CVE-2024-23380 Use After Free in Graphics

Memory corruption while handling user packets during VBO bind operation...

CVE-2024-23380

CVE-2024-23380 is a memory corruption issue in Qualcomm’s graphics stack related to handling user packets during a VBO bind operation. The flaw is described as a local issue with high impact to confidentiality, integrity, and availability. The CVSS indicates local access with low attack complexit...

CVE-2024-23380 Use After Free in Graphics

Memory corruption while handling user packets during VBO bind operation...

Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2024-1850)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2024-1864)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

ROS-20240701-02

A vulnerability in the DNSSEC component of the DNS protocol implementation of the DNS server BIND is related to the algorithmic complexity and unrestricted resource allocation in the creation of a DNS zone. complexity and unrestricted resource allocation when creating a DNS zone. Exploitation of...

EulerOS 2.0 SP12 : bind (EulerOS-SA-2024-1850)

According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Certain DNSSEC aspects of the DNS protocol in RFC 4033, 4034, 4035, 6840, and related RFCs allow remote attackers to cause a denial of service CPU...

EulerOS 2.0 SP12 : bind (EulerOS-SA-2024-1864)

According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Certain DNSSEC aspects of the DNS protocol in RFC 4033, 4034, 4035, 6840, and related RFCs allow remote attackers to cause a denial of service CPU...

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in ISC BIND [CVE-2023-4408]

Summary Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in ISC BIND, caused by an error when parsing large DNS messages CVE-2023-4408. ISC BIND is included as a Base OS package used by our Service Runtimes. This vulnerabiliti...

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in ISC BIND [CVE-2023-50387]

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in ISC BIND, caused by an error when processing responses coming from specially crafted DNSSEC-signed zones CVE-2023-50387. ISC BIND is included as a Base OS package used by our Service...

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in ISC BIND [CVE-2023-50868]

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in ISC BIND, caused by an error when preparing an NSEC3 closest encloser proof. CVE-2023-50868. ISC BIND is included as a Base OS package used by our Service Runtimes. This vulnerabilitiy...

CLSA-2024-1718794440 bind: Fix of CVE-2022-3094

CVE-2022-3094: Fix issue causing resources exhaustion in named when processing dynamic DNS updates from trusted clients by releasing memory allocated to unpermitted clients immediately upon rejection...

Credential Leakage

org.keycloak, keycloak-core is vulnerable to Credential Leakage. The vulnerability is due to a lack of proper validation and enforcement when administrators change the LDAP Connection URL without requiring re-entry of the currently configured LDAP bind credentials. The vulnerability allows an...

CentOS 7 : bind, bind-dyndb-ldap, and dhcp (RHSA-2024:3741)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3741 advisory. - The DNS message parsing code in named includes a section whose computational complexity is overly high. It does not cause problems for typical DNS...

GHSA-GMRM-8FX4-66X7 Duplicate Advisory: Keycloak: Leak of configured LDAP bind credentials

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-c25h-c27q-5qpv. This link is maintained to preserve external references. Original Description A vulnerability was found in Keycloak. The LDAP testing endpoint allows changing the Connection URL independently...

SUSE SLES15 Security Update : bind (SUSE-SU-2024:2033-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2033-1 advisory. - CVE-2023-4408: Fixed denial of service during DNS message parsing with different names bsc1219851 - CVE-2023-50387: Fixed denial ...

SUSE: Security Advisory (SUSE-SU-2024:2033-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2024:2033-1 Security update for bind

This update for bind fixes the following issues: - CVE-2023-4408: Fixed denial of service during DNS message parsing with different names bsc1219851 - CVE-2023-50387: Fixed denial of service during DNS messages validation with DNSSEC signatures bsc1219823 - CVE-2023-50868: Fixed denial of service...

OPENSUSE-SU-2024:12129-1 bind-9.18.3-1.1 on GA media

These are all security issues fixed in the bind-9.18.3-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:13687-1 bind-9.18.24-1.1 on GA media

These are all security issues fixed in the bind-9.18.24-1.1 package on the GA media of openSUSE Tumbleweed...