20 matches found
Linux Distros Unpatched Vulnerability : CVE-2024-26583
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tls: fix race between async notify and socket close The submitting thread one which called recvmsg/sendmsg may exit as soon as the async crypto handler calls...
openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2024:2948-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES15: cluster-md-kmp-default / dlm-kmp-default / gfs2-kmp-default / etc (SUSE-SU-2024:2923-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2923-1 advisory. The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security bugfixes. The following security bugs were fixed: -...
Ubuntu: Security Advisory (USN-6924-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-6924-2: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM SCMI message protocol; - InfiniBand drivers; - TTY drivers; - TLS protocol; CVE-2022-48655, CVE-2024-36016,...
USN-6924-1: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM SCMI message protocol; - InfiniBand drivers; - TTY drivers; - TLS protocol; CVE-2024-26584, CVE-2024-36016,...
Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-6924-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6924-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...
Important: Red Hat Security Advisory: kernel security update
An update for kernel is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
AlmaLinux 8 : kernel-rt (ALSA-2024:4352)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:4352 advisory. kernel: tls CVE-2024-26585,CVE-2024-26584, CVE-2024-26583 kernel-rt: kernel: PCI interrupt mapping cause oops almalinux-8 CVE-2021-46909 kernel: ipc/mqueu...
RHEL 8 : kernel (RHSA-2024:4447)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:4447 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: TIPC message reassembly...
CBL Mariner 2.0 Security Update: hyperv-daemons / kernel (CVE-2024-26583)
The version of hyperv-daemons / kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-26583 advisory. - In the Linux kernel, the following vulnerability has been resolved: tls: fix race between...
USN-6821-4: Linux kernel (Azure) vulnerabilities
It was discovered that the ATA over Ethernet AoE driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2023-6270 It was discovered that the Atheros 802.11ac...
CVE-2024-26583 affecting package kernel for versions less than 5.15.158.2-1
CVE-2024-26583 affecting package kernel for versions less than 5.15.158.2-1. A patched version of the package is available...
Amazon Linux 2 : kernel (ALASKERNEL-5.10-2024-057)
The version of kernel installed on the remote host is prior to 5.10.216-204.855. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2024-057 advisory. 2024-05-23: CVE-2024-26923 was added to this advisory. In the Linux kernel, the following vulnerability...
CVE-2024-26583 affecting package kernel for versions less than 6.6.22.1-2
CVE-2024-26583 affecting package kernel for versions less than 6.6.22.1-2. An upgraded version of the package is available that resolves this issue...
CVE-2024-26583 affecting package hyperv-daemons for versions less than 6.6.22.1-2
CVE-2024-26583 affecting package hyperv-daemons for versions less than 6.6.22.1-2. An upgraded version of the package is available that resolves this issue...
CVE-2024-26583
A race condition vulnerability was found in the tls subsystem of the Linux kernel. The submitting thread that calls recvmsg/sendmsg may exit as soon as the async crypto handler calls complete; any code past that point risks touching already freed data. This could lead to a use-after-free issue an...
CVE-2024-26583
creationtimestamp| type| source ---|---|--- 2024-02-21 16:31:23+00:00| seen| https://t.me/ctinow/189735 2024-02-21 16:31:30+00:00| seen| https://t.me/ctinow/189742 2024-02-22 16:11:24+00:00| seen| https://t.me/ctinow/190856 2024-02-22 22:28:36+00:00| seen| https://t.me/arpsyndicate/4077 2025-01-1...
AZL-35799 CVE-2024-26583 affecting package kernel for versions less than 6.6.22.1-2
In the Linux kernel, the following vulnerability has been resolved: tls: fix race between async notify and socket close The submitting thread one which called recvmsg/sendmsg may exit as soon as the async crypto handler calls complete so any code past that point risks touching already freed data...
CVE-2024-26583
In the Linux kernel, the following vulnerability has been resolved: tls: fix race between async notify and socket close The submitting thread one which called recvmsg/sendmsg may exit as soon as the async crypto handler calls complete so any code past that point risks touching already freed data...