103 matches found
EUVD-2022-55761
In the Linux kernel, the following vulnerability has been resolved: s390/lcs: Fix return type of lcsstartxmit With clang's kernel control flow integrity kCFI, CONFIGCFICLANG, indirect call targets are validated against the expected function pointer prototype to make sure the call target is valid ...
EUVD-2007-2058
Malware in sbrugna...
EUVD-2024-52225
Malicious code in bioql PyPI...
EUVD-2024-3492
Malicious code in bioql PyPI...
EUVD-2024-32500
Malicious code in bioql PyPI...
s390/pkey: Wipe copies of clear-key structures on failure
...
kvm: s390: Reject memory region operations for ucontrol VMs
...
kernel: s390/ptrace: handle setting of fpc register correctly
In the Linux kernel, the following vulnerability has been resolved: s390/ptrace: handle setting of fpc register correctly If the content of the floating point control fpc register of a traced process is modified with the ptrace interface the new value is tested for validity by temporarily loading...
CVE-2024-53979
ibm.ibmzhmc is an Ansible collection for the IBM Z HMC. The Ansible collection "ibm.ibmzhmc" writes password-like properties in clear text into its log file and into the output returned by some of its Ansible module in the following cases: 1. The 'bootftppassword' and 'sscmasterpw' properties are...
SUSE-SU-2025:01615-1 Security update for grub2
This update for grub2 rebuilds the existing package with the new 4k RSA secure boot key for IBM Power and Z. Note: the signing key of x86 / x8664 and aarch64 architectures are unchanged. Also the following issue were fixed: - CVE-2025-4382: TPM auto-decryption data exposure bsc1242971 - Fix...
UBUNTU-CVE-2023-53123
In the Linux kernel, the following vulnerability has been resolved: PCI: s390: Fix use-after-free of PCI resources with per-function hotplug On s390 PCI functions may be hotplugged individually even when they belong to a multi-function device. In particular on an SR-IOV device VFs may be removed...
SUSE-SU-2025:20003-1 Security update for util-linux
This update for util-linux fixes the following issues: Security issue fixed: - CVE-2024-28085: Properly neutralize escape sequences in wall to avoid potential account takeover. bsc1221831 Non-security issues fixed: - Fix hang of lscpu -e bsc1225598 - lscpu: Add more ARM cores bsc1223605 - Documen...
Security update for util-linux
This update for util-linux fixes the following issues: Security issue fixed: CVE-2024-28085: Properly neutralize escape sequences in wall to avoid potential account takeover. bsc1221831 Non-security issues fixed: Fix hang of lscpu -e bsc1225598 lscpu: Add more ARM cores bsc1223605 Document that...
Security Bulletin: A vulnerability in IBM Java Runtime affects Tivoli Netcool/OMNIbus. (CVE-2024-3933)
Summary There is a vulnerability in IBM® Runtime Environment Java™ Technology Edition, Version 8 that is used by Tivoli Netcool/OMNIbus running on Linux on IBM Z Systems. Vulnerability Details CVEID:CVE-2024-3933 DESCRIPTION: Eclipse Openj9 could allow a local authenticated attacker to bypass...
CVE-2024-53865
zhmcclient is a pure Python client library for the IBM Z HMC Web Services API. In affected versions the Python package "zhmcclient" writes password-like properties in clear text into its HMC and API logs in the following cases: 1. The 'boot-ftp-password' and 'ssc-master-pw' properties when creati...
CVE-2024-53979
ibm.ibmzhmc is an Ansible collection for the IBM Z HMC. The Ansible collection "ibm.ibmzhmc" writes password-like properties in clear text into its log file and into the output returned by some of its Ansible module in the following cases: 1. The 'bootftppassword' and 'sscmasterpw' properties are...
CVE-2024-53979 Ansible collection "ibm.ibm_zhmc" has passwords in clear text in log file and in output of some modules when specified as input
ibm.ibmzhmc is an Ansible collection for the IBM Z HMC. The Ansible collection "ibm.ibmzhmc" writes password-like properties in clear text into its log file and into the output returned by some of its Ansible module in the following cases: 1. The 'bootftppassword' and 'sscmasterpw' properties are...
CVE-2024-53979 Ansible collection "ibm.ibm_zhmc" has passwords in clear text in log file and in output of some modules when specified as input
ibm.ibmzhmc is an Ansible collection for the IBM Z HMC. The Ansible collection "ibm.ibmzhmc" writes password-like properties in clear text into its log file and into the output returned by some of its Ansible module in the following cases: 1. The 'bootftppassword' and 'sscmasterpw' properties are...
CVE-2024-53865 Python package "zhmcclient" has passwords in clear text in its HMC and API logs
zhmcclient is a pure Python client library for the IBM Z HMC Web Services API. In affected versions the Python package "zhmcclient" writes password-like properties in clear text into its HMC and API logs in the following cases: 1. The 'boot-ftp-password' and 'ssc-master-pw' properties when creati...
zhmc-ansible-modules 安全漏洞
zhmc-ansible-modules is an Ansible collection for IBM Z HMC open sourced by zhmcclient. A security vulnerability exists in zhmc-ansible-modules, which stems from the fact that under certain circumstances, ibm.ibmzhmc writes password-like attributes in plaintext to its log files and to the output...