MiracleLinux 8 : keepalived-2.1.5-8.el8.ML.1 (AXSA:2022-3396:02)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2022-3396:02 advisory. keepalived: dbus access control bypass CVE-2021-44225 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory...

TencentOS Server 3: keepalived (TSSA-2022:0236)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2022:0236 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

CVE-2024-44225

A logic issue was addressed with improved checks. This issue is fixed in iOS 18.2 and iPadOS 18.2, iPadOS 17.7.3, macOS Sequoia 15.2, macOS Sonoma 14.7.2, macOS Ventura 13.7.2, tvOS 18.2, watchOS 11.2. An app may be able to gain elevated privileges...

CVE-2024-44225

A logic issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.3, watchOS 11.2, tvOS 18.2, macOS Sequoia 15.2, iOS 18.2 and iPadOS 18.2, macOS Ventura 13.7.2, macOS Sonoma 14.7.2. An app may be able to gain elevated privileges...

CVE-2024-44225

CVE-2024-44225 describes a logic issue in Apple OS components that could allow an app to gain elevated privileges. The fixed versions include iPadOS 17.7.3, watchOS 11.2, tvOS 18.2, macOS Sequoia 15.2, iOS 18.2 / iPadOS 18.2, macOS Ventura 13.7.2, and macOS Sonoma 14.7.2. The root cause is stated...

NewStart CGSL MAIN 6.06 : keepalived Vulnerability (NS-SA-2023-0097)

The remote NewStart CGSL host, running version MAIN 6.06, has keepalived packages installed that are affected by a vulnerability: - In Keepalived through 2.2.4, the D-Bus policy does not sufficiently restrict the message destination, allowing any user to inspect and manipulate any property. This...

Medium: keepalived

Issue Overview: A flaw was found in keepalived, where an improper authentication vulnerability allows an unprivileged user to change properties that could lead to an access-control bypass. CVE-2021-44225 Affected Packages: keepalived Note: This advisory is applicable to Amazon Linux 2 AL2 Core...

Huawei EulerOS: Security Advisory for keepalived (EulerOS-SA-2023-1261)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 3.0.2.2 : keepalived (EulerOS-SA-2023-1261)

According to the versions of the keepalived package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In Keepalived through 2.2.4, the D-Bus policy does not sufficiently restrict the message destination, allowing any user to...

NewStart CGSL MAIN 6.02 : keepalived Vulnerability (NS-SA-2022-0105)

The remote NewStart CGSL host, running version MAIN 6.02, has keepalived packages installed that are affected by a vulnerability: - In Keepalived through 2.2.4, the D-Bus policy does not sufficiently restrict the message destination, allowing any user to inspect and manipulate any property. This...

SUSE SLES15 Security Update : keepalived (SUSE-SU-2022:3232-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:3232-1 advisory. - In Keepalived through 2.2.4, the D-Bus policy does not sufficiently restrict the message destination, allowing any user to inspect and...

SUSE-SU-2022:3235-1 Security update for keepalived

This update for keepalived fixes the following issues: - CVE-2021-44225: Fix a potential privilege escalation due to insufficient control in the D-Bus policy bsc1193115...

SUSE-SU-2022:3234-1 Security update for keepalived

This update for keepalived fixes the following issues: - CVE-2021-44225: Fix a potential privilege escalation due to insufficient control in the D-Bus policy bsc1193115...

openSUSE: Security Advisory for keepalived (SUSE-SU-2022:2923-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

SUSE-SU-2022:2923-1 Security update for keepalived

This update for keepalived fixes the following issues: - CVE-2021-44225: Fix a potential privilege escalation due to insufficient control in the D-Bus policy bsc1193115...

EulerOS 2.0 SP3 : keepalived (EulerOS-SA-2022-1734)

According to the versions of the keepalived package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In Keepalived through 2.2.4, the D-Bus policy does not sufficiently restrict the message destination, allowing any user to inspect and...

Huawei EulerOS: Security Advisory for keepalived (EulerOS-SA-2022-1734)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Rocky Linux 8 : keepalived (RLSA-2022:1930)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:1930 advisory. - In Keepalived through 2.2.4, the D-Bus policy does not sufficiently restrict the message destination, allowing any user to inspect and manipulate any property...

keepalived security and bug fix update

2.1.5-8 - Fix DBus policy restrictions 2028350, CVE-2021-44225 2.1.5-7 - Fix log-facility option 197716...

AlmaLinux 8 : keepalived (ALSA-2022:1930)

The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2022:1930 advisory. - In Keepalived through 2.2.4, the D-Bus policy does not sufficiently restrict the message destination, allowing any user to inspect and manipulate any property...