PT-2024-8458 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a memory leak in the nf tables addchain function of the Linux kernel's nf tables component. This leak occurs when the nft chain offload priority function return...

PT-2024-8456 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The vulnerability is caused by an API design decision in the Linux kernel's net/sched component, specifically in the taprio qdisc. When attempting full offload, the taprio qdisc starts...

Ubuntu: Security Advisory (USN-3386-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

F5 NGINX Ingress Controller Input Validation Error Vulnerability

NGINX Ingress Controller is an application from F5 that works with NGINX and NGINX Plus and supports the standard ingress features - content-based routing and TLS / SSL offload. Ingress objects can be exploited by an attacker to obtain all available secret objects in the NGINX Ingress Controller...

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

Important: kernel security and bug fix update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: buffer overflow in IPsec ESP transformation code CVE-2022-27666 kernel: out-of-bounds read in fbcongetfont function CVE-2020-28915 For more details about the security issues, including th...

kernel security and bug fix update

An update is available for kernel. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...

CVE-2022-22396

Credentials are printed in clear text in the IBM Spectrum Protect Plus 10.1.0.0 through 10.1.9.3 virgo log file in certain cases. Credentials could be the remote vSnap, offload targets, or VADP credentials depending on the operation performed. Credentials that are using API key or certificate are...

CVE-2022-22396

Credentials are printed in clear text in the IBM Spectrum Protect Plus 10.1.0.0 through 10.1.9.3 virgo log file in certain cases. Credentials could be the remote vSnap, offload targets, or VADP credentials depending on the operation performed. Credentials that are using API key or certificate are...

Design/Logic Flaw

Credentials are printed in clear text in the IBM Spectrum Protect Plus 10.1.0.0 through 10.1.9.3 virgo log file in certain cases. Credentials could be the remote vSnap, offload targets, or VADP credentials depending on the operation performed. Credentials that are using API key or certificate are...

CVE-2022-22396

Credentials are printed in clear text in the IBM Spectrum Protect Plus 10.1.0.0 through 10.1.9.3 virgo log file in certain cases. Credentials could be the remote vSnap, offload targets, or VADP credentials depending on the operation performed. Credentials that are using API key or certificate are...

kernel: heap out of bounds write in nf_dup_netdev.c

An out-of-bounds OOB memory access flaw was found in nftfwddupnetdevoffload in net/netfilter/nfdupnetdev.c in the netfilter subcomponent in the Linux kernel due to a heap out-of-bounds write problem. This flaw allows a local attacker with a user account on the system to gain access to out-of-boun...

Offload to Capacity Tier fails with: Scale-out repository rescan is required: performance tier is not synchronized with capacity tier.

Challenge SOBR Offload task fails with the error: Error: Backup file version mismatch: scale-out backup repository rescan is required. Cause There is a discrepancy between the information within the Veeam Backup & Replication configuration database and the metadata in the object storage repositor...

kernel: heap out of bounds write in nf_dup_netdev.c

An out-of-bounds OOB memory access flaw was found in nftfwddupnetdevoffload in net/netfilter/nfdupnetdev.c in the netfilter subcomponent in the Linux kernel due to a heap out-of-bounds write problem. This flaw allows a local attacker with a user account on the system to gain access to out-of-boun...

PT-2023-12712 · Bhyve +1 · Bhyve +1

Name of the Vulnerable Software and Affected Versions: bhyve affected versions not specified Description: The e1000 network adapters allow modifications to Ethernet packets during transmission, including IP and TCP checksum insertion, Ethernet VLAN header insertion, and TCP segmentation offload...

FreeBSD -- Bhyve e82545 device emulation out-of-bounds write

Problem Description: The e1000 network adapters permit a variety of modifications to an Ethernet packet when it is being transmitted. These include the insertion of IP and TCP checksums, insertion of an Ethernet VLAN header, and TCP segmentation offload "TSO". The e1000 device model uses an...

Fortinet FortiEDR 信任管理问题漏洞

Fortinet FortiEDR is a scratch-built endpoint security solution from Fortinet U.S.A. Fortinet FortiEDR is vulnerable to a trust management issue that stems from the use of hard-coded encrypted RSA keys, which can be exploited by local attackers to disable and offload collectors from endpoints in...

USN-5362-1 linux-intel-5.13 vulnerabilities

Nick Gregory discovered that the Linux kernel incorrectly handled network offload functionality. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2022-25636 Enrico Barberis, Pietro Frigo, Marius Muench, Herbert Bos, and Cristiano Giuffrida...

LSN-0085-1: Kernel Live Patch Security Notice

Yiqi Sun and Kevin Wang discovered that the cgroups implementation in the Linux kernel did not properly restrict access to the cgroups v1 releaseagent feature. A local attacker could use this to gain administrative privileges.CVE-2022-0492 Nick Gregory discovered that the Linux kernel incorrectly...

LSN-0085-1 Kernel Live Patch Security Notice

Yiqi Sun and Kevin Wang discovered that the cgroups implementation in the Linux kernel did not properly restrict access to the cgroups v1 releaseagent feature. A local attacker could use this to gain administrative privileges.CVE-2022-0492 Nick Gregory discovered that the Linux kernel incorrectly...