331 matches found
OracleVM 3.4 : kernel-uek (OVMSA-2023-0001)
The remote OracleVM system is missing necessary patches to address security updates: - An issue was found in the Linux kernel in nfconntrackirc where the message handling can be confused and incorrectly matches the message. A firewall may be able to be bypassed when users are using unencrypted IR...
virt:kvm_utils security update
hivex libguestfs 1.40.2-28.0.4 - v2v: Cope with libvirt vpx/esx driver which does not set Orabug: 34026544 1.40.2-28.0.3 - virt-v2v: Specify backing file format to qemu-img command Orabug: 33906330 - Require 'kernel-uek' RPM for installation instead of 'kernel' Orabug: 33986812 1.40.2-28.0.2 -...
OracleVM 3.4 : kernel-uek (OVMSA-2022-0031)
The remote OracleVM system is missing necessary patches to address security updates: - In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and unmounting can lead to a use-after-free in btrfsqueuework in fs/btrfs/async-thread.c. CVE-2019-19377 - Ther...
OracleVM 3.4 : kernel-uek (OVMSA-2022-0026)
The remote OracleVM system is missing necessary patches to address security updates: - The imonprobe function in drivers/media/rc/imon.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service NULL pointer dereference and system crash or possibly have unspecified other...
OracleVM 3.4 : kernel-uek (OVMSA-2022-0024)
The remote OracleVM system is missing necessary patches to address security updates: - In the Linux kernel before 4.20.14, expanddownwards in mm/mmap.c lacks a check for the mmap minimum address, which makes it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms...
OracleVM 3.4 : kernel-uek (OVMSA-2022-0021)
The remote OracleVM system is missing necessary patches to address security updates: - A vulnerability was found in the Linux kernel's cgroupreleaseagentwrite in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 releaseagent feature t...
OracleVM 3.4 : kernel-uek (OVMSA-2022-0022)
The remote OracleVM system is missing necessary patches to address security updates: Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. C Tenable, Inc. The package checks in this plugin were extracted from OracleVM Securit...
Oracle Linux 8 : Unbreakable Enterprise kernel-container (ELSA-2022-9690)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-9690 advisory. - netsched: clsroute: remove from list when handle is 0 Thadeu Lima de Souza Cascardo Orabug: 34460936 CVE-2022-2588 - lockdown: Fix kexec lockdown bypass with...
Oracle Linux 7 / 8 : Unbreakable Enterprise kernel-container (ELSA-2022-9691)
The remote Oracle Linux 7 / 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-9691 advisory. 5.4.17-2136.309.5.1 - netsched: clsroute: remove from list when handle is 0 Thadeu Lima de Souza Cascardo Orabug: 34460937 CVE-2022-2588 Tenable has extract...
Oracle Linux 7 / 8 : Unbreakable Enterprise kernel-container (ELSA-2022-9612)
The remote Oracle Linux 7 / 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-9612 advisory. 5.4.17-2136.309.5 - lockdown: Fix kexec lockdown bypass with ima policy Eric Snowberg Orabug: 34386637 CVE-2022-21505 Tenable has extracted the preceding...
OracleVM 3.4 : kernel-uek (OVMSA-2022-0011)
The remote OracleVM system is missing necessary patches to address security updates: - An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session or...
OracleVM 3.4 : kernel-uek (OVMSA-2021-0039)
The remote OracleVM system is missing necessary patches to address security updates: - A security issue was found in Linux kernel's OverlayFS subsystem where a local attacker who has the ability to mount the TmpFS filesystem with OverlayFS can abuse a logic bug in the overlayfs code which can...
OracleVM 3.4 : kernel-uek (OVMSA-2021-0036)
The remote OracleVM system is missing necessary patches to address security updates: - Linux Linux kernel version at least v4.8 onwards, probably well before contains a Insufficient input validation vulnerability in bnx2x network card driver that can result in DoS: Network card firmware assertion...
OracleVM 3.4 : kernel-uek (OVMSA-2021-0023)
The remote OracleVM system is missing necessary patches to address security updates: - fs/seqfile.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an...
OracleVM 3.4 : kernel-uek (OVMSA-2021-0022)
The remote OracleVM system is missing necessary patches to address security updates: - Improper access control in BlueZ may allow an unauthenticated user to potentially enable information disclosure via adjacent access. CVE-2020-12352 - An issue was discovered in the Linux kernel before 5.8.1...
OracleVM 3.4 : kernel-uek (OVMSA-2021-0016)
The remote OracleVM system is missing necessary patches to address security updates: - In various methods of hid-multitouch.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. Us...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.52.1 - crypto: authenc - fix parsing key with misaligned rtalen Eric Biggers Orabug: 31535530 CVE-2020-10769 - crypto: authenc - Export key parsing helper function Mathias Krause Orabug: 31535530 CVE-2020-10769...
OracleVM 3.4 : Unbreakable / etc (OVMSA-2020-0049)
The remote OracleVM system is missing necessary patches to address critical security updates : - powercap: restrict energy meter to root access Kanth Ghatraju Orabug: 32040806 CVE-2020-8694 CVE-2020-8695 C Tenable Network Security, Inc. The package checks in this plugin were extracted from Oracle...
OracleVM 3.4 : Unbreakable / etc (OVMSA-2020-0044)
The remote OracleVM system is missing necessary patches to address critical security updates : please see Oracle VM Security Advisory OVMSA-2020-0044 for details. C Tenable Network Security, Inc. The package checks in this plugin were extracted from OracleVM Security Advisory OVMSA-2020-0044...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.50.1 - USB: serial: omninet: fix reference leaks at open Mark Nicholson Orabug: 30484762 CVE-2017-8925 - GFS2: don't set rgrp globject until it's inserted into rgrp tree Bob Peterson Orabug: 30254252 CVE-2016-10905 - GFS2: Fix rgrp end rounding problem for bsize page size Bo...