BD Pyxis™ Rapid Rx Security Vulnerabilities

openSUSE: Security Advisory for nodejs12 (SUSE-SU-2023:4373-1)

The remote host is missing an update for...

openSUSE: Security Advisory for nodejs10 (SUSE-SU-2023:4295-1)

The remote host is missing an update for...

openSUSE: Security Advisory for go1.21 (SUSE-SU-2023:4069-1)

The remote host is missing an update for...

openSUSE: Security Advisory for nghttp2 (SUSE-SU-2023:4200-1)

The remote host is missing an update for...

openSUSE: Security Advisory for nodejs12 (SUSE-SU-2023:4374-1)

The remote host is missing an update for...

openSUSE: Security Advisory for nodejs18 (SUSE-SU-2023:4207-1)

The remote host is missing an update for...

openSUSE: Security Advisory for go1.20 (SUSE-SU-2023:4472-1)

The remote host is missing an update for...

CVE-2023-52511

In the Linux kernel, the following vulnerability has been resolved: spi: sun6i: reduce DMA RX transfer width to single byte Through empirical testing it has been determined that sometimes RX SPI transfers with DMA enabled return corrupted data. This is down to single or even multiple bytes lost...

CVE-2023-52511

In the Linux kernel, the following vulnerability has been resolved: spi: sun6i: reduce DMA RX transfer width to single byte Through empirical testing it has been determined that sometimes RX SPI transfers with DMA enabled return corrupted data. This is down to single or even multiple bytes lost...

CVE-2023-52517

In the Linux kernel, the following vulnerability has been resolved: spi: sun6i: fix race between DMA RX transfer completion and RX FIFO drain Previously the transfer complete IRQ immediately drained to RX FIFO to read any data remaining in FIFO to the RX buffer. This behaviour is correct when...

CVE-2023-52517

In the Linux kernel, the following vulnerability has been resolved: spi: sun6i: fix race between DMA RX transfer completion and RX FIFO drain Previously the transfer complete IRQ immediately drained to RX FIFO to read any data remaining in FIFO to the RX buffer. This behaviour is correct when...

Design/Logic Flaw

In the Linux kernel, the following vulnerability has been resolved: spi: sun6i: fix race between DMA RX transfer completion and RX FIFO drain Previously the transfer complete IRQ immediately drained to RX FIFO to read any data remaining in FIFO to the RX buffer. This behaviour is correct when...

Spoofing

In the Linux kernel, the following vulnerability has been resolved: spi: sun6i: reduce DMA RX transfer width to single byte Through empirical testing it has been determined that sometimes RX SPI transfers with DMA enabled return corrupted data. This is down to single or even multiple bytes lost...

CVE-2023-52517 spi: sun6i: fix race between DMA RX transfer completion and RX FIFO drain

In the Linux kernel, the following vulnerability has been resolved: spi: sun6i: fix race between DMA RX transfer completion and RX FIFO drain Previously the transfer complete IRQ immediately drained to RX FIFO to read any data remaining in FIFO to the RX buffer. This behaviour is correct when...

CVE-2023-52511 spi: sun6i: reduce DMA RX transfer width to single byte

In the Linux kernel, the following vulnerability has been resolved: spi: sun6i: reduce DMA RX transfer width to single byte Through empirical testing it has been determined that sometimes RX SPI transfers with DMA enabled return corrupted data. This is down to single or even multiple bytes lost...

CVE-2023-52517

In the Linux kernel, the following vulnerability has been resolved: spi: sun6i: fix race between DMA RX transfer completion and RX FIFO drain Previously the transfer complete IRQ immediately drained to RX FIFO to read any data remaining in FIFO to the RX buffer. This behaviour is correct when...

CVE-2023-52511

In the Linux kernel, the following vulnerability has been resolved: spi: sun6i: reduce DMA RX transfer width to single byte Through empirical testing it has been determined that sometimes RX SPI transfers with DMA enabled return corrupted data. This is down to single or even multiple bytes lost...

CVE-2021-47024

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: free queued packets when closing socket As reported by syzbot [1], there is a memory leak while closing the socket. We partially solved this issue with commit ac03046ece2b ("vsock/virtio: free packets during the...

CVE-2021-47015

In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Fix RX consumer index logic in the error path. In bnxt_rx_pkt(), the RX buffers are expected to complete in order. If the RX consumer index indicates an out of order buffer completion, it means we are hitting a hardware...

Security Bulletin: IBM Cognos Command Center has addressed vulnerabilities IBM® Semeru Java™ Version 11, Apache ActiveMQ and Microsoft .Net MVC Framework for ASP.Net

Summary There are vulnerabilities in IBM® Semeru Java™ Version 11, Apache ActiveMQ and Microsoft .Net MVC Framework for ASP.Net used by IBM Cognos Command Center. IBM Cognos Command Center 10.2.5 IF1 has addressed the applicable CVEs by upgrading to non-vulnerable versions of these libraries....

Security Bulletin: IBM Common Licensing using IBM® SDK, Java™ Technology Edition vulnerable to CVEs

Summary Multiple vulnerabilities affect IBM® SDK, Java™ Technology Edition in IBM License Key Server Administration and Reporting Tool (ART) and Administration Agent. For more information please refer to Oracle's CPU Advisory and the X-Force database entries referenced below. Vulnerability Details....

(RHSA-2024:0946) Important: OpenShift Container Platform 4.13.35 security update

Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Security Fix(es): golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-39325) For more details about...

CVE-2021-47024

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: free queued packets when closing socket As reported by syzbot [1], there is a memory leak while closing the socket. We partially solved this issue with commit ac03046ece2b ("vsock/virtio: free packets during the...

CVE-2021-47024

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: free queued packets when closing socket As reported by syzbot [1], there is a memory leak while closing the socket. We partially solved this issue with commit ac03046ece2b ("vsock/virtio: free packets during the...

CVE-2021-47015

In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Fix RX consumer index logic in the error path. In bnxt_rx_pkt(), the RX buffers are expected to complete in order. If the RX consumer index indicates an out of order buffer completion, it means we are hitting a hardware...

CVE-2021-47015

In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Fix RX consumer index logic in the error path. In bnxt_rx_pkt(), the RX buffers are expected to complete in order. If the RX consumer index indicates an out of order buffer completion, it means we are hitting a hardware...

Design/Logic Flaw

In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Fix RX consumer index logic in the error path. In bnxt_rx_pkt(), the RX buffers are expected to complete in order. If the RX consumer index indicates an out of order buffer completion, it means we are hitting a hardware...

Design/Logic Flaw

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: free queued packets when closing socket As reported by syzbot [1], there is a memory leak while closing the socket. We partially solved this issue with commit ac03046ece2b ("vsock/virtio: free packets during the...

CVE-2021-47024 vsock/virtio: free queued packets when closing socket

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: free queued packets when closing socket As reported by syzbot [1], there is a memory leak while closing the socket. We partially solved this issue with commit ac03046ece2b ("vsock/virtio: free packets during the...

CVE-2021-47015 bnxt_en: Fix RX consumer index logic in the error path.

In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Fix RX consumer index logic in the error path. In bnxt_rx_pkt(), the RX buffers are expected to complete in order. If the RX consumer index indicates an out of order buffer completion, it means we are hitting a hardware...

(RHSA-2024:0766) Critical: OpenShift Container Platform 4.15.0 security update

Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Security Fix(es): opentelemetry: DoS vulnerability in otelhttp (CVE-2023-45142) opentelemetry-go-contrib: DoS vulnerability in otelgrpc...

(RHSA-2024:0269) Moderate: Run Once Duration Override Operator for Red Hat OpenShift 1.1.0 for RHEL 9

The Run Once Duration Override Operator for Red Hat OpenShift is an optional operator that makes it possible to override activeDeadlineSecondsOverride field during pod admission. Security Fix(es): golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)...

(RHSA-2024:0941) Important: OpenShift Container Platform 4.14.14 bug fix and security update

Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.14.14. See the following advisory for the RPM...

CVE-2021-47015

In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Fix RX consumer index logic in the error path. In bnxt_rx_pkt(), the RX buffers are expected to complete in order. If the RX consumer index indicates an out of order buffer completion, it means we are hitting a hardware...

CVE-2021-47024

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: free queued packets when closing socket As reported by syzbot [1], there is a memory leak while closing the socket. We partially solved this issue with commit ac03046ece2b ("vsock/virtio: free packets during the...

Security Bulletin: NVIDIA GPU Display Driver - February 2024

NVIDIA has released a software security update for NVIDIA GPU Display Driver to address the issues that are disclosed in this bulletin. To protect your system, download and install this software update through the NVIDIA Driver Downloads page or, for the vGPU software and Cloud Gaming updates,...

(RHSA-2023:7200) Important: OpenShift Container Platform 4.15.z security update

Red Hat build of MicroShift is Red Hat's light-weight Kubernetes orchestration solution designed for edge device deployments and is built from the edge capabilities of Red Hat OpenShift. MicroShift is an application that is deployed on top of Red Hat Enterprise Linux devices at the edge, providing....

(RHSA-2023:7201) Important: OpenShift Container Platform 4.15.0 packages and security update

Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Security Fix(es): golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) (CVE-2023-39325) golang:...

(RHSA-2023:7198) Critical: OpenShift Container Platform 4.15.0 bug fix and security update

Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.15.0. See the following advisory for the RPM...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM® Db2®. (Jan 2024 CPU)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 7.1.5.20 and earlier, 8.0.8.15 and earlier used by IBM® Db2®. These issues were disclosed as part of the IBM Java SDK updates in January 2024. Vulnerability Details ** CVEID: CVE-2024-20952 DESCRIPTION: **An...

Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - Jan 2024 - Includes Oracle January 2024 CPU plus CVE-2023-33850

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 that are used by Maximo Asset Management, Maximo Industry Solutions (including Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas and Maximo for Utilities).....

(RHSA-2024:0954) Important: Red Hat OpenShift for Windows Containers 10.15.0 security update

Red Hat OpenShift for Windows Containers allows you to deploy Windows container workloads running on Windows Server containers. Security Fix(es): golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) (CVE-2023-39325) kubernetes: Insufficient input...

RHEL 8 / 9 : OpenShift Container Platform 4.15.0 (RHSA-2023:7201)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7201 advisory. golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) (CVE-2023-39325) golang:...

RHEL 9 : OpenShift Container Platform 4.15.z (RHSA-2023:7200)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7200 advisory. golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) (CVE-2023-39325) golang:...

Security Bulletin: IBM Cognos Analytics has addressed multiple vulnerabilities

Summary IBM Cognos Analytics is affected and considered vulnerable, based on current information, to vulnerabilities in Open-Source Software (OSS) components consumed by IBM Cognos Analytics. IBM Cognos Analytics has addressed the applicable CVEs by upgrading or removing the vulnerable libraries......

Security Bulletin: Vulnerabilities in IBM Java included with IBM Tivoli Monitoring.

Summary Vulnerabilities in IBM® SDK Java™ Technology Edition that is shipped as part of multiple IBM Tivoli Monitoring (ITM) components. CVEs: CVE-2023-22067, CVE-2023-22081, CVE-2023-33850, CVE-2023-5676, CVE-2024-20918, CVE-2024-20919, CVE-2024-20921, CVE-2024-20926, CVE-2024-20945 and...

Healthcare Needs Risk-Based Cybersecurity for Comprehensive, Effective Protection

In the first blog post of this three-blog series, we discussed the extraordinarily powerful “perfect storm” of cyber risk faced by healthcare organizations. The second blog post reviews how data security risks persist despite HIPAA compliance. In this third blog, we will discuss how to get started....

Mageia: Security Advisory (MGASA-2024-0047)

The remote host is missing an update for...

Security Bulletin: IBM Cognos Transformer is affected by security vulnerabilities

Summary There are vulnerabilities in Apache Xalan, Apache Commons Codec, IBM® Java™ Version 8, and OpenSSL that are consumed by IBM Cognos Transformer. These have been addressed by upgrading or removing the vulnerable libraries. Please refer to the table in the Related Information section for...

RepoReaper - An Automated Tool Crafted To Meticulously Scan And Identify Exposed .Git Repositories Within Specified Domains And Their Subdomains

RepoReaper is a precision tool designed to automate the identification of exposed .git repositories across a list of domains and subdomains. By processing a user-provided text file with domain names, RepoReaper systematically checks each for publicly accessible .git files. This enables rapid...