Astra Linux - уязвимость в linux, linux-5.10, linux-5.15

A out-of-bounds memory access flaw was discovered in the Linux kernel, specifically in the relayfilereadstartpos function within kernel/relay.c in relayfs. This flaw could allow a local attacker to crash the system or leak internal kernel information...

Siemens SIMATIC and SCALANCE Devices Out-of-bounds Read (CVE-2023-3268)

An out of bounds OOB memory access flaw was found in the Linux kernel in relayfilereadstartpos in kernel/relay.c in the relayfs. This flaw could allow a local attacker to crash the system or leak kernel internal information. This plugin only works with Tenable.ot. Please visit...

EUVD-2023-43944

Malicious code in bioql PyPI...

kernel: out-of-bounds access in relay_file_read

An out-of-bounds OOB memory access flaw was found in the Linux kernel in relayfilereadstartpos in kernel/relay.c in the relayfs. This flaw allows a local attacker to crash the system or leak kernel internal information...

kernel: out-of-bounds access in relay_file_read

An out-of-bounds OOB memory access flaw was found in the Linux kernel in relayfilereadstartpos in kernel/relay.c in the relayfs. This flaw allows a local attacker to crash the system or leak kernel internal information...

kernel: out-of-bounds access in relay_file_read

An out-of-bounds OOB memory access flaw was found in the Linux kernel in relayfilereadstartpos in kernel/relay.c in the relayfs. This flaw allows a local attacker to crash the system or leak kernel internal information...

CLSA-2024-1705496067 kernel: Fix of 13 CVEs

Bluetooth: L2CAP: Fix use-after-free in l2capsockreadycb CVE-2023-40283 - ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-6932 - smb: client: fix OOB in smbCalcSize CVE-2023-6606 - net/sched: schhfsc: Ensure inner classes have fsc curve CVE-2023-4623 - net/sched: clsfw:...

kernel: Fix of 13 CVEs

Bluetooth: L2CAP: Fix use-after-free in l2capsockreadycb CVE-2023-40283 - ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-6932 - smb: client: fix OOB in smbCalcSize CVE-2023-6606 - net/sched: schhfsc: Ensure inner classes have fsc curve CVE-2023-4623 - net/sched: clsfw:...

kernel: Fix of 13 CVEs

Bluetooth: L2CAP: Fix use-after-free in l2capsockreadycb CVE-2023-40283 - ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-6932 - smb: client: fix OOB in smbCalcSize CVE-2023-6606 - net/sched: schhfsc: Ensure inner classes have fsc curve CVE-2023-4623 - net/sched: clsfw:...

CLSA-2024-1705494430 kernel: Fix of 13 CVEs

Bluetooth: L2CAP: Fix use-after-free in l2capsockreadycb CVE-2023-40283 - ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-6932 - smb: client: fix OOB in smbCalcSize CVE-2023-6606 - net/sched: schhfsc: Ensure inner classes have fsc curve CVE-2023-4623 - net/sched: clsfw:...

kernel: out-of-bounds access in relay_file_read

An out-of-bounds OOB memory access flaw was found in the Linux kernel in relayfilereadstartpos in kernel/relay.c in the relayfs. This flaw allows a local attacker to crash the system or leak kernel internal information...

kernel: out-of-bounds access in relay_file_read

An out-of-bounds OOB memory access flaw was found in the Linux kernel in relayfilereadstartpos in kernel/relay.c in the relayfs. This flaw allows a local attacker to crash the system or leak kernel internal information...

kernel: out-of-bounds access in relay_file_read

An out-of-bounds OOB memory access flaw was found in the Linux kernel in relayfilereadstartpos in kernel/relay.c in the relayfs. This flaw allows a local attacker to crash the system or leak kernel internal information...

CLSA-2023-1695716575 kernel: Fix of 25 CVEs

xen/xenbus: don't let xenbusgrantring remove grants in error case CVE-2022-23040 - xen/xenbus: Fix granting of vmalloc'd memory - xen/blkfront: don't use gnttabqueryforeignaccess for mapped status CVE-2022-23036 - xen/grant-table: add gnttabtryendforeignaccess CVE-2022-23036 - xen/blkfront: don't...

Ubuntu 20.04 LTS : Linux kernel (BlueField) vulnerabilities (USN-6397-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6397-1 advisory. Daniel Moghimi discovered that some IntelR Processors did not properly clear microarchitectural state after speculative execution of various instructions...

Ubuntu 18.04 ESM / 20.04 LTS : Linux kernel (IBM) vulnerabilities (USN-6357-1)

The remote Ubuntu 18.04 ESM / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6357-1 advisory. Daniel Moghimi discovered that some IntelR Processors did not properly clear microarchitectural state after speculative execution of various...

Ubuntu 20.04 LTS : Linux kernel (Azure) vulnerabilities (USN-6349-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6349-1 advisory. Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically...

Ubuntu 18.04 ESM / 20.04 LTS : Linux kernel vulnerabilities (USN-6340-1)

The remote Ubuntu 18.04 ESM / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6340-1 advisory. Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. ...

[Important] [Security] Virtuozzo ReadyKernel Patch 159.0 for Virtuozzo Hybrid Server 7.5

The cumulative Virtuozzo ReadyKernel patch was updated with security fixes. The patch applies to all supported kernels of Virtuozzo Hybrid Server 7.5. Vulnerability id: CVE-2023-3268 3.10.0-1160.41.1.vz7.183.5 to 3.10.0-1160.80.1.vz7.191.4 Out-of-bound memory access during reading relayfs...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2023:3311-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3311-1 advisory. - Information exposure through microarchitectural state after transient execution in certain...