159 matches found
new packages: perl-Module-Load
An update is available for perl-Module-Load. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...
GSD-2022-1001555 bpf: Fix UAF due to race between btf_try_get_module and load_module
bpf: Fix UAF due to race between btftrygetmodule and loadmodule This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.16.19 by commit...
GSD-2022-1001450 scsi: qla2xxx: Fix crash during module load unload test
scsi: qla2xxx: Fix crash during module load unload test This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.16.19 by commit...
GSD-2022-1001128 scsi: qla2xxx: Fix crash during module load unload test
scsi: qla2xxx: Fix crash during module load unload test This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.17.2 by commit...
Mageia: Security Advisory (MGASA-2018-0047)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
AZL-6570 CVE-2021-35039 affecting package kernel for versions less than 5.10.78.1-1
kernel/module.c in the Linux kernel before 5.12.14 mishandles Signature Verification, aka CID-0c18f29aae7c. Without CONFIGMODULESIG, verification that a kernel module is signed, for loading via initmodule, does not occur for a module.sigenforce=1 command-line argument...
kernel: Null pointer dereference in drop_sysctl_table() in fs/proc/proc_sysctl.c
A flaw was found in the Linux kernel’s implementation of dropping sysctl entries. A local attacker who has access to load modules on the system can trigger a condition during module load failure and panic the system...
new module: perl:5.30
An update is available for perl-Pod-Perldoc, perl-DBI, perl-Pod-Escapes, perl-Devel-PPPort, perl-Pod-Usage, perl-Sub-Exporter, perl-perlfaq, perl-Object-HashBase, perl-CPAN-Meta-YAML, perl-Digest, perl-podlators, perl-bignum, perl-Text-ParseWords, perl-Text-Template, perl-DBD-MySQL, perl-Text-Glo...
kernel: Null pointer dereference in drop_sysctl_table() in fs/proc/proc_sysctl.c
A flaw was found in the Linux kernel’s implementation of dropping sysctl entries. A local attacker who has access to load modules on the system can trigger a condition during module load failure and panic the system...
kernel: Null pointer dereference in drop_sysctl_table() in fs/proc/proc_sysctl.c
A flaw was found in the Linux kernel’s implementation of dropping sysctl entries. A local attacker who has access to load modules on the system can trigger a condition during module load failure and panic the system...
EulerOS Virtualization for ARM 64 3.0.6.0 : perl-Sys-Syslog (EulerOS-SA-2020-2039)
According to the version of the perl-Sys-Syslog package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - It was found that perl can load modules from the current directory if not found in the module directories, via th...
EulerOS Virtualization for ARM 64 3.0.6.0 : perl-Module-Load-Conditional (EulerOS-SA-2020-2013)
According to the version of the perl-Module-Load-Conditional package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - It was found that perl can load modules from the current directory if not found in the module...
Huawei EulerOS: Security Advisory for perl-Module-Load-Conditional (EulerOS-SA-2020-2013)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization for ARM 64 3.0.6.0 : perl-JSON-PP (EulerOS-SA-2020-2053)
According to the version of the perl-JSON-PP package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - It was found that perl can load modules from the current directory if not found in the module directories, via the...
OSV-2020-1474 Heap-buffer-overflow in dotnet_parse_com
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=8901 Crash type: Heap-buffer-overflow READ 8 Crash state: dotnetparsecom dotnetload yrmodulesload...
kernel: Null pointer dereference in drop_sysctl_table() in fs/proc/proc_sysctl.c
A flaw was found in the Linux kernel’s implementation of dropping sysctl entries. A local attacker who has access to load modules on the system can trigger a condition during module load failure and panic the system...
Important: Red Hat Bug Fix Advisory: Satellite 6.6.2 Async Bug Fix Update
Updated Satellite 6.6 packages that fix several bugs are now available for Red Hat Satellite. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide public Internet access to their servers or other clien...
CVE-2013-4245
Orca has arbitrary code execution due to insecure Python module load...
CVE-2013-4245
Orca has arbitrary code execution due to insecure Python module load...
CVE-2013-4245
CVE-2013-4245 : The vulnerability affects the Orca application and is caused by insecure Python module load, resulting in arbitrary code execution. The NVD entry lists a local attack vector with medium complexity in CVSS v2, and high impact on confidentiality, integrity, and availability in CVSS ...