Siemens SCALANCE and RUGGEDCOM NULL Pointer Dereference (CVE-2024-8006)

Remote packet capture support is disabled by default in libpcap. When a user builds libpcap with remote packet capture support enabled, one of the functions that become available is pcapfindalldevsex. One of the function arguments can be a filesystem path, which normally means a directory with...

CVE-2024-38461

irodsServerMonPerf in iRODS before 4.3.2 attempts to proceed with use of a path even if it is not a directory...

AZL-48462 CVE-2024-8006 affecting package nmap for versions less than 7.93-3

Remote packet capture support is disabled by default in libpcap. When a user builds libpcap with remote packet capture support enabled, one of the functions that become available is pcapfindalldevsex. One of the function arguments can be a filesystem path, which normally means a directory with...

AZL-48412 CVE-2024-8006 affecting package nmap for versions less than 7.95-2

Remote packet capture support is disabled by default in libpcap. When a user builds libpcap with remote packet capture support enabled, one of the functions that become available is pcapfindalldevsex. One of the function arguments can be a filesystem path, which normally means a directory with...

AZL-48438 CVE-2024-8006 affecting package libpcap for versions less than 1.10.1-3

Remote packet capture support is disabled by default in libpcap. When a user builds libpcap with remote packet capture support enabled, one of the functions that become available is pcapfindalldevsex. One of the function arguments can be a filesystem path, which normally means a directory with...

CVE-2024-38461

irodsServerMonPerf in iRODS before 4.3.2 attempts to proceed with use of a path even if it is not a directory...

iRODS Security Vulnerabilities

iRODS is an open source data management software from iRODS Open Source. A security vulnerability exists in iRODS versions prior to 4.3.2, which stems from the fact that irodsServerMonPerf attempts to use a path that is not a directory...

PT-2024-28017 · Irods · Irods

Name of the Vulnerable Software and Affected Versions: iRODS versions prior to 4.3.2 Description: The issue arises when irodsServerMonPerf attempts to use a path even if it is not a directory. This can lead to unintended behavior. Recommendations: For versions prior to 4.3.2, update to version...

kernel: Fix of 7 CVEs

KVM: nSVM: avoid picking up unsupported bits from L2 in intctl CVE-2021-3653 CVE-2021-3653 - xen/netfront: fix leaking data in shared pages CVE-2022-33740 - xfs: fix up non-directory creation in SGID directories CVE-2021-4037 - netsched: clsroute: remove from list when handle is 0 CVE-2022-2588 -...

kernel: Fix of 7 CVEs

KVM: nSVM: avoid picking up unsupported bits from L2 in intctl CVE-2021-3653 CVE-2021-3653 - xen/netfront: fix leaking data in shared pages CVE-2022-33740 - xfs: fix up non-directory creation in SGID directories CVE-2021-4037 - netsched: clsroute: remove from list when handle is 0 CVE-2022-2588 -...

xfsdump bug fix and enhancement update

An update is available for xfsdump. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The xfsdump package contains xfsdump, xfsrestore, and other utilities for...

kernel: Missing check in fs/inode.c:inode_init_owner() does not clear SGID bit on non-directories for non-members

A vulnerability was found in the fs/inode.c:inodeinitowner function logic of the LInux kernel that allows local users to create files with an unintended group ownership and with group execution and SGID permission bits set, in a scenario where a directory is SGID and belongs to a certain group an...

Unbreakable Enterprise kernel security update

kernel-uek 3.8.13-118.24.1 - mm/mempolicy: fix use after free when calling getmempolicy zhong jiang Orabug: 28022108 CVE-2018-10675 - Fix up non-directory creation in SGID directories Linus Torvalds Orabug: 28459478 CVE-2018-13405 - ALSA: seq: Make ioctls race-free Takashi Iwai Orabug: 28459729...

OpenJDK: LDAPCertStore following referrals to non-LDAP URLs (Security, 8176067)

It was discovered that the LDAPCertStore class in the Security component of OpenJDK followed LDAP referrals to arbitrary URLs. A specially crafted LDAP referral URL could cause LDAPCertStore to communicate with non-LDAP servers...

OpenJDK: LDAPCertStore following referrals to non-LDAP URLs (Security, 8176067)

It was discovered that the LDAPCertStore class in the Security component of OpenJDK followed LDAP referrals to arbitrary URLs. A specially crafted LDAP referral URL could cause LDAPCertStore to communicate with non-LDAP servers...

OpenJDK: LDAPCertStore following referrals to non-LDAP URLs (Security, 8176067)

It was discovered that the LDAPCertStore class in the Security component of OpenJDK followed LDAP referrals to arbitrary URLs. A specially crafted LDAP referral URL could cause LDAPCertStore to communicate with non-LDAP servers...