4 matches found
RHEL 8 : swtpm (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - swtpm: symlink issue may lead to privilege escalation CVE-2020-28407 - swtpm: Unchecked header size...
RHEL 8 : virt:rhel and virt-devel:rhel (RHSA-2022:7472)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:7472 advisory. Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contai...
CentOS 8 : virt:rhel and virt-devel:rhel (CESA-2022:7472)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2022:7472 advisory. - QEMU: fdc: heap buffer overflow in DMA read data transfers CVE-2021-3507 - libvirt: missing locking in nwfilterConnectNumOfNWFilters can lead to deni...
swtpm: Unchecked header size indicator against expected size
An out-of-bounds read vulnerability was found in swtpm. The vulnerability exists due to a boundary condition when the byte array representing the state of the TPM is accessed. This flaw allows an attacker to send a specially crafted header, triggering an out-of-bounds read access on the byte arra...