53 matches found
AZL-47624 CVE-2024-42232 affecting package kernel for versions less than 5.15.164.1-1
In the Linux kernel, the following vulnerability has been resolved: libceph: fix race between delayedwork and cephmoncstop The way the delayed work is handled in cephmoncstop is prone to races with monfault and possibly also finishhunting. Both of these can requeue the delayed work which wouldn't...
UBUNTU-CVE-2024-42232
In the Linux kernel, the following vulnerability has been resolved: libceph: fix race between delayedwork and cephmoncstop The way the delayed work is handled in cephmoncstop is prone to races with monfault and possibly also finishhunting. Both of these can requeue the delayed work which wouldn't...
CVE-2024-1930 No Limit on Number of Open Sessions / Bad Session Close Behaviour
No Limit on Number of Open Sessions / Bad Session Close Behaviour in dnf5daemon-server before 5.1.17 allows a malicious user to impact Availability via No Limit on Number of Open Sessions. There is no limit on how many sessions D-Bus clients may create using the opensession D-Bus method. For each...
kernel: scsi: target: iscsit: Free cmds before session free
A use-after-free vulnerability was found in the Linux kernel's iSCSI target subsystem. When the Time2Retain timer expires and an iSCSI session is being cleaned up, commands from recovery entries are freed after the session has already been closed. This leads to a NULL pointer dereference or...
RHEL 8 : java-1.8.0-ibm (RHSA-2022:0345)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:0345 advisory. IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE ...
SUSE-SU-2022:14876-1 Security update for java-1_7_1-ibm
This update for java-171-ibm fixes the following issues: - Update to Java 7.1 Service Refresh 5 Fix Pack 0 - CVE-2021-41035: before version 0.29.0, the openj9 JVM does not throw IllegalAccessError for MethodHandles that invoke inaccessible interface methods. bsc1194198, bsc1192052 - CVE-2021-3558...
SUSE-SU-2022:14875-1 Security update for java-1_7_1-ibm
This update for java-171-ibm fixes the following issues: - Update to Java 7.1 Service Refresh 5 Fix Pack 0 - CVE-2021-41035: before version 0.29.0, the openj9 JVM does not throw IllegalAccessError for MethodHandles that invoke inaccessible interface methods. bsc1194198, bsc1192052 - CVE-2021-3558...
MGASA-2021-0542 Updated java openjdk packages fix security vulnerability
The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fixes: OpenJDK: Loop in HttpsServer triggered during TLS session close JSSE, 8254967 CVE-2021-35565 OpenJDK: Incorrect principal selection when using Kerberos...
java security update
CentOS Errata and Security Advisory CESA-2021:3889 An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detail...
OpenJDK: Loop in HttpsServer triggered during TLS session close (JSSE, 8254967)
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows unauthenticated attacke...
Scientific Linux Security Update : java-1.8.0-openjdk on SL7.x i686/x86_64 (2021:3889)
The remote Scientific Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the SLSA-2021:3889-1 advisory. - OpenJDK: Loop in HttpsServer triggered during TLS session close JSSE, 8254967 CVE-2021-35565 - OpenJDK: Incorrect principal selection when usin...
CVE-2021-31364
An Improper Check for Unusual or Exceptional Conditions vulnerability combined with a Race Condition in the flow daemon flowd of Juniper Networks Junos OS on SRX300 Series, SRX500 Series, SRX1500, and SRX5000 Series with SPC2 allows an unauthenticated network based attacker sending specific traff...
Multi Generic Operating System Session Close
This module closes the specified session. This can be useful as a finisher for automation tasks This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Multi Generic Operating System Session Close',...