Azure Linux 3.0 Security Update: cloud-hypervisor-cvm / hvloader / nodejs18 (CVE-2023-5363)

The version of cloud-hypervisor-cvm / hvloader / nodejs18 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-5363 advisory. - Issue summary: A bug has been identified in the processing of key and...

Azure Linux 3.0 Security Update: cloud-hypervisor / edk2 / hvloader / openssl / rust (CVE-2023-0286)

The version of cloud-hypervisor / edk2 / hvloader / openssl / rust installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-0286 advisory. - There is a type confusion vulnerability relating to X.400 addres...

Azure Linux 3.0 Security Update: cloud-hypervisor-cvm / crash / teckit / zlib (CVE-2022-37434)

The version of cloud-hypervisor-cvm / crash / teckit / zlib installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-37434 advisory. - zlib through 1.2.12 has a heap-based buffer over-read or buffer overfl...

Azure Linux 3.0 Security Update: cloud-hypervisor / edk2 / hvloader / openssl / rust (CVE-2022-4450)

The version of cloud-hypervisor / edk2 / hvloader / openssl / rust installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-4450 advisory. - The function PEMreadbioex reads a PEM file from a BIO and parses...

CVE-2023-0286 affecting package cloud-hypervisor 22.0-2

CVE-2023-0286 affecting package cloud-hypervisor 22.0-2. This CVE either no longer is or was never applicable...

CVE-2022-4450 affecting package cloud-hypervisor 22.0-2

CVE-2022-4450 affecting package cloud-hypervisor 22.0-2. This CVE either no longer is or was never applicable...

CVE-2023-0215 affecting package cloud-hypervisor 22.0-2

CVE-2023-0215 affecting package cloud-hypervisor 22.0-2. This CVE either no longer is or was never applicable...

CVE-2022-4304 affecting package cloud-hypervisor 22.0-2

CVE-2022-4304 affecting package cloud-hypervisor 22.0-2. This CVE either no longer is or was never applicable...

CVE-2024-5535 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-3

CVE-2024-5535 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-3. An upgraded version of the package is available that resolves this issue...

CBL Mariner 2.0 Security Update: cloud-hypervisor-cvm / edk2 / hvloader / openssl (CVE-2024-6119)

The version of cloud-hypervisor-cvm / edk2 / hvloader / openssl installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-6119 advisory. - Issue summary: Applications performing certificate name checks e.g....

CVE-2024-6119 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-2

CVE-2024-6119 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-2. A patched version of the package is available...

CVE-2024-6119 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-2

CVE-2024-6119 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-2. A patched version of the package is available...

AZL-48792 CVE-2024-6119 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-2

Issue summary: Applications performing certificate name checks e.g., TLS clients checking server certificates may attempt to read an invalid memory address resulting in abnormal termination of the application process. Impact summary: Abnormal termination of an application can a cause a denial of...

AZL-48300 CVE-2024-43806 affecting package cloud-hypervisor for versions less than 32.0-7

Rustix is a set of safe Rust bindings to POSIX-ish APIs. When using rustix::fs::Dir using the linuxraw backend, it's possible for the iterator to "get stuck" when an IO error is encountered. Combined with a memory over-allocation issue in rustix::fs::Dir::readmore, this can cause quick and...

CVE-2022-37434 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-1

CVE-2022-37434 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-1. An upgraded version of the package is available that resolves this issue...

CVE-2024-4603 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-1

CVE-2024-4603 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-1. An upgraded version of the package is available that resolves this issue...

CVE-2024-2511 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-1

CVE-2024-2511 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-1. An upgraded version of the package is available that resolves this issue...

CVE-2023-6129 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-1

CVE-2023-6129 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-1. An upgraded version of the package is available that resolves this issue...

CVE-2023-6237 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-1

CVE-2023-6237 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-1. An upgraded version of the package is available that resolves this issue...

CVE-2018-25032 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-1

CVE-2018-25032 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-1. An upgraded version of the package is available that resolves this issue...