EUVD-2023-1914

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2023-52443

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: apparmor: avoid crash when parsed profile name is empty When processing a packed profile in...

OESA-2024-1397 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: ASoC: q6afe-clocks: fix reprobing of the driver Q6afe-clocks driver can get reprobed. For example if the APR services are restarted after the firmware crash...

OESA-2024-1396 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: intel-sdw-acpi: harden detection of controller The existing code currently sets a pointer to an ACPI handle before checking that it's actually a...

CLSA-2024-1710947240 Fix of 12 CVEs

CVE-url: https://ubuntu.com/security/CVE-2023-52449 - mtd: Fix gluebi NULL pointer dereference caused by ftl notifier CVE-url: https://ubuntu.com/security/CVE-2023-39197 - netfilter: conntrack: dccp: copy entire header to stack buffer, not just basic one CVE-url:...

CLSA-2024-1710945846 Fix of 9 CVEs

CVE-url: https://ubuntu.com/security/CVE-2023-52449 - mtd: Fix gluebi NULL pointer dereference caused by ftl notifier Bionic update: upstream stable patchset 2018-08-29 LP: 1789666 // CVE- url: https://ubuntu.com/security/CVE-2022-20567 - l2tp: fix refcount leakage on PPPoL2TP sockets Bionic upda...

SUSE CVE-2023-52443

In the Linux kernel, the following vulnerability has been resolved: apparmor: avoid crash when parsed profile name is empty When processing a packed profile in unpackprofile described like "profile :ns::samba-dcerpcd /usr/lib/samba/,samba/samba-dcerpcd ..." a string ":samba-dcerpcd" is unpacked a...

UBUNTU-CVE-2023-52443

In the Linux kernel, the following vulnerability has been resolved: apparmor: avoid crash when parsed profile name is empty When processing a packed profile in unpackprofile described like "profile :ns::samba-dcerpcd /usr/lib/samba/,samba/samba-dcerpcd ..." a string ":samba-dcerpcd" is unpacked a...

Spoofing

In the Linux kernel, the following vulnerability has been resolved: apparmor: avoid crash when parsed profile name is empty When processing a packed profile in unpackprofile described like "profile :ns::samba-dcerpcd /usr/lib/samba/,samba/samba-dcerpcd ..." a string ":samba-dcerpcd" is unpacked a...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from aaallocprofile crash when the parsed profile name is empty...

Profile Enforcement Bypass

k8s.io/kubernetes is vulnerable to Profile Enforcement Bypass. The vulnerability exists because the library does not properly define the seccomp type for the local host, which allows an attacker to bypass the seccomp profile enforcement by passing an empty profile...

SUSE CVE-2023-2431

A security issue was discovered in Kubelet that allows pods to bypass the seccomp profile enforcement. Pods that use localhost type for seccomp profile but specify an empty profile field, are affected by this issue. In this scenario, this vulnerability allows the pod to run in unconfined seccomp...

UBUNTU-CVE-2023-2431

A security issue was discovered in Kubelet that allows pods to bypass the seccomp profile enforcement. Pods that use localhost type for seccomp profile but specify an empty profile field, are affected by this issue. In this scenario, this vulnerability allows the pod to run in unconfined seccomp...

CVE-2023-2431

A security issue was discovered in Kubelet that allows pods to bypass the seccomp profile enforcement. Pods that use localhost type for seccomp profile but specify an empty profile field, are affected by this issue. In this scenario, this vulnerability allows the pod to run in unconfined seccomp...

PT-2023-3615 · Kubelet +2 · Kubelet +2

Name of the Vulnerable Software and Affected Versions: Kubelet affected versions not specified Description: A security issue was discovered in Kubelet that allows pods to bypass the seccomp profile enforcement. Pods that use localhost type for seccomp profile but specify an empty profile field ar...