Moderate: Red Hat Security Advisory: libmaxminddb security update

An update for libmaxminddb is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

CentOS 8 : libreoffice (CESA-2023:0089)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2023:0089 advisory. - libreoffice: Execution of Untrusted Macros Due to Improper Certificate Validation CVE-2022-26305 - libreoffice: Static Initialization Vector Allows t...

kernel: smsusb: use-after-free caused by do_submit_urb()

A use-after-free vulnerability was found in the siano smsusb module in the Linux kernel. The bug occurs during device initialization when the siano device is plugged in. This flaw allows a local user to crash the system, causing a denial of service condition...

CVE-2023-4503

An improper initialization vulnerability was found in Galleon. When using Galleon to provision custom EAP or EAP-XP servers, the servers are created unsecured. This issue could allow an attacker to access remote HTTP services available from the server...

Input validation

An improper initialization vulnerability was found in Galleon. When using Galleon to provision custom EAP or EAP-XP servers, the servers are created unsecured. This issue could allow an attacker to access remote HTTP services available from the server...

CVE-2023-4503 Eap-galleon: custom provisioning creates unsecured http-invoker

An improper initialization vulnerability was found in Galleon. When using Galleon to provision custom EAP or EAP-XP servers, the servers are created unsecured. This issue could allow an attacker to access remote HTTP services available from the server...

CVE-2023-4503

CVE-2023-4503 is referenced in Red Hat JBoss EAP 8.x advisories. The issue is in eap-galleon where custom provisioning creates an unsecured http-invoker, potentially allowing access to remote HTTP services from the server. Red Hat's RHSA-2024:3581/3580 (and related OSV entries) note this as a sec...

CVE-2023-33060

Summary of CVE-2023-33060 (Transient DOS in Core when DDR memory check is called while DDR is not initialized) Multiple connected sources (NVD, Red Hat, AR/ENISA EUVD, etc.) align on a denial-of-service issue arising in the Core when a DDR memory check is performed before DDR initialization. Publ...

kernel: smsusb: use-after-free caused by do_submit_urb()

A use-after-free vulnerability was found in the siano smsusb module in the Linux kernel. The bug occurs during device initialization when the siano device is plugged in. This flaw allows a local user to crash the system, causing a denial of service condition...

BossCMS Security Breach

Wenzhou Huoyin Information Technology BossCMS is a content management system based on MySQL architecture of self-developed PHP framework by Wenzhou Huoyin Information Technology. A security vulnerability exists in BossCMS v.1.3.0, which is caused by improper privilege management. The vulnerabilit...

openssl: Incorrect cipher key and IV length processing

A flaw was found in OpenSSL in how it processes key and initialization vector IV lengths. This issue can lead to potential truncation or overruns during the initialization of some symmetric ciphers. A truncation in the IV can result in non-uniqueness, which could result in loss of confidentiality...

kernel: net/sched: sch_hfsc UAF

A use-after-free flaw was found in the Linux kernel's net/sched: schhfsc HFSC qdisc traffic control component that can be exploited to achieve local privilege escalation. If a class with a link-sharing curve, for example, with the HFSCFSC flag set, has a parent without a link-sharing curve, then...

kernel: ath9k: fix use-after-free in ath9k_hif_usb_rx_cb

In the Linux kernel, the following vulnerability has been resolved: ath9k: fix use-after-free in ath9khifusbrxcb Syzbot reported use-after-free Read in ath9khifusbrxcb 0. The problem was in incorrect htchandle-drvpriv initialization. Probable call trace which can trigger use-after-free:...

openssl: Incorrect cipher key and IV length processing

A flaw was found in OpenSSL in how it processes key and initialization vector IV lengths. This issue can lead to potential truncation or overruns during the initialization of some symmetric ciphers. A truncation in the IV can result in non-uniqueness, which could result in loss of confidentiality...

The vulnerability of the vhost_new_msg() function in the drivers/vhost/vhost.c file of the Linux kernel’s vhost driver allows a attacker to access protected information.

The vulnerability of the vhostnewmsg function in the drivers/vhost/vhost.c file of the Linux kernel’s vhost driver is related to improper initialization of memory for messages transmitted between host systems. Exploiting this vulnerability could allow an attacker to gain access to protected...

Siemens SCALANCE LPE9403 Improper Initialization (CVE-2021-20317)

A corrupted timer tree caused the task wakeup to be missing in the timerqueueadd function in lib/timerqueue.c. This flaw allows a local attacker with special user privileges to cause a denial of service, slowing and eventually stopping the system while running OSP. This plugin only works with...

AZL-40048 CVE-2023-6683 affecting package qemu for versions less than 6.2.0-21

A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. The qemuclipboardrequest function can be reached before vncservercuttextcaps was called and had the chance to initialize the clipboard peer, leading to a NULL pointer dereference. This could allow a maliciou...

Linux kernel code issue vulnerability (CNVD-2024-06235)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A code issue vulnerability exists in the Linux kernel that stems from vhostnewmsg in drivers/vhost/vhost.c failing to properly initialize memory in messages passed between a...

SUSE CVE-2023-35994

Multiple improper array index validation vulnerabilities exist in the fstReaderIterBlocks2 tdelta functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability...

CVE-2024-0340

A vulnerability was found in vhostnewmsg in drivers/vhost/vhost.c in the Linux kernel, which does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhostnewmsg function. This issue can allow local privileged users to read...