ALBA-2022:1547 sanlock bug fix and enhancement update

The sanlock packages provide a shared storage lock manager. Hosts with shared access to a block device or a file can use sanlock to synchronize their activities. VDSM and libvirt use sanlock to synchronize access to shared devices or files. Bug Fixes and Enhancements: sanlock lockspace stuck in...

PT-2022-9902 · Arista · Arista Eos

Name of the Vulnerable Software and Affected Versions: Arista EOS affected versions not specified Description: The issue occurs when a Precision Time Protocol PTP packet with an invalid Type-Length-Value TLV is received, causing the PTP agent to restart. Repeated restarts of the service will make...

Security Advisory 0076

Security Advisory 0076 . CSAF PDF April 26th, 2022 Revision | Date | Changes ---|---|--- 1.0 | April 26th, 2022 | Initial release 1.1 | May 16th, 2022 | Updated hotfix information The CVE-ID tracking this issue: CVE-2021-28510 CVSSv3.1 Base Score: 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L...

Security Bulletin: IBM Security Verify Password Synchronization Plug-in for Windows AD is vulnerable to a denial of service vulnerability (CVE-2022-22323, CVE-2022-22312)

Summary IBM Security Verify Password Synchronization Plug-in for Windows AD released a fix in response to a denial of service vulnerability caused by a heap-based buffer overflow in the Password Synch Plug-in. Vulnerability Details CVEID: CVE-2022-22323 DESCRIPTION: IBM Security Identity Manager ...

CVE-2022-22312

IBM Security Identity Manager IBM Security Verify Password Synchronization Plug-in for Windows AD 10.x is vulnerable to a denial of service, caused by a heap-based buffer overflow in the Password Synch Plug-in. An authenticated attacker could exploit this vulnerability to cause a denial of servic...

CVE-2022-22323

IBM Security Identity Manager IBM Security Verify Password Synchronization Plug-in for Windows AD 10.x is vulnerable to a denial of service, caused by a heap-based buffer overflow in the Password Synch Plug-in. An authenticated attacker could exploit this vulnerability to cause a denial of servic...

Offload to Capacity Tier fails with: Scale-out repository rescan is required: performance tier is not synchronized with capacity tier.

Challenge SOBR Offload task fails with the error: Error: Backup file version mismatch: scale-out backup repository rescan is required. Cause There is a discrepancy between the information within the Veeam Backup & Replication configuration database and the metadata in the object storage repositor...

The vulnerability of the McAfee Total Protection antivirus protection, related to synchronization errors when using a common resource, allows a hacker to trigger a service failure or gain privileged access.

The vulnerability of the McAfee Total Protection antivirus protection lies in synchronization errors when using a common resource. Exploiting this vulnerability can allow an attacker to gain privileged access or cause service interruptions...

Fedora: Security Advisory for rsync (FEDORA-2022-413a80a102)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

The vulnerability of the UHCI controller on the VMware Cloud Foundation virtualization platform and the VMware ESXi hypervisor allows a attacker to execute arbitrary code.

The vulnerability of the UHCI platform of the VMware Cloud Foundation and the VMware ESXi hypervisor lies in synchronization errors when using a shared resource. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of Fortinet FortiWLM, a centralized management system for WLAN access points and LAN switches, arises due to synchronization errors when using shared resources. This vulnerability allows an attacker to execute arbitrary code.

The vulnerability of the Fortinet FortiWLM WLAN access point and LAN switch management system is related to synchronization errors when using a shared resource. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of VMware Cloud Foundation’s virtualization platform and VMware ESXi hypervisor, related to synchronization errors when using shared resources, allows attackers to escalate their privileges.

The vulnerability of the VMware Cloud Foundation virtualization platform and the VMware ESXi hypervisor is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow attackers to increase their privileges...

The vulnerability of the PJSIP multimedia communication library, related to synchronization errors when using a common resource, allows attackers to trigger a service failure.

The vulnerability of the PJSIP multimedia communication library is related to synchronization errors when using a common resource. Exploiting this vulnerability can allow an attacker to cause service failures...

PT-2022-2843 · Microsoft · Windows Hyper-V +1

Name of the Vulnerable Software and Affected Versions: Windows Hyper-V affected versions not specified Description: The issue is related to synchronization errors when using a shared resource, specifically a "race condition" situation, in the Windows Hyper-V hardware virtualization system. This c...

PT-2022-2836 · Microsoft · Windows Dns Server +1

Name of the Vulnerable Software and Affected Versions: Windows DNS Server affected versions not specified Description: The issue is caused by synchronization errors when using a shared resource in the Windows operating system. It allows remote attackers to execute arbitrary code and affect the...

PT-2022-2842 · Microsoft · Windows Hyper-V +1

Name of the Vulnerable Software and Affected Versions: Windows Hyper-V affected versions not specified Description: The issue is related to synchronization errors in the Windows Hyper-V hardware virtualization system, specifically a "race condition" situation. This allows a remote attacker to...

PT-2022-2930 · Microsoft · Windows Dns Server +1

Name of the Vulnerable Software and Affected Versions: Windows DNS Server affected versions not specified Description: The issue is caused by synchronization errors when using a shared resource in the Windows DNS Server component. This allows a remote attacker to execute arbitrary code, affecting...

PT-2022-2875 · Microsoft · Windows File Server Resource Management Service +1

Name of the Vulnerable Software and Affected Versions: Windows File Server Resource Management Service affected versions not specified Description: The issue is related to synchronization errors when using a shared resource in the Windows File Server Resource Management Service. This can allow an...

PT-2022-2906

Name of the Vulnerable Software and Affected Versions Windows Work Folder Service affected versions not specified Description The issue is related to errors in synchronization when using a shared resource in the Windows Work Folder Service, which can allow an attacker to elevate their privileges...

PT-2022-2837 · Microsoft · Windows Dns Server +1

Name of the Vulnerable Software and Affected Versions: Windows DNS Server affected versions not specified Description: The issue is caused by synchronization errors when using a shared resource in the Windows operating system. It allows remote attackers to execute arbitrary code and affect the...