[SECURITY] Fedora 39 Update: xen-4.17.4-3.fc39

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

Ubuntu: Security Advisory (USN-6972-4)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-6972-4: Linux kernel (Oracle) vulnerabilities

Yuxuan Hu discovered that the Bluetooth RFCOMM protocol driver in the Linux Kernel contained a race condition, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of service system crash. CVE-2024-22099 It was discovered that a race condition existed in th...

Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel (Oracle) vulnerabilities (USN-6972-4)

"The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6972-4 advisory. Yuxuan Hu discovered that the Bluetooth RFCOMM protocol driver in the Linux Kernel contained a race condition, leading to a NULL pointer...

AZL-48300 CVE-2024-43806 affecting package cloud-hypervisor for versions less than 32.0-7

Rustix is a set of safe Rust bindings to POSIX-ish APIs. When using rustix::fs::Dir using the linuxraw backend, it's possible for the iterator to "get stuck" when an IO error is encountered. Combined with a memory over-allocation issue in rustix::fs::Dir::readmore, this can cause quick and...

USN-6972-3 linux-azure, linux-azure-4.15 vulnerabilities

Yuxuan Hu discovered that the Bluetooth RFCOMM protocol driver in the Linux Kernel contained a race condition, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of service system crash. CVE-2024-22099 It was discovered that a race condition existed in th...

USN-6972-3: Linux kernel (Azure) vulnerabilities

Yuxuan Hu discovered that the Bluetooth RFCOMM protocol driver in the Linux Kernel contained a race condition, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of service system crash. CVE-2024-22099 It was discovered that a race condition existed in th...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : Linux kernel (Azure) vulnerabilities (USN-6972-3)

"The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6972-3 advisory. Yuxuan Hu discovered that the Bluetooth RFCOMM protocol driver in the Linux Kernel contained a race condition, leading to a NULL...

USN-6972-2 linux-aws, linux-aws-hwe vulnerabilities

Yuxuan Hu discovered that the Bluetooth RFCOMM protocol driver in the Linux Kernel contained a race condition, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of service system crash. CVE-2024-22099 It was discovered that a race condition existed in th...

Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel (AWS) vulnerabilities (USN-6972-2)

"The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6972-2 advisory. Yuxuan Hu discovered that the Bluetooth RFCOMM protocol driver in the Linux Kernel contained a race condition, leading to a NULL pointer...

Ubuntu 14.04 LTS / 16.04 LTS : Linux kernel vulnerabilities (USN-6976-1)

"The remote Ubuntu 14.04 LTS / 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6976-1 advisory. Yuxuan Hu discovered that the Bluetooth RFCOMM protocol driver in the Linux Kernel contained a race condition, leading to a NULL pointer...

USN-6976-1 linux, linux-aws, linux-kvm, linux-lts-xenial vulnerabilities

Yuxuan Hu discovered that the Bluetooth RFCOMM protocol driver in the Linux Kernel contained a race condition, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of service system crash. CVE-2024-22099 It was discovered that a race condition existed in th...

USN-6972-1 linux, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm vulnerabilities

Yuxuan Hu discovered that the Bluetooth RFCOMM protocol driver in the Linux Kernel contained a race condition, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of service system crash. CVE-2024-22099 It was discovered that a race condition existed in th...

virt-v2v bug fix update

An update is available for virt-v2v. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The virt-v2v package provides a tool for converting virtual machines to use...

Security Bulletins for XenServer

This article lists historic security bulletins published for XenServer 8.4. We recommend subscribing to security bulletin email alerts for timely notification of new bulletins. The bulletins advise about any software updates that have been published to address the issues. We highly recommend that...

Cannot download source for Citrix Hypervisor hotfixes

The Hotfix Source link in articles for Citrix Hypervisor 8.2 Cumulative Update 1 hotfixes hangs when attempting to download the hotfix source file. This problem occurs whether or not the user is logged in to their Citrix account through the Log In link provided on support.citrix.com...

Driver Disk for Qlogic qla2xxx 10.02.12.01_k - For Citrix Hypervisor 8.2 Cumulative Update 1 LTSR

Who should install this driver disk? Customers running the Citrix Hypervisor 8.2 Cumulative Update 1 LTSR release who use Qlogic's qla2xxx driver and wish to use the latest version of the following: Driver Module| Driver Type| Version ---|---|--- qla2xxx| Fibre Channel HBA/Storage Controller|...

Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-6972-1)

"The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6972-1 advisory. Yuxuan Hu discovered that the Bluetooth RFCOMM protocol driver in the Linux Kernel contained a race condition, leading to a NULL pointer...

SUSE CVE-2023-20584

IOMMU improperly handles certain special address ranges with invalid device table entries DTEs, which may allow an attacker with privileges and a compromised Hypervisor to induce DTE faults to bypass RMP checks in SEV-SNP, potentially leading to a loss of guest integrity...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: iouring: drop any code related to SCMRIGHTS CVE-2023-52656 Integer Overflow or Wraparound vulnerability in Linux kernel on x86 and ARM md, raid, raid5 modules allows Forced Integer Overflow. CVE-2024-23307 A...