SELinux 资源管理错误漏洞

SELinux is a Linux subsystem from the National Security Agency that uses a secure architecture that allows administrators to better control who has access to the system. A security vulnerability exists in SELinux version 3.2, which stems from a use-after-free in the SELinux CIL compiler in the...

SELinux 资源管理错误漏洞

SELinux is a Linux subsystem from the National Security Agency that uses a secure architecture that allows administrators to better control who has access to the system. SELinux suffers from a security vulnerability that stems from the CIL compiler in SELinux 3.2 having a use-after-free in...

Amazon Linux 2 : dhcp (ALAS-2021-1654)

The version of dhcp installed on the remote host is prior to 4.2.5-77. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2021-1654 advisory. A flaw was found in the Dynamic Host Configuration Protocol DHCP. There is a discrepancy between the code that handles encapsulated...

Oracle Linux 6 : dhcp (ELSA-2021-9314)

The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-9314 advisory. 12:4.1.1-63.P1.0.2 - Added dhcp-4.1.1-P1-CVE-2021-25217.patch Orabug: 33005948 Tenable has extracted the preceding description block directly from the Oracle...

Oracle Linux 8 : dhcp (ELSA-2021-2359)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-2359 advisory. 12:4.3.6-44.1 - Fix for CVE-2021-25217 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus...

SUSE: Security Advisory (SUSE-SU-2015:1790-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2018:1498-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PT-2021-3269 · Microsoft · Sharepoint Server +1

Name of the Vulnerable Software and Affected Versions: Microsoft SharePoint Server affected versions not specified Microsoft SharePoint Foundation affected versions not specified Microsoft SharePoint Enterprise Server affected versions not specified Description: The vulnerability is related to a...

SUSE SLES12 Security Update : kernel (Live Patch 36 for SLE 12 SP3) (SUSE-SU-2021:1865-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:1865-1 advisory. - An issue was discovered in the FUSE filesystem implementation in the Linux kernel before 5.10.6, aka CID-5d069dbe8aaf...

Unbreakable Enterprise kernel-container security update

5.4.17-2102.201.3.el8 - locking/qrwlock: Fix ordering in queuedwritelockslowpath Ali Saidi Orabug: 32805544 5.4.17-2102.201.2.el8 - md/bitmap: wait for external bitmap writes to complete during tear down Sudhakar Panneerselvam Orabug: 32764237 - ocfs2: fix deadlock between setattr and dioendiowri...

Ubuntu 18.04 LTS / 20.04 LTS : DHCP vulnerability (USN-4969-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4969-1 advisory. Jon Franklin and Pawel Wieczorkiewicz discovered that DHCP incorrectly handled lease file parsing. A remote attacker could possibly use this issue to...

CVE-2021-25217

In ISC DHCP 4.1-ESV-R1 - 4.1-ESV-R16, ISC DHCP 4.4.0 - 4.4.2 Other branches of ISC DHCP i.e., releases in the 4.0.x series or lower and releases in the 4.3.x series are beyond their End-of-Life EOL and no longer supported by ISC. From inspection it is clear that the defect is also present in...

CVE-2021-25217

In ISC DHCP 4.1-ESV-R1 - 4.1-ESV-R16, ISC DHCP 4.4.0 - 4.4.2 Other branches of ISC DHCP i.e., releases in the 4.0.x series or lower and releases in the 4.3.x series are beyond their End-of-Life EOL and no longer supported by ISC. From inspection it is clear that the defect is also present in...

CVE-2021-25217

In ISC DHCP 4.1-ESV-R1 - 4.1-ESV-R16, ISC DHCP 4.4.0 - 4.4.2 Other branches of ISC DHCP i.e., releases in the 4.0.x series or lower and releases in the 4.3.x series are beyond their End-of-Life EOL and no longer supported by ISC. From inspection it is clear that the defect is also present in...

CVE-2021-25217

CVE-2021-25217 affects ISC DHCP (DHCP client/server) across multiple branches (notably 4.1-ESV-R16, 4.4.0–4.4.2; other 4.0/4.3 may be affected but untested). The vulnerability is a stack-based buffer overrun in parsing statements with colon-separated hex digits in config or lease files, potential...

CVE-2021-25217

In ISC DHCP 4.1-ESV-R1 - 4.1-ESV-R16, ISC DHCP 4.4.0 - 4.4.2 Other branches of ISC DHCP i.e., releases in the 4.0.x series or lower and releases in the 4.3.x series are beyond their End-of-Life EOL and no longer supported by ISC. From inspection it is clear that the defect is also present in...

SUSE-SU-2021:1724-1 Security update for the Linux Kernel (Live Patch 12 for SLE 15 SP1)

This update for the Linux Kernel 4.12.14-19745 fixes several issues. The following security issues were fixed: - CVE-2020-36322: Fixed an issue inside the FUSE filesystem implementation where fusedogetattr calls makebadinode in inappropriate situations, could have caused a system crash. NOTE: the...

PT-2021-6126 · Gcc +6 · Gcc +6

Name of the Vulnerable Software and Affected Versions: Linux kernel versions through 5.16.10 Description: The issue is related to a buffer overflow in the Linux kernel, which can be exploited by a remote attacker to execute arbitrary code. Certain binary files built around 2003, for example with...

perl: heap-based buffer overflow in regular expression compiler leads to DoS

Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow...

gcc-toolset-10-binutils bug fix and enhancement update

GCC Toolset is a compiler toolset that provides recent versions of development tools. GCC Toolset is an Application Stream packaged as a Software Collection. For instructions on usage, see Using GCC Toolset linked from the References section. Components and specifics of this version are documente...