The vulnerability of the xfrm_dump_sa() function in the net/xfrm/xfrm_user.c module of the XFRM subsystem in the Linux operating system allows a hacker to gain access to protected information.

The vulnerability of the xfrmdumpsa function in the net/xfrm/xfrmuser.c module of the XFRM subsystem in the Linux operating system is related to reading beyond the allocated buffer. Exploiting this vulnerability could allow an attacker to gain access to protected information...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2023:4071-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4071-1 advisory. The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security and bugfixes. Th...

Oracle Linux 8 : Unbreakable Enterprise kernel-container (ELSA-2023-12911)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-12911 advisory. - x86: KVM: SVM: always update the x2avic msr interception Maxim Levitsky Orabug: 35857366 CVE-2023-5090 - netfilter: ipset: add the missing...

CVE-2023-4257

Unchecked user input length in /subsys/net/l2/wifi/wifishell.c can cause buffer overflows...

OESA-2023-1730 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the h-nets array offset, providing attackers with the primitive to arbitrarily...

SUSE-SU-2023:4072-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2023-4563: Fixed an use-after-free flaw in the nftables sub-component. This vulnerability could allow a local attacker to crash the system or lead to a kerne...

CBL Mariner 2.0 Security Update: hyperv-daemons (CVE-2023-42753)

The version of hyperv-daemons installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-42753 advisory. - An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing...

Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2023-12875)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-12875 advisory. - netfilter: ipset: add the missing IPSETHASHWITHNET0 macro for ipsethashnetportnet.c Kyle Zeng Orabug: 35824288 CVE-2023-42753 - rds: Fix lack of...

Oracle Linux 7 : Unbreakable Enterprise kernel-container (ELSA-2023-12910)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-12910 advisory. - x86: KVM: SVM: always update the x2avic msr interception Maxim Levitsky Orabug: 35857366 CVE-2023-5090 - netfilter: ipset: add the missing...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2023-12874)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-12874 advisory. - x86: KVM: SVM: always update the x2avic msr interception Maxim Levitsky Orabug: 35857366 CVE-2023-5090 - netfilter: ipset: add the missing...

CVE-2023-41766

Windows Client Server Run-time Subsystem CSRSS Elevation of Privilege Vulnerability...

CVE-2023-41766

Technical details for CVE-2023-41766 are not provided in the connected documents. Public information about affected components, root cause, impact, and fixes is not available here. Monitor for updates from official sources.

CVE-2023-41766 Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability

...

LSN-0098-1: Kernel Live Patch Security Notice

It was discovered that the IP-VLAN network driver for the Linux kernel did not properly initialize memory in some situations, leading to an out-of- bounds write vulnerability. An attacker could use this to cause a denial of service system crash or possibly execute arbitrary code.CVE-2023-3090 It...

SUSE-SU-2023:4030-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2023-4389: Fixed a reference counting issue in the Btrfs filesystem that could be exploited in order to leak internal kernel information or crash the system...

Advisory ROSA-SA-2023-2241

Software: kernel 3.10.0 OS: rosa-server79 packageevrstring: kernel-3.10.0-1160.83.1.el7 CVE-ID: CVE-2023-3397 BDU-ID: 2023-03779 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the JFS file system of the Linux operating system kernel is related to the reuse of previously freed memory due to...

Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability

...

Microsoft Windows Client/Server Runtime Subsystem Competition Condition Issue Vulnerability

Microsoft Windows is a suite of operating systems for use on personal devices from the U.S.-based Microsoft Corporation Microsoft. A security vulnerability exists in the Microsoft Windows Client/Server Runtime Subsystem. An attacker could exploit the vulnerability to remotely execute code. The...

Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2023-12858)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-12858 advisory. - netfilter: ipset: add the missing IPSETHASHWITHNET0 macro for ipsethashnetportnet.c Kyle Zeng Orabug: 35824286 CVE-2023-42753 - rds: Fix lack of...

Microsoft Client Server Run-time Subsystem Security Vulnerability

The Microsoft Client Server Run-time Subsystem is a client/server run-time subsystem from Microsoft Corporation in the United States that manifests itself as the csrss.exe process. It is a component of the Windows NT family of operating systems, appearing in Windows NT 3.1 and subsequent systems,...