USN-7167-1 linux, linux-aws, linux-aws-6.8, linux-gcp, linux-gcp-6.8, linux-gke, linux-gkeop, linux-ibm, linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency, linux-oem-6.8, linux-oracle, linux-oracle-6.8, linux-raspi vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Ext4 file system; - Network traffic control; - VMware vSockets driver; CVE-2024-50264, CVE-2024-49967, CVE-2024-530...

Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-7173-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7173-1 advisory. Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointe...

Ubuntu 22.04 LTS / 24.04 LTS : Linux kernel vulnerabilities (USN-7167-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7167-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...

Ubuntu 24.04 LTS : Linux kernel (OEM) vulnerabilities (USN-7170-1)

The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7170-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in...

Ubuntu 24.10 : Linux kernel vulnerabilities (USN-7169-1)

The remote Ubuntu 24.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7169-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the...

USN-7154-1 linux, linux-aws, linux-aws-6.8, linux-gcp, linux-gcp-6.8, linux-gke, linux-ibm, linux-lowlatency, linux-lowlatency-hwe-6.8, linux-oem-6.8, linux-oracle, linux-oracle-6.8, linux-raspi vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; -...

USN-7154-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; -...

Ubuntu 22.04 LTS / 24.04 LTS : Linux kernel vulnerabilities (USN-7154-1)

"The remote Ubuntu 22.04 LTS / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7154-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...

The vulnerability of DRM/VMWGFX components in Linux operating systems allows attackers to increase their privileges within the system.

The vulnerability of DRM/VMWGFX components in Linux operating systems is related to memory management errors after freeing memory. Exploiting this vulnerability can allow an attacker to increase their privileges within the system...

Ivanti Security Control 安全漏洞

Ivanti security controls is a unified IT management platform from US-based Ivanti Inc. It is used to manage and protect Windows-based computers, Linux-based computers and VMware ESXi virtual machine monitoring programs. Ivanti security controls suffers from an elevation of privilege vulnerability...

Photon OS 4.0: Linux PHSA-2024-4.0-0715

An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-4.0-0715. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

VMware Aria Operations Multiple Vulnerabilities (VMSA-2024-0022)

The version of VMware Aria Operations running on the remote host is missing a vendor supplied patch. It is, therefore, affected by multiple vulnerabilities: - VMware Aria Operations contains a privilege escalation vulnerability. A malicious actor with local administrative privileges may trigger...

Photon OS 4.0: Grpc PHSA-2024-4.0-0719

An update of the grpc package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-4.0-0719. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

The vulnerability of DRM/VMWGFX components in Linux operating systems allows a perpetrator to trigger a service failure.

The vulnerability of DRM/VMWGFX components in Linux operating systems is related to the operation of writing data beyond the buffer in memory within the vmweventfenceactioncreate function. Exploiting this vulnerability can allow an attacker to cause a service failure...

Spring LDAP data exposure vulnerability

A vulnerability in Spring LDAP allows data exposure for case sensitive comparisons.This issue affects Spring LDAP: from 2.4.0 through 2.4.3, from 3.0.0 through 3.0.9, from 3.1.0 through 3.1.7, from 3.2.0 through 3.2.7, AND all versions prior to 2.4.0. The usage of String.toLowerCase and...

CVE-2024-38829

A vulnerability in Spring LDAP allows data exposure for case sensitive comparisons.This issue affects Spring LDAP: from 2.4.0 through 2.4.3, from 3.0.0 through 3.0.9, from 3.1.0 through 3.1.7, from 3.2.0 through 3.2.7, AND all versions prior to 2.4.0. The usage of String.toLowerCase and...

CVE-2024-38829 Spring LDAP sensitive data exposure for case-sensitive comparisons

A vulnerability in Spring LDAP allows data exposure for case sensitive comparisons.This issue affects Spring LDAP: from 2.4.0 through 2.4.3, from 3.0.0 through 3.0.9, from 3.1.0 through 3.1.7, from 3.2.0 through 3.2.7, AND all versions prior to 2.4.0. The usage of String.toLowerCase and...

CVE-2024-38829 Spring LDAP sensitive data exposure for case-sensitive comparisons

A vulnerability in Spring LDAP allows data exposure for case sensitive comparisons.This issue affects Spring LDAP: from 2.4.0 through 2.4.3, from 3.0.0 through 3.0.9, from 3.1.0 through 3.1.7, from 3.2.0 through 3.2.7, AND all versions prior to 2.4.0. The usage of String.toLowerCase and...

CVE-2024-38829

CVE-2024-38829 is described as a vulnerability in Spring LDAP that enables data exposure due to case-sensitive comparisons. The issue affects Spring LDAP versions ranging from the earliest releases up to 2.4.3, and then 3.0.0–3.0.9, 3.1.0–3.1.7, and 3.2.0–3.2.7, including all versions prior to 2....

CVE-2024-38829

A vulnerability in Spring LDAP allows data exposure for case sensitive comparisons.This issue affects Spring LDAP: from 2.4.0 through 2.4.3, from 3.0.0 through 3.0.9, from 3.1.0 through 3.1.7, from 3.2.0 through 3.2.7, AND all versions prior to 2.4.0. The usage of String.toLowerCase and...