SUSE CVE-2024-40945

In the Linux kernel, the following vulnerability has been resolved: iommu: Return right value in iommusvabinddevice iommusvabinddevice should return either a sva bond handle or an ERRPTR value in error cases. Existing drivers idxd and uacce only check the return value with ISERR. This could...

DEBIAN-CVE-2024-40945

In the Linux kernel, the following vulnerability has been resolved: iommu: Return right value in iommusvabinddevice iommusvabinddevice should return either a sva bond handle or an ERRPTR value in error cases. Existing drivers idxd and uacce only check the return value with ISERR. This could...

CVE-2024-40945 iommu: Return right value in iommu_sva_bind_device()

In the Linux kernel, the following vulnerability has been resolved: iommu: Return right value in iommusvabinddevice iommusvabinddevice should return either a sva bond handle or an ERRPTR value in error cases. Existing drivers idxd and uacce only check the return value with ISERR. This could...

CLSA-2024-1720777628 Update of bind

Bump the epoch to fix package upgrade...

CVE-2024-28872 Incorrect TLS certificate validation can lead to escalated privileges

The TLS certificate validation code is flawed. An attacker can obtain a TLS certificate from the Stork server and use it to connect to the Stork agent. Once this connection is established with the valid certificate, the attacker can send malicious commands to a monitored service Kea or BIND 9,...

CVE-2024-28872 Incorrect TLS certificate validation can lead to escalated privileges

The TLS certificate validation code is flawed. An attacker can obtain a TLS certificate from the Stork server and use it to connect to the Stork agent. Once this connection is established with the valid certificate, the attacker can send malicious commands to a monitored service Kea or BIND 9,...

CVE-2024-28872

The CVE-2024-28872 issue affects ISC Stork versions 0.15.0 through 1.15.0 and stems from flawed TLS certificate validation. An attacker could obtain a TLS certificate from the Stork server and use it to connect to the Stork agent, then issue malicious commands to monitored services (Kea or BIND 9...

PT-2024-5336 · Isc +12 · Bind 9 +12

Name of the Vulnerable Software and Affected Versions: BIND 9 versions 9.11.0 through 9.11.37 BIND 9 versions 9.16.0 through 9.16.50 BIND 9 versions 9.18.0 through 9.18.27 BIND 9 versions 9.19.0 through 9.19.24 BIND 9 versions 9.11.4-S1 through 9.11.37-S1 BIND 9 versions 9.16.8-S1 through...

CBL Mariner 2.0 Security Update: bind (CVE-2019-6470)

The version of bind installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2019-6470 advisory. - There had existed in one of the ISC BIND libraries a bug in a function that was used by dhcpd when operating in...

CBL Mariner 2.0 Security Update: bind (CVE-2023-5517)

The version of bind installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-5517 advisory. - A flaw in query-handling code can cause named to exit prematurely with an assertion failure when: -...

CBL Mariner 2.0 Security Update: bind (CVE-2023-6516)

The version of bind installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-6516 advisory. - To keep its cache database efficient, named running as a recursive resolver occasionally attempts to clean up t...

CBL Mariner 2.0 Security Update: bind (CVE-2023-4408)

The version of bind installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-4408 advisory. - The DNS message parsing code in named includes a section whose computational complexity is overly high. It does...

CBL Mariner 2.0 Security Update: bind (CVE-2023-5679)

The version of bind installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-5679 advisory. - A bad interaction between DNS64 and serve-stale May cause named to crash with an assertion failure during...

CVE-2024-23380

Memory corruption while handling user packets during VBO bind operation...

CVE-2024-23380 Use After Free in Graphics

Memory corruption while handling user packets during VBO bind operation...

CVE-2024-23380 Use After Free in Graphics

Memory corruption while handling user packets during VBO bind operation...

CVE-2024-23380

CVE-2024-23380 is a memory corruption issue in Qualcomm’s graphics stack related to handling user packets during a VBO bind operation. The flaw is described as a local issue with high impact to confidentiality, integrity, and availability. The CVSS indicates local access with low attack complexit...

Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2024-1850)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2024-1864)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

ROS-20240701-02

A vulnerability in the DNSSEC component of the DNS protocol implementation of the DNS server BIND is related to the algorithmic complexity and unrestricted resource allocation in the creation of a DNS zone. complexity and unrestricted resource allocation when creating a DNS zone. Exploitation of...