes-csi-external-attacher, go-md2man, hubble-ui, gomplate, terraform, prometheus, k8sgpt-operator, cni-plugins, cluster-api-controller, ctop, aws-flb-cloudwatch, kwok, kubernetes, caddy, up,....

CVE-2024-24783 vulnerabilities

Vulnerabilities for packages: grype, cluster-autoscaler, temporal, flannel-cni-plugin, external-dns, kubernetes-csi-external-attacher, go-md2man, hubble-ui, gomplate, terraform, prometheus, k8sgpt-operator, cni-plugins, cluster-api-controller, ctop, aws-flb-cloudwatch, kwok, kubernetes, caddy, up,....

CVE-2024-24785 vulnerabilities

Vulnerabilities for packages: grype, cluster-autoscaler, temporal, flannel-cni-plugin, external-dns, kubernetes-csi-external-attacher, go-md2man, hubble-ui, gomplate, terraform, prometheus, k8sgpt-operator, cni-plugins, cluster-api-controller, ctop, aws-flb-cloudwatch, kwok, kubernetes, caddy, up,....

CVE-2023-45290 vulnerabilities

Vulnerabilities for packages: grype, cluster-autoscaler, temporal, flannel-cni-plugin, external-dns, kubernetes-csi-external-attacher, go-md2man, hubble-ui, gomplate, terraform, prometheus, k8sgpt-operator, cni-plugins, cluster-api-controller, ctop, aws-flb-cloudwatch, kwok, kubernetes, caddy, up,....

GHSA-8R3F-844C-MC37 vulnerabilities

Vulnerabilities for packages: chartmuseum, prometheus-mongodb-exporter-fips, aws-efs-csi-driver-fips, cert-manager-fips, rekor, kubeflow-pipelines, pulumi-language-dotnet, azure-aad-pod-identity-mic, gatekeeper, nfs-subdir-external-provisioner, flux-notification-controller-2.0,...

CVE-2023-45290 vulnerabilities

Vulnerabilities for packages: hello-world-golang, cni-plugins, chartmuseum, prometheus-mongodb-exporter-fips, go-bindata, wireguard-go, aws-efs-csi-driver-fips, cert-manager-fips, kubeflow-pipelines, azure-aad-pod-identity-mic, http-echo, gatekeeper, nfs-subdir-external-provisioner,...

GHSA-3Q2C-PVP5-3CQP vulnerabilities

Vulnerabilities for packages: hello-world-golang, cni-plugins, chartmuseum, prometheus-mongodb-exporter-fips, go-bindata, wireguard-go, aws-efs-csi-driver-fips, cert-manager-fips, kubeflow-pipelines, azure-aad-pod-identity-mic, http-echo, gatekeeper, nfs-subdir-external-provisioner,...

CVE-2023-45285 vulnerabilities

Vulnerabilities for packages: cni-plugins, cass-operator, sops, go-licenses, go-bindata, protoc-gen-go-grpc, vertical-pod-autoscaler, dgraph, prometheus-beat-exporter-fips, mage, kube-logging-logging-operator, ctop, aactl, docker-cli, local-path-provisioner, cass-operator-fips, kind,...

CVE-2024-24785 vulnerabilities

Vulnerabilities for packages: hello-world-golang, cni-plugins, chartmuseum, prometheus-mongodb-exporter-fips, go-bindata, wireguard-go, aws-efs-csi-driver-fips, cert-manager-fips, kubeflow-pipelines, azure-aad-pod-identity-mic, http-echo, gatekeeper, nfs-subdir-external-provisioner,...

CVE-2023-45288 vulnerabilities

Vulnerabilities for packages: hello-world-golang, cni-plugins, gobump, chartmuseum, prometheus-mongodb-exporter-fips, go-bindata, wireguard-go, aws-efs-csi-driver-fips, cert-manager-fips, rekor, kubeflow-pipelines, pulumi-language-dotnet, azure-aad-pod-identity-mic, http-echo, gatekeeper,...

CVE-2024-24786 vulnerabilities

Vulnerabilities for packages: chartmuseum, prometheus-mongodb-exporter-fips, aws-efs-csi-driver-fips, cert-manager-fips, rekor, kubeflow-pipelines, pulumi-language-dotnet, azure-aad-pod-identity-mic, gatekeeper, nfs-subdir-external-provisioner, flux-notification-controller-2.0,...

CVE-2023-45289 vulnerabilities

Vulnerabilities for packages: hello-world-golang, cni-plugins, chartmuseum, prometheus-mongodb-exporter-fips, go-bindata, wireguard-go, aws-efs-csi-driver-fips, cert-manager-fips, kubeflow-pipelines, azure-aad-pod-identity-mic, http-echo, gatekeeper, nfs-subdir-external-provisioner,...

GHSA-32CH-6X54-Q4H9 vulnerabilities

Vulnerabilities for packages: hello-world-golang, cni-plugins, chartmuseum, prometheus-mongodb-exporter-fips, go-bindata, wireguard-go, aws-efs-csi-driver-fips, cert-manager-fips, kubeflow-pipelines, azure-aad-pod-identity-mic, http-echo, gatekeeper, nfs-subdir-external-provisioner,...

CVE-2024-24783 vulnerabilities

Vulnerabilities for packages: hello-world-golang, cni-plugins, chartmuseum, prometheus-mongodb-exporter-fips, go-bindata, wireguard-go, aws-efs-csi-driver-fips, cert-manager-fips, kubeflow-pipelines, azure-aad-pod-identity-mic, http-echo, gatekeeper, nfs-subdir-external-provisioner,...

GHSA-5F94-VHJQ-RPG8 vulnerabilities

Vulnerabilities for packages: cni-plugins, cass-operator, sops, go-licenses, go-bindata, protoc-gen-go-grpc, vertical-pod-autoscaler, dgraph, prometheus-beat-exporter-fips, mage, kube-logging-logging-operator, ctop, aactl, docker-cli, local-path-provisioner, cass-operator-fips, kind,...

GHSA-4V7X-PQXF-CX7M vulnerabilities

Vulnerabilities for packages: hello-world-golang, cni-plugins, gobump, chartmuseum, prometheus-mongodb-exporter-fips, go-bindata, wireguard-go, aws-efs-csi-driver-fips, cert-manager-fips, rekor, kubeflow-pipelines, pulumi-language-dotnet, azure-aad-pod-identity-mic, http-echo, gatekeeper,...

GHSA-RR6R-CFGF-GC6H vulnerabilities

Vulnerabilities for packages: hello-world-golang, cni-plugins, chartmuseum, prometheus-mongodb-exporter-fips, go-bindata, wireguard-go, aws-efs-csi-driver-fips, cert-manager-fips, kubeflow-pipelines, azure-aad-pod-identity-mic, http-echo, gatekeeper, nfs-subdir-external-provisioner,...

CVE-2024-24784 vulnerabilities

Vulnerabilities for packages: hello-world-golang, cni-plugins, chartmuseum, prometheus-mongodb-exporter-fips, go-bindata, wireguard-go, aws-efs-csi-driver-fips, cert-manager-fips, kubeflow-pipelines, azure-aad-pod-identity-mic, http-echo, gatekeeper, nfs-subdir-external-provisioner,...

GHSA-J6M3-GC37-6R6Q vulnerabilities

Vulnerabilities for packages: hello-world-golang, cni-plugins, chartmuseum, prometheus-mongodb-exporter-fips, go-bindata, wireguard-go, aws-efs-csi-driver-fips, cert-manager-fips, kubeflow-pipelines, azure-aad-pod-identity-mic, http-echo, gatekeeper, nfs-subdir-external-provisioner,...

CVE-2023-39326 vulnerabilities

Vulnerabilities for packages: cni-plugins, cass-operator, sops, go-licenses, go-bindata, protoc-gen-go-grpc, vertical-pod-autoscaler, dgraph, prometheus-beat-exporter-fips, mage, kube-logging-logging-operator, ctop, aactl, docker-cli, local-path-provisioner, cass-operator-fips, kind,...

GHSA-FGQ5-Q76C-GX78 vulnerabilities

Vulnerabilities for packages: hello-world-golang, cni-plugins, chartmuseum, prometheus-mongodb-exporter-fips, go-bindata, wireguard-go, aws-efs-csi-driver-fips, cert-manager-fips, kubeflow-pipelines, azure-aad-pod-identity-mic, http-echo, gatekeeper, nfs-subdir-external-provisioner,...

GHSA-9F76-WG39-X86H vulnerabilities

Vulnerabilities for packages: cni-plugins, cass-operator, sops, go-licenses, go-bindata, protoc-gen-go-grpc, vertical-pod-autoscaler, dgraph, prometheus-beat-exporter-fips, mage, kube-logging-logging-operator, ctop, aactl, docker-cli, local-path-provisioner, cass-operator-fips, kind,...

CVE-2023-52663

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: amd: Fix memory leak in amd_sof_acp_probe() Driver uses kasprintf() to initialize fw_{code,data}_bin members of struct acp_dev_data, but kfree() is never called to deallocate the memory, which results in a memory leak......

CVE-2023-52678

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Confirm list is non-empty before utilizing list_first_entry in kfd_topology.c Before using list_first_entry, make sure to check that list is not empty, if list is empty return -ENODATA. Fixes the below:...

CVE-2023-52673

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix a debugfs null pointer error [WHY & HOW] Check whether get_subvp_en() callback exists before calling it. Mitigation...

CVE-2023-52671

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix hang/underflow when transitioning to ODM4:1 [Why] Under some circumstances, disabling an OPTC and attempting to reclaim its OPP(s) for a different OPTC could cause a hang/underflow due to OPPs not being...

CVE-2023-52691

In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: fix a double-free in si_dpm_init When the allocation of adev->pm.dpm.dyn_state.vddc_dependency_on_dispclk.entries fails, amdgpu_free_extended_power_table is called to free some fields of adev. However, when the contr...

CVE-2023-52695

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check writeback connectors in create_validate_stream_for_sink [WHY & HOW] This is to check connector type to avoid unhandled null pointer for writeback connectors. Mitigation...

CVE-2024-35799

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Prevent crash when disable stream [Why] Disabling stream encoder invokes a function that no longer exists. [How] Check if the function declaration is NULL in disable stream encoder. Mitigation...

CVE-2023-52657

In the Linux kernel, the following vulnerability has been resolved: Revert "drm/amd/pm: resolve reboot exception for si oland" This reverts commit e490d60a2f76bff636c68ce4fe34c1b6c34bbd86. This causes hangs on SI when DC is enabled and errors on driver reboot and power off cycles. Mitigation...

CVE-2024-35788

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix bounds check for dcn35 DcfClocks [Why] NumFclkLevelsEnabled is used for DcfClocks bounds check instead of designated NumDcfClkLevelsEnabled. That can cause array index out-of-bounds access. [How] Use...

CVE-2024-25742

In the Linux kernel before 6.9, an untrusted hypervisor can inject virtual interrupt 29 (#VC) at any point in time and can trigger its handler. This affects AMD SEV-SNP and AMD...

CVE-2024-25743

In the Linux kernel through 6.9, an untrusted hypervisor can inject virtual interrupts 0 and 14 at any point in time and can trigger the SIGFPE signal handler in userspace applications. This affects AMD SEV-SNP and AMD...

Security Bulletin: IBM Integration Designer is vulnerable to a denial of service (CVE-2023-38264)

Summary Vulnerability in IBM® Runtime Environment Java™ Version 8 used by IBM Integration Designer. IBM Integration Designer has addressed the following CVE. Vulnerability Details ** CVEID: CVE-2023-38264 DESCRIPTION: **The IBM SDK, Java Technology Edition's Object Request Broker (ORB) 7.1.0.0...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli Business Service Manager (CVE-2023-22081, CVE-2023-22067, CVE-2023-5676)

Summary IBM® SDK, Java™ Technology Edition is shipped as a component of IBM Tivoli Business Service Manager. Information about security vulnerabilities affecting IBM® SDK, Java™ Technology Edition has been published in a security bulletin. Vulnerability Details ** CVEID: CVE-2023-22081 ...

CVE-2023-52691

In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: fix a double-free in si_dpm_init When the allocation of adev->pm.dpm.dyn_state.vddc_dependency_on_dispclk.entries fails, amdgpu_free_extended_power_table is called to free some fields of adev. However, when the contr...