Lucene search
K

331 matches found

Tenable Nessus
Tenable Nessus
added 2023/01/04 12:0 a.m.40 views

OracleVM 3.4 : kernel-uek (OVMSA-2023-0001)

The remote OracleVM system is missing necessary patches to address security updates: - An issue was found in the Linux kernel in nfconntrackirc where the message handling can be confused and incorrectly matches the message. A firewall may be able to be bypassed when users are using unencrypted IR...

7.8CVSS5.5AI score0.02211EPSS
Exploits1References13
Oracle linux
Oracle linux
added 2022/12/17 12:0 a.m.40 views

virt:kvm_utils security update

hivex libguestfs 1.40.2-28.0.4 - v2v: Cope with libvirt vpx/esx driver which does not set Orabug: 34026544 1.40.2-28.0.3 - virt-v2v: Specify backing file format to qemu-img command Orabug: 33906330 - Require 'kernel-uek' RPM for installation instead of 'kernel' Orabug: 33986812 1.40.2-28.0.2 -...

6.3CVSS0.2AI score0.00493EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2022/12/08 12:0 a.m.41 views

OracleVM 3.4 : kernel-uek (OVMSA-2022-0031)

The remote OracleVM system is missing necessary patches to address security updates: - In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and unmounting can lead to a use-after-free in btrfsqueuework in fs/btrfs/async-thread.c. CVE-2019-19377 - Ther...

7.8CVSS5.4AI score0.034EPSS
Exploits7References17
Tenable Nessus
Tenable Nessus
added 2022/10/11 12:0 a.m.23 views

OracleVM 3.4 : kernel-uek (OVMSA-2022-0026)

The remote OracleVM system is missing necessary patches to address security updates: - The imonprobe function in drivers/media/rc/imon.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service NULL pointer dereference and system crash or possibly have unspecified other...

7.8CVSS7AI score0.02282EPSS
Exploits6References31
Tenable Nessus
Tenable Nessus
added 2022/09/07 12:0 a.m.47 views

OracleVM 3.4 : kernel-uek (OVMSA-2022-0024)

The remote OracleVM system is missing necessary patches to address security updates: - In the Linux kernel before 4.20.14, expanddownwards in mm/mmap.c lacks a check for the mmap minimum address, which makes it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms...

7.8CVSS7AI score0.06214EPSS
Exploits14References19
Tenable Nessus
Tenable Nessus
added 2022/08/10 12:0 a.m.46 views

OracleVM 3.4 : kernel-uek (OVMSA-2022-0021)

The remote OracleVM system is missing necessary patches to address security updates: - A vulnerability was found in the Linux kernel's cgroupreleaseagentwrite in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 releaseagent feature t...

7.8CVSS6.9AI score0.05528EPSS
Exploits19References7
Tenable Nessus
Tenable Nessus
added 2022/08/10 12:0 a.m.29 views

OracleVM 3.4 : kernel-uek (OVMSA-2022-0022)

The remote OracleVM system is missing necessary patches to address security updates: Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. C Tenable, Inc. The package checks in this plugin were extracted from OracleVM Securit...

7.8CVSS7AI score0.06214EPSS
Exploits7References3
Tenable Nessus
Tenable Nessus
added 2022/08/09 12:0 a.m.34 views

Oracle Linux 8 : Unbreakable Enterprise kernel-container (ELSA-2022-9690)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-9690 advisory. - netsched: clsroute: remove from list when handle is 0 Thadeu Lima de Souza Cascardo Orabug: 34460936 CVE-2022-2588 - lockdown: Fix kexec lockdown bypass with...

7.8CVSS7.1AI score0.06214EPSS
Exploits7References2
Tenable Nessus
Tenable Nessus
added 2022/08/09 12:0 a.m.26 views

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel-container (ELSA-2022-9691)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-9691 advisory. 5.4.17-2136.309.5.1 - netsched: clsroute: remove from list when handle is 0 Thadeu Lima de Souza Cascardo Orabug: 34460937 CVE-2022-2588 Tenable has extract...

7.8CVSS7.1AI score0.06214EPSS
Exploits7References2
Tenable Nessus
Tenable Nessus
added 2022/07/20 12:0 a.m.31 views

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel-container (ELSA-2022-9612)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-9612 advisory. 5.4.17-2136.309.5 - lockdown: Fix kexec lockdown bypass with ima policy Eric Snowberg Orabug: 34386637 CVE-2022-21505 Tenable has extracted the preceding...

6.7CVSS6.7AI score0.002EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/04/05 12:0 a.m.57 views

OracleVM 3.4 : kernel-uek (OVMSA-2022-0011)

The remote OracleVM system is missing necessary patches to address security updates: - An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session or...

7.8CVSS6.9AI score0.06846EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2021/12/08 12:0 a.m.37 views

OracleVM 3.4 : kernel-uek (OVMSA-2021-0039)

The remote OracleVM system is missing necessary patches to address security updates: - A security issue was found in Linux kernel's OverlayFS subsystem where a local attacker who has the ability to mount the TmpFS filesystem with OverlayFS can abuse a logic bug in the overlayfs code which can...

5.5CVSS6.7AI score0.00334EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2021/11/03 12:0 a.m.49 views

OracleVM 3.4 : kernel-uek (OVMSA-2021-0036)

The remote OracleVM system is missing necessary patches to address security updates: - Linux Linux kernel version at least v4.8 onwards, probably well before contains a Insufficient input validation vulnerability in bnx2x network card driver that can result in DoS: Network card firmware assertion...

7.7CVSS6.5AI score0.039EPSS
Exploits3References9
Tenable Nessus
Tenable Nessus
added 2021/07/23 12:0 a.m.243 views

OracleVM 3.4 : kernel-uek (OVMSA-2021-0023)

The remote OracleVM system is missing necessary patches to address security updates: - fs/seqfile.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an...

7.8CVSS7.2AI score0.09729EPSS
Exploits6References3
Tenable Nessus
Tenable Nessus
added 2021/07/08 12:0 a.m.69 views

OracleVM 3.4 : kernel-uek (OVMSA-2021-0022)

The remote OracleVM system is missing necessary patches to address security updates: - Improper access control in BlueZ may allow an unauthenticated user to potentially enable information disclosure via adjacent access. CVE-2020-12352 - An issue was discovered in the Linux kernel before 5.8.1...

7.8CVSS7AI score0.05714EPSS
Exploits8References9
Tenable Nessus
Tenable Nessus
added 2021/06/10 12:0 a.m.157 views

OracleVM 3.4 : kernel-uek (OVMSA-2021-0016)

The remote OracleVM system is missing necessary patches to address security updates: - In various methods of hid-multitouch.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. Us...

7.8CVSS6.8AI score0.00708EPSS
Exploits0References19
Oracle linux
Oracle linux
added 2020/12/07 12:0 a.m.84 views

Unbreakable Enterprise kernel security update

kernel-uek 3.8.13-118.52.1 - crypto: authenc - fix parsing key with misaligned rtalen Eric Biggers Orabug: 31535530 CVE-2020-10769 - crypto: authenc - Export key parsing helper function Mathias Krause Orabug: 31535530 CVE-2020-10769...

5.5CVSS2.9AI score0.00491EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2020/11/13 12:0 a.m.50 views

OracleVM 3.4 : Unbreakable / etc (OVMSA-2020-0049)

The remote OracleVM system is missing necessary patches to address critical security updates : - powercap: restrict energy meter to root access Kanth Ghatraju Orabug: 32040806 CVE-2020-8694 CVE-2020-8695 C Tenable Network Security, Inc. The package checks in this plugin were extracted from Oracle...

5.5CVSS6.5AI score0.00446EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2020/10/12 12:0 a.m.55 views

OracleVM 3.4 : Unbreakable / etc (OVMSA-2020-0044)

The remote OracleVM system is missing necessary patches to address critical security updates : please see Oracle VM Security Advisory OVMSA-2020-0044 for details. C Tenable Network Security, Inc. The package checks in this plugin were extracted from OracleVM Security Advisory OVMSA-2020-0044...

10CVSS6.7AI score0.16523EPSS
Exploits16References48
Oracle linux
Oracle linux
added 2020/10/09 12:0 a.m.167 views

Unbreakable Enterprise kernel security update

kernel-uek 3.8.13-118.50.1 - USB: serial: omninet: fix reference leaks at open Mark Nicholson Orabug: 30484762 CVE-2017-8925 - GFS2: don't set rgrp globject until it's inserted into rgrp tree Bob Peterson Orabug: 30254252 CVE-2016-10905 - GFS2: Fix rgrp end rounding problem for bsize page size Bo...

7.8CVSS0.7AI score0.00654EPSS
Exploits1
Rows per page
Query Builder