186 matches found
CVE-2024-40954
The CVE-2024-40954 entry concerns a Linux kernel UAF: a dangling sk pointer may be created on socket creation failure when an fentry probe hits __sock_release() and bpf_get_socket_cookie() is invoked, enabling a use-after-free in __sock_gen_cookie. Reproducing scenario described via traceroute -I...
Linux kernel security vulnerabilities
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an issue with the net component using a freed sk pointer when socket creation fails...
DEBIAN-CVE-2024-38566
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix verifier assumptions about socket-sk The verifier assumes that 'sk' field in 'struct socket' is valid and non-NULL when 'socket' pointer itself is trusted and non-NULL. That may not be the case when socket was just creat...
openSUSE: Security Advisory for redis (SUSE-SU-2023:4290-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle Linux 8 : thunderbird (ELSA-2024-0003)
The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-0003 advisory. 115.6.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 115.6.0-1 - Update to 115.6.0 build2 Tenable has...
Oracle Linux 9 : firefox (ELSA-2024-0025)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-0025 advisory. 115.6.0-1.0.1 - Udate to 115.6.0 build1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file Tenable has extracted the...
Mozilla: Use-after-free in PR_GetIdentitiesLayer
The Mozilla Foundation Security Advisory describes this flaw as: A use-after-free condition affected TLS socket creation when under memory pressure...
Mozilla: Use-after-free in PR_GetIdentitiesLayer
The Mozilla Foundation Security Advisory describes this flaw as: A use-after-free condition affected TLS socket creation when under memory pressure...
Mozilla: Use-after-free in PR_GetIdentitiesLayer
The Mozilla Foundation Security Advisory describes this flaw as: A use-after-free condition affected TLS socket creation when under memory pressure...
Mozilla: Use-after-free in PR_GetIdentitiesLayer
The Mozilla Foundation Security Advisory describes this flaw as: A use-after-free condition affected TLS socket creation when under memory pressure...
Mozilla: Use-after-free in PR_GetIdentitiesLayer
The Mozilla Foundation Security Advisory describes this flaw as: A use-after-free condition affected TLS socket creation when under memory pressure...
Ubuntu 20.04 LTS / 22.04 LTS / 23.04 / 23.10 : Thunderbird vulnerabilities (USN-6563-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.04 / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6563-1 advisory. Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a...
RHEL 8 : firefox (RHSA-2024:0023)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:0023 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...
Oracle Linux 7 : firefox (ELSA-2024-0026)
The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-0026 advisory. 115.6.0-1.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs....
RHEL 9 : firefox (RHSA-2024:0025)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0025 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...
CVE-2023-6859
The Mozilla Foundation Security Advisory describes this flaw as: A use-after-free condition affected TLS socket creation when under memory pressure...
UBUNTU-CVE-2023-6859
A use-after-free condition affected TLS socket creation when under memory pressure. This vulnerability affects Firefox ESR 115.6, Thunderbird 115.6, and Firefox 121...
CVE-2023-6859
A use-after-free condition affected TLS socket creation when under memory pressure. This vulnerability affects Firefox ESR 115.6, Thunderbird 115.6, and Firefox 121...
Race condition
A use-after-free condition affected TLS socket creation when under memory pressure. This vulnerability affects Firefox ESR 115.6, Thunderbird 115.6, and Firefox 121...
CVE-2023-6859
A use-after-free condition affected TLS socket creation when under memory pressure. This vulnerability affects Firefox ESR 115.6, Thunderbird 115.6, and Firefox 121...