AZL-13203 CVE-2022-3736 affecting package bind for versions less than 9.16.37-2

BIND 9 resolver can crash when stale cache and stale answers are enabled, option stale-answer-client-timeout is set to a positive integer, and the resolver receives an RRSIG query. This issue affects BIND 9 versions 9.16.12 through 9.16.36, 9.18.0 through 9.18.10, 9.19.0 through 9.19.8, and...

ISC BIND 9.16.12 < 9.16.37 / 9.16.12-S1 < 9.16.37-S1 / 9.18.0 < 9.18.11 / 9.19.0 < 9.19.9 Vulnerability (cve-2022-3736)

The version of ISC BIND installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the cve-2022-3736 advisory. - BIND 9 resolver can crash when stale cache and stale answers are enabled, option stale-answer-client- timeout is set to a...

CVE-2022-3924

CVE-2022-3924 is a vulnerability in ISC BIND where stale-answer-client-timeout (enabled with a positive value) can cause a race between returning a stale answer and an early SERVFAIL, potentially triggering an assertion failure and DoS. Affected are BIND 9.16.12–9.16.36, 9.18.0–9.18.10, 9.19.0–9....

CVE-2022-3924

This issue can affect BIND 9 resolvers with stale-answer-enable yes; that also make use of the option stale-answer-client-timeout, configured with a value greater than zero. If the resolver receives many queries that require recursion, there will be a corresponding increase in the number of clien...

ISC BIND 安全漏洞

ISC BIND is a suite of open source software that implements the DNS protocol from the American company ISC. A security vulnerability exists in BIND versions 9.16.0 through 9.16.36, 9.18.0 through 9.18.10, and 9.19.0 through 9.19.8, which arises from the fact that when stale caching and stale...

UBUNTU-CVE-2022-3736

BIND 9 resolver can crash when stale cache and stale answers are enabled, option stale-answer-client-timeout is set to a positive integer, and the resolver receives an RRSIG query. This issue affects BIND 9 versions 9.16.12 through 9.16.36, 9.18.0 through 9.18.10, 9.19.0 through 9.19.8, and...

UBUNTU-CVE-2022-3924

This issue can affect BIND 9 resolvers with stale-answer-enable yes; that also make use of the option stale-answer-client-timeout, configured with a value greater than zero. If the resolver receives many queries that require recursion, there will be a corresponding increase in the number of clien...

Regular Expression Denial of Service (ReDoS)

Overview activesupport is a toolkit of support libraries and Ruby core extensions extracted from the Rails framework. Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS in the underscore function in inflector/methods.rb. This affects Stringunderscore,...

IPS Job failed at step WaitForExportImage with the error: A request made by the job has timed out.

An Image Portability Service IPS prepare and publish job fails without any obvious error failure The PoSH output has this message in it "Job failed at step WaitForPrepareImage with the error: A request made by the job has timed out."...

GSD-2023-1000589 blk-mq: avoid double ->queue_rq() because of early timeout

blk-mq: avoid double -queuerq because of early timeout This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.16 by commit...

GSD-2023-1000527 scsi: ufs: Reduce the START STOP UNIT timeout

scsi: ufs: Reduce the START STOP UNIT timeout This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.16 by commit...

Kibana < 7.12.0 Timeout Bypass

According to its self-reported version number, the Kibana application running on the remote host is prior to 7.12.0. It is, therefore, affected by : - Timeout Bypass due to xpack.security.session.idleTimeout setting is not being respected CVE-2021-22136 Note that the scanner has not tested for...

CVE-2022-46399

The Microchip RN4870 module firmware 1.43 and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112 is unresponsive with ConReqTimeoutZero...

CVE-2022-45873

A flaw was found in the systemd-coredump utility of systemd. When an application crashes, the systemd-coredump utility is called twice, once by the kernel and the second time in the [email protected] to write the data, process, and save the core file. Communication between the programs is...

DEBIAN-CVE-2022-41952

Synapse before 1.52.0 with URL preview functionality enabled will attempt to generate URL previews for media stream URLs without properly limiting connection time. Connections will only be terminated after maxspidersize default: 10M bytes have been downloaded, which can in some cases lead to...

CVE-2022-41952

Synapse before 1.52.0 with URL preview functionality enabled will attempt to generate URL previews for media stream URLs without properly limiting connection time. Connections will only be terminated after maxspidersize default: 10M bytes have been downloaded, which can in some cases lead to...

Low: Red Hat Security Advisory: podman security, bug fix, and enhancement update

An update for podman is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

kernel: ath11k: Fix frames flush failure caused by deadlock

In the Linux kernel, the following vulnerability has been resolved: ath11k: Fix frames flush failure caused by deadlock We are seeing below warnings: kernel: 25393.301506 ath11kpci 0000:01:00.0: failed to flush mgmt transmit queue 0 kernel: 25398.421509 ath11kpci 0000:01:00.0: failed to flush mgm...

kernel: block: null_blk: end timed out poll request

In the Linux kernel, the following vulnerability has been resolved: block: nullblk: end timed out poll request When poll request is timed out, it is removed from the poll list, but not completed, so the request is leaked, and never get chance to complete. Fix the issue by ending it in timeout...

python39:3.9 and python39-devel:3.9 security update

Cython 0.29.21-5 - Convert from Fedora to the python39 module in RHEL8 - Resolves: rhbz1877430 0.29.21-4 - Drop build dependency on coverage 0.29.21-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora33MassRebuild 0.29.21-2 - Re-enable tests. 0.29.21-1 - 0.29.21 scipy 1.5.4-3 - Specify LDFLAGS...