CVE-2019-14851

A denial of service vulnerability was discovered in nbdkit. A client issuing a certain sequence of commands could possibly trigger an assertion failure, causing nbdkit to exit. This issue only affected nbdkit versions 1.12.7, 1.14.1, and 1.15.1...

Moderate: Red Hat Security Advisory: qemu-kvm-rhev security update

An update for qemu-kvm-rhev is now available for Red Hat OpenStack Platform 13.0 Queens. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

QEMU: reachable assertion failure in net_tx_pkt_add_raw_fragment() in hw/net/net_tx_pkt.c

An assertion failure flaw was found in QEMU in the network packet processing component. This issue affects the "e1000e" and "vmxnet3" network devices. This flaw allows a malicious guest user or process to abort the QEMU process on the host, resulting in a denial of service...

Libguestfs Nbdkit 安全漏洞

Libguestfs Nbdkit is an application from the Libguestfs community for creating an NBD protocol for accessing Network Block Devices server. A security vulnerability exists in nbdkit that stems from the fact that a specific sequence of commands issued by a client may trigger an assertion failure, t...

RHEL 7 : qemu-kvm-rhev (RHSA-2021:0934)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0934 advisory. KVM Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provi...

CVE-2021-28543

Varnish varnish-modules before 0.17.1 allows remote attackers to cause a denial of service daemon restart in some configurations. This does not affect organizations that only install the Varnish Cache product; however, it is common to install both Varnish Cache and varnish-modules. Specifically, ...

Null pointer dereference

Varnish varnish-modules before 0.17.1 allows remote attackers to cause a denial of service daemon restart in some configurations. This does not affect organizations that only install the Varnish Cache product; however, it is common to install both Varnish Cache and varnish-modules. Specifically, ...

CVE-2021-28543

Varnish varnish-modules before 0.17.1 allows remote attackers to cause a denial of service daemon restart in some configurations. This does not affect organizations that only install the Varnish Cache product; however, it is common to install both Varnish Cache and varnish-modules. Specifically, ...

CVE-2021-28543

Varnish varnish-modules before 0.17.1 allows remote attackers to cause a denial of service daemon restart in some configurations. This does not affect organizations that only install the Varnish Cache product; however, it is common to install both Varnish Cache and varnish-modules. Specifically, ...

Session fixation

A packet of death scenario is possible in mvfst via a specially crafted message during a QUIC session, which causes a crash via a failed assertion. Per QUIC specification, this particular message should be treated as a connection error. This issue affects mvfst versions prior to commit...

CVE-2021-24029

Summary of CVE-2021-24029 (mvfst/proxygen) : A specially crafted QUIC message can trigger a crash via a failed assertion in mvfst, treated as a connection error per QUIC spec. The issue affects mvfst versions prior to commit a67083ff4b8dcbb7ee2839da6338032030d712b0 and proxygen versions prior to ...

DEBIAN-CVE-2021-20286

A flaw was found in libnbd 1.7.3. An assertion failure in nbdunlockedoptgo in ilb/opt.c may lead to denial of service...

Design/Logic Flaw

A flaw was found in libnbd 1.7.3. An assertion failure in nbdunlockedoptgo in ilb/opt.c may lead to denial of service...

UBUNTU-CVE-2021-20286

A flaw was found in libnbd 1.7.3. An assertion failure in nbdunlockedoptgo in ilb/opt.c may lead to denial of service...

CVE-2021-20286

CVE-2021-20286 affects libnbd 1.7.3, with an assertion failure in nbd_unlocked_opt_go (ilb/opt.c) that may lead to denial of service. Connected advisories/documentation show multiple distros affected (e.g., openSUSE SUSE-SU-2021:2274-1; CBL Mariner 2.0; Red Hat/RHEL entries) and indicate upgrades...

libnbd 安全漏洞

libnbd is a library for editing NBD Network Block Device clients. A security vulnerability exists in libnbd 1.7.3, which stems from the fact that a failure of the nbd unlocked opt go in ilb opt.c assertion may result in a denial of service...

OPENSUSE-SU-2021:0408-1 Security update for openldap2

This update for openldap2 fixes the following issues: - bsc1182408 CVE-2020-36230 - an assertion failure in slapd in the X.509 DN parsing in decode.c bernextelement, resulting in denial of service. - bsc1182411 CVE-2020-36229 - ldapX509dn2bv crash in the X.509 DN parsing in adkeystring, resulting...

Security update for openldap2 (important)

openSUSE Security Update: Security update for openldap2 Announcement ID: openSUSE-SU-2021:0408-1 Rating: important References: 1182279 1182408 1182411 1182412 1182413 1182415 1182416 1182417 1182418 1182419 1182420 Cross-References: CVE-2020-36221 CVE-2020-36222 CVE-2020-36223 CVE-2020-36224...

Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2021-1667)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-20286

A flaw was found in libnbd. A malicious server may be able to kill a client application using libnbd due to an assertion failure in nbdunlockedoptgo leading to denial of service. The highest threat from this vulnerability is to system availability...