4288 matches found
SUSE SLES15 Security Update : caribou (SUSE-SU-2021:2007-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2021:2007-1 advisory. - A flaw was found in Caribou due to a regression of CVE-2020-25712 fix. An attacker could use this flaw to bypass screen-locking applicatio...
Check that marketLockingTime >= marketOpeningTime
Handle pauliax Vulnerability details Impact There is no check that timestamps1 marketLockingTime = timestamps0 marketOpeningTime. I think that should be enforced just in case to prevent market locking before opening. Recommended Mitigation Steps Add in Factory createMarket: require timestamps1 =...
Wrong calculation on _collectRentAction
Handle adelamo Vulnerability details Impact The method collectRentAction contains the following code: ... else if !foreclosed && limitHit && marketLocked // CASE 4 // didn't foreclose AND // did hit time limit AND // did lock market // THEN refund rent between the earliest event and now if...
Unbreakable Enterprise kernel-container security update
4.14.35-2047.504.2.el7 - md/raid1: properly indicate failure when ending a failed write request Paul Clements Orabug: 32887159 - video: hypervfb: Add ratelimit on error message Michael Kelley Orabug: 32856879 - Drivers: hv: vmbus: Initialize unloadevent statically Andrea Parri Microsoft Orabug:...
SUSE SLED12 / SLES12 Security Update : caribou (SUSE-SU-2021:1943-1)
The remote SUSE Linux SLED12 / SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2021:1943-1 advisory. - A flaw was found in Caribou due to a regression of CVE-2020-25712 fix. An attacker could use this flaw to bypass screen-locking...
Denial of service
Nextcloud End-to-End Encryption before 1.5.3, 1.6.3 and 1.7.1 suffers from a denial of service vulnerability due to permitting any authenticated users to lock files of other users...
SUSE: Security Advisory (SUSE-SU-2013:0858-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:3718-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2021:0097-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Denial Of Service (DoS)
kernel is vulnerable to denial of service. A race condition getoldroot in fs/btrfs/ctree.c allows attackers to cause a denial of service due to the lack of locking on an extent buffer before a cloning operation...
GSD-2021-1000436 mtd: require write permissions for locking and badblock ioctls
mtd: require write permissions for locking and badblock ioctls This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.119 by commit...
GSD-2021-1000475 mtd: require write permissions for locking and badblock ioctls
mtd: require write permissions for locking and badblock ioctls This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.233 by commit...
UVI-2021-1000290 mtd: require write permissions for locking and badblock ioctls
mtd: require write permissions for locking and badblock ioctls This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.4 by commit...
GSD-2021-1000484 mtd: require write permissions for locking and badblock ioctls
mtd: require write permissions for locking and badblock ioctls This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.269 by commit...
UVI-2021-1000475 mtd: require write permissions for locking and badblock ioctls
mtd: require write permissions for locking and badblock ioctls This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.233 by commit...
UVI-2021-1000488 mtd: require write permissions for locking and badblock ioctls
mtd: require write permissions for locking and badblock ioctls This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.4.269 by commit...
UVI-2021-1000436 mtd: require write permissions for locking and badblock ioctls
mtd: require write permissions for locking and badblock ioctls This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.119 by commit...
GSD-2021-1000488 mtd: require write permissions for locking and badblock ioctls
mtd: require write permissions for locking and badblock ioctls This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.4.269 by commit...
UVI-2021-1000369 nvmet-tcp: fix incorrect locking in state_change sk callback
nvmet-tcp: fix incorrect locking in statechange sk callback This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.37 by commit...
UVI-2021-1000459 mtd: require write permissions for locking and badblock ioctls
mtd: require write permissions for locking and badblock ioctls This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.191 by commit...