Debian: Security Advisory (DSA-4602-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DSA 4602-1] xen security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4602-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 13, 2020 https://www.debian.org/security/faq -...

Fedora Update for libnbd FEDORA-2019-d20b357d44

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for libtevent FEDORA-2019-41c7fa478a

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora Update for libnbd FEDORA-2019-ec2eedaa9e

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Important: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

hw: TSX Transaction Asynchronous Abort (TAA)

A flaw was found in the way Intel CPUs handle speculative execution of instructions when the TSX Asynchronous Abort TAA error occurs. A local authenticated attacker with the ability to monitor execution times could infer the TSX memory state by comparing abort execution times. This could allow...

Important: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 7.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availabl...

NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel-rt Multiple Vulnerabilities (NS-SA-2019-0266)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has kernel-rt packages installed that are affected by multiple vulnerabilities: - The bnepsockioctl function in net/bluetooth/bnep/sock.c in the Linux kernel before 2.6.39 does not ensure that a certain device field ends with a...

SUSE-SU-2019:3389-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2019-16746: There was an issue in net/wireless/nl80211.c where the kernel did not check the length of variable elements in a beacon head, leading to a buffer...

Updated microcode packages fix security vulnerabilities

NOTE! This is a refresh of the 20191112 security update we released as MGASA-2019-0334. This update provides the Intel 20191115 microcode release that adds more microcode side fixes and mitigations for the Core Gen 6 to Core gen 10, some Xeon E series, adressing at least the following security...

SUSE-SU-2019:3295-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP1 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2019-15916: Fixed a memory leak in registerqueuekobjects which might have led denial of service bsc1149448. - CVE-2019-0154: Fixed an improper access...

hw: TSX Transaction Asynchronous Abort (TAA)

A flaw was found in the way Intel CPUs handle speculative execution of instructions when the TSX Asynchronous Abort TAA error occurs. A local authenticated attacker with the ability to monitor execution times could infer the TSX memory state by comparing abort execution times. This could allow...

Important: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

Virtuozzo 6 : parallels-server-bm-release / vzkernel / etc (VZA-2019-089)

According to the versions of the parallels-server-bm-release / vzkernel / etc packages installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities : - hw: Machine Check Error on Page Size Change IFU - hw: Intel GPU blitter manipulation can allow for...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2019-4850)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-4850 advisory. - vhost: make sure lognum innum yongduan Orabug: 30312787 CVE-2019-14835 - vhost: block speculation of translated descriptors Michael S. Tsirkin...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2019-4854)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-4854 advisory. - USB: check usbgetextradescriptor for proper size Mathias Payer Orabug: 30045797 CVE-2018-20169 - scsi: sg: fixup infoleak when using...

RHEL 8 : kpatch-patch (RHSA-2019:3936)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:3936 advisory. This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel...

VMware Workstation 15.0.x < 15.5.1 Multiple Vulnerabilities (VMSA-2019-0020, VMSA-2019-0021)

The version of VMware Workstation installed on the remote Windows host is 15.0.x prior to 15.5.1. It is, therefore, affected by multiple vulnerabilities: - An unspecified information disclosure vulnerability in vmnetdhcp. CVE-2019-5540 - An unspecified out-of-bounds write vulnerability in the...

VMware Fusion 11.0.x < 11.5.1 Multiple Vulnerabilities (VMSA-2019-0020, VMSA-2019-0021)

The version of VMware Fusion installed on the remote macOS or Mac OS X host is 11.0.x prior to 11.5.1. It is, therefore, affected by multiple vulnerabilities: - An unspecified information disclosure vulnerability in vmnetdhcp. CVE-2019-5540 - An unspecified out-of-bounds write vulnerability in th...