Important: device-mapper-multipath security update

The device-mapper-multipath packages provide tools that use the device-mapper multipath kernel module to manage multipath devices. Security Fixes: device-mapper-multipath: Authorization bypass, multipathd daemon listens for client connections on an abstract Unix socket CVE-2022-41974 For more...

ALSA-2022:7192 Important: device-mapper-multipath security update

The device-mapper-multipath packages provide tools that use the device-mapper multipath kernel module to manage multipath devices. Security Fixes: device-mapper-multipath: Authorization bypass, multipathd daemon listens for client connections on an abstract Unix socket CVE-2022-41974 For more...

CVE-2022-41974

A vulnerability was found in the device-mapper-multipath. The device-mapper-multipath allows local users to obtain root access, exploited alone or in conjunction with CVE-2022-41973. Local users that are able to write to UNIX domain sockets can bypass access controls and manipulate the multipath...

CVE-2022-41973

A vulnerability was found in the device-mapper-multipath. The device-mapper-multipath allows local users to obtain root access, in conjunction with CVE-2022-41974. Local users that are able to access /dev/shm can change symlinks in multipathd due to incorrect symlink handling, which may lead to...

Red Hat device-mapper-multipath 后置链接漏洞

Red Hat device-mapper-multipath is a device mapper multipath from Red Hat, Inc. It allows you to configure multiple I/O paths between server nodes and storage arrays into a single device. A security vulnerability exists in Red Hat device-mapper-multipath that stems from multipathd running...

Important Photon OS Security Update - PHSA-2022-0269

Updates of 'device-mapper-multipath' packages of Photon OS have been released...

Important Photon OS Security Update - PHSA-2022-4.0-0269

Updates of 'device-mapper-multipath' packages of Photon OS have been released...

Red Hat device-mapper-multipath 安全漏洞

Red Hat device-mapper-multipath is a device mapper multipath from Red Hat, Inc. Allows you to configure multiple I/O paths between server nodes and storage arrays into a single device. A security vulnerability exists in Red Hat device-mapper-multipath that stems from the multipathd daemon listeni...

Important Photon OS Security Update - PHSA-2022-3.0-0476

Updates of 'device-mapper-multipath' packages of Photon OS have been released...

Important Photon OS Security Update - PHSA-2022-0530

Updates of 'device-mapper-multipath' packages of Photon OS have been released...

SUSE SLES15 Security Update : kernel (SUSE-SU-2022:3688-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3688-1 advisory. - Dm-verity is used for extending root-of-trust to root filesystems. LoadPin builds on this property to restrict module/firmware...

Security Bulletin: Multiple vulnerabilities in Spark affecting IBM QRadar User Behavior Analytics

Summary Multiple vulnerabilities exist in Spark, which is used by IBM QRadar User Behavior Analytics UBA. These vulnerabilities are addressed in UBA by upgrading to a version of Spark and packages that are associated with Spark that resolve the vulnerabilities. Vulnerability Details...

SUSE SLES12 Security Update : kernel (SUSE-SU-2022:3586-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3586-1 advisory. - Dm-verity is used for extending root-of-trust to root filesystems. LoadPin builds on this property to restrict module/firmware loads to just...

USN-5660-1: Linux kernel (GCP) vulnerabilities

It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-33655 Moshe Ko...

Ubuntu: Security Advisory (USN-5660-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-5654-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-5654-1: Linux kernel (GKE) vulnerabilities

It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-33655 Moshe Ko...

keycloak: Uploading of SAML javascript protocol mapper scripts through the admin console

A flaw was found in keycloak. The vulnerability allows arbitrary Javascript to be uploaded for the SAML protocol mapper even if the UPLOADSCRIPTS feature is disabled...

The vulnerability of the implementation of the DefaultActionMapper mechanism in the Apache Struts software platform allows a perpetrator to execute arbitrary code.

The vulnerability of the DefaultActionMapper mechanism implemented by the Apache Struts software platform is related to insufficient cleaning of input data when processing parameters such as action:, redirect:, and redirectAction: prefix. Exploiting this vulnerability allows an attacker to execut...

Ubuntu: Security Advisory (USN-5647-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...