Rocky Linux 8 : gzip (RLSA-2022:1537)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:1537 advisory. - An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a crafted fi...

Fedora 39 : indent (2023-845edc1181)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-845edc1181 advisory. This release fixes a heap buffer overwrite in searchbrace CVE-2023-40305 and a heap overread in lexi. Tenable has extracted the preceding descriptio...

Rocky Linux 9 : gzip (RLSA-2022:4582)

The remote Rocky Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:4582 advisory. - An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a crafted fi...

ALSA-2023:6661 Low: gmp security and enhancement update

The gmp packages contain GNU MP, a library for arbitrary precision arithmetics, signed integers operations, rational numbers, and floating point numbers. Security Fixes: gmp: Integer overflow and resultant buffer overflow via crafted input CVE-2021-43618 For more details about the security issues...

Rocky Linux 8 : mailman:2.1 (RLSA-2021:1751)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:1751 advisory. - /options/mailman in GNU Mailman before 2.1.31 allows Arbitrary Content Injection. CVE-2020-12108 - GNU Mailman before 2.1.33 allows arbitrary content...

Rocky Linux 9 : xz (RLSA-2022:4940)

The remote Rocky Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:4940 advisory. - An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a crafted fi...

Rocky Linux 8 : glibc (RLSA-2021:1585)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:1585 advisory. - The iconv program in the GNU C Library aka glibc or libc6 2.31 and earlier, when invoked with multiple suffixes in the destination encoding TRANSLATE ...

Rocky Linux 8 : cpio (RLSA-2022:1991)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:1991 advisory. - GNU cpio through 2.13 allows attackers to execute arbitrary code via a crafted pattern file, because of a dstring.c dsfgetstr integer overflow that triggers an...

RockyLinux 8 : binutils (RLSA-2021:4364)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:4364 advisory. binutils: Excessive debug section size can cause excessive memory consumption in bfd's dwarf2.c readsection CVE-2021-3487 binutils: Race window allows...

Fedora: Security Advisory (FEDORA-2023-f1c8e4c1cc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2023-035866b576)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux 2023 : compat-libpthread-nonshared, glibc, glibc-all-langpacks (ALAS2023-2023-407)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-407 advisory. A flaw was found in the GNU C Library. A recent fix for CVE-2023-4806 introduced the potential for a memory leak, which may result in an application crash. CVE-2023-5156 Tenable has extracted the...

[SECURITY] Fedora 39 Update: exim-4.96.2-1.fc39

Exim is a message transfer agent MTA developed at the University of Cambridge for use on Unix systems connected to the Internet. It is freely available under the terms of the GNU General Public Licence. In style it is similar to Smail 3, but its facilities are more general. There is a great deal ...

[SECURITY] Fedora 39 Update: gdb-13.2-10.fc39

GDB, the GNU debugger, allows you to debug programs written in C, C++, Fortran, Go, and other languages, by executing them in a controlled fashion and printing their data. If you want to use GDB for development purposes, you should install the 'gdb' package which will install 'gdb-headless' and...

[SECURITY] Fedora 39 Update: icecat-115.3.1-7.rh2.fc39

GNU IceCat is the GNU version of the Firefox ESR browser. Extensions included to this version of IceCat: LibreJS GNU LibreJS aims to address the JavaScript problem described in the article "The JavaScript Trap" of Richard Stallman. HTTPS Everywhere HTTPS Everywhere is an extension that encrypts...

Low: glibc

Issue Overview: A flaw was found in the GNU C Library. A recent fix for CVE-2023-4806 introduced the potential for a memory leak, which may result in an application crash. CVE-2023-5156 Affected Packages: glibc Issue Correction: Run dnf update glibc --releasever 2023.2.20231030 or dnf update...

F5 Networks BIG-IP : glibc vulnerability (K35040315)

The version of F5 Networks BIG-IP installed on the remote host is prior to 16.0.0. It is, therefore, affected by a vulnerability as referenced in the K35040315 advisory. - In the GNU C Library aka glibc or libc6 through 2.28, the getaddrinfo function would successfully parse a string that contain...

F5 Networks BIG-IP : Binutils vulnerability (K09092524)

The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3 / 17.5.1. It is, therefore, affected by a vulnerability as referenced in the K09092524 advisory. An issue was discovered in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.32. It ...

SUSE CVE-2022-1117

A vulnerability was found in fapolicyd. The vulnerability occurs due to an assumption on how glibc names the runtime linker, a build time regular expression may not correctly detect the runtime linker. The consequence is that the pattern detection for applications launched by the run time linker...

Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2023-3048)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...