Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-5.19.2)

The version of AOS installed on the remote host is prior to 5.19.2. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-5.19.2 advisory. - Perl before 5.30.3 has an integer overflow related to mishandling of a PLregkindOPn == NOTHING situation. A crafted regular...

CentOS: Security Advisory for bpftool (CESA-2020:5437)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

Scientific Linux Security Update : kernel on SL7.x x86_64 (2020:5437)

The remote Scientific Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the SLSA-2020:5437-1 advisory. - kernel: metadata validator in XFS may cause an inode with a valid, user-creatable extended attribute to be flagged as corrupt CVE-2020-14385 -...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2020-5968)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-5968 advisory. - crypto: authenc - fix parsing key with misaligned rtalen Eric Biggers Orabug: 31535530 CVE-2020-10769 Tenable has extracted the preceding description bloc...

Buffer overflow

A buffer over-read flaw was found in RH kernel versions before 5.0 in cryptoauthencextractkeys in crypto/authenc.c in the IPsec Cryptographic algorithm's module, authenc. When a payload longer than 4 bytes, and is not following 4-byte alignment boundary guidelines, it causes a buffer over-read...

CVE-2020-10769

A buffer over-read flaw was found in RH kernel versions before 5.0 in cryptoauthencextractkeys in crypto/authenc.c in the IPsec Cryptographic algorithm's module, authenc. When a payload longer than 4 bytes, and is not following 4-byte alignment boundary guidelines, it causes a buffer over-read...

Linux kernel code issue vulnerability (CNVD-2020-50136)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A security vulnerability exists in the 'cryptoauthencextractkeys' function in the Linux kernel. The vulnerability stems from an improper design or implementation durin...