EulerOS Virtualization 2.10.0 : edk2 (EulerOS-SA-2024-1996)

According to the versions of the edk2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : EDK2's Network Package is susceptible to a buffer overflow vulnerability when handling Server ID option from a DHCPv6 proxy Advertise...

ssh: Prefix truncation attack on Binary Packet Protocol (BPP)

A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure ...

CVE-2024-40925

In the Linux kernel, the following vulnerability has been resolved: block: fix request.queuelist usage in flush Friedrich Weber reported a kernel crash problem and bisected to commit 81ada09cc25e "blk-flush: reuse rq queuelist in flush state machine". The root cause is that we use...

PT-2024-6556 · Rockwell Automation · Rockwell Automation Sequence Manager

Name of the Vulnerable Software and Affected Versions: Rockwell Automation Sequence Manager affected versions not specified Description: The issue is related to an input validation problem that could allow a malicious user to send malformed packets to the server, resulting in a denial-of-service...

DEBIAN-CVE-2024-40931

In the Linux kernel, the following vulnerability has been resolved: mptcp: ensure snduna is properly initialized on connect This is strictly related to commit fb7a0d334894 "mptcp: ensure sndnxt is properly initialized on connect". It turns out that syzkaller can trigger the retransmit after...

OESA-2024-1828 vte291 security update

VTE provides a virtual terminal widget for GTK applications.VTE is mainly used in gnome-terminal, but can also be used to embed a console/terminal in games, editors, IDEs, etc. Security Fixes: GNOME VTE before 0.76.3 allows an attacker to cause a denial of service memory consumption via a window...

edk2: Predictable TCP Initial Sequence Numbers

A security flaw has been identified in EDK2, the open-source reference implementation of the UEFI specification. This vulnerability enables an unauthorized attacker to potentially disclose sensitive information...

Important: Red Hat Security Advisory: edk2 security update

An update for edk2 is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

RHEL 9 : edk2 (RHSA-2024:4419)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:4419 advisory. EDK Embedded Development Kit is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware f...

CVE-2023-48270

A stack-based buffer overflow vulnerability exists in the boa formDnsv6 functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of network requests can lead to arbitrary code execution. An attacker can send a sequence of requests to trigger this vulnerability...

kernel: TCP-spoofed ghost ACKs and leak leak initial sequence number

A flaw was found in the Linux kernel. Two TCP spoofing primitives exist where an attacker can brute force the server-chosen send window by acknowledging data that was never sent, called "ghost ACKs." There are side channels that also allow the attacker to leak the otherwise secret server-chosen...

CVE-2024-39473 ASoC: SOF: ipc4-topology: Fix input format query of process modules without base extension

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-topology: Fix input format query of process modules without base extension If a process module does not have base config extension then the same format applies to all of it's inputs and the process-baseconfigext i...

ROS-20240704-03

Vulnerability in gnome Vte terminal is related to escape-sequence window resizing. Exploitation The vulnerability could allow an attacker acting remotely to cause a denial of service...

CVE-2024-3332

A malicious BLE device can send a specific order of packet sequence to cause a DoS attack on the victim BLE device...

CVE-2024-3332

A malicious BLE device can send a specific order of packet sequence to cause a DoS attack on the victim BLE device...

CBL Mariner 2.0 Security Update: edk2 / hvloader (CVE-2023-45236)

The version of edk2 / hvloader installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-45236 advisory. - EDK2's Network Package is susceptible to a predictable TCP Initial Sequence Number. This...

CBL Mariner 2.0 Security Update: cert-manager / cf-cli / docker-buildx / erlang / kubernetes / kubevirt (CVE-2023-48795)

The version of cert-manager / cf-cli / docker-buildx / erlang / kubernetes / kubevirt installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-48795 advisory. - The SSH transport protocol with certain...

PT-2024-25201 · Unknown · Bluetooth Low Energy

Name of the Vulnerable Software and Affected Versions: Bluetooth Low Energy BLE devices affected versions not specified Description: A malicious BLE device can send a specific order of packet sequence to cause a Denial of Service DoS attack on the victim BLE device. Recommendations: At the moment...

kernel: TCP-spoofed ghost ACKs and leak leak initial sequence number

A flaw was found in the Linux kernel. Two TCP spoofing primitives exist where an attacker can brute force the server-chosen send window by acknowledging data that was never sent, called "ghost ACKs." There are side channels that also allow the attacker to leak the otherwise secret server-chosen...

BIT-HUBBLE-UI-BACKEND-2024-28860

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Users of IPsec transparent encryption in Cilium may be vulnerable to cryptographic attacks that render the transparent encryption ineffective. In particular, Cilium is vulnerable to chosen plaintext, key...