AlmaLinux 9 : java-21-openjdk (ALSA-2024:4573)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:4573 advisory. OpenJDK: RangeCheckElimination array index overflow 8323231 CVE-2024-21147 OpenJDK: potential UTF8 size overflow 8314794 CVE-2024-21131 OpenJDK: Excessive...

AlmaLinux 9 : skopeo (ALSA-2024:4502)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:4502 advisory. golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads CVE-2024-1394 Tenable has extracted the preceding description block directly from...

AlmaLinux 9 : dotnet8.0 (ALSA-2024:4450)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:4450 advisory. dotnet: DoS in System.Text.Json CVE-2024-30105 dotnet: DoS in ASP.NET Core 8 CVE-2024-35264 dotnet: DoS when parsing X.509 Content and ObjectIdentifiers...

AlmaLinux 8 : dotnet8.0 (ALSA-2024:4451)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:4451 advisory. dotnet: DoS in System.Text.Json CVE-2024-30105 dotnet: DoS in ASP.NET Core 8 CVE-2024-35264 dotnet: DoS when parsing X.509 Content and ObjectIdentifiers...

AlmaLinux 8 : virt:rhel and virt-devel:rhel (ALSA-2024:4420)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:4420 advisory. qemu-kvm: QEMU: 'qemu-img info' leads to host file read/write CVE-2024-4467 Tenable has extracted the preceding description block directly from the AlmaLinux...

AlmaLinux 8 : dotnet6.0 (ALSA-2024:4438)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:4438 advisory. dotnet: DoS when parsing X.509 Content and ObjectIdentifiers CVE-2024-38095 Tenable has extracted the preceding description block directly from the AlmaLinux...

AlmaLinux 9 : fence-agents (ALSA-2024:4422)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:4422 advisory. urllib3: proxy-authorization request header is not stripped during cross-origin redirects CVE-2024-37891 Tenable has extracted the preceding description block...

AlmaLinux 9 : gvisor-tap-vsock (ALSA-2024:4379)

The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2024:4379 advisory. golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads CVE-2024-1394 Tenable has extracted the preceding description block directly from...

AlmaLinux 8 : pki-core (ALSA-2024:4367)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:4367 advisory. dogtag ca: token authentication bypass vulnerability CVE-2023-4727 Tenable has extracted the preceding description block directly from the AlmaLinux security...

AlmaLinux 9 : buildah (ALSA-2024:4371)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:4371 advisory. golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads CVE-2024-1394 Tenable has extracted the preceding description block directly from...

AlmaLinux 8 : kernel-rt (ALSA-2024:4352)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:4352 advisory. kernel: tls CVE-2024-26585,CVE-2024-26584, CVE-2024-26583 kernel-rt: kernel: PCI interrupt mapping cause oops almalinux-8 CVE-2021-46909 kernel: ipc/mqueu...

AlmaLinux 9 : dotnet6.0 (ALSA-2024:4439)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:4439 advisory. dotnet: DoS when parsing X.509 Content and ObjectIdentifiers CVE-2024-38095 Tenable has extracted the preceding description block directly from the AlmaLinux...

AlmaLinux 9 : podman (ALSA-2024:4378)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:4378 advisory. golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads CVE-2024-1394 Tenable has extracted the preceding description block directly from...

AlmaLinux 8 : libreswan (ALSA-2024:4376)

The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2024:4376 advisory. libreswan: IKEv1 default AH/ESP responder can crash and restart CVE-2024-3652 Tenable has extracted the preceding description block directly from the AlmaLinux...

ALSA-2024:4457 Moderate: openssh security update

OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fixes: openssh: Possible remote code execution due to a race condition in signal handling affecting...

PT-2024-4669

Name of the Vulnerable Software and Affected Versions: OpenSSH versions 8.7 and 8.8 Description: A race condition vulnerability was discovered in how signals are handled by OpenSSH's server sshd. If a remote attacker does not authenticate within a set time period, then sshd's SIGALRM handler is...

ALSA-2024:4349 Moderate: kernel security and bug fix update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: net/mlx5e: Fix operation precedence bug in port timestamping napipoll context CVE-2023-52626 kernel: Bluetooth: Avoid potential use-after-free in hcierrorreset CVE-2024-26801 kernel:...

AlmaLinux 8 : virt:rhel and virt-devel:rhel (ALSA-2024:4351)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:4351 advisory. Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provi...

ALSA-2024:4352 Important: kernel-rt security and bug fix update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: tls CVE-2024-26585,CVE-2024-26584, CVE-2024-26583 kernel-rt: kernel: PCI interrupt mapping cause oops almalinux-8 CVE-2021-46909...

AlmaLinux 9 : openssh (ALSA-2024:4312)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:4312 advisory. openssh: Possible remote code execution due to a race condition in signal handling CVE-2024-6387 Tenable has extracted the preceding description block directly fro...