Moderate: Red Hat Security Advisory: libnbd security update

An update for libnbd is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

ALSA-2024:2204 Moderate: libnbd security update

Network Block Device NBD is a protocol for accessing Block Devices hard disks and disk-like devices over a Network. The libnbd is a userspace client library for writing NBD clients. Security Fixes: libnbd: Malicious NBD server may crash libnbd CVE-2023-5871 libnbd: Crash or misbehaviour when NBD...

CVE-2024-26899

In the Linux kernel, the following vulnerability has been resolved: block: fix deadlock between bdlinkdiskholder and partition scan 'openmutex' of gendisk is used to protect open/close block devices. But in bdlinkdiskholder, it is used to protect the creation of symlink between holding disk and...

CVE-2024-26899

In the Linux kernel, the following vulnerability has been resolved: block: fix deadlock between bdlinkdiskholder and partition scan 'openmutex' of gendisk is used to protect open/close block devices. But in bdlinkdiskholder, it is used to protect the creation of symlink between holding disk and...

CVE-2024-26899 block: fix deadlock between bd_link_disk_holder and partition scan

In the Linux kernel, the following vulnerability has been resolved: block: fix deadlock between bdlinkdiskholder and partition scan 'openmutex' of gendisk is used to protect open/close block devices. But in bdlinkdiskholder, it is used to protect the creation of symlink between holding disk and...

CVE-2024-26899 block: fix deadlock between bd_link_disk_holder and partition scan

In the Linux kernel, the following vulnerability has been resolved: block: fix deadlock between bdlinkdiskholder and partition scan 'openmutex' of gendisk is used to protect open/close block devices. But in bdlinkdiskholder, it is used to protect the creation of symlink between holding disk and...

PT-2024-6080 · Qemu +9 · Qemu +9

Name of the Vulnerable Software and Affected Versions: QEMU affected versions not specified Description: A flaw was found in the QEMU disk image utility qemu-img 'info' command. A specially crafted image file containing a json: value describing block devices in QMP could cause the qemu-img proces...

UBUNTU-CVE-2021-47176

In the Linux kernel, the following vulnerability has been resolved: s390/dasd: add missing discipline function Fix crash with illegal operation exception in dasddevicetasklet. Commit b72949328869 "s390/dasd: Prepare for additional path event handling" renamed the verifypath function for ECKD but...

NBD Tools: Multiple Vulnerabilities

Background The NBD Tools are the Network Block Device utilities allowing one to use remote block devices over a TCP/IP network. It includes a userland NBD server. Description Multiple vulnerabilities have been discovered in NBD Tools. Please review the CVE identifiers referenced below for details...

CVE-2023-5871

A flaw was found in libnbd, due to a malicious Network Block Device NBD, a protocol for accessing Block Devices such as hard disks over a Network. This issue may allow a malicious NBD server to cause a Denial of Service...

CVE-2023-5871

CVE-2023-5871: libnbd vulnerability where a malicious NBD server can crash or misbehave libnbd, causing a Denial of Service. Affected software includes libnbd in multiple distros (e.g., Red Hat/RHEL 9, Oracle Linux, AlmaLinux, SUSE/openSUSE, MiracleLinux) with advisories noting fixes in libnbd (e...

CVE-2023-5871

A flaw was found in libnbd, due to a malicious Network Block Device NBD, a protocol for accessing Block Devices such as hard disks over a Network. This issue may allow a malicious NBD server to cause a Denial of Service...

Fedora: Security Advisory (FEDORA-2023-00c130636a)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

cockpit-appstream bug fix update

An update is available for cockpit-appstream. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Dummy package from building optional packages only; never install o...

SUSE CVE-2007-5159

The ntfs-3g package before 1.913-2.fc7 in Fedora 7, and an ntfs-3g package in Ubuntu 7.10/Gutsy, assign incorrect permissions setuid root to mount.ntfs-3g, which allows local users with fuse group membership to read from and write to arbitrary block devices, possibly involving a file descriptor...

SUSE CVE-2014-3471

Use-after-free vulnerability in hw/pci/pcie.c in QEMU aka Quick Emulator allows local guest OS users to cause a denial of service QEMU instance crash via hotplug and hotunplug operations of Virtio block devices...

SUSE CVE-2015-5166

Use-after-free vulnerability in QEMU in Xen 4.5.x and earlier does not completely unplug emulated block devices, which allows local HVM guest users to gain privileges by unplugging a block device twice...

SUSE-SU-2022:4630-1 Security update for systemd

This update for systemd fixes the following issues: - CVE-2022-4415: Fixed systemd-coredump that did not respect the fs.suiddumpable kernel setting bsc1205000. Bug fixes: - Support by-path devlink for multipath nvme block devices bsc1200723. - Set SYSTEMDNSSDYNAMICBYPASS=1 env var for dbus-daemon...

sos bug fix and enhancement update

An update is available for sos. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The sos package contains a set of utilities that gather information from system...

qemu security update

15:4.2.1-18.el7 - block: introduce maxhwiov for use in scsi-generic Paolo Bonzini Orabug: 33785156 - file-posix: try BLKSECTGET on block devices too, do not round to power of 2 Paolo Bonzini Orabug: 33785156 - block: add maxhwtransfer to BlockLimits Paolo Bonzini Orabug: 33785156 - block-backend:...