113 matches found
SUSE: Security Advisory (SUSE-SU-2024:4365-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2024:4352-1 Security update for libsoup
This update for libsoup fixes the following issues: - CVE-2024-52530: Fixed HTTP request smuggling via stripping null bytes from the ends of header names bsc1233285 - CVE-2024-52531: Fixed buffer overflow via UTF-8 conversion in soupheaderparseparamliststrict bsc1233292 - CVE-2024-52532: Fixed...
SUSE-SU-2024:4327-1 Security update for python-aiohttp
This update for python-aiohttp fixes the following issues: - CVE-2024-30251: Fixed infinite loop on specially crafted POST request bsc1223726...
CVE-2024-52917
Bitcoin Core before 22.0 has a miniupnp infinite loop in which it allocates memory on the basis of random data received over the network, e.g., large M-SEARCH replies from a fake UPnP device...
SUSE CVE-2024-50227
In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Fix KASAN reported stack out-of-bounds read in tbretimerscan KASAN reported following issue: BUG: KASAN: stack-out-of-bounds in tbretimerscan+0xffe/0x1550 thunderbolt Read of size 4 at addr ffff88810111fc1c by task...
UBUNTU-CVE-2024-49928
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: avoid reading out of bounds when loading TX power FW elements Because the loop-expression will do one more time before getting false from cond-expression, the original code copied one more entry size beyond valid...
Unbreakable Enterprise kernel-container security update
5.4.17-2136.334.6.el7 - loop: Fix a race between loop detach and loop open Gulam Mohamed Orabug: 36197800 - x86/bhi: Do not enable unnecessary BHI mitigation in OCI and Exadata VMs Alexandre Chartre Orabug: 36672495 - x86/bhi: Avoid warning in DB handler due to BHI mitigation Alexandre Chartre...
Unbreakable Enterprise kernel security update
5.15.0-209.161.7 - loop: Fix a race between loop detach and loop open Gulam Mohamed Orabug: 36865975 5.15.0-209.161.6 - net/mlx5e: drop shorter ethernet frames Manjunath Patil Orabug: 36879156 CVE-2024-41090 CVE-2024-41091 - x86/bhi: Do not enable unnecessary BHI mitigation in OCI and Exadata VMs...
SUSE-SU-2024:1704-1 Security update for cairo
This update for cairo fixes the following issues: - CVE-2019-6462: Fixed a potentially infinite loop bsc1122321...
UBUNTU-CVE-2024-35982
In the Linux kernel, the following vulnerability has been resolved: batman-adv: Avoid infinite loop trying to resize local TT If the MTU of one of an attached interface becomes too small to transmit the local translation table then it must be resized to fit inside all fragments when enabled or a...
CVE-2024-35982
CVE-2024-35982 affects the Linux kernel’s batman-adv local TT handling. When an attached interface MTU becomes too small to transmit the local translation table, TT resizing can fail to converge, causing an endless loop. Symptoms include repeated log spam like “batman_adv: batadv0: Forced to purg...
SUSE-SU-2024:0970-1 Security update for zziplib
This update for zziplib fixes the following issues: Security issue fixed: - CVE-2020-18442: Fixed infinite loop in zzipfileread as used in unzzipcatfile bsc1187526. - CVE-2020-18770: Fixed denial-of-service in function zzipdiskentrytofileheader in mmapped.c bsc1214577. Non-security issue fixed: -...
CVE-2021-47074
In the Linux kernel, the following vulnerability has been resolved: nvme-loop: fix memory leak in nvmeloopcreatectrl When creating loop ctrl in nvmeloopcreatectrl, if nvmeinitctrl fails, the loop ctrl should be freed before jumping to the "out" label...
UBUNTU-CVE-2021-47054
In the Linux kernel, the following vulnerability has been resolved: bus: qcom: Put child node before return Put child node before return to fix potential reference count leak. Generally, the reference count of child is incremented and decremented automatically in the macro...
kvm_utils3 security update
hivex libguestfs libguestfs-winsupport libiscsi libnbd libtpms libvirt 9.0.0-3.el8 - storage: Fix returning of locked objects from 'virStoragePoolObjListSearch' Peter Krempa Orabug: 35644221 CVE-2023-3750 - virpci: Resolve leak in virPCIVirtualFunctionList cleanup Tim Shearer Orabug: 35395469...
CVE-2023-36807
pypdf is a pure-python PDF library capable of splitting, merging, cropping, and transforming the pages of PDF files. In version 2.10.5 an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This infinite loop blocks the current process and can utilize a single co...
SUSE-SU-2023:0165-1 Security update for libXpm
This update for libXpm fixes the following issues: - CVE-2022-46285: Fixed an infinite loop that could be triggered when reading a XPM image with a C-style comment that is never closed bsc1207029. - CVE-2022-44617: Fixed an excessive resource consumption that could be triggered when reading small...
GSD-2022-1007861 net: dsa: Fix possible memory leaks in dsa_loop_init()
net: dsa: Fix possible memory leaks in dsaloopinit This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.8 by commit...
SUSE-SU-2022:1462-1 Security update for nodejs14
This update for nodejs14 fixes the following issues: - CVE-2022-0778: Fixed a infinite loop in BNmodsqrt reachable when parsing certificates bsc1196877. - CVE-2021-44906: Fixed a prototype pollution in node-minimist bsc1198247. - CVE-2021-44907: Fixed a potential Denial of Service vulnerability i...
SUSE-SU-2022:0577-1 Security update for php72
This update for php72 fixes the following issues: - CVE-2015-9253: Fixed endless loop when the master process restarts a child process using program execution functions bsc1081790. - CVE-2017-8923: Fixed denial of service application crash when using .= with a long string zendstringextend func in...