AZL-52520 CVE-2024-50124 affecting package kernel for versions less than 6.6.64.2-1

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix UAF on isosocktimeout conn-sk maybe have been unlinked/freed while waiting for isoconnlock so this checks if the conn-sk is still valid by checking if it part of isosklist...

AZL-52461 CVE-2024-50125 affecting package kernel for versions less than 5.15.182.1-1

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SCO: Fix UAF on scosocktimeout conn-sk maybe have been unlinked/freed while waiting for scoconnlock so this checks if the conn-sk is still valid by checking if it part of scosklist...

DEBIAN-CVE-2024-50124

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix UAF on isosocktimeout conn-sk maybe have been unlinked/freed while waiting for isoconnlock so this checks if the conn-sk is still valid by checking if it part of isosklist...

UBUNTU-CVE-2024-50125

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SCO: Fix UAF on scosocktimeout conn-sk maybe have been unlinked/freed while waiting for scoconnlock so this checks if the conn-sk is still valid by checking if it part of scosklist...

Security update for the Linux Kernel (Live Patch 48 for SLE 15 SP2)

This update for the Linux Kernel 5.3.18-15020024191 fixes several issues. The following security issues were fixed: CVE-2021-47600: dm btree remove: fix use after free in rebalancechildren bsc1227472. CVE-2021-47598: schcake: do not call cakedestroy from cakeinit bsc1227471. CVE-2023-52752: smb:...

SUSE CVE-2021-47603

In the Linux kernel, the following vulnerability has been resolved: audit: improve robustness of the audit queue handling If the audit daemon were ever to get stuck in a stopped state the kernel's kauditdthread could get blocked attempting to send audit records to the userspace audit daemon. With...

CVE-2021-47603 audit: improve robustness of the audit queue handling

In the Linux kernel, the following vulnerability has been resolved: audit: improve robustness of the audit queue handling If the audit daemon were ever to get stuck in a stopped state the kernel's kauditdthread could get blocked attempting to send audit records to the userspace audit daemon. With...

DEBIAN-CVE-2024-27398

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix use-after-free bugs caused by scosocktimeout When the sco connection is established and then, the sco socket is releasing, timeoutwork will be scheduled to judge whether the sco disconnection is timeout. The sock...

SUSE CVE-2024-27398

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix use-after-free bugs caused by scosocktimeout When the sco connection is established and then, the sco socket is releasing, timeoutwork will be scheduled to judge whether the sco disconnection is timeout. The sock...

SUSE CVE-2015-5262

http/conn/ssl/SSLConnectionSocketFactory.java in Apache HttpComponents HttpClient before 4.3.6 ignores the http.socket.timeout configuration setting during an SSL handshake, which allows remote attackers to cause a denial of service HTTPS call hang via unspecified vectors...

SUSE-SU-2019:0391-1 Security update for python-PyKMIP

This update for python-PyKMIP fixes the following issues: Security issue fixed: - CVE-2018-1000872: Fixed a denial-of-service vulnerability which was caused by exhausting the available sockets. To mitigate the issue server socket timeout was decreased bsc1120767...

Denial Of Service (DoS)

pykmip is vulnerable to denial of service DoS attacks. The vulnerability exists due to the lack of socket timeout, making it possible for DoS attacks to be performed...

GHSA-FMJ5-WV96-R2CH Denial of service vulnerability in org.apache.httpcomponents:httpclient

http/conn/ssl/SSLConnectionSocketFactory.java in Apache HttpComponents HttpClient before 4.3.6 ignores the http.socket.timeout configuration setting during an SSL handshake, which allows remote attackers to cause a denial of service HTTPS call hang via unspecified vectors...

GHSA-RC8H-3FV6-PXV8 Denial of Service in hapi

Versions of hapi prior to 11.1.3 are affected by a denial of service vulnerability. The vulnerability is triggered when certain input is passed into the If-Modified-Since or Last-Modified headers. This causes an 'illegal access' exception to be raised, and instead of sending a HTTP 500 error back...

Could not sign CSR Caused by: java.net.SocketTimeoutException: connect timed out

After configuring Client Certificate Authentication for XMS but you do not see a Client Certificate Request on the Issuing Server 2016-06-27T13:01:11.409+0000 | | ERROR | http-nio-10080-exec-1 | EWSession | Exception on certificate issuer com.zenprise.zdm.pki.spi.IssuingServiceException: Could no...

Multiple CCTV-DVR Vendors - Remote Code Execution

!/usr/bin/python Blog post: http://www.kerneronsec.com/2016/02/remote-code-execution-in-cctv-dvrs-of.html ''' Vendors List Ademco ATS Alarmes technolgy and ststems Area1Protection Avio Black Hawk Security Capture China security systems Cocktail Service Cpsecured CP PLUS Digital Eye'z no website...

Mageia: Security Advisory (MGASA-2015-0392)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Apache Commons Component HttpClient HTTPS Timeout Denial of Service Vulnerability

Apache Commons contains a lot of open source tools , used to solve the usual programming often encountered problems , reduce duplication of effort . Apache Commons Components HttpClient fails to properly enforce the 'http.socket.timeout' configuration file, allowing remote attackers to exploit a...

MGASA-2015-0392 Updated jakarta-commons-httpclient and httpcomponents-client packages fixes security vulnerability

The Apache httpclient library had a bug where the socket timeout was ignored during the SSL handshake, causing threads in an application to hang CVE-2015-5262...

UBUNTU-CVE-2015-5262

http/conn/ssl/SSLConnectionSocketFactory.java in Apache HttpComponents HttpClient before 4.3.6 ignores the http.socket.timeout configuration setting during an SSL handshake, which allows remote attackers to cause a denial of service HTTPS call hang via unspecified vectors...