43 matches found
[SECURITY] [DLA 4010-1] python-django security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-4010-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb January 10, 2025 https://wiki.debian.org/LTS -...
CVE-2024-53227
In the Linux kernel, the following vulnerability has been resolved: scsi: bfa: Fix use-after-free in bfadimmoduleexit BUG: KASAN: slab-use-after-free in lockacquire+0x2aca/0x3a20 Read of size 8 at addr ffff8881082d80c8 by task modprobe/25303 Call Trace: dumpstacklvl+0x95/0xe0 printreport+0xcb/0x6...
CVE-2024-53208
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix slab-use-after-free Read in setpoweredsync This fixes the following crash: ================================================================== BUG: KASAN: slab-use-after-free in setpoweredsync+0x3a/0xc0...
CVE-2024-53227
CVE-2024-53227 concerns a Linux kernel use-after-free in bfad_im_module_exit() triggered by a double release path. The issue occurs when bfad_init() calls bfad_im_module_init() and on error path executes ext: bfad_im_module_exit(); followed by a second fc_release_transport, causing a use-after-fr...
CVE-2024-53162 crypto: qat/qat_4xxx - fix off by one in uof_get_name()
In the Linux kernel, the following vulnerability has been resolved: crypto: qat/qat4xxx - fix off by one in uofgetname The fwobjs array has "numobjs" elements so the needs to be = to prevent an out of bounds read...
CVE-2024-38626
In the Linux kernel, the following vulnerability has been resolved: fuse: clear FRSENT when re-adding requests into pending list The following warning was reported by lee bruce: ------------ cut here ------------ WARNING: CPU: 0 PID: 8264 at fs/fuse/dev.c:300 fuserequestend+0x685/0x7e0...
CVE-2022-48731 mm/kmemleak: avoid scanning potential huge holes
In the Linux kernel, the following vulnerability has been resolved: mm/kmemleak: avoid scanning potential huge holes When using devmrequestfreememregion and devmmemremappages to add ZONEDEVICE memory, if requested free mem region's end pfn were hugee.g., 0x400000000, the nodeendpfn will be also...
PT-2025-18556 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.1.0-rc1+ 174 Description: A vulnerability in the Linux kernel has been resolved, specifically in the scsi transport sas module. The issue occurs when transport add device fails in sas phy add, causing the kern...
GSD-2022-1003038 module: fix [e_shstrndx].sh_size=0 OOB access
module: fix eshstrndx.shsize=0 OOB access This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.17.14 by commit...
OPENSUSE-SU-2022:0081-1 Security update for ansible
Ansible was updated to 2.9.21 to fix lots of bugs and security issues. Update to version 2.9.20, maintenance release containing numerous bugfixes. Update to version 2.9.19 with minor changes and a few bug fixes. Update to version 2.9.18: CVE-2021-20228 where default and fallback values for nolog...
SUSE-SU-2021:4152-1 Security update for ansible
This update for ansible fixes the following issues: Update to 2.9.27: - CVE-2021-3620: ansible-connection module discloses sensitive info in traceback error message bsc1187725. - CVE-2021-3583: Template Injection through yaml multi-line strings with ansible facts used in template bsc1188061. -...
SUSE-SU-2021:3387-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP3 kernel was updated. The following security bugs were fixed: - CVE-2020-3702: Fixed a bug which could be triggered with specifically timed and handcrafted traffic and cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a...
OPENSUSE-SU-2021:1951-1 Security update for salt
This update for salt fixes the following issues: - Check if dpkgnotify is executable bsc1186674 - Update to Salt release version 3002.2 jscECO-3212, jscSLE-18033, jscSLE-18028 - Drop support for Python2. Obsoletes python2-salt package jscSLE-18028 - Fix issue parsing errors in ansiblegate state...
Security update for ceph (moderate)
openSUSE Security Update: Security update for ceph Announcement ID: openSUSE-SU-2020:2057-1 Rating: moderate References: 1151612 1158257 1169134 1170487 1174591 1175061 1175240 1175781 1177843 Cross-References: CVE-2020-25660 Affected Products: openSUSE Leap 15.1 An update that solves one...
OPENSUSE-SU-2020:2057-1 Security update for ceph
This update for ceph fixes the following issues: - CVE-2020-25660: Bring back CEPHXV2 authorizer challenges bsc1177843. - Major batch refactor of ceph-volume that addresses a couple of issues bsc1151612, bsc1158257 - Documented Prometheus' security model bsc1169134 - monclient: Fixed an issue whe...
OPENSUSE-SU-2019:2393-1 Security update for python
This update for python fixes the following issues: Security issues fixed: - CVE-2019-9947: Fixed an insufficient validation of URL paths with embedded whitespace or control characters that could allow HTTP header injections. bsc1130840 - CVE-2019-16056: Fixed a parser issue in the email module...
openSUSE: Security Advisory for salt (openSUSE-SU-2018:4197-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security update for salt (moderate)
This update for salt fixes the following issues: - Crontab module fix: file attributes option missing boo1114824 - Fix gitpillar merging across multiple env repositories boo1112874 - Bugfix: unable to detect os arch when RPM is not installed boo1114197 - Fix LDAP authentication issue when a valid...
openSUSE Security Update : salt (openSUSE-2018-1569)
This update for salt fixes the following issues : Security issues fixed : - CVE-2018-15750: Fixed directory traversal vulnerability in salt-api bsc1113698. - CVE-2018-15751: Fixed remote authentication bypass in salt-apinetapi that allows to execute arbitrary commands bsc1113699. Non-security...
openSUSE: Security Advisory for salt (openSUSE-SU-2018:4174-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...