18 matches found
Linux Distros Unpatched Vulnerability : CVE-2024-26589
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: Reject variable offset alu on PTRTOFLOWKEYS For PTRTOFLOWKEYS, checkflowkeysaccess only uses fixed off for validation. However, variable offset ptr alu is...
[slackware-security] Slackware 15.0 kernel
New kernel packages are available for Slackware 15.0 to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/linux-5.15.160/: Upgraded. These updates fix various bugs and security issues. Be sure to upgrade your initrd after upgrading the kernel packages. ...
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2024-1592)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-6743-3)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-6743-3: Linux kernel (Azure) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - JFS file system; - BPF subsystem; - Netfilter; CVE-2023-52600, CVE-2024-26589, CVE-2024-26591, CVE-2024-26581,...
Ubuntu: Security Advisory (USN-6743-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-6743-2: Linux kernel (Low Latency) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - JFS file system; - BPF subsystem; - Netfilter; CVE-2023-52600, CVE-2024-26589, CVE-2024-26591, CVE-2024-26581,...
Ubuntu: Security Advisory (USN-6743-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-6743-1: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - JFS file system; - BPF subsystem; - Netfilter; CVE-2023-52600, CVE-2024-26589, CVE-2024-26591, CVE-2024-26581,...
USN-6741-1 linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-bluefield, linux-gcp, linux-gcp-5.4, linux-gkeop, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-iot, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4, linux-xilinx-zynqmp vulnerabilities
Daniele Antonioli discovered that the Secure Simple Pairing and Secure Connections pairing in the Bluetooth protocol could allow an unauthenticated user to complete authentication without pairing credentials. A physically proximate attacker placed between two Bluetooth devices could use this to...
SUSE-SU-2024:0926-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2021-47078: Fixed a bug by clearing all QP fields if creation failed bsc1220863 - CVE-2021-47076: Fixed a bug by returning CQE error if invalid lkey was supplied...
SUSE-SU-2024:0900-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2023-6270: Fixed a use-after-free issue in aoecmdcfgpkts bsc1218562. - CVE-2023-52463: Fixed null pointer dereference in efivarfs bsc1220328. - CVE-2023-52559:...
Ubuntu: Security Advisory (USN-6688-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE CVE-2024-26589
In the Linux kernel, the following vulnerability has been resolved: bpf: Reject variable offset alu on PTRTOFLOWKEYS For PTRTOFLOWKEYS, checkflowkeysaccess only uses fixed off for validation. However, variable offset ptr alu is not prohibited for this ptr kind. So the variable offset is not...
CVE-2024-26589
creationtimestamp| type| source ---|---|--- 2024-02-22 18:53:44+00:00| seen| https://t.me/ctinow/191012 2024-02-23 15:11:27+00:00| seen| https://t.me/ctinow/191793 2025-12-03 14:14:49+00:00| seen| https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8...
CVE-2024-26589
CVE-2024-26589 pertains to a Linux kernel flaw in the BPF flow keys handling. For PTR_TO_FLOW_KEYS, check_flow_keys_access() used a fixed offset while the code allowed a variable offset ALU operation, enabling an out-of-bounds access when the program loaded flow_keys and added a variable offset. ...
CVE-2024-26589 bpf: Reject variable offset alu on PTR_TO_FLOW_KEYS
In the Linux kernel, the following vulnerability has been resolved: bpf: Reject variable offset alu on PTRTOFLOWKEYS For PTRTOFLOWKEYS, checkflowkeysaccess only uses fixed off for validation. However, variable offset ptr alu is not prohibited for this ptr kind. So the variable offset is not...
CVE-2024-26589
In the Linux kernel, the following vulnerability has been resolved: bpf: Reject variable offset alu on PTRTOFLOWKEYS For PTRTOFLOWKEYS, checkflowkeysaccess only uses fixed off for validation. However, variable offset ptr alu is not prohibited for this ptr kind. So the variable offset is not...