kernel: ath11k: Fix frames flush failure caused by deadlock

In the Linux kernel, the following vulnerability has been resolved: ath11k: Fix frames flush failure caused by deadlock We are seeing below warnings: kernel: 25393.301506 ath11kpci 0000:01:00.0: failed to flush mgmt transmit queue 0 kernel: 25398.421509 ath11kpci 0000:01:00.0: failed to flush mgm...

November 8, 2022-Security Only Update for .NET Framework 4.6.2 for Windows Server 2008 SP2 (KB5020681)

November 8, 2022-Security Only Update for .NET Framework 4.6.2 for Windows Server 2008 SP2 KB5020681 Applies to: Microsoft .NET Framework 4.6.2 REMINDER Windows 7, Windows Server 2008 R2, Windows Embedded Standard 7, and Windows Embedded POS Ready 7 have reached the end of mainstream support and...

ALSA-2022:7822 Low: container-tools:rhel8 security, bug fix, and enhancement update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: podman: possible information disclosure and modification CVE-2022-2989 buildah: possible information disclosure and modification CVE-2022-2990 For more details about t...

Low: container-tools:rhel8 security, bug fix, and enhancement update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: podman: possible information disclosure and modification CVE-2022-2989 buildah: possible information disclosure and modification CVE-2022-2990 For more details about t...

Libtirpc: Denial of Service

Background Libtirpc is a port of Sun's Transport-Independent RPC library to Linux. Description Currently svcrun does not handle poll timeout and rendezvousrequest does not handle EMFILE error returned from accept2 as it used to. These two missing functionality were removed by commit b2c9430f46c4...

GO-2022-1071 Denial of service in flux controllers in github.com/fluxcd modules

Flux controllers are vulnerable to a denial of service attack. Users that have permissions to change Flux's objects, either through a Flux source or directly within a cluster, can provide invalid data to fields .spec.interval or .spec.timeout and structured variations of these fields, causing the...

container-tools:rhel8 bug fix and enhancement update

An update is available for fuse-overlayfs, container-selinux, udica, containers-common, runc, toolbox, podman, conmon, skopeo, crun, libslirp, oci-seccomp-bpf-hook, python-podman, slirp4netns, containernetworking-plugins, buildah, criu, cockpit-podman. This update affects Rocky Linux 8. A Common...

sos bug fix and enhancement update

An update is available for sos. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The sos package contains a set of utilities that gather information from system...

Insecure Session Management

rdiffweb is vulnerable to insecure session management. The vulnerability exists because user sessions are not properly defined with session persistent timeout which allows an attacker to access the active sessions of other users and perform unauthorized actions...

PT-2022-24860 · Flux · Flux

Name of the Vulnerable Software and Affected Versions: Flux versions prior to 0.35.0 Description: The issue concerns a Denial of Service in Flux, an open and extensible continuous delivery solution for Kubernetes. Users with permissions to change Flux's objects can provide invalid data to fields...

The vulnerability of the DNS BIND server, related to insufficient validation of input data, allows attackers to execute DoS attacks.

The vulnerability of the DNS BIND server is related to insufficient validation of input data when processing the stale-answer-client-timeout parameter with a default value of 0, and the use of the CNAME record type in the cache for incoming requests. Exploiting this vulnerability allows an attack...

bind: BIND 9 resolvers configured to answer from cache with zero stale-answer-timeout may terminate unexpectedly

A flaw was found in the Bind package, where the resolver can crash when stale cache and stale answers are enabled, option stale-answer-client-timeout is set to 0 and there is a stale CNAME in the cache for an incoming query. By sending specific queries to the resolver, an attacker can cause named...

bind: BIND 9 resolvers configured to answer from cache with zero stale-answer-timeout may terminate unexpectedly

A flaw was found in the Bind package, where the resolver can crash when stale cache and stale answers are enabled, option stale-answer-client-timeout is set to 0 and there is a stale CNAME in the cache for an incoming query. By sending specific queries to the resolver, an attacker can cause named...

CVE-2022-40279

An issue was discovered in Samsung TizenRT through 3.0GBM and 3.1PRE. l2packetreceivetimeout in wpasupplicant/src/l2packet/l2packetpcap.c has a missing check on the return value of pcapdispatch, leading to a denial of service malfunction...

ROS-20220929-01

BIND DNS server vulnerability is related to boundary conditions when reusing HTTP connection when requesting statistics from a statistics channel. Exploitation of the vulnerability could allow an attacker, acting remotely, using a managed DNS server to cause a read error outside the boundary...

Security Bulletin: IBM Sterling Connect:Direct Browser user interface has multiple vulnerabilities (CVE-2013-0527 and CVE-2013-0529)

Abstract IBM Sterling Connect:Direct Browser is vulnerable to two information disclosure attacks. Content VULNERABILITY DETAILS: CVE ID : CVE-2013-0527 DESCRIPTION: IBM Sterling Connect:Direct Browser is vulnerable to unauthorized information disclosure as a result of C:D Browser pages being left...

BIND 9 resolvers configured to answer from stale cache with zero stale-answer-client-timeout may terminate unexpectedly

...

Denial Of Service (DoS)

libbind9.so is vulnerable to denial of service. The vulnerability exists in multiple functions in query.c due to serve-stale-client-timeout which allows an attacker to cause an application crash by sending specific queries to the resolver...

ISC BIND 注入漏洞

ISC BIND is a suite of open source software that implements the DNS protocol from the US company ISC. A security vulnerability exists in ISC BIND versions prior to 9.16.33, 9.18.x prior to 9.18.7, and 9.19.x prior to 9.19.5, which stems from the fact that when stale caching and stale answers are...

Virtuozzo Hybrid Infrastructure 5.2 Update 1 (5.2.1-57)

This update provides full support for Authorization Code Flow, as well as bug fixes and improvements. Vulnerability id: VSTOR-57337 It is impossible to set the disk role to "Unassigned" while joining a node to the cluster. Vulnerability id: VSTOR-57187 Unable to add an iSCSI target with multiple...