openSUSE: Security Advisory for bind (SUSE-SU-2024:0590-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 38 : bind / bind-dyndb-ldap (2024-fae88b73eb)

The remote Fedora 38 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2024-fae88b73eb advisory. Security Fixes - Validating DNS messages containing a lot of DNSSEC signatures could cause excessive CPU load, leading to a denial-of-service...

Fedora: Security Advisory for bind-dyndb-ldap (FEDORA-2024-fae88b73eb)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for bind (FEDORA-2024-fae88b73eb)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Advisory (SUSE-SU-2024:0574-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

UBUNTU-CVE-2023-52528

In the Linux kernel, the following vulnerability has been resolved: net: usb: smsc75xx: Fix uninit-value access in smsc75xxreadreg syzbot reported the following uninit-value access issue: ===================================================== BUG: KMSAN: uninit-value in smsc75xxwaitready...

SUSE CVE-2021-47068

In the Linux kernel, the following vulnerability has been resolved: net/nfc: fix use-after-free llcpsockbind/connect Commits 8a4cd82d "nfc: fix refcount leak in llcpsockconnect" and c33b1cc62 "nfc: fix refcount leak in llcpsockbind" fixed a refcount leak bug in bind/connect but introduced a...

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to multiple Base OS issues

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to multiple Base OS issues. We have updated the base image used by our Speech Services and the following vulnerabilities have been addressed. Please read the details for remediation below. Vulnerability Details...

Security Bulletin: ISC BIND on IBM i is vulnerable to denial of service attacks due to multiple vulnerabilities.

Summary IBM i Domain Name System DNS uses ISC BIND. ISC BIND on IBM i is vulnerable to denial of service attacks due to errors exploitable by remote attacker as described in the vulnerability details section CVE-2023-4408, CVE-2023-5517, CVE-2023-5679, CVE-2023-6516, CVE-2023-50868. This bulletin...

CVE-2021-47068

A flaw was found in the Linux kernel’s Near Field Communication NFC subsystem. The issue involves a use-after-free condition introduced by commits to fix reference count leaks. This vulnerability can be triggered if the same local address is assigned to two different sockets, leading to a potenti...

UBUNTU-CVE-2021-47068

In the Linux kernel, the following vulnerability has been resolved: net/nfc: fix use-after-free llcpsockbind/connect Commits 8a4cd82d "nfc: fix refcount leak in llcpsockconnect" and c33b1cc62 "nfc: fix refcount leak in llcpsockbind" fixed a refcount leak bug in bind/connect but introduced a...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A code execution vulnerability exists in the Linux kernel due to a "use after release" flaw in llcpsockbind/connect. An attacker could exploit this vulnerability to execute...

CentOS 9 : dhcp-4.4.2-17.b1.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the dhcp-4.4.2-17.b1.el9 build changelog. - BIND 9.11.0 - 9.11.36 9.12.0 - 9.16.26 9.17.0 - 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 - 9.11.36-S1 9.16.8-S1 - 9.16.26-S1 Versions of...

The vulnerability of the Node.js software platform, related to improper code generation management, allows a malicious actor to execute arbitrary code with elevated privileges.

The vulnerability of the Node.js software platform is related to improper handling of code generation. Exploiting this vulnerability allows a malicious actor to execute arbitrary code with elevated privileges during exception handling for the CAPNETBINDSERVICE privilege...

CentOS 9 : bind-9.16.23-9.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the bind-9.16.23-9.el9 build changelog. - Sending a flood of dynamic DNS updates may cause named to allocate large amounts of memory. This, in turn, may cause named to exit due to ...

USN-6633-1: Bind vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 22.04 Description Shoham Danino, Anat Bremler-Barr, Yehuda Afek, and Yuval Shavitt discovered that Bind incorrectly handled parsing large DNS messages. A remote attacker could possibly use this issue to cause Bind to consu...

CentOS 9 : bind-9.16.23-7.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the bind-9.16.23-7.el9 build changelog. - BIND 9.11.0 - 9.11.36 9.12.0 - 9.16.26 9.17.0 - 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 - 9.11.36-S1 9.16.8-S1 - 9.16.26-S1...

CentOS 9 : bind-9.16.23-13.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the bind-9.16.23-13.el9 build changelog. - Every named instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has...

DEBIAN-CVE-2021-47005

In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Fix NULL pointer dereference for -getfeatures getfeatures ops of pciepcops may return NULL, causing NULL pointer dereference in pciepftestallocspace function. Let us add a check for pciepcfeature pointer in...

UBUNTU-CVE-2021-47005

In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Fix NULL pointer dereference for -getfeatures getfeatures ops of pciepcops may return NULL, causing NULL pointer dereference in pciepftestallocspace function. Let us add a check for pciepcfeature pointer in...