6 matches found
edk2 security update
Mon Sep 09 2024 Aaron Young - Create new 20240909 release for OL9 which includes the following fixed CVEs: - EDK2: EDK2 contains a vulnerability when S3 sleep is activated where an Attacker may cause a Division-By-Zero due to a UNIT32 overflow via local access Orabug: 36990130 CVE-2024-1298 - EDK...
Security Bulletin: Rational Team Concert (RTC) and IBM Engineering Workflow Management (EWM) OpenSSL vulnerability CVE-2021-4044
Summary There is a vulnerability CVE-2021-4044 which affects Rational Team Concert RTC and IBM Engineering Workflow Management EWM. Vulnerability Details CVEID: CVE-2021-4044 DESCRIPTION: OpenSSL could allow a remote attacker to bypass security restrictions, caused by invalid handling of...
roaring-landmask (=0.4.0) potentially affected by CVE-2021-4044 via openssl-src (=300.0.0+3.0.0)
openssl-src CARGO version =300.0.0+3.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on openssl-src and may be impacted: - roaring-landmask =0.4.0 Source cves: CVE-2021-4044 Source advisory: OSV:GHSA-MMJF-F5JW-W72Q...
CVE-2021-4044
Internally libssl in OpenSSL calls X509verifycert on the client side to verify a certificate supplied by a server. That function may return a negative return value to indicate an internal error for example out of memory. Such a negative return value is mishandled by OpenSSL and will cause an IO...
CVE-2021-4044
OpenSSL OpenSSL libssl vulnerability CVE-2021-4044 arises when X509_verify_cert() returns a negative internal error (e.g., OOM). OpenSSL mishandles this, causing SSL_connect/SSL_do_handshake to not signal success and SSL_get_error() to return SSL_ERROR_WANT_RETRY_VERIFY, which is unexpected for m...
FreeBSD : OpenSSL -- Certificate validation issue (0132ca5b-5d11-11ec-8be6-d4c9ef517024)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 0132ca5b-5d11-11ec-8be6-d4c9ef517024 advisory. - Internally libssl in OpenSSL calls X509verifycert on the client side to verify a certificate supplied...