17 matches found
Linux Distros Unpatched Vulnerability : CVE-2024-44989
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: bonding: fix xfrm realdev null pointer dereference We shouldn't set realdev to NULL because...
Azure Linux 3.0 Security Update: kernel (CVE-2024-44989)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-44989 advisory. - In the Linux kernel, the following vulnerability has been resolved: bonding: fix xfrm realdev null pointer...
Important: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: posix-timers: Ensure timer ID search-loop limit is valid CVE-2023-53728 In the Linux kernel, the following vulnerability has been resolved: bpf: drop unnecessary user-triggerable WARNONCE in verifierl log...
RLSA-2024:8856 Moderate: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: net/bluetooth: race condition in conninfomin,maxageset CVE-2024-24857 kernel: dmaengine: fix NULL pointer in channel unregistration function CVE-2023-52492 kernel: netfilter:...
Oracle Linux 8 : kernel (ELSA-2024-8856)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-8856 advisory. - lib/generic-radix-tree.c: Fix rare race in genradixptralloc Waiman Long RHEL-62139 CVE-2024-47668 - bonding: fix xfrm realdev null pointer dereferenc...
Moderate: kernel-rt security update
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: net/bluetooth: race condition in conninfomin,maxageset CVE-2024-24857 kernel: dmaengine: fix NULL pointer in channel unregistratio...
ALSA-2024:8856 Moderate: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: net/bluetooth: race condition in conninfomin,maxageset CVE-2024-24857 kernel: dmaengine: fix NULL pointer in channel unregistration function CVE-2023-52492 kernel: netfilter:...
CVE-2024-44989 affecting package kernel for versions less than 6.6.51.1-1
CVE-2024-44989 affecting package kernel for versions less than 6.6.51.1-1. An upgraded version of the package is available that resolves this issue...
CBL Mariner 2.0 Security Update: kernel (CVE-2024-44989)
The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-44989 advisory. - In the Linux kernel, the following vulnerability has been resolved: bonding: fix xfrm realdev null pointer...
CVE-2024-44989 affecting package kernel for versions less than 5.15.167.1-1
CVE-2024-44989 affecting package kernel for versions less than 5.15.167.1-1. An upgraded version of the package is available that resolves this issue...
SUSE SLED15: cluster-md-kmp-64kb / cluster-md-kmp-default / dlm-kmp-64kb / etc (SUSE-SU-2024:3561-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3561-1 advisory. The SUSE Linux Enterprise 15 SP6 kernel was updated to receive various security bugfixes. The...
SUSE SLES15: kernel-coco / kernel-coco-devel / kernel-coco_debug / etc (SUSE-SU-2024:3553-1)
The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3553-1 advisory. The SUSE Linux Enterprise 15 SP6 CoCo kernel was updated to receive various security bugfixes. The following security bugs were fixed: -...
SUSE SLES15: cluster-md-kmp-azure / dlm-kmp-azure / gfs2-kmp-azure / etc (SUSE-SU-2024:3551-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3551-1 advisory. The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to receive various security bugfixes. The following securit...
SUSE-SU-2024:3551-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2023-52610: net/sched: actct: fix skb leak and crash on ooo frags bsc1221610. - CVE-2023-52752: smb: client: fix use-after-free bug in cifsdebugdataprocsho...
Photon OS 5.0: Linux PHSA-2024-5.0-0374
An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-5.0-0374. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
AZL-48719 CVE-2024-44989 affecting package kernel for versions less than 6.6.51.1-1
In the Linux kernel, the following vulnerability has been resolved: bonding: fix xfrm realdev null pointer dereference We shouldn't set realdev to NULL because packets can be in transit and xfrm might call xdodevoffloadok in parallel. All callbacks assume realdev is set. Example trace: kernel: BU...
CVE-2024-44989
CVE-2024-44989 is a Linux kernel vulnerability affecting bonding with xfrm offload, caused by setting real_dev to NULL (callbacks assume real_dev is always set). This can lead to a null-pointer dereference in offload/add SA paths (notably bond_ipsec_offload_ok/nsim_ipsec_offload_ok) when SA setup...