23 matches found
Wireshark 2.2.x < 2.2.16 Multiple Vulnerabilities
The version of Wireshark installed on the remote Windows host is prior to 2.2.16. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.2.16 advisory. - In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the Bazaar protocol dissector could go into ...
SUSE-SU-2026:0369-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP3 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2022-50282: chardev: fix error handling in cdevdeviceadd bsc1249739. - CVE-2022-50630: mm: hugetlb: fix UAF in hugetlbhandleuserfault bsc1254785. - CVE-2022-50700:...
CVE-2023-54274
CVE-2023-54274 affects the Linux kernel RDMA/srpt path. Root cause: during unregistering a MAD agent the code could see a non-null mad_agent that actually held an error value, allowing a NULL dereference in a short race window when srpt_add_one() and srpt_remove_one() run concurrently (e.g., RoCE...
EUVD-2016-9479
Malware in sbrugna...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-383033)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-383033 advisory. In the Linux kernel, the following vulnerability has been resolved: RDMA/srpt: Do not register event handler until srpt device is fully setup Upon rare occasions,...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-383340)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-383340 advisory. In the Linux kernel, the following vulnerability has been resolved: RDMA/srpt: Do not register event handler until srpt device is fully setup Upon rare occasions,...
EUVD-2022-55395
Malicious code in bioql PyPI...
CLSA-2025-1754553172 kernel: Fix of 17 CVEs
net: ch9200: fix uninitialised access during miinwayrestart CVE-2025-38086 - jbd2: fix assertion 'jh-bfrozendata == NULL' failure when journal aborted CVE-2022-50126 - kernfs: fix potential NULL dereference in kernfsremove CVE-2022-50148 - md-raid10: fix KASAN warning CVE-2022-50211 - xhci: Fix...
Security update for the Linux Kernel RT (Live Patch 3 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506001011 fixes several issues. The following security issues were fixed: CVE-2024-53146: NFSD: Prevent a potential integer overflow bsc1234854. CVE-2024-53214: vfio/pci: Properly hide first-in-list PCIe extended capability bsc1235005. CVE-2024-53173:...
kernel: RDMA/srpt: Do not register event handler until srpt device is fully setup
In the Linux kernel, the following vulnerability has been resolved: RDMA/srpt: Do not register event handler until srpt device is fully setup Upon rare occasions, KASAN reports a use-after-free Write in srptrefreshport. This seems to be because an event handler is registered before the srpt devic...
kernel: RDMA/srpt: Add a check for valid 'mad_agent' pointer
A flaw was addressed in the Linux kernel’s RDMA SRPT SCSI RDMA Protocol Target subsystem. When unregistering a MAD Management Datagram agent, the SRPT module previously performed a non-NULL check on the madagent pointer before invoking ibunregistermadagent. Under rare timing...
DEBIAN-CVE-2022-48692
In the Linux kernel, the following vulnerability has been resolved: RDMA/srp: Set scmnd-result only when scmnd is not NULL This change fixes the following kernel NULL pointer dereference which is reproduced by blktests srp/007 occasionally. BUG: kernel NULL pointer dereference, address:...
kernel: RDMA/srpt: Add a check for valid 'mad_agent' pointer
A flaw was addressed in the Linux kernel’s RDMA SRPT SCSI RDMA Protocol Target subsystem. When unregistering a MAD Management Datagram agent, the SRPT module previously performed a non-NULL check on the madagent pointer before invoking ibunregistermadagent. Under rare timing...
DEBIAN-CVE-2024-26872
In the Linux kernel, the following vulnerability has been resolved: RDMA/srpt: Do not register event handler until srpt device is fully setup Upon rare occasions, KASAN reports a use-after-free Write in srptrefreshport. This seems to be because an event handler is registered before the srpt devic...
USN-5687-1: Linux kernel (Azure) vulnerabilities
It was discovered that the SUNRPC RDMA protocol implementation in the Linux kernel did not properly calculate the header size of a RPC message payload. A local attacker could use this to expose sensitive information kernel memory. CVE-2022-0812 Moshe Kol, Amit Klein and Yossi Gilad discovered tha...
USN-5678-1: Linux kernel vulnerabilities
It was discovered that the SUNRPC RDMA protocol implementation in the Linux kernel did not properly calculate the header size of a RPC message payload. A local attacker could use this to expose sensitive information kernel memory. CVE-2022-0812 Moshe Kol, Amit Klein and Yossi Gilad discovered tha...
Integer overflow
Integer overflow in the memcheckrange function in drivers/infiniband/sw/rxe/rxemr.c in the Linux kernel before 4.9.10 allows local users to cause a denial of service memory corruption, obtain sensitive information from kernel memory, or possibly have unspecified other impact via a write or read...
CVE-2016-8636
Integer overflow in the memcheckrange function in drivers/infiniband/sw/rxe/rxemr.c in the Linux kernel before 4.9.10 allows local users to cause a denial of service memory corruption, obtain sensitive information from kernel memory, or possibly have unspecified other impact via a write or read...
CVE-2016-8636
Integer overflow in the memcheckrange function in drivers/infiniband/sw/rxe/rxemr.c in the Linux kernel before 4.9.10 allows local users to cause a denial of service memory corruption, obtain sensitive information from kernel memory, or possibly have unspecified other impact via a write or read...
CVE-2016-8636
The CVE-2016-8636 issue affects the Linux kernel’s mem_check_range path in drivers/infiniband/sw/rxe/rxe_mr.c, where an integer overflow can occur. This vulnerability in Soft RoCE (RDMA over InfiniBand) allows local users to trigger memory corruption, potentially cause a denial of service, and ma...