Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel regression (USN-4660-2)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-4660-2 advisory. USN-4660-1 fixed vulnerabilities in the Linux kernel. Unfortunately, that update introduced a regression in the software raid10 driver when used with...

IBM HTTP Server 7.0.0.0 < 7.0.0.45 / 8.0.0.0 < 8.0.0.15 / 8.5.0.0 < 8.5.5.13 / 9.0.0.0 < 9.0.0.6 Sweet32:Birthday Attack (553351)

The version of IBM HTTP Server running on the remote host is affected by a vulnerability. The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote...

SUSE SLES12 Security Update : kernel (SUSE-SU-2020:3656-1)

This update for the Linux Kernel 4.4.180-94135 fixes several issues. The following security issues were fixed : CVE-2020-25645: Fixed an issue which traffic between two Geneve endpoints may be unencrypted when IPsec is configured to encrypt traffic for the specific UDP port used by the GENEVE...

SUSE SLES12 Security Update : kernel (SUSE-SU-2020:3544-1)

The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bug fixes. The following security bugs were fixed : CVE-2020-25705: A flaw in the way reply ICMP packets are limited in was found that allowed to quickly scan open UDP ports. This flaw allowed an off-path remote...

SUSE SLES12 Security Update : kernel (SUSE-SU-2020:3433-1)

This update for the Linux Kernel 4.4.180-94113 fixes one issue. The following security issue was fixed : CVE-2020-25645: Fixed an an issue in IPsec that caused traffic between two Geneve endpoints to be unencrypted bnc1177513. Note that Tenable Network Security has extracted the preceding...

SUSE SLES15 Security Update : kernel (SUSE-SU-2020:3532-1)

The SUSE Linux Enterprise 15 LTSS kernel was updated to receive various security and bug fixes. The following security bugs were fixed : CVE-2020-25705: A flaw in the way reply ICMP packets are limited in was found that allowed to quickly scan open UDP ports. This flaw allowed an off-path remote...

SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2020:2972-1)

The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2020-12351: Fixed a type confusion while processing AMP packets aka 'BleedingTooth' aka 'BadKarma' bsc1177724. CVE-2020-12352: Fixed an information leak when...

SUSE SLES12 Security Update : kernel (SUSE-SU-2020:3501-1)

The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bug fixes. The following security bugs were fixed : CVE-2020-25705: A flaw in the way reply ICMP packets are limited in was found that allowed to quickly scan open UDP ports. This flaw allowed an off-path remote...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2020-5968)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-5968 advisory. - crypto: authenc - fix parsing key with misaligned rtalen Eric Biggers Orabug: 31535530 CVE-2020-10769 Tenable has extracted the preceding description bloc...

Man-in-the-Middle (MitM)

linux kernel is vulnerable to man-in-the-middle MitM attack. An insecure and unencrypted channel between two Geneve endpoints is used when IPsec is configured to encrypt traffic...

Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-4660-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4660-1 advisory. It was discovered that a race condition existed in the perf subsystem of the Linux kernel, leading to a use-after-free vulnerability. An...

Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-4658-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4658-1 advisory. It was discovered that a race condition existed in the binder IPC implementation in the Linux kernel, leading to a use-after-free...

SUSE-SU-2020:3433-1 Security update for the Linux Kernel (Live Patch 29 for SLE 12 SP3)

This update for the Linux Kernel 4.4.180-94107 fixes one issue. The following security issue was fixed: - CVE-2020-25645: Fixed an an issue in IPsec that caused traffic between two Geneve endpoints to be unencrypted bnc1177513...

SUSE-SU-2020:3441-1 Security update for the Linux Kernel (Live Patch 17 for SLE 15)

This update for the Linux Kernel 4.12.14-15047 fixes several issues. The following security issues were fixed: - CVE-2020-0430: Fixed an OOB read in skbheadlen of /include/linux/skbuff.h bsc1176723, bsc1178003. - CVE-2020-12351: Fixed a type confusion while processing AMP packets aka...

SUSE-SU-2020:3389-1 Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP2)

This update for the Linux Kernel 5.3.18-22 fixes several issues. The following security issues were fixed: - CVE-2020-12351: Fixed a type confusion while processing AMP packets aka 'BleedingTooth' aka 'BadKarma' bsc1177724, bsc1177729, bsc1178397. - CVE-2020-24490: Fixed a heap buffer overflow wh...

SUSE-SU-2020:3402-1 Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP2)

This update for the Linux Kernel 5.3.18-2412 fixes several issues. The following security issues were fixed: - CVE-2020-12351: Fixed a type confusion while processing AMP packets aka 'BleedingTooth' aka 'BadKarma' bsc1177724, bsc1177729, bsc1178397. - CVE-2020-25645: Fixed an an issue in IPsec th...

libreswan bug fix and enhancement update

Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks such as virtual private network VPN...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2020-2429)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for unbound (EulerOS-SA-2020-2403)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP2 : unbound (EulerOS-SA-2020-2403)

According to the versions of the unbound packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Unbound 1.6.4 through 1.9.4 contain a vulnerability in the ipsec module that can cause shell code execution after receiving a specially crafted...