28 matches found
kernel security update
4.18.0-553.120.1 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
UBUNTU-CVE-2022-50307
In the Linux kernel, the following vulnerability has been resolved: s390/cio: fix out-of-bounds access on cioignore free The channel-subsystem-driver scans for newly available devices whenever device-IDs are removed from the cioignore list using a command such as: echo free /proc/cioignore Since ...
CVE-2024-42099
A vulnerability was found in the s390/dasd subsystem in the Linux Kernel, where an invalid dereferencing of an indirect Channel Command Word CCW data pointer could cause a kernel panic. The issue occurs due to the CCW Command Data Address CDA pointer used with indirect addressing IDAW, which need...
CVE-2024-42099
In the Linux kernel, the following vulnerability has been resolved: s390/dasd: Fix invalid dereferencing of indirect CCW data pointer Fix invalid dereferencing of indirect CCW data pointer in dasdeckddumpsense that leads to a kernel panic in error cases. When using indirect addressing for DASD CC...
DEBIAN-CVE-2024-42099
In the Linux kernel, the following vulnerability has been resolved: s390/dasd: Fix invalid dereferencing of indirect CCW data pointer Fix invalid dereferencing of indirect CCW data pointer in dasdeckddumpsense that leads to a kernel panic in error cases. When using indirect addressing for DASD CC...
CVE-2024-42099
In the Linux kernel, the following vulnerability has been resolved: s390/dasd: Fix invalid dereferencing of indirect CCW data pointer Fix invalid dereferencing of indirect CCW data pointer in dasdeckddumpsense that leads to a kernel panic in error cases. When using indirect addressing for DASD CC...
CVE-2024-42099 s390/dasd: Fix invalid dereferencing of indirect CCW data pointer
In the Linux kernel, the following vulnerability has been resolved: s390/dasd: Fix invalid dereferencing of indirect CCW data pointer Fix invalid dereferencing of indirect CCW data pointer in dasdeckddumpsense that leads to a kernel panic in error cases. When using indirect addressing for DASD CC...
CVE-2024-42099
In the Linux kernel, the following vulnerability has been resolved: s390/dasd: Fix invalid dereferencing of indirect CCW data pointer Fix invalid dereferencing of indirect CCW data pointer in dasdeckddumpsense that leads to a kernel panic in error cases. When using indirect addressing for DASD CC...
CVE-2024-42099
The CVE-2024-42099 issue affects the Linux kernel s390/dasd subsystem. It concerns indirect addressing for DASD CCWs (IDAW) where the CCW CDA pointer points to IDAL and must be translated from physical to virtual before use. Dereferencing this pointer can cause a kernel panic in error paths, incl...
Malicious code in @ccw-order/notification-subscription-v7 (npm)
--- -= Per source details. Do not edit below this line.=-...
DEBIAN-CVE-2021-47382
In the Linux kernel, the following vulnerability has been resolved: s390/qeth: fix deadlock during failing recovery Commit 0b9902c1fcc5 "s390/qeth: fix deadlock during recovery" removed taking disciplinemutex inside qethdoreset, fixing potential deadlocks. An error path was missed though, that...
SUSE CVE-2024-27009
In the Linux kernel, the following vulnerability has been resolved: s390/cio: fix race condition during online processing A race condition exists in ccwdevicesetonline that can cause the online process to fail, leaving the affected device in an inconsistent state. As a result, subsequent attempts...
CVE-2024-27009 s390/cio: fix race condition during online processing
In the Linux kernel, the following vulnerability has been resolved: s390/cio: fix race condition during online processing A race condition exists in ccwdevicesetonline that can cause the online process to fail, leaving the affected device in an inconsistent state. As a result, subsequent attempts...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a race condition in ccwdevicesetonline that could lead to the failure of an online process...
GSD-2022-1005216 vfio/ccw: Remove UUID from s390 debug log
vfio/ccw: Remove UUID from s390 debug log This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.19.2 by commit...
Rockwell Automation Connected Components Workbench ccwsln File Parsing XML External Entity Processing Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Rockwell Automation Connected Components Workbench. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The...
Rockwell Automation Connected Components Workbench ccwsln File Parsing XML External Entity Processing Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Rockwell Automation Connected Components Workbench. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The...
CVE-2021-27475
Rockwell Automation Connected Components Workbench (CCW) v12.00.00 and earlier is affected by CVE-2021-27475 due to deserialization of untrusted data. The vulnerability allows a crafted malicious serialized object to execute remote code when opened by a local CCW user, requiring user interaction....
ohioccwforums.org Improper Access Control vulnerability OBB-2149308
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
openSUSE: Security Advisory for qemu (openSUSE-SU-2019:2510-1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...