CLSA-2026-1767864313 kernel: Fix of 46 CVEs

mm: hugetlb: fix UAF in hugetlbhandleuserfault CVE-2022-50630 - drm/amdkfd: fix potential kgdmem UAFs CVE-2023-53816 - net/mlx5e: Fix deadlock in tc route query code CVE-2023-53591 - PCI: Fix pcideviceispresent for VFs by checking PF CVE-2022-50636 - wifi: ath11k: fix monitor mode bringup crash...

SUSE CVE-2016-5009

The handlecommand function in mon/Monitor.cc in Ceph allows remote authenticated users to cause a denial of service segmentation fault and ceph monitor crash via an 1 empty or 2 crafted prefix...

September 24, 2019 — KB4515842 Cumulative Update for .NET Framework 4.8 for Windows 10, version 1803

September 24, 2019 — KB4515842 Cumulative Update for .NET Framework 4.8 for Windows 10, version 1803 Release Date: September 24, 2019 Version: .NET Framework 4.8 The September 24, 2019, update for Windows 10, version 1803 includes cumulative reliability improvements in Microsoft .NET Framework 4....

Xen 'mm.c' Remote Elevation of Privilege Vulnerability

Xen is an open source virtual machine monitor product developed at the University of Cambridge, UK. The product enables different and incompatible operating systems to run on the same computer and supports runtime migration to ensure uptime and avoid downtime. A security vulnerability exists in X...

SUSE-SU-2017:0367-1 Security update for ceph

This update for ceph fixes the following issues: CVE-2016-5009: moncommand with empty prefix could crash monitor bsc987144 Invalid commandd in SOC7 with ceph bsc1008894 Performance fix was missing in SES4 bsc1005179 ceph build problems on ppc64le bsc982141 ceph make build unit test failure...

Command injection

The handlecommand function in mon/Monitor.cc in Ceph allows remote authenticated users to cause a denial of service segmentation fault and ceph monitor crash via an 1 empty or 2 crafted prefix...

CVE-2016-5009

A flaw was found in the way handlecommand function would validate prefix value from user. An authenticated attacker could send a specially crafted prefix value resulting in ceph monitor crash...

PT-2016-6217 · Red Hat +3 · Ceph +3

Name of the Vulnerable Software and Affected Versions: Ceph affected versions not specified Description: The issue allows remote authenticated users to cause a denial of service, resulting in a segmentation fault and ceph monitor crash. This can be achieved by sending an empty or crafted prefix t...

[SECURITY] New version of tcpdump released

Package: tcpdump Vulnerability: remote exploit Debian-specific: no During internal source code auditing by FreeBSD several buffer overflows were found which allow an attacker to make tcpdump crash by sending carefully crafted packets to a network that is being monitored with tcpdump. This has bee...