CVE-2024-26638

In the Linux kernel, the following vulnerability has been resolved: nbd: always initialize struct msghdr completely syzbot complains that msg-msggetinq value can be uninitialized 1 struct msghdr got many new fields recently, we should always make sure their values is zero by default. 1 BUG: KMSAN...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2021-9085)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-9085 advisory. - xen-blkback: fix error handling in xenblkbkmap Jan Beulich Orabug: 32492109 CVE-2021-26930 - xen-scsiback: dont 'handle' error by BUG Jan Beulich...

GLSA-201206-35 : nbd: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201206-35 nbd: Multiple vulnerabilities Multiple vulnerabilities have been discovered in nbd. Please review the CVE identifiers referenced below for details. Impact : nbd allows remote attackers to cause a denial of service NULL...

SuSE 10 Security Update : Xen (ZYPP Patch Number 2155)

This update includes both bug fixes and security fixes for Xen. A summary of the fixes appears below: 151105 - Fix various 'leaks' of loopback devices w/ domUloader 162865 - Re-send all page tables when migrating to avoid oops 167145 - Add status messages during file backed disk creation 176369 -...

NBD Tools: Buffer overflow in NBD server

Background The NBD Tools are the Network Block Device utilities allowing one to use remote block devices over a TCP/IP network. It includes a userland NBD server. Description Kurt Fitzner discovered that the NBD server allocates a request buffer that fails to take into account the size of the rep...