Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003697)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003697 advisory. The flowdissector feature in the Linux kernel 4.3 through 5.x before 5.3.10 has a device tracking vulnerability, aka CID-55667441c84f. This occurs because the auto...

CVE-2024-42321

In the Linux kernel, the following vulnerability has been resolved: net: flowdissector: use DEBUGNETWARNONONCE The following splat is easy to reproduce upstream as well as in -stable kernels. Florian Westphal provided the following commit: d1dab4f71d37 "net: add and use skbgethashsymmetricnet" bu...

CVE-2024-42321

In the Linux kernel, the following vulnerability has been resolved: net: flowdissector: use DEBUGNETWARNONONCE The following splat is easy to reproduce upstream as well as in -stable kernels. Florian Westphal provided the following commit: d1dab4f71d37 "net: add and use skbgethashsymmetricnet" bu...

CVE-2024-42321 net: flow_dissector: use DEBUG_NET_WARN_ON_ONCE

In the Linux kernel, the following vulnerability has been resolved: net: flowdissector: use DEBUGNETWARNONONCE The following splat is easy to reproduce upstream as well as in -stable kernels. Florian Westphal provided the following commit: d1dab4f71d37 "net: add and use skbgethashsymmetricnet" bu...

CVE-2024-42321 net: flow_dissector: use DEBUG_NET_WARN_ON_ONCE

In the Linux kernel, the following vulnerability has been resolved: net: flowdissector: use DEBUGNETWARNONONCE The following splat is easy to reproduce upstream as well as in -stable kernels. Florian Westphal provided the following commit: d1dab4f71d37 "net: add and use skbgethashsymmetricnet" bu...

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-5.19.2)

The version of AOS installed on the remote host is prior to 5.19.2. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-5.19.2 advisory. - Perl before 5.30.3 has an integer overflow related to mishandling of a PLregkindOPn == NOTHING situation. A crafted regular...

CentOS: Security Advisory for bpftool (CESA-2020:5437)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Scientific Linux Security Update : kernel on SL7.x x86_64 (2020:5437)

The remote Scientific Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the SLSA-2020:5437-1 advisory. - kernel: metadata validator in XFS may cause an inode with a valid, user-creatable extended attribute to be flagged as corrupt CVE-2020-14385 -...

EulerOS 2.0 SP8 : kernel (EulerOS-SA-2020-1807)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The kernel package contains the Linux kernel vmlinuz, the core of any Linux operating system. The kernel handles the basic functions of the...

NewStart CGSL MAIN 6.01 : kernel Multiple Vulnerabilities (NS-SA-2020-0030)

The remote NewStart CGSL host, running version MAIN 6.01, has kernel packages installed that are affected by multiple vulnerabilities: - A flaw was found in the Linux kernel's NFS implementation, all versions 3.x and all versions 4.x up to 4.20. An attacker, who is able to mount an exported NFS...

ASB-A-148588557

In flowhashfromkeys of flowdissector.c, there is a possible packet injection due to improperly used crypto. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2019-18282

A device tracking vulnerability was found in the flowdissector feature in the Linux kernel. This flaw occurs because the auto flowlabel of the UDP IPv6 packet relies on a 32-bit hashmd value as a secret, and jhash instead of siphash is used. The hashmd value remains the same starting from boot ti...

CVE-2019-18282

The flowdissector feature in the Linux kernel 4.3 through 5.x before 5.3.10 has a device tracking vulnerability, aka CID-55667441c84f. This occurs because the auto flowlabel of a UDP IPv6 packet relies on a 32-bit hashrnd value as a secret, and because jhash instead of siphash is used. The hashrn...

Code injection

The flowdissector feature in the Linux kernel 4.3 through 5.x before 5.3.10 has a device tracking vulnerability, aka CID-55667441c84f. This occurs because the auto flowlabel of a UDP IPv6 packet relies on a 32-bit hashrnd value as a secret, and because jhash instead of siphash is used. The hashrn...

CVE-2019-18282

The flowdissector feature in the Linux kernel 4.3 through 5.x before 5.3.10 has a device tracking vulnerability, aka CID-55667441c84f. This occurs because the auto flowlabel of a UDP IPv6 packet relies on a 32-bit hashrnd value as a secret, and because jhash instead of siphash is used. The hashrn...

CVE-2019-18282

CVE-2019-18282 affects the Linux kernel flow_dissector (Linux 4.3–5.x up to 5.3.10). The root cause is that UDP/IPv6 flow labels rely on a 32-bit hashrnd secret, with jhash used instead of siphash, allowing an attacker to infer the secret and track flows. Affected code includes net/core/flow_diss...

CVE-2019-18282

The flowdissector feature in the Linux kernel 4.3 through 5.x before 5.3.10 has a device tracking vulnerability, aka CID-55667441c84f. This occurs because the auto flowlabel of a UDP IPv6 packet relies on a 32-bit hashrnd value as a secret, and because jhash instead of siphash is used. The hashrn...

kernel: security and bugfix update (important)

The Linux kernel was updated to fix various bugs and security issues: - mm/page-writeback.c: do not count anon pages as dirtyable memory reclaim stalls. - mm/page-writeback.c: fix dirtybalancereserve subtraction from dirtyable memory reclaim stalls. - compatsysrecvmmsg X32 fix bnc860993...

CVE-2013-4348

CVE-2013-4348 affects the Linux kernel (up to 3.12) via skb_flow_dissect in net/core/flow_dissector.c. A crafted small IHL value in IPIP-encapsulated packets can trigger an infinite loop, enabling remote denial of service. The connected Nessus advisories reproduce the same description for Unity L...