15 matches found
EUVD-2001-0873
Malware in sbrugna...
Fedora 40 : firecracker / virtiofsd (2023-eb87748e07)
The remote Fedora 40 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2023-eb87748e07 advisory. Rebuild dependent packages for vm-memory v0.12.2 to address CVE-2023-41051 / RUSTSEC-2023-0056. - https://vulners.com/cve/CVE-2023-41051 -...
Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2021-9135)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-9135 advisory. 4.14.35-2047.500.9.3.el7uek - net/rds: Reject error code change Ka-Cheong Poon Orabug: 32577425 - PCI: hotplug: Add module parameter to allow user...
Fedora 32 : kernel (2021-8d45d297c6)
The remote Fedora 32 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-8d45d297c6 advisory. - An issue was discovered in the Linux kernel 3.11 through 5.10.16, as used by Xen. To service requests to the PV backend, the driver maps grant...
CVE-2021-26932
An issue was discovered in the Linux kernel 3.2 through 5.10.16, as used by Xen. Grant mapping operations often occur in batch hypercalls, where a number of operations are done in a single hypercall, the success or failure of each one is reported to the backend driver, and the backend driver then...
Design/Logic Flaw
An issue was discovered in the Linux kernel 3.2 through 5.10.16, as used by Xen. Grant mapping operations often occur in batch hypercalls, where a number of operations are done in a single hypercall, the success or failure of each one is reported to the backend driver, and the backend driver then...
Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2021-9053)
The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-9053 advisory. - xen-blkback: fix error handling in xenblkbkmap Jan Beulich Orabug: 32492109 CVE-2021-26930 - xen-scsiback: don't 'handle' error by BUG Jan Beulic...
Debian Security Advisory DSA 3471-1 (qemu - security update)
Several vulnerabilities were discovered in qemu, a full virtualization solution on x86 hardware. CVE-2015-7295 Jason Wang of Red Hat Inc. discovered that the Virtual Network Device support is vulnerable to denial-of-service, that could occur when receiving large packets. CVE-2015-7504 Qinghao Tan...
Security update for the Linux Kernel (important)
The Linux kernel for openSUSE Leap 42.1 was updated to the 4.1.15 stable release, and also includes security and bugfixes. Following security bugs were fixed: - CVE-2016-0728: A reference leak in keyring handling with joinsessionkeyring could lead to local attackers gain root privileges. bsc96207...
[SECURITY] [DSA 3434-1] linux security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3434-1 [email protected] https://www.debian.org/security/ Ben Hutchings January 05, 2016 https://www.debian.org/security/faq -...
Debian DSA-2632-1 : linux-2.6 - privilege escalation/denial of service
Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2013-0231 Jan Beulich provided a fix for an issue in the Xen PCI backend driver...
Debian Security Advisory DSA 2632-1 (linux-2.6 - privilege escalation/denial of service)
Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2013-0231 Jan Beulich provided a fix for an issue in the Xen PCI backend drivers...
PT-2011-1486 · Linux +1 · Xen +1
Name of the Vulnerable Software and Affected Versions: Xen versions prior to 3.4.0 for the Linux kernel 2.6.18 Description: The issue allows guest OS users to cause a denial of service, resulting in an infinite loop and CPU consumption. This is achieved by sending a large production request index...
CVE-2001-0890
The CVE-2001-0890 entry describes a vulnerability in backend drivers of the SANE library (1.0.3 and earlier), used by frontend tools such as XSane, where a local user can modify files via a symlink attack on temporary files. The root cause is a symlink-related flaw in temporary file handling with...
CVE-2001-0890
Certain backend drivers in the SANE library 1.0.3 and earlier, as used in frontend software such as XSane, allows local users to modify files via a symlink attack on temporary files...