Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2024-2017)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2024-2016)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 2.12.1 : qemu (EulerOS-SA-2024-2017)

According to the versions of the qemu package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : QEMU before 8.2.0 has an integer underflow, and resultant buffer overflow, via a TI command when an expected non-DMA transfer length i...

EulerOS Virtualization 2.12.0 : qemu (EulerOS-SA-2024-2016)

According to the versions of the qemu package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : QEMU before 8.2.0 has an integer underflow, and resultant buffer overflow, via a TI command when an expected non-DMA transfer length i...

Moderate: Red Hat Security Advisory: OpenShift Virtualization 4.15.3 Images security update

Red Hat OpenShift Virtualization release 4.15.3 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which giv...

SUSE CVE-2022-48793

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: nSVM: fix potential NULL derefernce on nested migration Turns out that due to review feedback and/or rebases I accidentally moved the call to nestedsvmloadcr3 to be too early, before the NPT is enabled, which is very...

SUSE CVE-2022-48825

In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Add stagwork to all the vports Call trace seen when creating NPIV ports, only 32 out of 64 show online. stag work was not initialized for vport, hence initialize the stag work. WARNING: CPU: 8 PID: 645 at...

EulerOS Virtualization 2.10.1 : unbound (EulerOS-SA-2024-2012)

According to the versions of the unbound packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : The Closest Encloser Proof aspect of the DNS protocol in RFC 5155 when RFC 9276 guidance is skipped allows remote attackers to cau...

EulerOS Virtualization 2.10.1 : libxml2 (EulerOS-SA-2024-2005)

According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation...

EulerOS Virtualization 2.10.1 : openssl (EulerOS-SA-2024-2007)

According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Issue summary: Processing a maliciously formatted PKCS12 file may lead OpenSSL to crash leading to a potential Denial of Service...

EulerOS Virtualization 2.10.0 : python-cryptography (EulerOS-SA-2024-1990)

According to the versions of the python-cryptography package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : python-cryptography 3.2 is vulnerable to Bleichenbacher timing attacks in the RSA decryption API, via timed processing ...

EulerOS Virtualization 2.10.1 : python-pillow (EulerOS-SA-2024-2009)

According to the versions of the python-pillow package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code Execution via the environment parameter, a different...

EulerOS Virtualization 2.10.1 : libvirt (EulerOS-SA-2024-2015)

According to the versions of the libvirt package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in the RPC library APIs of libvirt. The RPC server deserialization code allocates memory for arrays before the...

EulerOS Virtualization 2.10.1 : python-cryptography (EulerOS-SA-2024-2008)

According to the versions of the python-cryptography package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : python-cryptography 3.2 is vulnerable to Bleichenbacher timing attacks in the RSA decryption API, via timed processing ...

EulerOS Virtualization 2.10.0 : libuv (EulerOS-SA-2024-1986)

According to the versions of the libuv package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : libuv is a multi-platform support library with a focus on asynchronous I/O. The uvgetaddrinfo function in src/unix/getaddrinfo.c and...

EulerOS Virtualization 2.10.1 : util-linux (EulerOS-SA-2024-2013)

According to the versions of the util-linux packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users...

EulerOS Virtualization 2.10.1 : libtiff (EulerOS-SA-2024-2003)

According to the versions of the libtiff package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : libtiff 4.5.0 is vulnerable to Buffer Overflow in uvencode when libtiff reads a corrupted little-endian TIFF file and specifies the...

EulerOS Virtualization 2.10.1 : python-pycryptodome (EulerOS-SA-2024-2010)

According to the versions of the python-pycryptodome package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : PyCryptodome and pycryptodomex before 3.19.1 allow side-channel leakage for OAEP decryption, exploitable for a Manger...

EulerOS Virtualization 2.10.0 : python-pycryptodome (EulerOS-SA-2024-1992)

According to the versions of the python-pycryptodome package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : PyCryptodome and pycryptodomex before 3.19.1 allow side-channel leakage for OAEP decryption, exploitable for a Manger...

EulerOS Virtualization 2.10.0 : util-linux (EulerOS-SA-2024-1995)

According to the versions of the util-linux packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users...