123 matches found
Microsoft Service Fabric 安全漏洞
Microsoft Service Fabric is a set of distributed system platforms from Microsoft USA. The platform is primarily used for packaging, deploying, and managing microservices, containers, and so on. A security vulnerability exists in Microsoft Service Fabric. An attacker exploiting this vulnerability...
Oracle Linux 9 : qemu-kvm (ELSA-2023-6368)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-6368 advisory. - Resolves: bz2216504 CVE-2023-3354 qemu-kvm: QEMU: VNC: improper I/O watch removal in TLS handshake can lead to remote unauthenticated denial of service...
Design/Logic Flaw
This CVE exists because of an incomplete fix for CVE-2021-3750. More specifically, the qemu-kvm package as released for Red Hat Enterprise Linux 9.1 via RHSA-2022:7967 included a version of qemu-kvm that was actually missing the fix for CVE-2021-3750...
CVE-2023-2680
This CVE exists because of an incomplete fix for CVE-2021-3750. More specifically, the qemu-kvm package as released for Red Hat Enterprise Linux 9.1 via RHSA-2022:7967 included a version of qemu-kvm that was actually missing the fix for CVE-2021-3750...
CVE-2023-2680 Dma reentrancy issue (incomplete fix for cve-2021-3750)
This CVE exists because of an incomplete fix for CVE-2021-3750. More specifically, the qemu-kvm package as released for Red Hat Enterprise Linux 9.1 via RHSA-2022:7967 included a version of qemu-kvm that was actually missing the fix for CVE-2021-3750...
CVE-2023-2680
This CVE exists because of an incomplete fix for CVE-2021-3750. More specifically, the qemu-kvm package as released for Red Hat Enterprise Linux 9.1 via RHSA-2022:7967 included a version of qemu-kvm that was actually missing the fix for CVE-2021-3750...
CVE-2023-2680
Mode C: CVE-2023-2680 arises from an incomplete fix for CVE-2021-3750 in qemu-kvm, specifically in the RHEL 9.1 package (RHSA-2022:7967). Astra/AlmaLinux advisories describe a DMA reentrancy issue in QEMU’s USB EHCI and NVMe/NVMEm device emulations that could cause use-after-free and host-denial ...
SUSE CVE-2023-2680
This CVE exists because of an incomplete fix for CVE-2021-3750. More specifically, the qemu-kvm package as released for Red Hat Enterprise Linux 9.1 via RHSA-2022:7967 included a version of qemu-kvm that was actually missing the fix for CVE-2021-3750...
RLSA-2023:1469 Important: kernel-rt security and bug fix update
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: tun: avoid double free in tunfreenetdev CVE-2022-4744 ALSA: pcm: Move rwsem lock inside sndctlelemread to prevent UAF CVE-2023-026...
kernel-rt security and bug fix update
An update is available for kernel-rt. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel-rt packages provide the Real Time Linux Kernel, which enables...
RLSA-2023:0979 Important: kernel-rt security and bug fix update
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: use-after-free caused by l2capreassemblesdu in net/bluetooth/l2capcore.c CVE-2022-3564 kernel: stack overflow in doprocdointvec an...
podman security and bug fix update
An update for podman is now available for Rocky Linux 9. Rocky Enterprise Software Foundation Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
buildah security and bug fix update
An update for buildah is now available for Rocky Linux 9. Rocky Enterprise Software Foundation Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
RLSA-2023:0300 Important: kernel-rt security and bug fix update
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: watch queue race condition can lead to privilege escalation CVE-2022-2959 kernel: memory corruption in AX88179178A based USB...
Low: Red Hat Security Advisory: runc security update
An update for runc is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...
Low: Red Hat Security Advisory: openjpeg2 security update
An update for openjpeg2 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...
Moderate: Red Hat Security Advisory: libtiff security update
An update for libtiff is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
Moderate: Red Hat Security Advisory: mutt security update
An update for mutt is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...
Low: Red Hat Security Advisory: wavpack security update
An update for wavpack is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...
Moderate: Red Hat Security Advisory: toolbox security and bug fix update
An update for toolbox is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...