Siemens SIMATIC Devices NULL Pointer Dereference (CVE-2023-3772)

A flaw was found in the Linux kernel's IP framework for transforming packets XFRM subsystem. This issue may allow a malicious user with CAPNETADMIN privileges to directly dereference a NULL pointer in xfrmupdateaeparams, leading to a possible kernel crash and denial of service. This plugin only...

EUVD-2023-44406

Malicious code in bioql PyPI...

SUSE CVE-2023-3773

A flaw was found in the Linux kernel's IP framework for transforming packets XFRM subsystem. This issue may allow a malicious user with CAPNETADMIN privileges to cause a 4 byte out-of-bounds read of XFRMAMTIMERTHRESH when parsing netlink attributes, leading to potential leakage of sensitive heap...

Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel (Intel IoTG) vulnerabilities (USN-6516-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6516-1 advisory. Ivan D Barrera, Christopher Bednarz, Mustafa Ismail, and Shiraz Saleem discovered that the InfiniBand RDMA driver in the Linux kernel did not...

Ubuntu 22.04 LTS : Linux kernel (NVIDIA) vulnerabilities (USN-6466-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6466-1 advisory. Hyunwoo Kim discovered that the DVB Core driver in the Linux kernel contained a race condition during device removal, leading to a use-after- free...

SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2023:3988-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3988-1 advisory. The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security and bugfixes. The following security bugs were...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2023:3971-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3971-1 advisory. The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security and bugfixes. Th...

Important: kernel

Issue Overview: A flaw was found in the Linux kernel's IP framework for transforming packets XFRM subsystem. This issue may allow a malicious user with CAPNETADMIN privileges to directly dereference a NULL pointer in xfrmupdateaeparams, leading to a possible kernel crash and denial of service...

Ubuntu 22.04 LTS : Linux kernel (OEM) vulnerabilities (USN-6415-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6415-1 advisory. Daniel Trujillo, Johannes Wikner, and Kaveh Razavi discovered that some AMD processors utilising speculative execution and branch prediction may allow...

SUSE SLES15 Security Update : kernel (SUSE-SU-2023:3600-2)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3600-2 advisory. The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: -...

OESA-2023-1510 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: A flaw was found in the Linux kernel’s IP framework for transforming packets XFRM subsystem. This issue may allow a malicious user with CAPNETADMIN privileges to directly dereference a NULL pointer in xfrmupdateaeparams, leading ...

CVE-2023-3773

A flaw was found in the Linux kernel’s IP framework for transforming packets XFRM subsystem. This issue may allow a malicious user with CAPNETADMIN privileges to cause a 4 byte out-of-bounds read of XFRMAMTIMERTHRESH when parsing netlink attributes, leading to potential leakage of sensitive heap...

CVE-2023-3772

A flaw was found in the Linux kernel’s IP framework for transforming packets XFRM subsystem. This issue may allow a malicious user with CAPNETADMIN privileges to directly dereference a NULL pointer in xfrmupdateaeparams, leading to a possible kernel crash and denial of service...

CVE-2023-3773

A flaw was found in the Linux kernel’s IP framework for transforming packets XFRM subsystem. This issue may allow a malicious user with CAPNETADMIN privileges to cause a 4 byte out-of-bounds read of XFRMAMTIMERTHRESH when parsing netlink attributes, leading to potential leakage of sensitive heap...

CVE-2023-3772

A flaw was found in the Linux kernel’s IP framework for transforming packets XFRM subsystem. This issue may allow a malicious user with CAPNETADMIN privileges to directly dereference a NULL pointer in xfrmupdateaeparams, leading to a possible kernel crash and denial of service...

CVE-2023-3772

A flaw was found in the Linux kernel’s IP framework for transforming packets XFRM subsystem. This issue may allow a malicious user with CAPNETADMIN privileges to directly dereference a NULL pointer in xfrmupdateaeparams, leading to a possible kernel crash and denial of service...

CVE-2023-3772

CVE-2023-3772 is a Linux kernel vulnerability in the IPsec XFRM subsystem that allows a local attacker with CAP_NET_ADMIN to dereference a NULL pointer in xfrm_update_ae_params(), potentially crashing the kernel and causing a denial of service. Connected documents confirm the root cause as a NULL...

CVE-2023-3773

The CVE-2023-3773 entry describes a flaw in the Linux kernel’s XFRM (IP framework) where parsing netlink attributes can trigger a 4-byte out-of-bounds read of XFRMA_MTIMER_THRESH. This could allow a malicious user with CAP_NET_ADMIN to leak sensitive heap data to userspace. The provided descripti...

CVE-2023-3772 Kernel: xfrm: null pointer dereference in xfrm_update_ae_params()

A flaw was found in the Linux kernel’s IP framework for transforming packets XFRM subsystem. This issue may allow a malicious user with CAPNETADMIN privileges to directly dereference a NULL pointer in xfrmupdateaeparams, leading to a possible kernel crash and denial of service...

CVE-2023-3773

A flaw was found in the Linux kernel’s IP framework for transforming packets XFRM subsystem. This issue may allow a malicious user with CAPNETADMIN privileges to cause a 4 byte out-of-bounds read of XFRMAMTIMERTHRESH when parsing netlink attributes, leading to potential leakage of sensitive heap...