17 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-6111
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free vulnerability in the Linux kernel's netfilter: nftables component can be exploited to achieve local privilege escalation. The function...
Photon OS 5.0: Linux PHSA-2024-5.0-0187
An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-5.0-0187. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
CBL Mariner 2.0 Security Update: hyperv-daemons / kernel (CVE-2023-6111)
The version of hyperv-daemons / kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-6111 advisory. - A use-after-free vulnerability in the Linux kernel's netfilter: nftables component can be...
CVE-2023-6111 affecting package kernel for versions less than 6.6.29.1-4
CVE-2023-6111 affecting package kernel for versions less than 6.6.29.1-4. A patched version of the package is available...
CVE-2023-6111 affecting package hyperv-daemons for versions less than 5.15.143.1-1
CVE-2023-6111 affecting package hyperv-daemons for versions less than 5.15.143.1-1. An upgraded version of the package is available that resolves this issue...
Ubuntu 22.04 LTS : Linux kernel (OEM) vulnerability (USN-6576-1)
The remote Ubuntu 22.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-6576-1 advisory. Lonial Con discovered that the netfilter subsystem in the Linux kernel did not properly handle an expired catchall element in some situations, leading to a...
Important: kernel-livepatch-6.1.61-85.141
Issue Overview: A use-after-free vulnerability in the Linux kernel's netfilter: nftables component can be exploited to achieve local privilege escalation. The function nfttransgccatchall did not remove the catchall set element from the catchalllist when the argument sync is true, making it possib...
Fedora: Security Advisory for kernel-tools (FEDORA-2023-15deb2e32a)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for kernel-headers (FEDORA-2023-15deb2e32a)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.15-2023-031 (ALASKERNEL-5.15-2023-031)
The version of kernel installed on the remote host is prior to 5.15.139-93.147. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.15-2023-031 advisory. In the Linux kernel, the following vulnerability has been resolved: llc: verify mac len before reading ma...
Fedora 38 : kernel / kernel-headers / kernel-tools (2023-15deb2e32a)
The remote Fedora 38 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2023-15deb2e32a advisory. The 6.6.3 stable kernel update contains a number of important fixes across the tree. Tenable has extracted the preceding description block directly...
Fedora 39 : kernel / kernel-headers / kernel-tools (2023-a7b89262c6)
The remote Fedora 39 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2023-a7b89262c6 advisory. The 6.6.3 stable kernel update contains a number of important fixes across the tree. Tenable has extracted the preceding description block directly...
AZL-32122 CVE-2023-6111 affecting package hyperv-daemons for versions less than 5.15.143.1-1
A use-after-free vulnerability in the Linux kernel's netfilter: nftables component can be exploited to achieve local privilege escalation. The function nfttransgccatchall did not remove the catchall set element from the catchalllist when the argument sync is true, making it possible to free a...
CVE-2023-6111
CVE-2023-6111 is a use-after-free in the Linux kernel netfilter nf_tables GC path: the function nft_trans_gc_catchall can fail to remove a catchall set element from catchall_list when sync is true, allowing a catchall element to be freed multiple times. This enables local privilege escalation. Th...
CVE-2023-6111 Use-after-free in Linux kernel's netfilter: nf_tables component
A use-after-free vulnerability in the Linux kernel's netfilter: nftables component can be exploited to achieve local privilege escalation. The function nfttransgccatchall did not remove the catchall set element from the catchalllist when the argument sync is true, making it possible to free a...
CVE-2023-6111 Use-after-free in Linux kernel's netfilter: nf_tables component
A use-after-free vulnerability in the Linux kernel's netfilter: nftables component can be exploited to achieve local privilege escalation. The function nfttransgccatchall did not remove the catchall set element from the catchalllist when the argument sync is true, making it possible to free a...
CVE-2023-6111
A use-after-free vulnerability in the Linux kernel's netfilter: nftables component can be exploited to achieve local privilege escalation. The function nfttransgccatchall did not remove the catchall set element from the catchalllist when the argument sync is true, making it possible to free a...