Fedora 40 : llvm-test-suite (2024-300397332b)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-300397332b advisory. Remove ClamAV subdirectory because of viruses in input files: These were the findings: MultiSource/Applications/ClamAV/inputs/rtf-test/rtf1.rtf:...

ROS-20241120-02

A vulnerability in the locking/wwmutex/test components of the Linux operating system kernel is related to improper locking in the functions listforeachentrysafe, stressonework, and stress in the kernel/locking/test/test-wwmutex.c. Exploitation of the vulnerability could allow an attacker to cause...

The vulnerability of Palo Alto Networks’ operating system PAN-OS, related to pointer arithmetic errors, allows a hacker to trigger a service failure.

The vulnerability of Palo Alto Networks’ operating system PAN-OS relates to pointer arithmetic errors. Exploiting this vulnerability could allow a remote attacker to cause service interruptions...

CVE-2024-53082

In the Linux kernel, the following vulnerability has been resolved: virtionet: Add hashkeylength check Add hashkeylength check in virtnetprobe to avoid possible out of bound errors when setting/reading the hash key...

UBUNTU-CVE-2024-53087

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix possible exec queue leak in exec IOCTL In a couple of places after an exec queue is looked up the exec IOCTL returns on input errors without dropping the exec queue ref. Fix this ensuring the exec queue ref is dropped...

CVE-2024-53088 i40e: fix race condition by adding filter's intermediate sync state

In the Linux kernel, the following vulnerability has been resolved: i40e: fix race condition by adding filter's intermediate sync state Fix a race condition in the i40e driver that leads to MAC/VLAN filters becoming corrupted and leaking. Address the issue that occurs under heavy load when multip...

CVE-2024-53082

CVE-2024-53082: Linux kernel virtio_net vulnerability resolved by adding a hash_key_length check in virtnet_probe() to prevent possible out-of-bounds errors when setting/reading the hash key. This root cause and fix are echoed in connected documents (Astra Linux bulletin and IBM/Red Hat–style pag...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates from flushing uninitialized delayedwork on cachectr errors...

The vulnerability of the nilfs2 component in the Linux operating system’s kernel, which allows a hacker to cause a service failure

The vulnerability of the nilfs2 component in the Linux operating system’s kernel is related to readout errors beyond the boundary in the nilfstypebymode function. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the wilc1000 component in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the wilc1000 component in the Linux operating system arises due to synchronization errors when using a common resource in the wilcparsejoinbssparam function. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the nf_tables component in the Linux operating system’s kernel allows a hacker to cause a service failure.

The vulnerability of the nftables component in the Linux operating system’s kernel is related to resource management errors. Exploiting this vulnerability can allow an attacker to cause service failures...

The vulnerability of the usb-storage component in the Linux operating system’s kernel allows a hacker to cause a service failure.

The vulnerability of the usb-storage component in Linux operating systems is related to zero-division errors. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the nf_tables component in the Linux operating system’s kernel allows a hacker to cause a service failure.

The vulnerability of the nftables component in the Linux operating system’s kernel is related to resource management errors in the nftablesupdtable function. Exploiting this vulnerability can allow an attacker to cause a service failure...

ROS-20241119-02

Vulnerability of cxl/region components of Linux kernel is related to the use of uninitialized resource in the cxlregionattach function in drivers/cxl/core/region.c. Exploitation of the the vulnerability could allow an attacker to cause a denial of service A vulnerability in the tls component of t...

squid security update

7:5.5-14.3 - Disable ESI support - Resolves: RHEL-65076 - CVE-2024-45802 squid: Denial of Service processing ESI response content 7:5.5-14.2 - Resolves: RHEL-64425 TCPMISSABORTED/100 erros when uploading 7:5.5-14.1 - Resolves: RHEL-62332 - Regression Transfer-encoding:chunked data is not sent to...

The vulnerability of the tpd12s015 component in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the tpd12s015 component in the Linux operating system is related to resource management errors in the tpd12s015probe function. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the fsl-qdma component in the Linux operating system’s kernel allows a hacker to cause a service failure.

The vulnerability of the fsl-qdma component in the Linux operating system is related to memory release errors. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the f2fs component of the Linux operating system’s kernel, which allows a hacker to cause a service failure

The vulnerability of the f2fs component of the Linux operating system’s kernel arises due to synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the Windows Registry component of the Microsoft Windows operating system, which allows a hacker to increase their privileges

The vulnerability of the Windows Registry component of the Microsoft Windows operating system is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to increase their privileges...

The vulnerability of the Acrobat Reader PDF viewing and editing software is related to synchronization errors when using a common resource, allowing attackers to escalate their privileges.

The vulnerability of the Acrobat Reader PDF viewing and editing software is related to synchronization errors when using a common resource. Exploiting this vulnerability can allow an attacker to increase their privileges...