UBUNTU-CVE-2024-6444

No proper validation of the length of user input in olcpindhandler in zephyr/subsys/bluetooth/services/ots/otsclient.c...

Ubuntu: Security Advisory (USN-7021-4)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-7021-4: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - BTRFS file system; - F2FS file system; - GFS2 file system; - BPF subsystem; - Netfilter; - RxRPC...

Ubuntu 20.04 LTS : Linux kernel vulnerabilities (USN-7021-4)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7021-4 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in...

PT-2024-37629 · Unknown · Bluetooth Audio Subsystem

Name of the Vulnerable Software and Affected Versions: Bluetooth Audio Subsystem affected versions not specified Description: The issue is related to an unchecked tailroom in the ascs cp rsp add function located in /subsys/bluetooth/audio/ascs.c, which could lead to a global buffer overflow...

Medium: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: don't allow mapping the MMIO HDP page with large pages CVE-2024-41011 In the Linux kernel, the following vulnerability has been resolved: ata: libata-core: Fix null pointer dereference on error...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: ima: Fix use-after-free on a dentry's dname.name CVE-2024-39494 In the Linux kernel, the following vulnerability has been resolved: net, sunrpc: Remap EPERM in case of connection failure in xstcpsetupsocket...

Ubuntu: Security Advisory (USN-7022-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CLSA-2024-1727817133 Fix of 74 CVEs

CVE-url: https://ubuntu.com/security/CVE-2024-26752 - l2tp: pass correct message length to ip6appenddata CVE-url: https://ubuntu.com/security/CVE-2021-47188 - scsi: ufs: core: Improve SCSI abort handling CVE-url: https://ubuntu.com/security/CVE-2024-26677 - rxrpc: Fix delayed ACKs to not set the...

USN-7022-2 linux-raspi vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - Modular ISDN driver; - MMC subsystem; - SCSI drivers; - F2FS file system; - GFS2 file system; -...

Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-7003-5)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7003-5 advisory. It was discovered that the JFS file system contained an out-of-bounds read vulnerability when printing xattr debug information. A local attacker could us...

Ubuntu 20.04 LTS : Linux kernel vulnerabilities (USN-7022-2)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7022-2 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in...

SUSE CVE-2024-46862

In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: soc-acpi-intel-mtl-match: add missing empty item There is no linksnum in struct sndsocacpimach , and we test !link-numadr as a condition to end the loop in hdasdwmachineselect. So an empty item in struct...

CVE-2024-44912

NASA CryptoLib v1.3.0 was discovered to contain an Out-of-Bounds read via the TM subsystem cryptotm.c...

CVE-2024-44912

NASA CryptoLib v1.3.0 was discovered to contain an Out-of-Bounds read via the TM subsystem cryptotm.c...

CVE-2024-44910

NASA CryptoLib v1.3.0 was discovered to contain an Out-of-Bounds read via the AOS subsystem cryptoaos.c...

CVE-2024-44910

NASA CryptoLib v1.3.0 was discovered to contain an Out-of-Bounds read via the AOS subsystem cryptoaos.c...

CVE-2024-44911

NASA CryptoLib v1.3.0 was discovered to contain an Out-of-Bounds read via the TC subsystem cryptotc.c...

DEBIAN-CVE-2024-46863

In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: soc-acpi-intel-lnl-match: add missing empty item There is no linksnum in struct sndsocacpimach , and we test !link-numadr as a condition to end the loop in hdasdwmachineselect. So an empty item in struct...

DEBIAN-CVE-2024-46866

In the Linux kernel, the following vulnerability has been resolved: drm/xe/client: add missing bo locking in showmeminfo bomeminfo wants to inspect bo state like tt and the ttm resource, however this state can change at any point leading to stuff like NPD and UAF, if the bo lock is not held. Grab...