Amazon Linux 2023 : java-17-amazon-corretto, java-17-amazon-corretto-devel, java-17-amazon-corretto-headless (ALAS2023-2024-752)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-752 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported versions that are affected are Oracle...

Amazon Linux 2023 : java-21-amazon-corretto, java-21-amazon-corretto-devel, java-21-amazon-corretto-headless (ALAS2023-2024-751)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-751 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported versions that are affected are Oracle...

IBM MQ 9.3 < 9.4.1 CD (7174365)

The version of IBM MQ Server running on the remote host is affected by a vulnerability as referenced in the 7174365 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Concurrency. Supported versions that are affected are Oracle...

CBL Mariner 2.0 Security Update: mysql (CVE-2024-21237)

The version of mysql installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-21237 advisory. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Group Replication GCS. Supported...

CVE-2024-21096

...

CVE-2024-21231

...

CVE-2024-21134

...

CVE-2024-50015

An inode corruption flaw was found in the Linux kernel's Ext4 file system functionality related to how a user can interrupt a write using the daxiomaprwfunction. This flaw allows a local user to make non-fatal mistakes with Ext4, leading to a file system denial of service...

SUSE CVE-2024-50015

In the Linux kernel, the following vulnerability has been resolved: ext4: dax: fix overflowing extents beyond inode size when partially writing The daxiomaprw does two things in each iteration: map written blocks and copy user data to blocks. If the process is killed by userSee signal handling in...

AZL-51766 CVE-2024-50015 affecting package kernel for versions less than 5.15.173.1-1

In the Linux kernel, the following vulnerability has been resolved: ext4: dax: fix overflowing extents beyond inode size when partially writing The daxiomaprw does two things in each iteration: map written blocks and copy user data to blocks. If the process is killed by userSee signal handling in...

CVE-2024-50015

CVE-2024-50015 affects the Linux kernel ext4 dax path. In ext4/dax, the loop in dax_iomap_rw() can copy data after the process is signalled and then update the inode size, causing written extents to exceed the inode size (e.g., 2M vs 4M) and fsck to report inconsistencies. The referenced fixes tr...

CVE-2024-50015 ext4: dax: fix overflowing extents beyond inode size when partially writing

In the Linux kernel, the following vulnerability has been resolved: ext4: dax: fix overflowing extents beyond inode size when partially writing The daxiomaprw does two things in each iteration: map written blocks and copy user data to blocks. If the process is killed by userSee signal handling in...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the ext4 file system's DAX feature mishandling extents exceeding the inode size during partial write...

Oracle NoSQL Database (October 2024 CPU)

The 1.5.0, 20.3.40, 21.2.71, 22.3.45, 23.3.33, and 24.1.17 versions of NoSQL Database installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2024 CPU advisory. - Vulnerability in Oracle NoSQL Database component: Administration Netty. Supported versions...

JDK: Unbounded allocation leads to out-of-memory error (8331446)

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Serialization. Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23; Oracle GraalVM for JDK: 17.0.12, 21.0.4, 23;...

JDK: HTTP client improper handling of maxHeaderSize (8328286)

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23; Oracle GraalVM for JDK: 17.0.12, 21.0.4, 23;...

OpenJDK 8 <= 8u422 / 11.0.0 <= 11.0.24 / 17.0.0 <= 17.0.12 / 21.0.0 <= 21.0.4 / 23.0.0 <= 23.0.0 Multiple Vulnerabilities (2024-10-15)

The version of OpenJDK installed on the remote host is 8 prior to 8u422 / 11.0.0 prior to 11.0.24 / 17.0.0 prior to 17.0.12 / 21.0.0 prior to 21.0.4 / 23.0.0 prior to 23.0.0. It is, therefore, affected by multiple vulnerabilities as referenced in the 2024-10-15 advisory. Please Note: Java CVEs do...

JDK: Unbounded allocation leads to out-of-memory error (8331446)

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Serialization. Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23; Oracle GraalVM for JDK: 17.0.12, 21.0.4, 23;...

JDK: HTTP client improper handling of maxHeaderSize (8328286)

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23; Oracle GraalVM for JDK: 17.0.12, 21.0.4, 23;...

JDK: Unbounded allocation leads to out-of-memory error (8331446)

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Serialization. Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23; Oracle GraalVM for JDK: 17.0.12, 21.0.4, 23;...