5835 matches found
SUSE CVE-2024-36910
In the Linux kernel, the following vulnerability has been resolved: uiohvgeneric: Don't free decrypted memory In CoCo VMs it is possible for the untrusted host to cause setmemoryencrypted or setmemorydecrypted to fail such that an error is returned and the resulting memory is shared. Callers need...
SUSE CVE-2024-36912
In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Track decrypted status in vmbusgpadl In CoCo VMs it is possible for the untrusted host to cause setmemoryencrypted or setmemorydecrypted to fail such that an error is returned and the resulting memory is share...
SUSE CVE-2024-36913
In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Leak pages if setmemoryencrypted fails In CoCo VMs it is possible for the untrusted host to cause setmemoryencrypted or setmemorydecrypted to fail such that an error is returned and the resulting memory is...
DEBIAN-CVE-2024-36912
In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Track decrypted status in vmbusgpadl In CoCo VMs it is possible for the untrusted host to cause setmemoryencrypted or setmemorydecrypted to fail such that an error is returned and the resulting memory is share...
AZL-43248 CVE-2024-36910 affecting package kernel for versions less than 6.6.64.2-9
In the Linux kernel, the following vulnerability has been resolved: uiohvgeneric: Don't free decrypted memory In CoCo VMs it is possible for the untrusted host to cause setmemoryencrypted or setmemorydecrypted to fail such that an error is returned and the resulting memory is shared. Callers need...
DEBIAN-CVE-2024-36909
In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Don't free ring buffers that couldn't be re-encrypted In CoCo VMs it is possible for the untrusted host to cause setmemoryencrypted or setmemorydecrypted to fail such that an error is returned and the resultin...
DEBIAN-CVE-2024-36913
In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Leak pages if setmemoryencrypted fails In CoCo VMs it is possible for the untrusted host to cause setmemoryencrypted or setmemorydecrypted to fail such that an error is returned and the resulting memory is...
UBUNTU-CVE-2024-36912
In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Track decrypted status in vmbusgpadl In CoCo VMs it is possible for the untrusted host to cause setmemoryencrypted or setmemorydecrypted to fail such that an error is returned and the resulting memory is share...
CVE-2024-36913
Technical details about CVE-2024-36913 are not publicly provided in the supplied documents. Monitor for updates from vendors (Linux kernel, Debian, Amazon Linux, MSRC) for affected versions, impact, and fixes.
CVE-2024-36912
CVE-2024-36912 (Linux kernel) affects the hv: vmbus component. The fix adds a decryption-status field to struct vmbus_gpadl to track the decrypted state of buffers, enabling callers of vmbus_establish_gpadl() and vmbus_teardown_gpadl() to decide whether to free or leak pages instead of returning ...
CVE-2024-36912 Drivers: hv: vmbus: Track decrypted status in vmbus_gpadl
In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Track decrypted status in vmbusgpadl In CoCo VMs it is possible for the untrusted host to cause setmemoryencrypted or setmemorydecrypted to fail such that an error is returned and the resulting memory is share...
Security Bulletin: IBM Instana Observability is affected by multiple vulnerabilities within Instana Agent container image
Summary Multiple vulnerabilities were remediated in IBM Observability with Instana within Instana Agent container image build 273. Vulnerability Details CVEID:CVE-2024-29857 DESCRIPTION: The Bouncy Castle Crypto Package For Java is vulnerable to a denial of service, caused by improper input...
Huawei EulerOS: Security Advisory for python-pycryptodome (EulerOS-SA-2024-1775)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP12 : python-pycryptodome (EulerOS-SA-2024-1775)
According to the versions of the python-pycryptodome package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : PyCryptodome and pycryptodomex before 3.19.1 allow side-channel leakage for OAEP decryption, exploitable for a Manger...
EulerOS 2.0 SP12 : python-pycryptodome (EulerOS-SA-2024-1752)
According to the versions of the python-pycryptodome package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : PyCryptodome and pycryptodomex before 3.19.1 allow side-channel leakage for OAEP decryption, exploitable for a Manger...
kernel: Marvin vulnerability side-channel leakage in the RSA decryption operation
A Marvin vulnerability side-channel leakage was found in the RSA decryption operation in the Linux Kernel. This issue may allow a network attacker to decrypt ciphertexts or forge signatures, limiting the services that use that private key...
kernel: Marvin vulnerability side-channel leakage in the RSA decryption operation
A Marvin vulnerability side-channel leakage was found in the RSA decryption operation in the Linux Kernel. This issue may allow a network attacker to decrypt ciphertexts or forge signatures, limiting the services that use that private key...
PT-2024-25508 · Unknown · Ci-Out-Of-Office Manager
Name of the Vulnerable Software and Affected Versions: CI-Out-of-Office Manager versions through 6.0.0.77 Description: The issue concerns the use of a hard-coded cryptographic key in the software. This could potentially allow unauthorized access or decryption of sensitive data. Recommendations: F...
OESA-2024-1645 skopeo security update
A command line utility that performs various operations on container images and image repositories Security Fixes: Package jose aims to provide an implementation of the Javascript Object Signing and Encryption set of standards. An attacker could send a JWE containing compressed data that used lar...
OESA-2024-1644 skopeo security update
A command line utility that performs various operations on container images and image repositories Security Fixes: Package jose aims to provide an implementation of the Javascript Object Signing and Encryption set of standards. An attacker could send a JWE containing compressed data that used lar...