5 matches found
Linux Distros Unpatched Vulnerability : CVE-2024-36025
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix off by one in qlaedifappgetstats The appreply-elem array is allocated...
ALSA-2024:5928 Important: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: nftables: nftsetrbtree skip end interval element from gc CVE-2024-26581 kernel: netfilter: nftlimit: reject configurations that cause integer overflow CVE-2024-26668 kernel: vfio/pci: Loc...
RHEL 8 : kernel (RHSA-2024:4902)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:4902 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: arp: Prevent overflow in...
RHEL 9 : kernel-rt (RHSA-2024:4831)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:4831 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...
CVE-2024-36025
CVE-2024-36025 is validated by connected MiracleLinux security advisory AXSA:2024-8783:27. Affected: Linux kernel scsi qla2xxx driver. Root cause: memory corruption from an off-by-one in qla_edif_app_getstats() where app_reply->elem[] (allocated for app_req.num_ports) could be overrun due to a...