ALT Linux Team

Package kernel-image-centos update in sisyphus on 2024-01-22

ALT-PU-2024-1317-1

Package kernel-image-centos updated to version 5.14.0.410-alt1.el9 for branch sisyphus in task 338662.

Closed vulnerabilities

Published: 2023-12-04

BDU:2023-08638

Уязвимость функции smbCalcSize() (fs/smb/client/netmisc.c) ядра операционных систем Linux, позволяющая нарушителю раскрыть защищаемую информацию или вызвать отказ в обслуживании

Severity: HIGH (7.1) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
References:
Published: 2021-05-24
Modified: 2024-11-21

CVE-2020-26555

Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B through 5.2 may permit an unauthenticated nearby device to spoof the BD_ADDR of the peer device to complete pairing without knowledge of the PIN.

Severity: MEDIUM (5.4) Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
References:
Published: 2023-12-08
Modified: 2024-11-21

CVE-2023-6606

An out-of-bounds read vulnerability was found in smbCalcSize in fs/smb/client/netmisc.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information.

Severity: HIGH (7.1) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
References:
VKontakte | Telegram | YouTube | Forum | GitHub | Bugzilla
Version: 2.1.0
Back to top