AlmaLinux 8 : nodejs:18 (ALSA-2023:5362)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:5362 advisory. nodejs: Permissions policies can be bypassed via Module.load CVE-2023-32002 nodejs-semver: Regular expression denial of service CVE-2022-25883 nodejs:...

Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: stack overflow in doprocdointvec and procskipspaces CVE-2022-4378 ALSA: pcm: Move rwsem lock inside sndctlelemread to prevent UAF CVE-2023-0266 kernel: FUSE filesystem low-privileged user...

ALSA-2023:0854 Important: kernel-rt security and bug fix update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: mm/mremap.c use-after-free vulnerability CVE-2022-41222 kernel: nfsd buffer overflow by RPC message over TCP with garbage data...

Moderate: ruby:3.0 security, bug fix, and enhancement update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: ruby 3.0.4. BZ2109431 Security Fixes: ruby: Regular expression denial of...

Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: race condition in perfeventopen leads to privilege escalation CVE-2022-1729 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other...

ALBA-2022:0883 cloud-init bug fix and enhancement update

The cloud-init packages provide a set of init scripts for cloud instances. Cloud instances need special scripts to run during initialization to retrieve and install SSH keys, and to let the user run various scripts. Bug Fixes and Enhancements: AlmaLinux8 Azure cloud-init fails to configure the...

AlmaLinux 8 : rust-toolset:rhel8 (ALSA-2021:4270)

The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2021:4270 advisory. rust: incorrect parsing of extraneous zero characters at the beginning of an IP address string CVE-2021-29922 Tenable has extracted the preceding description block...

ALEA-2022:0359 tcpdump bug fix and enhancement update

The tcpdump packages contain the tcpdump utility for monitoring network traffic. The tcpdump utility can capture and display the packet headers on a particular network interface or on all interfaces. Bug Fixes and Enhancements: RFE tcpdump support for direction and interface needed in AlmaLinux8...

tcpdump bug fix and enhancement update

The tcpdump packages contain the tcpdump utility for monitoring network traffic. The tcpdump utility can capture and display the packet headers on a particular network interface or on all interfaces. Bug Fixes and Enhancements: RFE tcpdump support for direction and interface needed in AlmaLinux8...

Moderate: kernel security and bug fix update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: In Overlayfs missing a check for a negative dentry before calling vfsrename CVE-2021-20321 For more details about the security issues, including the impact, a CVSS score, acknowledgments,...