CVE-2024-26974

A race condition was found in drivers/crypto/intel/qat/qatcommon/adfaer.c in the Linux kernel during AER recovery...

CVE-2024-26974 crypto: qat - resolve race condition during AER recovery

In the Linux kernel, the following vulnerability has been resolved: crypto: qat - resolve race condition during AER recovery During the PCI AER system's error recovery process, the kernel driver may encounter a race condition with freeing the resetdata structure's memory. If the device restart wi...

SUSE SLES15 Security Update : xen (SUSE-SU-2021:2943-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2943-1 advisory. - Observable response discrepancy in some IntelR Processors may allow an authorized user to potentially enable information disclosu...

openSUSE 15 Security Update : xen (openSUSE-SU-2021:2923-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:2923-1 advisory. - Observable response discrepancy in some IntelR Processors may allow an authorized user to potentially enable information disclosure via...

CVE-2021-28692

inappropriate x86 IOMMU timeout detection / handling IOMMUs process commands issued to them in parallel with the operation of the CPUs issuing such commands. In the current implementation in Xen, asynchronous notification of the completion of such commands is not used. Instead, the issuing CPU...

OracleVM 3.4 : xen (OVMSA-2021-0020)

The remote OracleVM system is missing necessary patches to address security updates: - Observable response discrepancy in some IntelR Processors may allow an authorized user to potentially enable information disclosure via local access. CVE-2021-0089 - Potential speculative code store bypass in a...

Apache Httpd < 2.2.10 : Timeout detection flaw (mod_proxy_http)

An information disclosure flaw was found in modproxyhttp in version 2.2.9 only, on Unix platforms. Under certain timeout conditions, the server could return a response intended for another user. Only those configurations which trigger the use of proxy worker pools are affected. There was no...

CVE-2010-2068

modproxyhttp.c in modproxyhttp in the Apache HTTP Server 2.2.9 through 2.2.15, 2.3.4-alpha, and 2.3.5-alpha on Windows, NetWare, and OS/2, in certain configurations involving proxy worker pools, does not properly detect timeouts, which allows remote attackers to obtain a potentially sensitive...

CVE-2010-2068

CVE-2010-2068 affects Apache HTTP ServerAffected: mod_proxy_http.c in Apache HTTP Server 2.2.9–2.2.15, 2.3.4-alpha, and 2.3.5-alpha on Windows, NetWare, OS/2 in certain proxy worker pool configurations.Root cause: timeout handling in mod_proxy_http did not correctly detect timeouts, allowing a re...

CVE-2010-2068

modproxyhttp.c in modproxyhttp in the Apache HTTP Server 2.2.9 through 2.2.15, 2.3.4-alpha, and 2.3.5-alpha on Windows, NetWare, and OS/2, in certain configurations involving proxy worker pools, does not properly detect timeouts, which allows remote attackers to obtain a potentially sensitive...

[advisory] httpd Timeout detection flaw &#40;mod_proxy_http&#41; CVE-2010-2068

Vulnerability; httpd Timeout detection flaw modproxyhttp CVE-2010-2068 Classification; important Description; A timeout detection flaw in the httpd modproxyhttp module causes proxied response to be sent as the response to a different request, and potentially served to a different client, from the...

Apache Httpd < 2.2.16 : Timeout detection flaw (mod_proxy_http)

An information disclosure flaw was found in modproxyhttp in versions 2.2.9 through 2.2.15, 2.3.4-alpha and 2.3.5-alpha. Under certain timeout conditions, the server could return a response intended for another user. Only Windows, Netware and OS2 operating systems are affected. Only those...

openldap security and bug fix update

2.3.43-12 - updated spec file, so the compat-libs linking patch applies correctly 2.3.43-11 - backported patch to handle null character in TLS certificates 560912 2.3.43-10 - updated chase-referral patch to compile cleanly - updated init script 562714 2.3.43-9 - updated ldap.sysconf to include...