11 matches found
Amazon Linux 2 : PackageKit (ALAS-2025-2811)
The version of PackageKit installed on the remote host is prior to 1.1.5-2. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2811 advisory. A use-after-free flaw was found in PackageKitd. In some conditions, the order of cleanup mechanics for a transaction could be...
openSUSE Security Advisory (SUSE-SU-2024:1046-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2024:0966-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED15: PackageKit / PackageKit-backend-zypp / PackageKit-branding-SLE / etc (SUSE-SU-SUSE-RU-2024:1202-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-SUSE-RU-2024:1202-1 advisory. - Fixup New VendorSupportOption flag VendorSupportSuperseded jscOBS-301, jscPED-8014 - CVE-2024-0217: Check tha...
SUSE SLED15: PackageKit / PackageKit-backend-dnf / PackageKit-backend-zypp / etc (SUSE-SU-2024:1046-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:1046-1 advisory. - CVE-2024-0217: Check that Finished signal is emitted at most once bsc1218544. - Dropped unnecessary...
SUSE-SU-2024:1046-1 Security update for PackageKit
This update for PackageKit fixes the following issues: - CVE-2024-0217: Check that Finished signal is emitted at most once bsc1218544. - Dropped unnecessary executable permission bsc1209138...
SUSE SLED12: PackageKit / PackageKit-backend-zypp / PackageKit-devel / etc (SUSE-SU-2024:0966-1)
The remote SUSE Linux SLED12 / SLEDSAP12 / SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:0966-1 advisory. - CVE-2024-0217: Check that Finished signal is emitted at most once bsc1218544. Tenable has extracted the preceding...
SUSE-SU-2024:0966-1 Security update for PackageKit
This update for PackageKit fixes the following issues: - CVE-2024-0217: Check that Finished signal is emitted at most once bsc1218544...
CVE-2024-0217
A use-after-free flaw was found in PackageKitd. In some conditions, the order of cleanup mechanics for a transaction could be impacted. As a result, some memory access could occur on memory regions that were previously freed. Once freed, a memory region can be reused for other allocations and any...
CVE-2024-0217 Packagekitd: use-after-free in idle function callback
A use-after-free flaw was found in PackageKitd. In some conditions, the order of cleanup mechanics for a transaction could be impacted. As a result, some memory access could occur on memory regions that were previously freed. Once freed, a memory region can be reused for other allocations and any...
CVE-2024-0217
CVE-2024-0217 overview (concrete details from connected docs): A use-after-free in PackageKitd can cause a memory access to regions freed during transaction cleanup, with freed regions potentially reused for new allocations. This vulnerability is reported across multiple distributions and advisor...