SUSE-SU-2024:2447-1 Security update for the Linux Kernel (Live Patch 24 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024111 fixes several issues. The following security issues were fixed: - CVE-2024-26923: Fixed false-positive lockdep splat for spinlock in unixgc bsc1223683. - CVE-2024-26930: Fixed double free of the ha-vpmap pointer bsc1223681. - CVE-2024-26828:...

SUSE-SU-2024:2163-1 Security update for the Linux Kernel (Live Patch 24 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024111 fixes several issues. The following security issues were fixed: - CVE-2024-26852: Fixed use-after-free in ip6routempathnotify bsc1223059. - CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi bsc1221302. - CVE-2022-48651: Fixed an...

Zimbra email platform vulnerability exploited to steal European govt emails

By Deeba Ahmed Researchers have noted that attackers are targeting a medium-severity Zimbra vulnerability that the company patched in version 9.0.0 Patch 24, one year ago. This is a post from HackRead.com Read the original post: Zimbra email platform vulnerability exploited to steal European govt...

SUSE SLES12 Security Update : kernel (Live Patch 24 for SLE 12 SP4) (SUSE-SU-2023:0250-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0250-1 advisory. - A use-after-free flaw was found in the Linux kernel's SGI GRU driver in the way the first grufileunlockedioctl function is called by the user...

SUSE SLES15 Security Update : kernel (Live Patch 24 for SLE 15 SP2) (SUSE-SU-2022:1326-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1326-1 advisory. - A use-after-free flaw was found in the Linux kernel's FUSE filesystem in the way a user triggers write. This flaw allows a local...

SUSE SLES15 Security Update : kernel (Live Patch 24 for SLE 15 SP1) (SUSE-SU-2022:1193-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1193-1 advisory. - kernel: failing usercopy allows for use-after-free exploitation CVE-2022-22942 - A heap buffer overflow flaw was found in IPsec E...

SUSE SLES12 / SLES15 Security Update : kernel (Live Patch 24 for SLE 15) (SUSE-SU-2022:1215-1)

The remote SUSE Linux SLES12 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:1215-1 advisory. - A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a...

SUSE SLES12 Security Update : kernel (Live Patch 24 for SLE 12 SP5) (SUSE-SU-2022:0242-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2022:0242-1 advisory. - A heap-based buffer overflow flaw was found in the Linux kernel FireDTV media card driver, where the user calls the CASENDMSG ioctl. This flaw allows...

SUSE: Security Advisory (SUSE-SU-2018:2105-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2018:1226-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2018:2864-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2017:3123-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2018:1529-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2018:1232-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2018:0996-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Code injection

EMC Documentum xCP 2.1 before patch 24 and 2.2 before patch 12 allows remote authenticated users to obtain sensitive user-account metadata via a members/xcpmember API call...