391 matches found
openSUSE Security Advisory (SUSE-SU-2024:4349-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2024:4365-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2024:4352-1 Security update for libsoup
This update for libsoup fixes the following issues: - CVE-2024-52530: Fixed HTTP request smuggling via stripping null bytes from the ends of header names bsc1233285 - CVE-2024-52531: Fixed buffer overflow via UTF-8 conversion in soupheaderparseparamliststrict bsc1233292 - CVE-2024-52532: Fixed...
Medium: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: iouring: fix possible deadlock in ioregisteriowqmaxworkers CVE-2024-41080 In the Linux kernel, the following vulnerability has been resolved: cifs: Fix buffer overflow when parsing NFS reparse points CVE-2024-4999...
CLSA-2024-1733142550 Fix of 13 CVEs
CVE-url: https://ubuntu.com/security/CVE-2023-52614 - time: Introduce jiffies64tomsecs - PM / devfreq: Modify the indentation of transstat sysfs for readability - PM / devfreq: Do not show statistics if it's not ready. - PM / devfreq: Fix buffer overflow in transstatshow Bionic update: upstream...
CVE-2024-49969 drm/amd/display: Fix index out of bounds in DCN30 color transformation
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix index out of bounds in DCN30 color transformation This commit addresses a potential index out of bounds issue in the cm3helpertranslatecurvetohwformat function in the DCN30 color management module. The issue...
Important: Red Hat Security Advisory: edk2 security update
An update for edk2 is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...
CVE-2024-45306 heap-buffer-overflow in Vim
Vim is an open source, command line text editor. Patch v9.1.0038 optimized how the cursor position is calculated and removed a loop, that verified that the cursor position always points inside a line and does not become invalid by pointing beyond the end of a line. Back then we assumed this loop ...
CVE-2024-40902 jfs: xattr: fix buffer overflow for invalid xattr
In the Linux kernel, the following vulnerability has been resolved: jfs: xattr: fix buffer overflow for invalid xattr When an xattr size is not what is expected, it is printed out to the kernel log in hex format as a form of debugging. But when that xattr size is bigger than the expected size,...
Moderate: Red Hat Security Advisory: tpm2-tss security update
An update for tpm2-tss is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this update as...
SUSE-SU-2024:1895-2 Security update for glibc
This update for glibc fixes the following issues: - CVE-2024-33599: Fixed a stack-based buffer overflow in netgroup cache in nscd bsc1223423 - CVE-2024-33600: Avoid null pointer crashes after notfound response in nscd bsc1223424 - CVE-2024-33600: Do not send missing not-found response in...
SUSE-SU-2024:1267-1 Security update for python-Pillow
This update for python-Pillow fixes the following issues: - CVE-2024-28219: Fixed buffer overflow in imagingcms.c bsc1222262...
SUSE-SU-2024:1258-1 Security update for python-Pillow
This update for python-Pillow fixes the following issues: - CVE-2024-28219: Fixed buffer overflow in imagingcms.c bsc1222262 Other fixes: - Re-enabled build tests for s390x and ppc bsc1222553...
[SECURITY] [DLA 3786-1] pillow security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3786-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk April 10, 2024 https://wiki.debian.org/LTS -...
Important: Red Hat Security Advisory: edk2 security update
An update for edk2 is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.2 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security...
SUSE-SU-2024:1154-1 Security update for python-Pillow
This update for python-Pillow fixes the following issues: - CVE-2024-28219: Fixed buffer overflow in imagingcms.c bsc1222262...
SUSE-SU-2024:0589-1 Security update for qemu
This update for qemu fixes the following issues: - CVE-2021-3638: hw/display/ati2d: Fix buffer overflow in ati2dblt bsc1188609 - CVE-2023-3180: virtio-crypto: verify src and dst buffer length for sym request bsc1213925 - CVE-2023-3354: io: remove io watch if TLS channel is closed during handshake...
SUSE-SU-2024:0165-1 Security update for xwayland
This update for xwayland fixes the following issues: - CVE-2023-6816: Fixed heap buffer overflow in DeviceFocusEvent and ProcXIQueryPointer bsc1218582 - CVE-2024-0229: Fixed reattaching to different master device may lead to out-of-bounds memory access bsc1218583 - CVE-2024-0408: Fixed SELinux...
CVE-2024-22419 concat built-in can corrupt memory in vyper
Vyper is a Pythonic Smart Contract Language for the Ethereum Virtual Machine. The concat built-in can write over the bounds of the memory buffer that was allocated for it and thus overwrite existing valid data. The root cause is that the buildIR for concat doesn't properly adhere to the API of co...
OPENSUSE-SU-2024:0008-1 Security update for proftpd
This update for proftpd fixes the following issues: proftpd was updated to 1.3.8b - released 19-Dec-2023 - CVE-2023-48795: Fixed prefix truncation breaking ssh channel integrity boo1218144 - CVE-2023-51713: Fixed Out-of-bounds buffer read when handling FTP commands. boo1218344...