Oracle Linux 6 : thunderbird (ELSA-2020-0574)

The remote Oracle Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2020-0574 advisory. 68.5.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 68.5.0-1 - Update to 68.5.0 build1 Tenable has...

SUSE CVE-2022-0330

A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. This flaw allows a local user to crash the system or escalate their privileges on the system...

kernel: i915: Incorrect GPU TLB flush can lead to random memory access

An incorrect TLB flush issue was found in the Linux kernel’s GPU i915 kernel driver, potentially leading to random memory corruption or data leaks. This flaw could allow a local user to crash the system or escalate their privileges on the system...

kernel: i915: Incorrect GPU TLB flush can lead to random memory access

An incorrect TLB flush issue was found in the Linux kernel’s GPU i915 kernel driver, potentially leading to random memory corruption or data leaks. This flaw could allow a local user to crash the system or escalate their privileges on the system...

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-5.20.3.6)

The version of AOS installed on the remote host is prior to 5.20.3.6. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-5.20.3.6 advisory. - In Expat aka libexpat before 2.4.5, there is an integer overflow in storeRawNames. CVE-2022-25315 - In Expat aka libexpat...

SUSE-SU-2022:1637-1 Security update for the Linux Kernel (Live Patch 23 for SLE 15 SP2)

This update for the Linux Kernel 5.3.18-2499 fixes several issues. The following security issues were fixed: - - CVE-2022-1158: Fixed KVM x86/mmu compare-and-exchange of gPTE via the user address bsc1198133 - CVE-2022-0330: A random memory access flaw was found in the Linux kernel's GPU i915 kern...

SUSE-SU-2022:1589-1 Security update for the Linux Kernel (Live Patch 26 for SLE 15 SP1)

This update for the Linux Kernel 4.12.14-19799 fixes one issue. The following security issue was fixed: - CVE-2022-0330: A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. This flaw allowed a local...

Apache HTTP Server 输入验证错误漏洞

Apache HTTP Server is an open source web server from the Apache Foundation. A denial-of-service vulnerability exists in Apache HTTP Server 2.4.52 and earlier versions, which stems from a well-designed request body that reads random memory regions and can be exploited by attackers to crash process...

Important: kernel

Issue Overview: Amazon Linux has been made aware of a potential Branch Target Injection BTI issue sometimes referred to as Spectre variant 2. This is a known cross-domain transient execution attack where a third party may seek to cause a disclosure gadget to be speculatively executed after an...

Ubuntu 20.04 LTS : Linux kernel (HWE) vulnerabilities (USN-5295-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5295-1 advisory. It was discovered that the Packet network protocol implementation in the Linux kernel contained a double- free vulnerability. A local attacker could use...

SUSE SLES12 Security Update : kernel (SUSE-SU-2022:0372-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0372-1 advisory. - The vgacon subsystem in the Linux kernel before 5.8.10 mishandles software scrollback. There is a vgaconscrolldelta out-of-bounds...

Mozilla: Out-of-bounds read when processing certain email messages

When processing an email message with an ill-formed envelope, Thunderbird could read data from a random memory location. This vulnerability affects Thunderbird 68.5...