Photon OS 5.0: Squid PHSA-2024-5.0-0429

An update of the squid package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-5.0-0429. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Security Bulletin: Vulnerabilities in VMware vCenter affect Cloud Pak System [CVE-2024-38812, CVE-2024-38813]

Summary Vulnerabilities in VMware vCenter affect Cloud Pak System. Vulnerability Details CVEID:CVE-2024-38812 DESCRIPTION: Broadcom VMware vCenter Server is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the implementation of the DCERPC protocol. By sending a...

Photon OS 5.0: Ruby PHSA-2024-5.0-0423

An update of the ruby package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-5.0-0423. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 4.0: Linux PHSA-2024-4.0-0719

An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-4.0-0719. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 4.0: Linux PHSA-2024-4.0-0718

An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-4.0-0718. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 5.0: Glib PHSA-2024-5.0-0422

An update of the glib package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-5.0-0422. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 3.0: Glib PHSA-2024-3.0-0807

An update of the glib package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-3.0-0807. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 4.0: Glib PHSA-2024-4.0-0721

An update of the glib package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-4.0-0721. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

USN-7179-1: Linux kernel vulnerabilities

Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. A physically proximate remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2020-12351 Andy Nguyen discovered that the...

USN-7173-2: Linux kernel vulnerabilities

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. CVE-2022-38096 Several security issues were discover...

USN-7173-2 linux-aws, linux-aws-5.4, linux-bluefield, linux-ibm, linux-ibm-5.4, linux-oracle, linux-oracle-5.4, linux-xilinx-zynqmp vulnerabilities

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. CVE-2022-38096 Several security issues were discover...

Security Bulletin: A vulnerability in IBM WebSphere Application Server Liberty may affect IBM Storage Protect for Virtual Environments: Data Protection for VMware

Summary IBM Storage Protect for Virtual Environments: Data Protection for VMware can be affected by a security flaw in IBM WebSphere Application Server Liberty. An attacker could exploit this vulnerability using a certificate issued by a trusted authority to obtain sensitive information, as...

Dell RecoverPoint for Virtual Machines Command Injection Vulnerability

Dell RecoverPoint for Virtual Machines is a simple, efficient operations and disaster recovery solution from Dell, Inc. For virtualized applications in VMware environments. A command injection vulnerability exists in Dell RecoverPoint for Virtual Machines version 6.0 SP1 and version 6.0 SP1 P1,...

Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-7173-2)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7173-2 advisory. Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointe...

USN-7169-2 linux-gcp vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Ext4 file system; - Network traffic control; - VMware vSockets driver; CVE-2024-49967, CVE-2024-53057, CVE-2024-502...

USN-7169-2: Linux kernel (GCP) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Ext4 file system; - Network traffic control; - VMware vSockets driver; CVE-2024-49967, CVE-2024-53057, CVE-2024-502...

Ubuntu 24.10 : Linux kernel (GCP) vulnerabilities (USN-7169-2)

The remote Ubuntu 24.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7169-2 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the...

USN-7173-1 linux, linux-gcp, linux-gcp-5.4, linux-hwe-5.4, linux-kvm, linux-raspi vulnerabilities

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. CVE-2022-38096 Several security issues were discover...

USN-7170-1 linux-oem-6.11 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - Ext4 file system; - Network traffic control; - VMware vSockets driver; CVE-2024-49914, CVE-2024-4991...

USN-7169-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Ext4 file system; - Network traffic control; - VMware vSockets driver; CVE-2024-49967, CVE-2024-53057, CVE-2024-502...