13 matches found
Linux Distros Unpatched Vulnerability : CVE-2024-36031
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: keys: Fix overwrite of key expiration on instantiation The expiry time of a key is...
Amazon Linux 2 : kernel (ALASKERNEL-5.10-2024-075)
The version of kernel installed on the remote host is prior to 5.10.214-202.855. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2024-075 advisory. 2025-01-21: CVE-2024-26878 was added to this advisory. 2025-01-21: CVE-2024-27388 was added to this...
USN-6950-4: Linux kernel (HWE) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - Block layer subsystem; - Bluetooth drivers; - Clock framework and...
Ubuntu 20.04 LTS : Linux kernel (HWE) vulnerabilities (USN-6950-4)
The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6950-4 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in...
USN-6957-1: Linux kernel (Oracle) vulnerabilities
Benedict Schlüter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious VC interrupts and compromise the security guarantees of AMD SEV-SNP. This flaw is known as WeSee. A local attacker in control of the hypervisor could use this to...
Ubuntu 20.04 LTS : Linux kernel (Oracle) vulnerabilities (USN-6957-1)
The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6957-1 advisory. Benedict Schlter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious VC interrupts and...
Ubuntu: Security Advisory (USN-6950-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DLA-3843-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian dla-3843 : linux-config-5.10 - security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3843 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3843-1 [email protected]...
CVE-2024-36031
In the Linux kernel, the following vulnerability has been resolved: keys: Fix overwrite of key expiration on instantiation The expiry time of a key is unconditionally overwritten during instantiation, defaulting to turn it permanent. This causes a problem for DNS resolution as the expiration set ...
Debian dsa-5703 : affs-modules-5.10.0-29-4kc-malta-di - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5703 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5703-1 [email protected] https://www.debian.org/securit...
CVE-2024-36031
CVE-2024-36031 is a Linux kernel vulnerability where, during key instantiation, the expiry time of a key is unconditionally overwritten to TIME64_MAX, effectively making it permanent and breaking DNS updates. The root cause is the unconditional key_set_expiry call during instantiation; the fix re...
CVE-2024-36031
In the Linux kernel, the following vulnerability has been resolved: keys: Fix overwrite of key expiration on instantiation The expiry time of a key is unconditionally overwritten during instantiation, defaulting to turn it permanent. This causes a problem for DNS resolution as the expiration set ...