EulerOS Virtualization 2.12.1 : httpd (EulerOS-SA-2024-2751)

According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Encoding problem in modproxy in Apache HTTP Server 2.4.59 and earlier allows request URLs with incorrect encoding to be sent to...

EulerOS Virtualization 2.12.1 : python-dns (EulerOS-SA-2024-2758)

According to the versions of the python-dns package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : eventlet before 0.35.2, as used in dnspython before 2.6.0, allows remote attackers to interfere with DNS name resolution by...

EulerOS Virtualization 2.12.1 : python-urllib3 (EulerOS-SA-2024-2761)

According to the versions of the python-urllib3 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with ProxyManager, the...

EulerOS Virtualization 2.12.1 : openssl (EulerOS-SA-2024-2757)

According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Issue summary: Calling the OpenSSL API function SSLselectnextproto with an empty supported client protocols buffer may cause a cra...

EulerOS Virtualization 2.12.1 : qemu (EulerOS-SA-2024-2764)

According to the versions of the qemu package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A heap based buffer overflow was found in the SDHCI device emulation of QEMU. The bug is triggered when both s-datacount and the size ...

EulerOS Virtualization 2.12.0 : python-dns (EulerOS-SA-2024-2776)

According to the versions of the python-dns package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : eventlet before 0.35.2, as used in dnspython before 2.6.0, allows remote attackers to interfere with DNS name resolution by...

EulerOS Virtualization 2.12.0 : python-pip (EulerOS-SA-2024-2778)

According to the versions of the python-pip packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : urllib3 is a user-friendly HTTP client library for Python. urllib3 previously wouldn't remove the HTTP request body when an HTT...

EulerOS Virtualization 2.12.0 : libarchive (EulerOS-SA-2024-2771)

According to the versions of the libarchive package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Windows Libarchive Remote Code Execution VulnerabilityCVE-2024-20696 Tenable has extracted the preceding description block...

EulerOS Virtualization 2.12.1 : krb5 (EulerOS-SA-2024-2752)

According to the versions of the krb5 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : In MIT Kerberos 5 aka krb5 before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending...

EulerOS Virtualization 2.12.0 : libxml2 (EulerOS-SA-2024-2773)

According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : An issue was discovered in xmllint from libxml2 before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint...

EulerOS Virtualization 2.12.0 : openssh (EulerOS-SA-2024-2774)

According to the versions of the openssh packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A race condition vulnerability was discovered in how signals are handled by OpenSSH's server sshd. If a remote attacker does not...

EulerOS Virtualization 2.12.0 : krb5 (EulerOS-SA-2024-2770)

According to the versions of the krb5 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : In MIT Kerberos 5 aka krb5 before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending...

EulerOS Virtualization 2.12.1 : bind (EulerOS-SA-2024-2747)

According to the versions of the bind packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Resolver caches and authoritative zone databases that hold significant numbers of RRs for the same hostname of any RTYPE can suffer...

EulerOS Virtualization 2.12.1 : emacs (EulerOS-SA-2024-2749)

According to the versions of the emacs package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : In Emacs before 29.4, org-link-expand-abbrev in lisp/ol.el expands a %... link abbrev even when it specifies an unsafe function, such...

PT-2024-35643

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.74 Description The issue is related to the KVM UAPI in the Linux kernel, where returning an abort to the guest for an unsupported MMIO access can cause a warning. This warning occurs when KVM is advancing PC...

The vulnerability of the kvm_spapr_tce_attach_iommu_group() function in the KVM virtualization subsystem of the Linux operating system on the PowerPC platform allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the kvmspaprtceattachiommugroup function in the arch/powerpc/kvm/book3s64vio.c file, a part of the Kernel-Based Virtual Machine KVM virtualization subsystem of the Linux operating system on the PowerPC platform, relates to the reutilization of previously released memory...

After Upgrade Veeam Backup for Oracle Linux Virtualization Manager and Red Hat Virtualization Appliance Is Listed as Unavailable

Challenge After the upgrade of Veeam Backup & Replication to version 12.2 and subsequent upgrade of Veeam Backup for Oracle Linux Virtualization Manager and Red Hat Virtualization to version 5, the Appliance is listed as Unavailable in the Veeam Backup & Replication Console. When this occurs,...

Security Bulletin: IBM Watson Query (Data Virtualization) does not govern all of the columns of a published object

Summary IBM Watson Query Data Virtualization on Cloud Pak for Data integrates with IBM Knowledge Catalog IKC - formerly Watson Knowledge Catalog WKC - to enforce data protection rules on governed objects. When you publish objects from Watson Query to catalogs or projects, only the first n where...

AZL-50667 CVE-2024-47744 affecting package kernel for versions less than 6.6.56.1-5

In the Linux kernel, the following vulnerability has been resolved: KVM: Use dedicated mutex to protect kvmusagecount to avoid deadlock Use a dedicated mutex to guard kvmusagecount to fix a potential deadlock on x86 due to a chain of locks and SRCU synchronizations. Translating the below lockdep...

DEBIAN-CVE-2024-47744

In the Linux kernel, the following vulnerability has been resolved: KVM: Use dedicated mutex to protect kvmusagecount to avoid deadlock Use a dedicated mutex to guard kvmusagecount to fix a potential deadlock on x86 due to a chain of locks and SRCU synchronizations. Translating the below lockdep...