Questions tagged [vulnerability]
Security vulnerabilities are bugs (usually in software) that allow abuse of a program or system.
65
questions
6
votes
1
answer
485
views
How can I confirm for sure that a CVE has been mitigated on a RHEL system?
I have this problem, I'm trying to see if a group of servers are vulnerable to the CVE CVE-2024-1086 so what I do in the server is rpm -qa --changelog kernel | grep 2024-1086, and I get this as output:...
- 3,181
6
votes
2
answers
13k
views
How do you mitigate the Terrapin SSH attack?
The Terrapin Attack on SSH details a "prefix truncation attack targeting the SSH protocol. More precisely, Terrapin breaks the integrity of SSH's secure channel. By carefully adjusting the ...
- 495
2
votes
1
answer
2k
views
Are all Debian 11 systems automatically vulnerable to CVE-2023-38408?
I really really hope I'm wrong here, but it seems that Debian 11 has a vulnerable version of OpenSSH.
My OpenSSH banner reports my OpenSSH version is:
8.4p1 Debian 5+deb11u1
I checked with sshd and it ...
- 1,306
0
votes
0
answers
141
views
Cannot change or remove a file as root
This is driving me nuts... There's a lot of info over the place and I've spent quite some hours already without any success. A customer of mine haves a website compromised with some japanese SEO spam (...
- 101
22
votes
3
answers
2k
views
rsync the file `a`b
Yeah, I know what you are thinking: "Who on earth names their file `a`b?"
But let us assume you do have a file called `a`b (possibly made by a crazy Mac user - obviously not by you), and you ...
- 35.8k
0
votes
1
answer
283
views
Is there any advantage to staying on very old linux kernels?
When I visit https://www.kernel.org/ I see a variety of kernel versions. At the time of writing there is one mainline, two stables, and a whopping six longterms. The oldest is 4.9. Is there a reason ...
- 1
0
votes
1
answer
130
views
Do we have any command to get security update for ubuntu?
In Redhat/CentOS/OL there is direct command yum updateinfo list sec or yum updateinfo list cve to get security update from the repo, am searching the same for ubuntu as well. do we have any command ...
2
votes
1
answer
836
views
Which 32-bit features are still vulnerable to "Retbleed" in the Linux kernel?
I'm updating my kernel to protect my system against the "Retbleed" exploit, and I know that affected 32-bit things haven't received the necessary mitigations. I'm wondering which 32-bit ...
- 318
-4
votes
1
answer
3k
views
Step by step Red Hat Update for OpenSSL [closed]
How to update
Red Hat Update for Open Secure Sockets Layer (OpenSSL) (RHSA-2022:1066)
Red Hat Update for java-11-openjdk security (RHSA-2022:1440)
Please guide me step by step, because I have no ...
0
votes
2
answers
328
views
How to fix CVE-2018-364 vulnerability
I have found a log in my /log/messages showing a CVE-2018-3646 error with the following link, (https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html). I have accessed the mentioned file-...
- 1
0
votes
0
answers
81
views
Clarification regarding CVE-2020-25717
We use CentOS 7 and have only samba-client in our deployment.
(We do not have samba server in our deployment.)
Does the CVE-2020-25717 affect our deployment?
- 101
-1
votes
1
answer
958
views
Which Linux distribution is the latest openVAS available on?
It has been removed from the latest Alpine and their solution is to downgrade your system from 3.11 to 3.10.
It's no longer available on Debian, their solution is to build it from source.
Is there any ...
- 1
0
votes
0
answers
196
views
Is it really true that no RedHat fix exists for this High/Important 3-month old glib issue?
Short version
Red Hat Customer Portal lists CVE-2021-27219 as having a 9.8 out of 10 RedHat CVSS score, that it was published February 4, 2021, more than 3 months ago and that it affects RHEL 8, the ...
- 645
4
votes
2
answers
767
views
Heap-based buffer overflow in Sudo vulnerability - sudo version impacted?
I have some servers running Ubuntu 18.04.5 LTS
In last update of sudo package I can see that sudo:amd64 1.8.21p2-3ubuntu1.4 has been installed on 26/01/2021 (the same day that Heap-based buffer ...
- 1,713
0
votes
1
answer
2k
views
How to patch sudo vulnerabilities on debian leading to a local privilege escalation CVE-2021-23239 and CVE-2021-3156 (aka Baron Samedit)?
On Linux Mint 20.1 Ulyssa, I have received a security update to patch tow security flaws leading to a local privilege escalation without password for all unpatched sudo version before 1.9.5 version ...
- 67.5k