RHCOS 4 : OpenShift Container Platform 4.8.13 (RHSA-2021:3631)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2021:3631 advisory. - kubernetes: Symlink exchange can allow host filesystem access CVE-2021-25741 Note that Nessus has not tested for this issue but has instead...

RHCOS 4 : OpenShift Container Platform 4.5.37 (RHSA-2021:1016)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:1016 advisory. - golang: data race in certain net/http servers including ReverseProxy can lead to DoS CVE-2020-15586 - golang: ReadUvarint and...

RHCOS 4 : OpenShift Container Platform 4.6.46 (RHSA-2021:3642)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2021:3642 advisory. - kubernetes: Symlink exchange can allow host filesystem access CVE-2021-25741 Note that Nessus has not tested for this issue but has instead...

CentOS 7 : compat-exiv2-023 (RHSA-2021:3234)

The remote CentOS Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2021:3234 advisory. - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-29457. Reason: This candidate is a duplicate of CVE-2021-29457. Notes: All CVE users...

CentOS 7 : kpatch-patch (RHSA-2021:0862)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0862 advisory. - In drivers/target/targetcorexcopy.c in the Linux kernel before 5.10.7, insufficient identifier checking in the LIO SCSI target code can be used by...

CentOS 7 : kernel-alt (RHSA-2021:0354)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0354 advisory. - Use-after-free vulnerability in fs/blockdev.c in the Linux kernel before 5.8 allows local users to gain privileges or cause a denial of service by...

CentOS 7 : kpatch-patch (RHSA-2021:3768)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:3768 advisory. - An issue was discovered in Linux: KVM through Improper handling of VMIO|VMPFNMAP vmas in KVM can bypass RO checks and can lead to pages being freed...

CentOS 7 : java-1.8.0-ibm (RHSA-2021:5030)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:5030 advisory. - Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Swing. Supported versions that are affected are...

CentOS 7 : nss (RHSA-2021:1384)

The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:1384 advisory. - A flaw was found in the way NSS handled CCS ChangeCipherSpec messages in TLS 1.3. This flaw allows a remote attacker to send multiple CCS messages, causing a...

CentOS 7 : podman (RHSA-2021:0681)

The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:0681 advisory. - A flaw was found in podman before 1.7.0. File permissions for non-root users running in a privileged container are not correctly checked. This flaw can be...

CentOS 7 : kernel (RHSA-2021:0336)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0336 advisory. - Use-after-free vulnerability in fs/blockdev.c in the Linux kernel before 5.8 allows local users to gain privileges or cause a denial of service by...

CentOS 7 : thunderbird (RHSA-2021:1350)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:1350 advisory. - Further techniques that built on the slipstream research combined with a malicious webpage could have exposed both an internal network's hosts as wel...

CentOS 7 : kpatch-patch (RHSA-2021:3441)

The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:3441 advisory. - A flaw was found in the Routing decision classifier in the Linux kernel's Traffic Control networking subsystem in the way it handled changing of classificatio...

CentOS 7 : kpatch-patch (RHSA-2021:4798)

The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:4798 advisory. - An issue was discovered in the Linux kernel before 5.10. drivers/infiniband/core/ucma.c has a use-after- free because the ctx is reached via the ctxlist in so...

CentOS 7 : kernel-rt (RHSA-2021:3439)

The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:3439 advisory. - A flaw was found in the Routing decision classifier in the Linux kernel's Traffic Control networking subsystem in the way it handled changing of classificatio...

CentOS 7 : kpatch-patch (RHSA-2021:3381)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:3381 advisory. - A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/xtables.c. This allows an attacker to gain privileges or...

CentOS 7 : kernel-alt (RHSA-2021:1379)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:1379 advisory. - An issue was discovered in the Linux kernel before 5.2 on the powerpc platform. arch/powerpc/kernel/idlebook3s.S does not have save/restore...

CentOS 7 : thunderbird (RHSA-2021:0297)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:0297 advisory. - During the plaintext phase of the STARTTLS connection setup, protocol commands could have been injected and evaluated within the encrypted session...

CentOS 7 : kpatch-patch (RHSA-2021:1069)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:1069 advisory. - An issue was discovered in the Linux kernel through 5.11.3. drivers/scsi/scsitransportiscsi.c is adversely affected by the ability of an unprivileged...

CentOS 7 : etcd (RHSA-2021:1407)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:1407 advisory. - In etcd before versions 3.3.23 and 3.4.10, a large slice causes panic in decodeRecord method. The size of a record is stored in the length field of a...