Moderate: Red Hat Security Advisory: kernel-rt security update

An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Oracle Linux 9 : kernel (ELSA-2026-0793)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-0793 advisory. - smb: client: let recvdone verify dataoffset, datalength and remainingdatalength Paulo Alcantara RHEL-131388 CVE-2025-39933 - drm/xe: Make dma-fences...

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: drm/xe: Make dma-fences compliant with the safe access rules CVE-2025-38703 kernel: smb: client: let recvdone verify dataoffset, datalength and remainingdatalength CVE-2025-39933 kernel:...

ALSA-2026:0793 Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: drm/xe: Make dma-fences compliant with the safe access rules CVE-2025-38703 kernel: smb: client: let recvdone verify dataoffset, datalength and remainingdatalength CVE-2025-39933 kernel:...

EUVD-2018-2182

Malware in sbrugna...

EUVD-2018-2184

Malware in sbrugna...

CVE-2025-1048

Sonos Era 300 Speaker libsmb2 Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Sonos Era 300 speakers. Authentication is not required to exploit this vulnerability. The specific flaw...

CVE-2025-1048

Sonos Era 300 Speaker libsmb2 Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Sonos Era 300 speakers. Authentication is not required to exploit this vulnerability. The specific flaw...

CVE-2025-1048 Sonos Era 300 Speaker libsmb2 Use-After-Free Remote Code Execution Vulnerability

Sonos Era 300 Speaker libsmb2 Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Sonos Era 300 speakers. Authentication is not required to exploit this vulnerability. The specific flaw...

(Pwn2Own) Sonos Era 300 Speaker libsmb2 Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Sonos Era 300 speakers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of SMB data. The issue results from the lack of validati...

RHEL 7 : tcpdump (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - tcpdump: SMB data printing mishandled CVE-2018-10105 - Integer underflow in the olsrprint function in...

OESA-2024-1114 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel before 6.5.9, there is a NULL pointer dereference in sendacknowledge in net/nfc/nci/spi.c.CVE-2023-46343 In the Linux kernel before 6.4.12, amdgpucswaitallfences in drivers/gpu/drm/amd/amdgpu/amdgpucs.c has a...

OESA-2024-1112 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel before 6.5.9, there is a NULL pointer dereference in sendacknowledge in net/nfc/nci/spi.c.CVE-2023-46343 In the Linux kernel before 6.4.12, amdgpucswaitallfences in drivers/gpu/drm/amd/amdgpu/amdgpucs.c has a...

DEBIAN-CVE-2024-22705

An issue was discovered in ksmbd in the Linux kernel before 6.6.10. smb2getdataarealen in fs/smb/server/smb2misc.c can cause an smbstrndupfromutf16 out-of-bounds access because the relationship between Name data and CreateContexts data is mishandled...

AZL-33961 CVE-2024-22705 affecting package kernel for versions less than 5.15.148.1-1

An issue was discovered in ksmbd in the Linux kernel before 6.6.10. smb2getdataarealen in fs/smb/server/smb2misc.c can cause an smbstrndupfromutf16 out-of-bounds access because the relationship between Name data and CreateContexts data is mishandled...

Rocky Linux 8 : tcpdump (RLSA-2020:4760)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2020:4760 advisory. - tcpdump before 4.9.3 mishandles the printing of SMB data issue 1 of 2. CVE-2018-10103 - tcpdump before 4.9.3 mishandles the printing of SMB data issue...

K44551633: Multiple tcpdump vulnerabilities

Security Advisory Description CVE-2018-14881 The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgpcapabilitiesprint BGPCAPCODERESTART. CVE-2018-14882 The ICMPv6 parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp6.c. CVE-2018-16227 The IEEE 802.11 parser...

RHEL 8 : tcpdump (RHSA-2020:4760)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:4760 advisory. The tcpdump packages contain the tcpdump utility for monitoring network traffic. The tcpdump utility can capture and display the packet...

Arbitrary Code Execution

tcpdump is vulnerable to arbitrary code execution. A memory corruption during the printing of SMB data allows an attacker to execute arbitrary code...

Information Disclosure

tcpdump is vulnerable to information disclosure. it mishandles the printing of SMB data issue 1 of 2...