PT-2024-11220 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A memory leak vulnerability has been resolved in the Linux kernel. The issue occurs in the uss720 probe function, which forgets to decrease the refcount of usbdev. This is fixed by...

PT-2024-11149 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A memory leak has been resolved in the Linux kernel. The issue occurred in the uio hv generic module, where memory allocated by vmbus alloc ring at the beginning of the probe function...

PT-2024-11099 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A null dereference error occurs in the Linux kernel when resuming after suspend, even when the interface was not previously enabled. This is caused by the driver queuing work via...

PT-2024-11100 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to an error pointer dereference in the mcp251xfd probe function. When the code was converted to use dev err probe, a return was accidentally removed. This leads to...

PT-2024-11212 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a shutdown crash in the Linux kernel when the main component is not probed, for example, when the dw-hdmi module is not loaded yet or in probe defer. This resul...

PT-2021-8275 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the GTDT driver in the Linux kernel. When the driver probe fails due to invalid firmware properties, it unmaps the interrupt that it mapped earlier. However, it...

SUSE: Security Advisory (SUSE-SU-2018:2842-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2018:2825-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MGASA-2021-0163 Updated firefox packages fix security vulnerabilities

Texture upload into an unbound backing buffer resulted in an out-of-bound read. CVE-2021-23981 Angle graphics library out of date. CVE-2021-4127 Internal network hosts could have been probed by a malicious webpage. CVE-2021-23982 Malicious extensions could have spoofed popup information...

PT-2024-11072 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A resource leak has been identified in the Linux kernel, specifically in the remove function of the mmc: uniphier-sd module. The issue arises from a missing tmio mmc host free call in...

Mozilla: Internal network hosts could have been probed by a malicious webpage

Using techniques that built on the slipstream research, a malicious webpage could have scanned both an internal network's hosts as well as services running on the user's local machine utilizing WebRTC connections. This vulnerability affects Firefox ESR 78.9, Firefox 87, and Thunderbird 78.9...

PT-2024-11135 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue concerns resource leaks in the error path of the venus probe function. If an error occurs after a successful of icc get call, it must be undone to prevent leaks. Using devm o...

USN-4878-1 linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-gke-5.4, linux-gkeop, linux-gkeop-5.4, linux-hwe-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4 vulnerabilities

It was discovered that the Marvell WiFi-Ex device driver in the Linux kernel did not properly validate ad-hoc SSIDs. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2020-36158 Ryota Shiga discovered that the sockopt BPF hooks in th...

CentOS 8 : firefox (CESA-2020:5562)

The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2020:5562 advisory. - chromium-browser: Uninitialized Use in V8 CVE-2020-16042 - Mozilla: Heap buffer overflow in WebGL CVE-2020-26971 - Mozilla: CSS Sanitizer performed...

openscap bug fix and enhancement update

The OpenSCAP suite enables integration of the Security Content Automation Protocol SCAP line of standards. The openscap packages provide the OpenSCAP library and the oscap utility that provides various SCAP capabilities. Bug Fixes and Enhancements: Enable YAML probe to work with sets of values...

ALEA-2020:5501 openscap bug fix and enhancement update

The OpenSCAP suite enables integration of the Security Content Automation Protocol SCAP line of standards. The openscap packages provide the OpenSCAP library and the oscap utility that provides various SCAP capabilities. Bug Fixes and Enhancements: Enable YAML probe to work with sets of values...

kernel: Two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c allow for a DoS

A flaw was found in the Linux kernel. The rtlusbprobe function mishandles resource cleanup on error. An attacker able to induce the error conditions could use this flaw to crash the system. The highest threat from this vulnerability is to system availability...

Security Bulletin: Multiple vulnerabilities in Net-SNMP affects Netcool/OMNIbus SNMP Probe (CVE-2020-15861, CVE-2020-15862)

Summary Net-SNMP library is consumed by IBM Tivoli Netcool/OMNIbus SNMP Probe. Information about security vulnerabilities affecting Net-SNMP library has been published. Vulnerability Details CVEID: CVE-2020-15861 DESCRIPTION: Net-SNMP could allow a local authenticated attacker to gain elevated...

Design/Logic Flaw

If a valid external protocol handler was referenced in an image tag, the resulting broken image size could be distinguished from a broken image size of a non-existent protocol handler. This allowed an attacker to successfully probe whether an external protocol handler was registered. This...

CVE-2020-15680

If a valid external protocol handler was referenced in an image tag, the resulting broken image size could be distinguished from a broken image size of a non-existent protocol handler. This allowed an attacker to successfully probe whether an external protocol handler was registered. This...