kernel: bpf: Fix KASAN use-after-free Read in compute_effective_progs

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix KASAN use-after-free Read in computeeffectiveprogs Syzbot found a Use After Free bug in computeeffectiveprogs. The reproducer creates a number of BPF links, and causes a fault injected alloc to fail, while calling...

openstack-nova: Compute service fails to restart if the vnic_type of a bound port changed from direct to macvtap

An issue was discovered in OpenStack Nova before 23.2.2, 24.x before 24.1.2, and 25.x before 25.0.2. By creating a neutron port with the direct vnictype, creating an instance bound to that port, and then changing the vnictype of the bound port to macvtap, an authenticated user may cause the compu...

Low: Red Hat Security Advisory: Red Hat OpenStack Platform 16.2 (openstack-nova) security update

An update for openstack-nova is now available for Red Hat OpenStack Platform 16.2 Train. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Malicious code in ssh-compute (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 240dd96c86fea32d5f03426ea8f8069aa60e8cccfe1f5d0a53812aa6cf7fa311 The OpenSSF Package Analysis project identified 'ssh-compute' @ 0.1.9 npm as malicious. It is considered malicious because: - The package...

MAL-2023-7 Malicious code in ssh-compute (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 240dd96c86fea32d5f03426ea8f8069aa60e8cccfe1f5d0a53812aa6cf7fa311 The OpenSSF Package Analysis project identified 'ssh-compute' @ 0.1.9 npm as malicious. It is considered malicious because: - The package...

Virtuozzo Hybrid Infrastructure 5.4 Update 1 Hotfix 1 (5.4.1-61)

This update provides stability fixes for the compute service. Vulnerability id: VSTOR-66686 If there is a network port with the address 0.0.0.0/0, a VM creation fails with the error 'Failed to allocate the networks, not rescheduling.' Vulnerability id: VSTOR-67068 Snapshot metrics per storage...

CVE-2023-25818

Nextcloud server is an open source, personal cloud implementation. In affected versions a malicious user could try to reset the password of another user and then brute force the 62^21 combinations for the password reset token. As of commit 704eb3aa password reset attempts are now throttled. Note...

Virtuozzo Hybrid Infrastructure 5.4 Hotfix 1 (5.4.0-138)

This update provides stability fixes for the compute and core storage services. Vulnerability id: VSTOR-63084 Unable to manage a virtual machine after a failed migration. Vulnerability id: VSTOR-63050, VSTOR-59007 In some cases, resetting a state may not work. Vulnerability id: VSTOR-63041 Fixes...

PYSEC-2023-316

WebAssembly v1.0.29 was discovered to contain a segmentation fault via the component wabt::catcomputesize...

DEBIAN-CVE-2023-27115

WebAssembly v1.0.29 was discovered to contain a segmentation fault via the component wabt::catcomputesize...

PYSEC-2023-316

WebAssembly v1.0.29 was discovered to contain a segmentation fault via the component wabt::catcomputesize...

PT-2023-20961 · Unknown +1 · Webassembly +1

Name of the Vulnerable Software and Affected Versions: WebAssembly version 1.0.29 Description: A segmentation fault was discovered in WebAssembly via the component wabt::cat compute size. Recommendations: For version 1.0.29, at the moment, there is no information about a newer version that contai...

_computeRewardsPerUnitStaked() may overflow

Lines of code Vulnerability details Impact no judgment that lastLUSDLossErrorOffset!=0, but debtToOffset is 0 computeRewardsPerUnitStaked may overflow Proof of Concept Use lastLUSDLossErrorOffset in the computeRewardsPerUnitStaked method to store the last excess The code is as follows: function...

Important: Red Hat Security Advisory: Red Hat OpenStack Platform 17.0 (openstack-nova) security update

An update for openstack-nova is now available for Red Hat OpenStack Platform 17.0 Wallaby. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

SUSE CVE-2012-3361

virt/disk/api.py in OpenStack Compute Nova Folsom 2012.2, Essex 2012.1, and Diablo 2011.3 allows remote authenticated users to overwrite arbitrary files via a symlink attack on a file in an image...

SUSE CVE-2013-2096

OpenStack Compute Nova Folsom, Grizzly, and Havana does not verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service host file system disk consumption by creating an image with a large virtual size that does not contain a large amount of data...

SUSE CVE-2013-2255

HTTPSConnections in OpenStack Keystone 2013, OpenStack Compute 2013.1, and possibly other OpenStack components, fail to validate server-side SSL certificates...

SUSE CVE-2013-4261

OpenStack Compute Nova Folsom, Grizzly, and earlier, when using Apache Qpid for the RPC backend, does not properly handle errors that occur during messaging, which allows remote attackers to cause a denial of service connection pool consumption, as demonstrated using multiple requests that send...

SUSE CVE-2013-4497

The XenAPI backend in OpenStack Compute Nova Folsom, Grizzly, and Havana before 2013.2 does not properly apply security groups 1 when resizing an image or 2 during live migration, which allows remote attackers to bypass intended restrictions...

SUSE CVE-2014-2573

The VMWare driver in OpenStack Compute Nova 2013.2 through 2013.2.2 does not properly put VMs into RESCUE status, which allows remote authenticated users to bypass the quota limit and cause a denial of service resource consumption by requesting the VM be put into rescue and then deleting the imag...