Ubuntu 23.10 : Linux kernel (GCP) vulnerabilities (USN-6537-1)

The remote Ubuntu 23.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6537-1 advisory. Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged...

Ubuntu 16.04 ESM : Linux kernel vulnerabilities (USN-6532-1)

The remote Ubuntu 16.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6532-1 advisory. Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker...

Ubuntu 22.04 LTS / 23.04 : Linux kernel vulnerabilities (USN-6502-4)

The remote Ubuntu 22.04 LTS / 23.04 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6502-4 advisory. Ivan D Barrera, Christopher Bednarz, Mustafa Ismail, and Shiraz Saleem discovered that the InfiniBand RDMA driver in the Linux kernel did not...

Ubuntu 23.04 : Linux kernel (Oracle) vulnerabilities (USN-6502-2)

The remote Ubuntu 23.04 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6502-2 advisory. Ivan D Barrera, Christopher Bednarz, Mustafa Ismail, and Shiraz Saleem discovered that the InfiniBand RDMA driver in the Linux kernel did not properly check...

Slackware Linux 15.0 kernel-generic Multiple Vulnerabilities (SSA:2023-325-01)

The version of kernel-generic installed on the remote host is prior to 5.15.139 / 5.15.139smp. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2023-325-01 advisory. New kernel packages are available for Slackware 15.0 to fix security issues. Tenable has extracted t...

Ubuntu 22.04 LTS / 23.04 : Linux kernel vulnerabilities (USN-6502-1)

The remote Ubuntu 22.04 LTS / 23.04 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6502-1 advisory. Ivan D Barrera, Christopher Bednarz, Mustafa Ismail, and Shiraz Saleem discovered that the InfiniBand RDMA driver in the Linux kernel did not...

Ubuntu 22.04 LTS / 23.10 : Linux kernel vulnerabilities (USN-6503-1)

The remote Ubuntu 22.04 LTS / 23.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6503-1 advisory. Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local...

Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-6496-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6496-1 advisory. Ivan D Barrera, Christopher Bednarz, Mustafa Ismail, and Shiraz Saleem discovered that the InfiniBand RDMA driver in the Linux kernel did not...

SUSE SLES15 Security Update : kernel (SUSE-SU-2023:4377-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4377-1 advisory. - Incorrect verifier pruning in BPF in Linux Kernel =5.4 leads to unsafe code paths being incorrectly marked as safe, resulting in...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2023:4375-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4375-1 advisory. - Incorrect verifier pruning in BPF in Linux Kernel =5.4 leads to unsafe code paths being...

Rocky Linux 9 : libtiff (RLSA-2023:0302)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:0302 advisory. - Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtif...

SUSE: Security Advisory (SUSE-SU-2023:4346-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES12 Security Update : kernel (SUSE-SU-2023:4346-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4346-1 advisory. - An issue was discovered in drivers/mtd/ubi/cdev.c in the Linux kernel 6.2. There is a divide-by-zero error in...

SUSE-SU-2023:4345-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2023-3777: Fixed a use-after-free vulnerability in netfilter: nftables component can be exploited to achieve local privilege escalation. bsc1215095 -...

Ubuntu 16.04 ESM : libjpeg9 vulnerabilities (USN-5336-1)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5336-1 advisory. Aladdin Mubaied discovered that the cjpeg utility in libjpeg9 did not properly validate the input image's size. An attacker could possibly use this issue...

Ubuntu 16.04 ESM / 18.04 ESM : OpenCV vulnerabilities (USN-4818-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4818-1 advisory. It was discovered that OpenCV did not properly manage certain objects, leading to a divide-by-zero. If a user were tricked into loading a...

Oracle Linux 8 : Unbreakable Enterprise kernel-container (ELSA-2023-12911)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-12911 advisory. - x86: KVM: SVM: always update the x2avic msr interception Maxim Levitsky Orabug: 35857366 CVE-2023-5090 - netfilter: ipset: add the missing...

Fedora 38 : xen (2023-4125279976)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-4125279976 advisory. arm32: The cache may not be properly cleaned/invalidated XSA-437, CVE-2023-34321 top-level shadow reference dropped too early for 64-bit PV guests...

SUSE SLES15 Security Update : xen (SUSE-SU-2023:3895-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3895-1 advisory. - Information exposure through microarchitectural state after transient execution in certain vector execution units for some IntelR...

Ubuntu 22.04 LTS : Linux kernel (Raspberry Pi) vulnerabilities (USN-6386-2)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6386-2 advisory. Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from divisio...