Medium: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: prefer nftchainvalidate CVE-2024-41042 In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Sanitise numphys CVE-2024-42159 In the Linux kernel, the following...

Medium: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: use timestamp to check for set element timeout CVE-2024-27397 In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: prefer nftchainvalidate CVE-2024-41042 In...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a buffer release problem in the s390/sclp component during I/O operations...

FreeBSD-SA-24:11.ctl

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-24:11.ctl Security Advisory The FreeBSD Project Topic: Multiple issues in ctl4 CAM Target Layer Category: core Module: ctl Announced: 2024-09-04 Credits:...

FreeBSD -- Multiple issues in ctl(4) CAM Target Layer

Problem Description: Several vulnerabilities were found in the ctl subsystem. The function ctlwritebuffer incorrectly set a flag which resulted in a kernel Use-After-Free when a command finished processing CVE-2024-45063. The ctlwritebuffer and ctlreadbuffer functions allocated memory to be...

CLSA-2024-1725389829 kernel: Fix of 3 CVEs

xen/blkfront: force data bouncing when backend is untrusted CVE-2022-33742 - ALSA: Fix deadlocks with kctl removals at disconnection CVE-2024-38600 - net: fix out-of-bounds access in opsinit CVE-2024-36883...

kernel: net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc()

A vulnerability was found in the Linux kernel's networking subsystem in the actapi implementation within the tcfidrcheckalloc function, which lead to a possible infinite loop when multiple actions with the same index are added, causing the second request to block indefinitely while holding the...

Ubuntu: Security Advisory (USN-6973-4)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-6973-4 linux-raspi-5.4 vulnerabilities

It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel, leading to a null pointer dereference vulnerability. A privileged local attacker could use this to possibly cause a denial of service system crash. CVE-2024-24860 Several security issues were discovere...

USN-6973-4: Linux kernel (Raspberry Pi) vulnerabilities

It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel, leading to a null pointer dereference vulnerability. A privileged local attacker could use this to possibly cause a denial of service system crash. CVE-2024-24860 Several security issues were discovere...

Ubuntu 18.04 LTS : Linux kernel (Raspberry Pi) vulnerabilities (USN-6973-4)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6973-4 advisory. It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel, leading to a null pointer dereference vulnerability. A...

Ubuntu: Security Advisory (USN-6972-4)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-6972-4: Linux kernel (Oracle) vulnerabilities

Yuxuan Hu discovered that the Bluetooth RFCOMM protocol driver in the Linux Kernel contained a race condition, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of service system crash. CVE-2024-22099 It was discovered that a race condition existed in th...

Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel (Oracle) vulnerabilities (USN-6972-4)

"The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6972-4 advisory. Yuxuan Hu discovered that the Bluetooth RFCOMM protocol driver in the Linux Kernel contained a race condition, leading to a NULL pointer...

CLSA-2024-1724774331 kernel: Fix of 11 CVEs

drm/vmwgfx: Fix invalid reads in fence signaled events CVE-2024-36960 - afunix: Fix garbage collector racing against connect CVE-2024-26923 - ipv6: remove maxsize check inline with ipv4 CVE-2023-52340 - aoe: fix the potential use-after-free problem in aoecmdcfgpkts CVE-2023-6270 - smb: client:...

Ubuntu: Security Advisory (USN-6973-3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-6973-3: Linux kernel (AWS) vulnerabilities

It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel, leading to a null pointer dereference vulnerability. A privileged local attacker could use this to possibly cause a denial of service system crash. CVE-2024-24860 Several security issues were discovere...

USN-6973-3 linux-aws-5.4 vulnerabilities

It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel, leading to a null pointer dereference vulnerability. A privileged local attacker could use this to possibly cause a denial of service system crash. CVE-2024-24860 Several security issues were discovere...

Ubuntu 18.04 LTS : Linux kernel (AWS) vulnerabilities (USN-6973-3)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6973-3 advisory. It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel, leading to a null pointer dereference vulnerability. A...

USN-6974-2: Linux kernel (Oracle) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - SuperH RISC architecture; - User-Mode Linux UML; - MMC subsystem; - Network drivers; - GFS2 file system; - IPv4...