USN-7730-1: PIM Messagelib vulnerabilities

Damian Poddebniak, Christian Dresen, Jens Müller, Fabian Ising, Sebastian Schinzel, Simon Friedberger, Juraj Somorovsky, and Jörg Schwenk discovered that PIM Messagelib could be made to leak the plaintext of S/MIME encrypted emails when retrieving external content in emails. Under certain...

CVE-2023-4387

A use-after-free flaw was found in vmxnet3rqallocrxbuf in drivers/net/vmxnet3/vmxnet3drv.c in VMware's vmxnet3 ethernet NIC driver in the Linux Kernel. This issue could allow a local attacker to crash the system due to a double-free while cleaning up vmxnet3rqcleanupall, which could also lead to ...

CVE-2023-38409

A memory corruption flaw was found in setcon2fbmap in drivers/video/fbdev/core/fbcon.c in the Framebuffer Console in the Linux kernel. This flaw allows a local attacker to crash the system, leading to a denial of service. Mitigation Mitigation for this issue is to skip loading the affected module...

CVE-2023-31083

A NULL pointer dereference flaw was found in the Linux kernel’s Bluetooth HCI UART driver. This flaw allows a local user to crash the system. Mitigation To mitigate this issue, prevent module hciuart from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a...

CVE-2022-0322

A flaw was found in the sctpmakestrresetreq function in net/sctp/smmakechunk.c in the SCTP network protocol in the Linux kernel with a local user privilege access. In this flaw, an attempt to use more buffer than is allocated triggers a BUGON issue, leading to a denial of service DOS. Mitigation...

Important: Red Hat Security Advisory: kpatch-patch security update

An update is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links...

kmod bug fix and enhancement update

The kmod packages provide various programs needed for automatic loading and unloading of modules under 2.6, 3.x, and later kernels, as well as other module management programs. Bug Fixes and Enhancements: Symbolic links are not created after applying an errata kernel BZ1915253...

ALBA-2021:0561 kmod bug fix and enhancement update

The kmod packages provide various programs needed for automatic loading and unloading of modules under 2.6, 3.x, and later kernels, as well as other module management programs. Bug Fixes and Enhancements: Symbolic links are not created after applying an errata kernel BZ1915253...

OS Command Injection

lookatme is vulnerable to OS command injection. The vulnerability exists through the rendering of untrusted markdown when the built-in terminal and fileloader extensions are automatically loaded...

CVE-2020-15271

In lookatme python/pypi package versions prior to 2.3.0, the package automatically loaded the built-in "terminal" and "fileloader" extensions. Users that use lookatme to render untrusted markdown may have malicious shell commands automatically run on their system. This is fixed in version 2.3.0. ...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1485)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-2514-1: Linux kernel (OMAP4) vulnerabilities

A flaw was discovered in the Kernel Virtual Machine's KVM emulation of the SYSTENTER instruction when the guest OS does not initialize the SYSENTER MSRs. A guest OS user could exploit this flaw to cause a denial of service of the guest OS crash or potentially gain privileges on the guest OS...