14 matches found
Linux Distros Unpatched Vulnerability : CVE-2024-26952
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix potencial out-of-bounds when buffer offset is invalid I found potencial...
Azure Linux 3.0 Security Update: kernel (CVE-2024-26952)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-26952 advisory. - In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix potencial out-of-bounds when...
CBL Mariner 2.0 Security Update: kernel (CVE-2024-26952)
The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-26952 advisory. - In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix potencial out-of-bounds when...
CVE-2024-26952 affecting package kernel for versions less than 6.6.35.1-4
CVE-2024-26952 affecting package kernel for versions less than 6.6.35.1-4. A patched version of the package is available...
USN-6957-1: Linux kernel (Oracle) vulnerabilities
Benedict Schlüter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious VC interrupts and compromise the security guarantees of AMD SEV-SNP. This flaw is known as WeSee. A local attacker in control of the hypervisor could use this to...
Ubuntu 20.04 LTS : Linux kernel (Oracle) vulnerabilities (USN-6957-1)
The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6957-1 advisory. Benedict Schlter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious VC interrupts and...
Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel (Azure) vulnerabilities (USN-6956-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6956-1 advisory. Benedict Schlter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious VC...
Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-6923-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6923-1 advisory. Benedict Schlter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious VC...
USN-6923-2: Linux kernel vulnerabilities
Benedict Schlüter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious VC interrupts and compromise the security guarantees of AMD SEV-SNP. This flaw is known as WeSee. A local attacker in control of the hypervisor could use this to...
Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-6923-2)
The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6923-2 advisory. Benedict Schlter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious VC...
Ubuntu: Security Advisory (USN-6923-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2024-26952 affecting package kernel for versions less than 5.15.158.2-1
CVE-2024-26952 affecting package kernel for versions less than 5.15.158.2-1. A patched version of the package is available...
CVE-2024-26952
A flaw was found in the Linux kernel’s ksmbd module. An incorrect validation of a buffer length can trigger an out-of-bounds access, resulting in a denial of service...
CVE-2024-26952 ksmbd: fix potencial out-of-bounds when buffer offset is invalid
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix potencial out-of-bounds when buffer offset is invalid I found potencial out-of-bounds when buffer offset fields of a few requests is invalid. This patch set the minimum value of buffer offset field to -Buffer offset to...