12 matches found
MiracleLinux 9 : kernel-5.14.0-427.28.1.el9_4 (AXSA:2024-8642:23)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8642:23 advisory. kernel: block: null pointer dereference in ioctl.c when length and logical block size are misaligned CVE-2023-52458 kernel: ext4: avoid allocating...
Linux Distros Unpatched Vulnerability : CVE-2024-36952
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scsi: lpfc: Move NPIV's transport unregistration to after resource clean up There are cases after NPIV deletion where the fabric switch still believes the NPIV ...
USN-6950-4: Linux kernel (HWE) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - Block layer subsystem; - Bluetooth drivers; - Clock framework and...
Ubuntu 20.04 LTS : Linux kernel (HWE) vulnerabilities (USN-6950-4)
The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6950-4 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in...
USN-6957-1: Linux kernel (Oracle) vulnerabilities
Benedict Schlüter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious VC interrupts and compromise the security guarantees of AMD SEV-SNP. This flaw is known as WeSee. A local attacker in control of the hypervisor could use this to...
Ubuntu 20.04 LTS : Linux kernel (Oracle) vulnerabilities (USN-6957-1)
The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6957-1 advisory. Benedict Schlter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious VC interrupts and...
Rocky Linux 9 : kernel (RLSA-2024:4928)
The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:4928 advisory. kernel: block: null pointer dereference in ioctl.c when length and logical block size are misaligned CVE-2023-52458 kernel: ext4: avoid allocating block...
Moderate: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: block: null pointer dereference in ioctl.c when length and logical block size are misaligned CVE-2023-52458 kernel: ext4: avoid allocating blocks from corrupted group in ext4mbtrybestfoun...
RHEL 9 : kernel-rt (RHSA-2024:4831)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:4831 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...
RHEL 8 : kernel (RHSA-2024:4447)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:4447 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: TIPC message reassembly...
CVE-2024-36952
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Move NPIV's transport unregistration to after resource clean up There are cases after NPIV deletion where the fabric switch still believes the NPIV is logged into the fabric. This occurs when a vport is unregistered...
CVE-2024-36952 scsi: lpfc: Move NPIV's transport unregistration to after resource clean up
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Move NPIV's transport unregistration to after resource clean up There are cases after NPIV deletion where the fabric switch still believes the NPIV is logged into the fabric. This occurs when a vport is unregistered...