15 matches found
Linux Distros Unpatched Vulnerability : CVE-2024-26936
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ksmbd: validate request buffer size in smb2allocaterspbuf The response buffer should be allocated in smb2allocaterspbuf before validating request. But the field...
USN-6950-4: Linux kernel (HWE) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - Block layer subsystem; - Bluetooth drivers; - Clock framework and...
Ubuntu 20.04 LTS : Linux kernel (HWE) vulnerabilities (USN-6950-4)
The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6950-4 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in...
USN-6957-1: Linux kernel (Oracle) vulnerabilities
Benedict Schlüter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious VC interrupts and compromise the security guarantees of AMD SEV-SNP. This flaw is known as WeSee. A local attacker in control of the hypervisor could use this to...
Ubuntu 20.04 LTS : Linux kernel (Oracle) vulnerabilities (USN-6957-1)
The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6957-1 advisory. Benedict Schlter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious VC interrupts and...
Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel (Azure) vulnerabilities (USN-6956-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6956-1 advisory. Benedict Schlter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious VC...
Ubuntu: Security Advisory (USN-6950-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DSA-5680-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2024-26936
A flaw was found in the Linux kernel’s ksmbd module. A missing validation of a buffer size can trigger an out-of-bounds access, resulting in a denial of service...
CVE-2024-26936
In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate request buffer size in smb2allocaterspbuf The response buffer should be allocated in smb2allocaterspbuf before validating request. But the fields in payload as well as smb2 header is used in smb2allocaterspbuf. Th...
CVE-2024-26936
In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate request buffer size in smb2allocaterspbuf The response buffer should be allocated in smb2allocaterspbuf before validating request. But the fields in payload as well as smb2 header is used in smb2allocaterspbuf. Th...
UBUNTU-CVE-2024-26936
In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate request buffer size in smb2allocaterspbuf The response buffer should be allocated in smb2allocaterspbuf before validating request. But the fields in payload as well as smb2 header is used in smb2allocaterspbuf. Th...
CVE-2024-26936
CVE-2024-26936 affects the Linux kernel component ksmbd. The issue arises because the response buffer is allocated in smb2_allocate_rsp_buf() only after validating the request, while the patch shows that fields in the payload and the SMB2 header are used within smb2_allocate_rsp_buf(), enabling a...
CVE-2024-26936
In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate request buffer size in smb2allocaterspbuf The response buffer should be allocated in smb2allocaterspbuf before validating request. But the fields in payload as well as smb2 header is used in smb2allocaterspbuf. Th...
CVE-2024-26936 ksmbd: validate request buffer size in smb2_allocate_rsp_buf()
In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate request buffer size in smb2allocaterspbuf The response buffer should be allocated in smb2allocaterspbuf before validating request. But the fields in payload as well as smb2 header is used in smb2allocaterspbuf. Th...