Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: ipvlan: out-of-bounds write caused by unclear skb-cb CVE-2023-3090 kernel: clsflower: out-of-bounds write in flsetgeneveopt CVE-2023-35788 kernel: KVM: x86/mmu: race condition in...

DLA-3512-1 linux-5.10 - security update

Bulletin has no description...

Cisco NX-OS Software Virtualization Manager Command Injection (CVE-2019-12717)

A vulnerability in a CLI command related to the virtualization manager VMAN in Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with root privileges. The vulnerability is due to insufficient validation of...

Cisco FXOS and NX-OS Software Command Injection Vulnerability (CVE-2019-1795)

A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with the privilege level of root. The vulnerability is due to insufficient validation of arguments passed ...

Cisco NX-OS Software Line Card Command Injection Vulnerability (CVE-2019-1769)

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands on the underlying Linux operating system of an attached line card with the privilege level of root. The vulnerability is due to insufficient...

Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1783)

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands on the underlying Linux operating system with the privilege level of root. The vulnerability is due to insufficient validation of arguments...

CVE-2023-31190

DroneScout ds230 Remote ID receiver from BlueMark Innovations is affected by an Improper Authentication vulnerability during the firmware update procedure. Specifically, the firmware update procedure ignores and does not check the validity of the TLS certificate of the HTTPS endpoint from which t...

Authentication flaw

DroneScout ds230 Remote ID receiver from BlueMark Innovations is affected by an Improper Authentication vulnerability during the firmware update procedure. Specifically, the firmware update procedure ignores and does not check the validity of the TLS certificate of the HTTPS endpoint from which t...

CVE-2023-31190 Missing TLS (HTTPS) certificate validation during firmware update in DroneScout ds230 Remote ID receiver from BlueMark Innovations

DroneScout ds230 Remote ID receiver from BlueMark Innovations is affected by an Improper Authentication vulnerability during the firmware update procedure. Specifically, the firmware update procedure ignores and does not check the validity of the TLS certificate of the HTTPS endpoint from which t...

CVE-2023-31190 Missing TLS (HTTPS) certificate validation during firmware update in DroneScout ds230 Remote ID receiver from BlueMark Innovations

DroneScout ds230 Remote ID receiver from BlueMark Innovations is affected by an Improper Authentication vulnerability during the firmware update procedure. Specifically, the firmware update procedure ignores and does not check the validity of the TLS certificate of the HTTPS endpoint from which t...

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 7.6 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

CVE-2023-28365

A backup file vulnerability found in UniFi applications Version 7.3.83 and earlier running on Linux operating systems allows application administrators to execute malicious commands on the host device being restored...

ALSA-2023:3847 Moderate: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: tls: race condition in dotlsgetsockopt may lead to use-after-free or NULL pointer dereference CVE-2023-28466 For more details about the security issues, including the impact, a CVSS score...

CVE-2023-25188

An issue was discovered on NOKIA Airscale ASIKA Single RAN devices before 21B. If/when CSP as a BTS administrator removes security hardenings from the Nokia Single RAN BTS baseband unit, the BTS baseband unit diagnostic tool AaShell which is by default disabled allows unauthenticated access from...

Huawei EulerOS: Security Advisory for sysstat (EulerOS-SA-2023-2049)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as...

ALSA-2023:3349 Important: kernel security and bug fix update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: netfilter: use-after-free in nftables when processing batch requests can lead to privilege escalation CVE-2023-32233 For more details about the security issues, including the impact, a CV...

Debian dla-3434 : isag - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3434 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3434-1 [email protected]...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

EulerOS Virtualization 2.10.0 : sysstat (EulerOS-SA-2023-1930)

According to the versions of the sysstat package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - sysstat is a set of system performance tools for the Linux operating system. On 32 bit systems, in versions 9.1.16 and newer but...