CentOS 8 : firefox (CESA-2020:0512)

The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2020:0512 advisory. - Mozilla: Missing bounds check on shared memory read in the parent process CVE-2020-6796 - Mozilla: Incorrect parsing of template tag could result in...

EulerOS 2.0 SP5 : mesa (EulerOS-SA-2020-2555)

According to the version of the mesa packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - An exploitable shared memory permissions vulnerability exists in the functionality of X11 Mesa 3D Graphics Library 19.1.2. An attacker can access the...

Huawei EulerOS: Security Advisory for mesa (EulerOS-SA-2020-2520)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for mesa (EulerOS-SA-2020-2555)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Xen Resource Management Error Vulnerability

Xen is an open source virtual machine monitor product from the University of Cambridge, UK. The product enables different and incompatible operating systems to run on the same computer and supports runtime migration to ensure uptime and avoid downtime. A security vulnerability exists in Xen versi...

EulerOS 2.0 SP8 : mesa (EulerOS-SA-2020-2520)

According to the version of the mesa packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - An exploitable shared memory permissions vulnerability exists in the functionality of X11 Mesa 3D Graphics Library 19.1.2. An attacker can access the...

Debian DLA-2490-1 : x11vnc security update

Guenal Davalan reported a flaw in x11vnc, a VNC server to allow remote access to an existing X session. x11vnc creates shared memory segments with 0777 mode. A local attacker can take advantage of this flaw for information disclosure, denial of service or interfering with the VNC session of anoth...

MGASA-2020-0454 Updated x11vnc package fixes a security vulnerability

scan.c in x11vnc 0.9.16 uses IPCCREAT|0777 in shmget calls, which allows access by actors other than the current user. CVE-2020-29074...

[SECURITY] [DSA 4799-1] x11vnc security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4799-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 28, 2020 https://www.debian.org/security/faq -...

DEBIAN-CVE-2020-29074

scan.c in x11vnc 0.9.16 uses IPCCREAT|0777 in shmget calls, which allows access by actors other than the current user...

UBUNTU-CVE-2020-29074

scan.c in x11vnc 0.9.16 uses IPCCREAT|0777 in shmget calls, which allows access by actors other than the current user...

Libvnc X11vnc Security Vulnerabilities

Libvnc X11vnc is a software for Unix platforms used to connect to remote desktops by the Libvnc community. A security vulnerability exists in x11vnc version 0.9.16, which stems from scan.c's use of IPC CREAT|0777 in the shmget call, which allows access by participants other than the current user...

x11vnc -- access to shared memory segments

[email protected] reports: scan.c in x11vnc 0.9.16 uses IPCCREAT|0777 in shmget calls, which allows access by actors other than the current user...

Security Bulletin: Multiple vulnerabilities in Db2 affect IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise

Summary IBM® Db2® shipped with IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise is vulnerable to information disclosure. Vulnerabilities have been identified in IBM Db2 and information about their fixes are published in a security bulletin. Vulnerability Details CVEID: CVE-2020-4387...

Linux: sysctl kernel.shmall

This parameter sets the total amount of shared memory pages that can be used system wide. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Linux: sysctl kernel.shmmax

This parameter defines the maximum size in bytes of a single shared memory segment that a Linux process can allocate in its virtual address space. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective...

Linux: noexec option on /dev/shm

The noexec mount option specifies that the filesystem cannot contain executable binaries. Setting this option on a file system prevents users from executing programs from shared memory. This deters users from introducing potentially malicious software on the system. SPDX-FileCopyrightText: 2020...

Huawei EulerOS: Security Advisory for mesa (EulerOS-SA-2020-2433)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for mesa (EulerOS-SA-2020-2415)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP9 : mesa (EulerOS-SA-2020-2415)

According to the version of the mesa package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - An exploitable shared memory permissions vulnerability exists in the functionality of X11 Mesa 3D Graphics Library 19.1.2. An attacker can access the...