EUVD-2023-35744

Malicious code in bioql PyPI...

NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel Multiple Vulnerabilities (NS-SA-2024-0017)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has kernel packages installed that are affected by multiple vulnerabilities: - qfqchangeclass in net/sched/schqfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write because lmax can exceed QFQMINLMAX...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 6 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

kernel: out-of-bounds write in qfq_change_class function

An out-of-bounds memory access flaw was found in the Linux kernel’s traffic control QoS subsystem in how a user triggers the qfqchangeclass function with an incorrect MTU value of the network device used as lmax. This flaw allows a local user to crash or potentially escalate their privileges on t...

Important: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a...

RHEL 8 : kernel (RHSA-2024:1367)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1367 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: vmwgfx: NULL pointer dereferen...

kernel: out-of-bounds write in qfq_change_class function

An out-of-bounds memory access flaw was found in the Linux kernel’s traffic control QoS subsystem in how a user triggers the qfqchangeclass function with an incorrect MTU value of the network device used as lmax. This flaw allows a local user to crash or potentially escalate their privileges on t...

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.2 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security...

kernel: out-of-bounds write in qfq_change_class function

An out-of-bounds memory access flaw was found in the Linux kernel’s traffic control QoS subsystem in how a user triggers the qfqchangeclass function with an incorrect MTU value of the network device used as lmax. This flaw allows a local user to crash or potentially escalate their privileges on t...

kernel: out-of-bounds write in qfq_change_class function

An out-of-bounds memory access flaw was found in the Linux kernel’s traffic control QoS subsystem in how a user triggers the qfqchangeclass function with an incorrect MTU value of the network device used as lmax. This flaw allows a local user to crash or potentially escalate their privileges on t...

kernel: out-of-bounds write in qfq_change_class function

An out-of-bounds memory access flaw was found in the Linux kernel’s traffic control QoS subsystem in how a user triggers the qfqchangeclass function with an incorrect MTU value of the network device used as lmax. This flaw allows a local user to crash or potentially escalate their privileges on t...

ALSA-2023:7077 Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: tun: avoid double free in tunfreenetdev CVE-2022-4744 kernel: net/sched: multiple vulnerabilities CVE-2023-3609, CVE-2023-3611, CVE-2023-4128, CVE-2023-4206, CVE-2023-4207, CVE-2023-4208...

EulerOS 2.0 SP10 : kernel (EulerOS-SA-2023-2383)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In the Linux kernel through 6.3.1, a use-after-free in Netfilter nftables when processing batch requests can be abused to perform arbitrary read a...

SUSE SLES15 Security Update : kernel (Live Patch 31 for SLE 15 SP3) (SUSE-SU-2023:2709-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2023:2709-1 advisory. - qfqchangeclass in net/sched/schqfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write because lmax can exceed QFQMINLMAX. CVE-2023-314...

SUSE SLES12 Security Update : kernel (Live Patch 31 for SLE 12 SP4) (SUSE-SU-2023:2708-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2708-1 advisory. - A remote denial of service vulnerability was found in the Linux kernel's TIPC kernel module. The while loop in tipclinkxmit hits an unknown...

SUSE SLES12 Security Update : kernel (Live Patch 39 for SLE 12 SP5) (SUSE-SU-2023:2719-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2719-1 advisory. - A remote denial of service vulnerability was found in the Linux kernel's TIPC kernel module. The while loop in tipclinkxmit hits an unknown...

SUSE SLES15 Security Update : kernel (Live Patch 29 for SLE 15 SP2) (SUSE-SU-2023:2694-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2694-1 advisory. - A double-free flaw was found in the Linux kernel's TUN/TAP device driver functionality in how a user registers the device when the...

SUSE SLES12 Security Update : kernel (Live Patch 28 for SLE 12 SP4) (SUSE-SU-2023:2660-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2660-1 advisory. - A remote denial of service vulnerability was found in the Linux kernel's TIPC kernel module. The while loop in tipclinkxmit hits an unknown...

Debian dla-3446 : linux-config-5.10 - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3446 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3446-1 [email protected]...

Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-6132-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6132-1 advisory. Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch...