Security Bulletin: CVE-2023-50164 affects Apache Struts2 used by Content Collector for Email, Content Collector for File Systems and Content Collector for Microsoft SharePoint

Summary Vulnerability found in Apache Struts2 used by Content Collector for Email, Content Collector for File Systems and Content Collector for Microsoft SharePoint. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2023-50164 DESCRIPTION:...

Security Bulletin: Directory traversal attack in IBM Spectrum Protect Plus Microsoft File Systems Backup and Restore (CVE-2022-40608)

Summary The IBM Spectrum Protect Plus Microsoft File Systems restore operation is vulnerable to a directory traversal attack which can result in gaining access to unauthorized files . Vulnerability Details CVEID:CVE-2022-40608 DESCRIPTION: IBM Spectrum Protect Plus Microsoft File Systems restore...

CLSA-2025-1742319747 Fix of 29 CVEs

CVE-url: https://ubuntu.com/security/CVE-2024-50180 - fbdev: sisfb: Fix strbuf array overflow CVE-url: https://ubuntu.com/security/CVE-2023-52522 - net: fix possible store tearing in neighperiodicwork CVE-url: https://ubuntu.com/security/CVE-2024-40911 - wifi: cfg80211: Lock wiphy in...

USN-7344-2: Linux kernel vulnerabilities

Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2024-23848 Attila Szász discovered that the HFS+ file system...

USN-7332-3 linux-lts-xenial vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PowerPC architecture; - Block layer subsystem; - GPIO subsystem; - GPU drivers; - Media drivers; - Network drivers;...

USN-7332-3: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PowerPC architecture; - Block layer subsystem; - GPIO subsystem; - GPU drivers; - Media drivers; - Network drivers;...

Important: Red Hat Security Advisory: grub2 security update

An update for grub2 is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

USN-7342-1: Linux kernel vulnerabilities

Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2024-23848 Several security issues were discovered in the Linux kerne...

USN-7332-1 linux, linux-aws vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PowerPC architecture; - Block layer subsystem; - GPIO subsystem; - GPU drivers; - Media drivers; - Network drivers;...

USN-7331-1: Linux kernel vulnerabilities

Attila Szász discovered that the HFS+ file system implementation in the Linux Kernel contained a heap overflow vulnerability. An attacker could use a specially crafted file system image that, when mounted, could cause a denial of service system crash or possibly execute arbitrary code...

Linux Distros Unpatched Vulnerability : CVE-2021-39134

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - @npmcli/arborist, the library that calculates dependency trees and manages the nodemodules folder hierarchy for the npm command line interface, aims to guarante...

Linux Distros Unpatched Vulnerability : CVE-2023-52582

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netfs: Only call foliostartfscache one time for each folio If a network filesystem using netfs implements a clamplength function, it can set subrequest lengths...

USN-7294-4: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - ACPI drivers; - Drivers core; - ATA over ethernet AOE driver; - TPM...

Ubuntu 20.04 LTS : Linux kernel vulnerabilities (USN-7294-4)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7294-4 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in...

USN-7311-1 linux-aws, linux-aws-6.8 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - ACPI drivers; - Drivers cor...

USN-7303-2: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - ACPI drivers; - Drivers cor...

USN-7294-3 linux-ibm vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - ACPI drivers; - Drivers core; - ATA over ethernet AOE driver; - TPM...

Ubuntu 22.04 LTS / 24.04 LTS : Linux kernel vulnerabilities (USN-7303-2)

The remote Ubuntu 22.04 LTS / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7303-2 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...

Ubuntu 20.04 LTS : Linux kernel vulnerabilities (USN-7294-3)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7294-3 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in...

USN-7294-2: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - ACPI drivers; - Drivers core; - ATA over ethernet AOE driver; - TPM...