5093 matches found
Updated kernel-linus packages fix security vulnerabilities
This update provides an upgrade to the new upstream 5.10 longterm branch, currently based on 5.10.6, adding new features and new and improved hardware support. This update also fixes at least the following security issues: In binderreleasework of binder.c, there is a possible use-after-free due t...
Important: net-snmp
Issue Overview: A flaw was found in Net-SNMP through version 5.73, where an Improper Privilege Management issue occurs due to SNMP WRITE access to the EXTEND MIB allows running arbitrary commands as root. The highest threat from this vulnerability is to confidentiality, integrity, as well as syst...
Low: tomcat7
Issue Overview: A flaw was found in Apache Tomcat. The HTTP header parsing code used an approach to end-of-line EOL parsing that allowed some invalid HTTP headers to be parsed as valid. This led to the possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that...
Medium: bind
Issue Overview: A flaw was found in bind. An assertion failure can occur when trying to verify a truncated response to a TSIG-signed request. The highest threat from this vulnerability is to system availability. CVE-2020-8622 Affected Packages: bind Issue Correction: Run yum update bind or yum...
Important: xorg-x11-server
Issue Overview: A flaw was found in X.Org Server. An Out-Of-Bounds access in XkbSetNames function may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. CVE-2020-14345 A flaw was found i...
Important: libX11
Issue Overview: An integer overflow vulnerability leading to a double-free was found in libX11. This flaw allows a local privileged attacker to cause an application compiled with libX11 to crash, or in some cases, result in arbitrary code execution. The highest threat from this flaw is to...
kernel: soft-lockups in iov_iter_copy_from_user_atomic() could result in DoS
A flaw was found in the Linux kernel’s implementation of biovecs. A zero-length biovec request issued by the block subsystem could cause the kernel to enter an infinite loop, causing a denial of service. This flaw allows a local attacker with basic privileges to issue requests to a block device,...
Amazon Linux AMI : postgresql95, postgresql96 (ALAS-2021-1476)
The version of postgresql95 installed on the remote host is prior to 9.5.24-1.82. The version of postgresql96 installed on the remote host is prior to 9.6.20-1.84. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2021-1476 advisory. A flaw was found in postgresql. ...
Amazon Linux AMI : xorg-x11-server (ALAS-2021-1475)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2021-1475 advisory. A flaw was found in X.Org Server. An Out-Of-Bounds access in XkbSetNames function may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data...
dotnet: ASP.NET Core Callbacks outside of locks cause Krestel deadlock when using HTTP2
A flaw was found in dotnet. Running callbacks outside of locks results in Krestel deadlock using HTTP2. The highest threat from this vulnerability is to system availability...
postgresql-jdbc: XML external entity (XXE) vulnerability in PgSQLXML
A flaw was found in PostgreSQL JDBC in versions prior to 42.2.13. An XML External Entity XXE weakness was found in PostgreSQL JDBC. The highest threat from this vulnerability is to data confidentiality and system availability...
CVE-2021-1723
A flaw was found in dotnet. Running callbacks outside of locks results in Krestel deadlock using HTTP2. The highest threat from this vulnerability is to system availability...
XStream: remote code execution due to insecure XML deserialization when relying on blocklists
A flaw was found in xstream. An unsafe deserialization of user-supplied XML, in conjunction with relying on the default deny list, allows a remote attacker to perform a variety of attacks including a remote code execution of arbitrary code in the context of the JVM running the XStream application...
dotnet: ASP.NET Core Callbacks outside of locks cause Krestel deadlock when using HTTP2
A flaw was found in dotnet. Running callbacks outside of locks results in Krestel deadlock using HTTP2. The highest threat from this vulnerability is to system availability...
dotnet: ASP.NET Core Callbacks outside of locks cause Krestel deadlock when using HTTP2
A flaw was found in dotnet. Running callbacks outside of locks results in Krestel deadlock using HTTP2. The highest threat from this vulnerability is to system availability...
Oracle Linux 7 / 8 : Unbreakable Enterprise kernel-container (ELSA-2021-9007)
The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-9007 advisory. - xen-blkback: set ring-xenblkd to NULL after kthreadstop Pawel Wieczorkiewicz Orabug: 32260252 CVE-2020-29569 - xenbus/xenbusbackend: Disallow...
Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2021-9006)
The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-9006 advisory. - xen-blkback: set ring-xenblkd to NULL after kthreadstop Pawel Wieczorkiewicz Orabug: 32260252 CVE-2020-29569 - xenbus/xenbusbackend: Disallow...
CVE-2020-27827
A flaw was found in multiple versions of OpenvSwitch. Specially crafted LLDP packets can cause memory to be lost when allocating data to handle specific optional TLVs, potentially causing a denial of service. The highest threat from this vulnerability is to system availability...
CVE-2020-35654
A flaw was found in python-pillow. TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts with LibTIFF in RGBA mode. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availabilit...
kernel: soft-lockups in iov_iter_copy_from_user_atomic() could result in DoS
A flaw was found in the Linux kernel’s implementation of biovecs. A zero-length biovec request issued by the block subsystem could cause the kernel to enter an infinite loop, causing a denial of service. This flaw allows a local attacker with basic privileges to issue requests to a block device,...