AlmaLinux 8 : kernel (ALSA-2024:8856)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:8856 advisory. kernel: net/bluetooth: race condition in conninfomin,maxageset CVE-2024-24857 kernel: dmaengine: fix NULL pointer in channel unregistration function...

AZL-51037 CVE-2024-49910 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add NULL check for function pointer in dcn401setoutputtransferfunc This commit adds a null check for the setoutputgamma function pointer in the dcn401setoutputtransferfunc function. Previously, setoutputgamma was...

CVE-2023-52904

A vulnerability was found in the sndusbpcmhasfixedrate function in the Linux Kernel's Advanced Linux Sound Architecture ALSA subsystem for USB audio. This issue could allow an attacker with local access and low privileges to manipulate the audio subsystem by interacting with USB audio devices or...

CVE-2024-26799

In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: Fix uninitialized pointer dmactl In the case where lpassgetdmactlhandle is called and the driver id daiid is invalid the pointer dmactl is not being assigned a value, and dmactl contains a garbage value since it has n...

CVE-2024-26799 ASoC: qcom: Fix uninitialized pointer dmactl

In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: Fix uninitialized pointer dmactl In the case where lpassgetdmactlhandle is called and the driver id daiid is invalid the pointer dmactl is not being assigned a value, and dmactl contains a garbage value since it has n...

CVE-2024-26799 ASoC: qcom: Fix uninitialized pointer dmactl

In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: Fix uninitialized pointer dmactl In the case where lpassgetdmactlhandle is called and the driver id daiid is invalid the pointer dmactl is not being assigned a value, and dmactl contains a garbage value since it has n...

SUSE-SU-2024:1099-1 Security update for libvirt

This update for libvirt fixes the following issues: - CVE-2024-2494: Add a check for negative array lengths before allocation to prevent potential DoS. bsc1221815 - CVE-2024-2496: Fixed NULL pointer dereference in udevConnectListAllInterfaces bsc1221468. - CVE-2024-1441: Fix off-by-one error in...

SUSE CVE-2023-52513

In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix connection failure handling In case immediate MPA request processing fails, the newly created endpoint unlinks the listening endpoint and is ready to be dropped. This special case was not handled correctly by the co...

CVE-2021-47062

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Use onlinevcpus, not createdvcpus, to iterate over vCPUs Use the kvmforeachvcpu helper to iterate over vCPUs when encrypting VMSAs for SEV, which effectively switches to use onlinevcpus instead of createdvcpus. This fix...

CVE-2023-52471

In the Linux kernel, the following vulnerability has been resolved: ice: Fix some null pointer dereference issues in iceptp.c devmkasprintf returns a pointer to dynamically allocated memory which can be NULL upon failure...

SUSE-SU-2023:4917-1 Security update for ghostscript

This update for ghostscript fixes the following issues: - CVE-2023-46751: Fixed dangling pointer in gdevprnopenprinterseekable bsc1217871...

[SECURITY] [DLA 3626-1] krb5 security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3626-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk October 22, 2023 https://wiki.debian.org/LTS -...

GSD-2022-1007962 bpftool: Fix NULL pointer dereference when pin {PROG, MAP, LINK} without FILE

bpftool: Fix NULL pointer dereference when pin PROG, MAP, LINK without FILE This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.79 by commit...

openSUSE Security Update : irssi (openSUSE-2021-587)

This update for irssi fixes the following issues : irssi was updated to 1.2.3 boo1184848 - Fix the compilation of utf8proc 1021 - Fix wrong call to free. By Zero King 1076 - Fix a colour reset in true colour themes when encountering mIRC colours 1059 - Fix memory leak on malformed CAP requests 11...

SUSE SLES12 Security Update : samba (SUSE-SU-2021:1492-1)

This update for samba fixes the following issues : CVE-2021-20254: Fixed a buffer overrun in sidstounixids bsc1184677. Avoid free'ing our own pointer in memcache when memcachetrim attempts to reduce cache size bsc1179156. Adjust smbcacls '--propagate-inheritance' feature to align with upstream...

OPENSUSE-SU-2021:0598-1 Security update for shim

This update for shim fixes the following issues: - Updated openSUSE x86 signature - Avoid the error message during linux system boot boo1184454 - Prevent the build id being added to the binary. That can cause issues with the signature Update to 15.4 boo1182057 + Rename the SBAT variable and fix t...

OPENSUSE-SU-2021:0430-1 Security update for openssl-1_0_0

This update for openssl-100 fixes the following issues: - CVE-2021-23840: Fixed an Integer overflow in CipherUpdate bsc1182333 - CVE-2021-23841: Fixed a Null pointer dereference in X509issuerandserialhash bsc1182331 This update was imported from the SUSE:SLE-15:Update update project...

OPENSUSE-SU-2020:2236-1 Security update for openssl-1_0_0

This update for openssl-100 fixes the following issues: - CVE-2020-1971: Fixed a null pointer dereference in EDIPARTYNAME bsc1179491. - Initialized dh-nid to NIDundef in DHnewmethod bsc1177673. - Fixed a test failure in apachessl in fips mode bsc1177793. - Renamed BNgetrfc3526prime functions back...

SUSE-SU-2020:3762-1 Security update for openssl-1_0_0

This update for openssl-100 fixes the following issues: - CVE-2020-1971: Fixed a null pointer dereference in EDIPARTYNAME bsc1179491. - Initialized dh-nid to NIDundef in DHnewmethod bsc1177673. - Fixed a test failure in apachessl in fips mode bsc1177793. - Renamed BNgetrfc3526prime functions back...

[SECURITY] [DLA 2195-1] w3m security update

Package : w3m Version : 0.5.3-19+deb8u3 CVE ID : CVE-2018-6196 CVE-2018-6197 Two issues have been found in w3m, WWW browsable pager with excellent tables/frames support. One issue is related to a stack overflow, the other one is a fix for a null pointer dereference. Brief introduction CVE-2018-61...