kernel: firmware: cs_dsp: Use strnlen() on name fields in V1 wmfw files

A buffer overrun flaw exists in the Linux kernel when the strlen function is used on name fields in V1 wmfw files. This issue results in a loss of system availability...

The vulnerability of the add_ra_bio_pages() function in the file system of the Linux operating system’s kernel allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the addrabiopages function in the fs/btrfs/compression.c file of the btrfs file system in the Linux kernel relates to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...

CentOS 7 : libwebp (RHSA-2021:2260)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:2260 advisory. - A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in PutLE16. CVE-2018-25011 - A flaw was found in libwebp in versions befor...

KLA73942 DoS vulnerability in Wireshark

Denial of service vulnerability was found in Wireshark. Malicious users can exploit this vulnerability to cause denial of service. Original advisories wnpa-sec-2024-12 · ITS dissector crash Exploitation Public exploits exist for this vulnerability. Related products Wireshark CVE list CVE-2024-978...

CentOS 7 : podman (RHSA-2021:0681)

The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:0681 advisory. - A flaw was found in podman before 1.7.0. File permissions for non-root users running in a privileged container are not correctly checked. This flaw can be...

CentOS 7 : grub2 (RHSA-2021:0699)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0699 advisory. - A flaw was found in grub2 in versions prior to 2.06, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This fla...

CentOS 7 : kpatch-patch (RHSA-2021:3441)

The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:3441 advisory. - A flaw was found in the Routing decision classifier in the Linux kernel's Traffic Control networking subsystem in the way it handled changing of classificatio...

CentOS 7 : kernel-rt (RHSA-2021:3439)

The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:3439 advisory. - A flaw was found in the Routing decision classifier in the Linux kernel's Traffic Control networking subsystem in the way it handled changing of classificatio...

CentOS 7 : kernel-rt (RHSA-2020:5026)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:5026 advisory. - An issue was discovered in the Linux kernel before 5.0.6. In rxqueueaddkobject and netdevqueueaddkobject in net/core/net-sysfs.c, a reference count i...

CentOS 7 : nss (RHSA-2021:1384)

The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:1384 advisory. - A flaw was found in the way NSS handled CCS ChangeCipherSpec messages in TLS 1.3. This flaw allows a remote attacker to send multiple CCS messages, causing a...

KLA73880 DoS vulnerabilities in Google Chrome

Type confusion vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service. Original advisories Stable Channel Update for Desktop Related products Google-Chrome CVE list CVE-2024-9603 warning CVE-2024-9602 warning Solution Update to th...

kernel: Possible Denial of Service on Intel(R) Processors

A vulnerability was found in the bus lock regulator mechanism for some Intel processors models. This issue may allow a malicious actor to achieve a Denial of Service attack, impacting the system availability of the targeted host...

The vulnerability of the PHP programming language interpreter arises from the failure to address the issue of eliminating special elements that allow attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the PHP programming language interpreter exists due to the lack of measures taken to neutralize special elements. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected information...

kernel: mm, slub: fix potential memoryleak in kmem_cache_open()

A potential memory leak was found in the Linux kernel, in kmemcacheopen. This issue may lead to compromised system availability...

kernel: mm, slub: fix potential memoryleak in kmem_cache_open()

A potential memory leak was found in the Linux kernel, in kmemcacheopen. This issue may lead to compromised system availability...

kernel: firmware: cs_dsp: Use strnlen() on name fields in V1 wmfw files

A buffer overrun flaw exists in the Linux kernel when the strlen function is used on name fields in V1 wmfw files. This issue results in a loss of system availability...

edk2: Buffer overflow when handling Server ID option from a DHCPv6 proxy Advertise message

A security flaw involving buffer overflow was identified in EDK2, the open-source reference implementation of the UEFI specification. This vulnerability enables an unauthorized attacker within the vicinity network to transmit a specifically crafted DHCPv6 proxy Advertise message, resulting in the...

NewStart CGSL MAIN 6.02 : dnf Vulnerability (NS-SA-2024-0064)

The remote NewStart CGSL host, running version MAIN 6.02, has dnf packages installed that are affected by a vulnerability: - A flaw was found in libdnf's signature verification functionality. This flaw allows an attacker to achieve code execution if they can alter the header information of an RPM...

NewStart CGSL MAIN 6.02 : dnf-plugins-core Vulnerability (NS-SA-2024-0064)

The remote NewStart CGSL host, running version MAIN 6.02, has dnf-plugins-core packages installed that are affected by a vulnerability: - A flaw was found in libdnf's signature verification functionality. This flaw allows an attacker to achieve code execution if they can alter the header...

NewStart CGSL MAIN 6.02 : libdnf Vulnerability (NS-SA-2024-0056)

The remote NewStart CGSL host, running version MAIN 6.02, has libdnf packages installed that are affected by a vulnerability: - A flaw was found in libdnf's signature verification functionality. This flaw allows an attacker to achieve code execution if they can alter the header information of an...