868 matches found
aws-kms-tls-auth vulnerable to memory overallocation
Summary aws-kms-tls-auth is an optional utility for s2n-tls that enables customers to use AWS KMS keys as part of the PSK extension field in a TLS 1.3 handshake. An issue exists in this library that can lead to overallocation of memory potentially resulting in a denial of service. Impact The PSK...
Amazon Linux 2023 : nodejs20, nodejs20-devel, nodejs20-full-i18n (ALAS2023-2026-1402)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1402 advisory. Bypass File System Permissions using crafted symlinks CVE-2025-55130 A flaw in Node.js's buffer allocation logic can expose uninitialized memory when allocations are interrupted, when using th...
USN-7940-2 linux-azure-nvidia vulnerabilities
Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...
USN-7921-2: Linux kernel (Real-time) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Media drivers; - Netfilter; - TLS protocol; CVE-2025-39946, CVE-2025-39964, CVE-2025-39993,...
USN-7889-7: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Media drivers; - Network drivers; - Netfilter; - TLS protocol; CVE-2025-21729, CVE-2025-38227, CVE-2025-38616,...
USN-7889-7 linux-raspi, linux-raspi-realtime, linux-xilinx vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Media drivers; - Network drivers; - Netfilter; - TLS protocol; CVE-2025-21729, CVE-2025-38227, CVE-2025-38616,...
Ubuntu 22.04 LTS / 24.04 LTS : Linux kernel (Azure) vulnerabilities (USN-7935-1)
The remote Ubuntu 22.04 LTS / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7935-1 advisory. Jean-Claude Graf, Sandro Regge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor...
Ubuntu 24.04 LTS : Linux kernel (OEM) vulnerabilities (USN-7936-1)
The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7936-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in...
USN-7936-1 linux-oem-6.14 vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Compute Acceleration Framework; - Media drivers; - Netfilter; - TLS protocol; CVE-2025-39946,...
USN-7936-1: Linux kernel (OEM) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Compute Acceleration Framework; - Media drivers; - Netfilter; - TLS protocol; CVE-2025-39946,...
USN-7889-6 linux-hwe-6.8, linux-oracle-6.8 vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Media drivers; - Network drivers; - Netfilter; - TLS protocol; CVE-2025-21729, CVE-2025-38227, CVE-2025-38616,...
Ubuntu 24.04 LTS / 25.04 : Linux kernel vulnerabilities (USN-7921-1)
The remote Ubuntu 24.04 LTS / 25.04 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7921-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects...
USN-7889-5: Linux kernel (IBM) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Media drivers; - Network drivers; - Netfilter; - TLS protocol; CVE-2025-21729, CVE-2025-38227, CVE-2025-38616,...
USN-7889-5 linux-ibm-6.8 vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Media drivers; - Network drivers; - Netfilter; - TLS protocol; CVE-2025-21729, CVE-2025-38227, CVE-2025-38616,...
USN-7889-4: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Media drivers; - Network drivers; - Netfilter; - TLS protocol; CVE-2025-21729, CVE-2025-38227, CVE-2025-38616,...
BIT-NGINX-GATEWAY-2021-3618
ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic fr...
USN-7889-3: Linux kernel (Real-time) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Media drivers; - Network drivers; - Netfilter; - TLS protocol; CVE-2025-21729, CVE-2025-38227, CVE-2025-38616,...
USN-7889-3 linux-realtime, linux-realtime-6.8 vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Media drivers; - Network drivers; - Netfilter; - TLS protocol; CVE-2025-21729, CVE-2025-38227, CVE-2025-38616,...
USN-7889-2 linux-aws-fips, linux-fips, linux-gcp-fips vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Media drivers; - Network drivers; - Netfilter; - TLS protocol; CVE-2025-21729, CVE-2025-38227, CVE-2025-38616,...
USN-7889-1 linux, linux-aws, linux-aws-6.8, linux-ibm, linux-lowlatency, linux-lowlatency-hwe-6.8, linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency, linux-oracle vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Media drivers; - Network drivers; - Netfilter; - TLS protocol; CVE-2025-21729, CVE-2025-38227, CVE-2025-38616,...