Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: nfsd: Map EBADMSG to nfserrio to avoid warnings. Ext4 will throw -EBADMSG during ext4readdir when a checksum error occurs, resulting in the following warning. Fix this by mapping EBADMSG to nfserrio. nfsdbufferedreaddir...

MiracleLinux 8 : curl-7.61.1-22.el8.4 (AXSA:2022-3789:02)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3789:02 advisory. curl: HTTP compression denial of service CVE-2022-32206 curl: FTP-KRB bad message verification CVE-2022-32208 Tenable has extracted the preceding...

Linux Distros Unpatched Vulnerability : CVE-2024-9622

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in the resteasy-netty4 library arising from improper handling of HTTP requests using smuggling techniques. When an HTTP smuggling...

nfsd: map the EBADMSG to nfserr_io to avoid warning

...

UBUNTU-CVE-2024-49875

In the Linux kernel, the following vulnerability has been resolved: nfsd: map the EBADMSG to nfserrio to avoid warning Ext4 will throw -EBADMSG through ext4readdir when a checksum error occurs, resulting in the following WARNING. Fix it by mapping EBADMSG to nfserrio. nfsdbufferedreaddir iterated...

CVE-2024-9622

A vulnerability was found in the resteasy-netty4 library arising from improper handling of HTTP requests using smuggling techniques. When an HTTP smuggling request with an ASCII control character is sent, it causes the Netty HttpObjectDecoder to transition into a BADMESSAGE state. As a result, an...

UBUNTU-CVE-2024-9622

A vulnerability was found in the resteasy-netty4 library arising from improper handling of HTTP requests using smuggling techniques. When an HTTP smuggling request with an ASCII control character is sent, it causes the Netty HttpObjectDecoder to transition into a BADMESSAGE state. As a result, an...

curl security update

7.76.1-14.el90.5 - fix unpreserved file permissions CVE-2022-32207 - fix HTTP compression denial of service CVE-2022-32206 - fix FTP-KRB bad message verification CVE-2022-32208...

RLSA-2022:6157 Moderate: curl security update

The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fixes: curl: HTTP compression denial of service CVE-2022-32206 curl: Unpreserved file permissions CVE-2022-32207 curl: FTP-KRB bad...

curl security update

7.61.1-22.el86.4 - fix HTTP compression denial of service CVE-2022-32206 - fix FTP-KRB bad message verification CVE-2022-32208...

ALSA-2022:6159 Moderate: curl security update

The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fixes: curl: HTTP compression denial of service CVE-2022-32206 curl: FTP-KRB bad message verification CVE-2022-32208 For more...

SUSE-SU-2022:2327-1 Security update for curl

This update for curl fixes the following issues: - CVE-2022-32206: HTTP compression denial of service bsc1200735 - CVE-2022-32208: FTP-KRB bad message verification bsc1200737...

SUSE: Security Advisory (SUSE-SU-2022:2288-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MGASA-2022-0250 Updated curl packages fix security vulnerability

Set-Cookie denial of service. CVE-2022-32205 HTTP compression denial of service. CVE-2022-32206 Unpreserved file permissions. CVE-2022-32207 FTP-KRB bad message verification. CVE-2022-32208...