CBL Mariner 2.0 Security Update: heimdal / samba (CVE-2022-41916)

The version of heimdal / samba installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-41916 advisory. - Heimdal is an implementation of ASN.1/DER, PKIX, and Kerberos. Versions prior to 7.7.1 are vulnerab...

Fedora 36 : heimdal (2022-dba9ba8e2b)

The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-dba9ba8e2b advisory. Fixes: Delay service starts until after network is online rhbz2005501 Restart services on package update will apply when updating from this release...

CVE-2022-41916 Read one byte past a buffer when normalizing Unicode

Heimdal is an implementation of ASN.1/DER, PKIX, and Kerberos. Versions prior to 7.7.1 are vulnerable to a denial of service vulnerability in Heimdal's PKI certificate validation library, affecting the KDC via PKINIT and kinit via PKINIT, as well as any third-party applications using Heimdal's...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2016-1026)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RUSTSEC-2019-0007 Processing of maliciously crafted length fields causes memory allocation SIGABRTs

Affected versions of this crate tried to preallocate a vector for an arbitrary amount of bytes announced by the ASN.1-DER length field without further checks. This allows an attacker to trigger a SIGABRT by creating length fields that announce more bytes than the allocator can provide. The flaw w...

Processing of maliciously crafted length fields causes memory allocation SIGABRTs

Affected versions of this crate tried to preallocate a vector for an arbitrary amount of bytes announced by the ASN.1-DER length field without further checks. This allows an attacker to trigger a SIGABRT by creating length fields that announce more bytes than the allocator can provide. The flaw w...

EulerOS 2.0 SP1 : kernel (EulerOS-SA-2016-1026)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - It was found that the Linux kernel KVM subsystem's sysenter instruction emulation was not sufficient. An unprivileged guest user could use this...

Debian Security Advisory DSA 3688-1 (nss - security update)

Several vulnerabilities were discovered in NSS, the cryptography library developed by the Mozilla project. CVE-2015-4000 David Adrian et al. reported that it may be feasible to attack Diffie-Hellman-based cipher suites in certain circumstances, compromising the confidentiality and integrity of da...

HPSBHF3548 rev.2 - Linux Kernel Flaw, ASN.1 DER decoder for x509 certificate DER files

Potential Security Impact System downtime, or privilege escalation. Source:HP, HP Product Security Response Team PSRT Reported by: HP VULNERABILITY SUMMARY A flaw was found in the way the Linux kernel's ASN.1 DER decoder processed certain certificate files with tags of indefinite length. A local,...

Medium: kernel

Issue Overview: The Linux kernel did not properly suppress hugetlbfs support in x86 PV guests, which could allow local PV guest users to cause a denial of service guest OS crash by attempting to access a hugetlbfs mapped area. CVE-2016-3961 / XSA-174 A flaw was found in the way the Linux kernel's...

Scientific Linux Security Update : kernel on SL7.x x86_64 (20160512)

Security Fixes : - A flaw was found in the way the Linux kernel's ASN.1 DER decoder processed certain certificate files with tags of indefinite length. A local, unprivileged user could use a specially crafted X.509 certificate DER file to crash the system or, potentially, escalate their privilege...

Ubuntu: Security Advisory (USN-2978-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 16.04 LTS : Linux kernel (Qualcomm Snapdragon) vulnerability (USN-2979-4)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-2979-4 advisory. Philip Pettersson discovered that the Linux kernel's ASN.1 DER decoder did not properly process certificate files with tags of indefinite length. A local...

Ubuntu 14.04 LTS : Linux kernel (Vivid HWE) vulnerability (USN-2977-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-2977-1 advisory. Philip Pettersson discovered that the Linux kernel's ASN.1 DER decoder did not properly process certificate files with tags of indefinite length. A local...

Ubuntu: Security Advisory (USN-2975-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 16.04 LTS : Linux kernel (Raspberry Pi 2) vulnerability (USN-2979-3)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-2979-3 advisory. Philip Pettersson discovered that the Linux kernel's ASN.1 DER decoder did not properly process certificate files with tags of indefinite length. A local...

Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-2979-1)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-2979-1 advisory. David Matlack discovered that the Kernel-based Virtual Machine KVM implementation in the Linux kernel did not properly restrict variable Memory Type Rang...

Ubuntu 15.10 : linux vulnerabilities (USN-2978-1)

David Matlack discovered that the Kernel-based Virtual Machine KVM implementation in the Linux kernel did not properly restrict variable Memory Type Range Registers MTRR in KVM guests. A privileged user in a guest VM could use this to cause a denial of service system crash in the host, expose...

Ubuntu 15.10 : linux-raspi2 vulnerability (USN-2978-3)

Philip Pettersson discovered that the Linux kernel's ASN.1 DER decoder did not properly process certificate files with tags of indefinite length. A local unprivileged attacker could use this to cause a denial of service system crash or possibly execute arbitrary code with administrative privilege...

Ubuntu 14.04 LTS : Linux kernel vulnerability (USN-2975-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-2975-1 advisory. Philip Pettersson discovered that the Linux kernel's ASN.1 DER decoder did not properly process certificate files with tags of indefinite length. A local...