Security Bulletin: IBM Storage Protect Server is vulnerable due to Eclipse Jetty (CVE-2024-9823)

Summary IBM Storage Protect Server uses Eclipse Jetty and may be vulnerable to deial-of-service attack due to issues with OutofMemory errors related with DosFilter. Vulnerability Details CVEID:CVE-2024-9823 DESCRIPTION: There exists a security vulnerability in Jetty's DosFilter which can be...

Amazon Linux 2 : php (ALASPHP8.2-2025-007)

The version of php installed on the remote host is prior to 8.2.28-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2PHP8.2-2025-007 advisory. Header parser of http stream wrapper does not handle folded headers. CVE-2025-1217 When requesting a HTTP resource using...

The vulnerability of the ps CancelTimer() function in the Linux kernel Bluetooth driver allows a hacker to trigger a service failure.

The vulnerability of the ps CancelTimer function in the Linux kernel Bluetooth driver is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow a attacker to cause a service failure...

Security Bulletin: IBM InfoSphere Information Server is affected by multiple vulnerabilities in Apache Axis

Summary Multiple vulnerabilities in Apache Axis that is used by InfoSphere Information Server were addressed. Vulnerability Details CVEID:CVE-2010-1632 DESCRIPTION: Apache Axis2/Java is vulnerable to a denial of service, caused by an error when handling XML DTD Document Type Declaration data. A...

CVE-2025-0986 IBM PowerVM Hypervisor data manipulation

IBM PowerVM Hypervisor FW1050.00 through FW1050.30 and FW1060.00 through FW1060.20 could allow a local user, under certain Linux processor combability mode configurations, to cause undetected data loss or errors when performing gzip compression using HW acceleration...

SUSE CVE-2024-58091

In the Linux kernel, the following vulnerability has been resolved: drm/fbdev-dma: Add shadow buffering for deferred I/O DMA areas are not necessarily backed by struct page, so we cannot rely on it for deferred I/O. Allocate a shadow buffer for drivers that require deferred I/O and use it as...

Windows 365 Cloud PC VDAs registration getting stuck at initializing state

Windows 365 Cloud PC VDAs getting stuck at initializing state, users cannot access the desktop On the VDA, Citrix Gateway service NGS logs located in "C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Citrix\Ngs" directory will show the below errors. TimeStamp=2025-03-18T07:18:59.591082Z...

CVE-2024-58091

In the Linux kernel, the following vulnerability has been resolved: drm/fbdev-dma: Add shadow buffering for deferred I/O DMA areas are not necessarily backed by struct page, so we cannot rely on it for deferred I/O. Allocate a shadow buffer for drivers that require deferred I/O and use it as...

CVE-2024-58091 drm/fbdev-dma: Add shadow buffering for deferred I/O

In the Linux kernel, the following vulnerability has been resolved: drm/fbdev-dma: Add shadow buffering for deferred I/O DMA areas are not necessarily backed by struct page, so we cannot rely on it for deferred I/O. Allocate a shadow buffer for drivers that require deferred I/O and use it as...

CVE-2024-58091 drm/fbdev-dma: Add shadow buffering for deferred I/O

In the Linux kernel, the following vulnerability has been resolved: drm/fbdev-dma: Add shadow buffering for deferred I/O DMA areas are not necessarily backed by struct page, so we cannot rely on it for deferred I/O. Allocate a shadow buffer for drivers that require deferred I/O and use it as...

CVE-2025-27810

Mbed TLS before 2.28.10 and 3.x before 3.6.3, in some cases of failed memory allocation or hardware errors, uses uninitialized stack memory to compose the TLS Finished message, potentially leading to authentication bypasses such as replays...

The vulnerability of the Linux operating system’s kernel’s media component, which allows a hacker to cause a service failure

The vulnerability of the Linux operating system’s kernel media component is related to read-out errors beyond the boundary. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the netlink component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the netlink component in the Linux operating system’s kernel is related to double-freeing errors. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the virtio_pmem component in the Linux operating system, which allows a hacker to cause a service failure

The vulnerability of the virtiopmem component in the Linux operating system is related to resource management errors. Exploiting this vulnerability can allow an attacker to cause a service failure...

uberAgent shows no data is being found for the Citrix Cloud environment

uberAgent logging shows no errors for connectivity to Citrix Cloud, but shows that no data about the environment is being found. 2025-03-12 10:00:50.000 -0400,DEBUG,ORG,HOSTNAME,2264,GetInformation,No Citrix site information found.2025-03-12 10:00:50.000...

The vulnerability of the nilfs2 component in the Linux operating system’s kernel, which allows a hacker to cause a service failure

The vulnerability of the nilfs2 component in the Linux operating system’s kernel is related to zero-division errors. Exploiting this vulnerability can allow an attacker to cause a service failure...

Vulnerabilities of functions arc_emac_tx_clean(), arc_emac_rx(), arc_emac_open(), arc_emac_set_rx_mode(), arc_free_tx_queue(), arc_free_rx_queue(), and arc_emac_tx() in the drivers/net/ethernet/arc/emac_main.c module of the Linux kernel, which allows a hacker to cause a service failure.

The vulnerabilities of the functions arcemactxclean, arcemacrx, arcemacopen, arcemacsetrxmode, arcfreetxqueue, arcfreerxqueue, and arcemactx in the drivers/net/ethernet/arc/emacmain.c module of the Linux kernel are related to resource management errors. Exploiting these vulnerabilities can allow ...

The vulnerability of the Linux operating system’s kernel component of be2net, which allows a hacker to cause a service failure.

The vulnerability of the be2net kernel component in the Linux operating system is related to resource management errors. Exploiting this vulnerability can allow an attacker to cause service failures...

The vulnerability of the xhci kernel component in the Linux operating system allows a hacker to increase their privileges within the system.

The vulnerability of the xhci kernel component in Linux operating systems is related to errors that occur after release. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the bonding component of the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the bondxdpgetxmitslave function in the Linux kernel’s bonding component is related to resource management errors. Exploiting this vulnerability can allow an attacker to cause a service failure...