Lucene search
K

134 matches found

Mageia
Mageia
added 2022/12/17 11:55 p.m.92 views

Updated kernel-linus packages fix security vulnerabilities

This kernel-linus update is based on upstream 5.15.82 and fixes atleast the following security issues: A flaw was found in the Linux kernel. A denial of service flaw may occur if there is a consecutive request of the NVMEIOCTLRESET and the NVMEIOCTLSUBSYSRESET through the device file of the drive...

7.8CVSS1.2AI score0.00463EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2022/06/30 12:0 a.m.42 views

Mageia: Security Advisory (MGASA-2022-0243)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS7.2AI score0.06451EPSS
Exploits0References8
Mageia
Mageia
added 2022/06/29 4:18 p.m.70 views

Updated kernel-linus packages fix security vulnerabilities

This kernel-linus update is based on upstream 5.15.50 and fixes at least the following security issues: Incomplete cleanup of multi-core shared buffers for some Intel Processors may allow an authenticated user to potentially enable information disclosure via local access CVE-2022-21123. Incomplet...

5.5CVSS4AI score0.06451EPSS
Exploits0References6
Mageia
Mageia
added 2022/06/13 8:44 p.m.63 views

Updated kernel-linus packages fix security vulnerabilities

This kernel-linus update is based on upstream 5.15.46 and fixes at least the following security issues: KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID CVE-2022-1789. KVM: x86: avoid calling x86 emulator without a decoded instruction CVE-2022-1852. A use-after-free vulnerability was...

7.1CVSS7.2AI score0.00318EPSS
Exploits6References4
Mageia
Mageia
added 2022/05/28 8:56 a.m.129 views

Updated kernel packages fix security vulnerabilities

This kernel update is based on upstream 5.15.43 and fixes at least the following security issues: A race condition in the perf subsystem allows for a local privilege escalation. NOTE: Mageia kernels by default has disabled the perf usage for unprivileged users, effectively rendering this...

7CVSS7.1AI score0.00612EPSS
Exploits0References3
Mageia
Mageia
added 2022/05/21 8:50 a.m.94 views

Updated kernel-linus packages fix security vulnerabilities

This kernel-linus update is based on upstream 5.15.41 and fixes at least the following security issues: A flaw was found in unrestricted eBPF usage by the BPFBTFLOAD, leading to a possible out-of-bounds memory write in the Linux kernel BPF subsystem due to the way a user loads BTF. This flaw allo...

8.2CVSS1.9AI score0.02986EPSS
Exploits7References7
Mageia
Mageia
added 2022/05/21 8:50 a.m.107 views

Updated kernel packages fix security vulnerabilities

This kernel update is based on upstream 5.15.41 and fixes at least the following security issues: A flaw was found in unrestricted eBPF usage by the BPFBTFLOAD, leading to a possible out-of-bounds memory write in the Linux kernel BPF subsystem due to the way a user loads BTF. This flaw allows a...

8.2CVSS1.6AI score0.02986EPSS
Exploits7References7
OSV
OSV
added 2022/05/13 1:36 a.m.11 views

GHSA-9V72-P5P3-9W65 Exposure of Sensitive Information to an Unauthorized Actor in Jenkins-mailer-plugin

jenkins-mailer-plugin before version 1.20 is vulnerable to an information disclosure while using the feature to send emails to a dynamically created list of users based on the changelogs. This could in some cases result in emails being sent to people who have no user account in Jenkins, and in ra...

3.7CVSS5.9AI score0.01633EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2022/05/13 1:36 a.m.19 views

Exposure of Sensitive Information to an Unauthorized Actor in Jenkins-mailer-plugin

jenkins-mailer-plugin before version 1.20 is vulnerable to an information disclosure while using the feature to send emails to a dynamically created list of users based on the changelogs. This could in some cases result in emails being sent to people who have no user account in Jenkins, and in ra...

4.3CVSS4.3AI score0.01633EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2022/05/13 1:36 a.m.27 views

Emails were sent to addresses not associated with actual users of Jenkins by Email Extension Plugin

jenkins-email-ext before version 2.57.1 is vulnerable to an Information Exposure. The Email Extension Plugins is able to send emails to a dynamically created list of users based on the changelogs, like authors of SCM changes since the last successful build. This could in some cases result in emai...

5.3CVSS6.7AI score0.01137EPSS
Exploits0References4Affected Software1
Mageia
Mageia
added 2022/03/29 2:25 p.m.95 views

Updated kernel packages fix security vulnerabilities

This kernel update is based on upstream 5.15.32 and fixes at least the following security issues: An out-of-bounds OOB memory write flaw was found in the Linux kernel’s watchqueue event notification subsystem. This flaw can overwrite parts of the kernel state, potentially allowing a local user to...

7.8CVSS8.1AI score0.06197EPSS
Exploits24References5
Mageia
Mageia
added 2022/03/09 5:3 p.m.90 views

Updated kernel-linus packages fix security vulnerabilities

This kernel-linus update is based on upstream 5.15.26 and fixes at least the following security issues: A vulnerability in the Linux kernel since version 5.8 due to uninitialized variables. It enables anybody to write arbitrary data to arbitrary files, even if the file is ORDONLY, immutable or on...

7.8CVSS1.7AI score0.89063EPSS
Exploits107References4
Mageia
Mageia
added 2022/02/15 8:50 p.m.90 views

Updated kernel-linus packages fix security vulnerabilities

This kernel-linus update is based on upstream 5.15.23 and fixes at least the following security issues: A stack overflow flaw was found in the Linux kernel TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than th...

9CVSS1AI score0.67994EPSS
Exploits16References7
Mageia
Mageia
added 2022/02/01 3:26 p.m.76 views

Updated kernel packages fix security vulnerabilities

This kernel update is based on upstream 5.15.18 and fixes at least the following security issues: A random memory access flaw was found in the Linux kernels GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. This flaw allows a local user to crash the system ...

7.8CVSS2AI score0.02579EPSS
Exploits5References6
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.24 views

Mageia: Security Advisory (MGASA-2017-0259)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.8AI score0.03763EPSS
Exploits0References8
Mageia
Mageia
added 2021/12/29 7:12 p.m.67 views

Updated kernel packages fix security vulnerabilities

This kernel update is based on upstream 5.15.11 and fixes at least the following security issues: netdevsim: Zero-initialize memory for new map's value in function nsimbpfmapalloc CVE-2021-4135. Potentially malicious XEN PV backends can cause guest DoS due to unhardened frontends in the guests,...

7.8CVSS0.2AI score0.00549EPSS
Exploits1References5
Mageia
Mageia
added 2021/12/21 11:27 p.m.70 views

Updated kernel-linus packages fix security vulnerabilities

This kernel-linus update is based on upstream 5.15.10 and fixes at least the following security issues: A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call close and fget simultaneously and can potentially...

7.8CVSS3AI score0.00513EPSS
Exploits3References5
Mageia
Mageia
added 2021/12/05 7:6 p.m.63 views

Updated kernel-linus packages fix security vulnerabilities

This kernel-linus update is based on upstream 5.15.6 and fixes at least the following security issues: A vulnerability was found in Linux kernel, where a use-after-frees in nouveau's postclose handler could happen if removing device that is not common to remove video card physically without...

4.7CVSS0.8AI score0.00515EPSS
Exploits1References3
Mageia
Mageia
added 2021/12/05 7:6 p.m.82 views

Updated kernel packages fix security vulnerabilities

This kernel update is based on upstream 5.15.6 and fixes at least the following security issues: A vulnerability was found in Linux kernel, where a use-after-frees in nouveau's postclose handler could happen if removing device that is not common to remove video card physically without power-off,...

4.7CVSS0.7AI score0.00515EPSS
Exploits1References3
Mageia
Mageia
added 2021/11/11 3:2 p.m.65 views

Updated kernel-linus packages fix security vulnerabilities

This kernel-linus update is based on upstream 5.10.78 and fixes at least the following security issues: A use-after-free vulnerability in the NFC stack can lead to a threat to confidentiality, integrity, and system availability CVE-2021-3760. A flaw in the SCTP stack where a blind attacker may be...

9.8CVSS7.6AI score0.5758EPSS
Exploits4References4
Rows per page
Query Builder