The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2208 advisory.

    FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license.
    The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox.

    Security Fix(es):

    * freerdp: Incorrect offset calculation leading to DOS (CVE-2023-39350)

    * freerdp: Null Pointer Dereference leading DOS in RemoteFX (CVE-2023-39351)

    * freerdp: invalid offset validation leading to Out Of Bound Write (CVE-2023-39352)

    * freerdp: missing offset validation leading to Out-of-Bounds Read in gdi_multi_opaque_rect     (CVE-2023-39356)

    * freerdp: Integer overflow leading to out-of-bound write vulnerability in gdi_CreateSurface     (CVE-2023-40186)

    * freerdp: Out-of-bounds write in clear_decompress_bands_data (CVE-2023-40567)

    * freerdp: Out-of-bounds write in the `progressive_decompress` function due to incorrect calculations     (CVE-2023-40569)

    * freerdp: buffer overflow in ncrush_decompress causes crash with crafted input (CVE-2023-40589)

    * freerdp: missing offset validation leading to Out Of Bound Read (CVE-2023-39353)

    * freerdp: Out-Of-Bounds Read in nsc_rle_decompress_data (CVE-2023-39354)

    * freerdp: integer-Underflow leading to Out-Of-Bound Read in zgfx_decompress_segment (CVE-2023-40181)

    * freerdp: Out-of-bounds read in general_LumaToYUV444 (CVE-2023-40188)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.4 Release Notes     linked from the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:2239 advisory.

    The skopeo command lets you inspect images from container image registries, get images and image layers,     and use signatures to create and verify files.

    Security Fix(es):

    * golang: crypto/tls: Timing Side Channel attack in RSA based TLS key exchanges. (CVE-2023-45287)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.4 Release Notes     linked from the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:2278 advisory.

    The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.

    Security Fix(es):

    * httpd: mod_macro: out-of-bounds read vulnerability (CVE-2023-31122)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.4 Release Notes     linked from the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2528 advisory.

    GLib provides the core application building blocks for libraries and applications written in C. It     provides the core object system used in GNOME, the main loop implementation, and a large set of utility     functions for strings and common data structures.

    Security Fix(es):

    * glib: GVariant offset table entry size is not checked in is_normal() (CVE-2023-29499)

    * glib: g_variant_byteswap() can take a long time with some non-normal inputs (CVE-2023-32611)

    * glib: Timeout in fuzz_variant_text (CVE-2023-32636)

    * glib: GVariant deserialisation does not match spec for non-normal data (CVE-2023-32665)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.4 Release Notes     linked from the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2264 advisory.

    EDK (Embedded Development Kit) is a project to enable UEFI support for Virtual Machines. This package     contains a sample 64-bit UEFI firmware for QEMU and KVM.

    Security Fix(es):

    * edk2: Buffer overflow when handling Server ID option from a DHCPv6 proxy Advertise message     (CVE-2023-45235)

    * EDK2: heap buffer overflow in Tcg2MeasureGptTable() (CVE-2022-36763)

    * EDK2: heap buffer overflow in Tcg2MeasurePeImage() (CVE-2022-36764)

    * edk2: Integer underflow when processing IA_NA/IA_TA options in a DHCPv6 Advertise message     (CVE-2023-45229)

    * edk2: Out of Bounds read when handling a ND Redirect message with truncated options (CVE-2023-45231)

    * edk2: Infinite loop when parsing unknown options in the Destination Options header (CVE-2023-45232)

    * edk2: Infinite loop when parsing a PadN option in the Destination Options header (CVE-2023-45233)

    * openssl: Excessive time spent checking DH keys and parameters (CVE-2023-3446)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.4 Release Notes     linked from the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2447 advisory.

    OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS)     protocols, as well as a full-strength general-purpose cryptography library.

    Security Fix(es):

    * openssl: AES-SIV cipher implementation contains a bug that causes it to ignore empty associated data     entries (CVE-2023-2975)

    * openssl: Excessive time spent checking DH keys and parameters (CVE-2023-3446)

    * OpenSSL: Excessive time spent checking DH q parameter value (CVE-2023-3817)

    * openssl: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or     parameters may be very slow (CVE-2023-5678)

    * openssl: POLY1305 MAC implementation corrupts vector registers on PowerPC (CVE-2023-6129)

    * openssl: Excessive time spent checking invalid RSA public keys (CVE-2023-6237)

    * openssl: denial of service via null dereference (CVE-2024-0727)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.4 Release Notes     linked from the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2217 advisory.

    The motif packages include the Motif shared libraries needed to run applications which are dynamically     linked against Motif, as well as MWM, the Motif Window Manager.

    Security Fix(es):

    * libXpm: out of bounds read in XpmCreateXpmImageFromBuffer() (CVE-2023-43788)

    * libXpm: out of bounds read on XPM with corrupted colormap (CVE-2023-43789)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.4 Release Notes     linked from the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2160 advisory.

    Toolbox is a tool for Linux operating systems, which allows the use of containerized command line     environments. It is built on top of Podman and other standard container technologies from OCI.

    Security Fix(es):

    * golang: html/template: improper handling of HTML-like comments within script contexts (CVE-2023-39318)

    * golang: html/template: improper handling of special tags within script contexts (CVE-2023-39319)

    * golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests     (CVE-2023-39326)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.4 Release Notes     linked from the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:2147 advisory.

    Red Hat Identity Management (IdM) is a centralized authentication, identity management, and authorization     solution for both traditional and cloud-based enterprise environments.

    Security Fix(es):

    * freeipa: specially crafted HTTP requests potentially lead to denial of service (CVE-2024-1481)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.4 Release Notes     linked from the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2289 advisory.

    The libtiff packages contain a library of functions for manipulating Tagged Image File Format (TIFF)     files.

    Security Fix(es):

    * libtiff: infinite loop via a crafted TIFF file (CVE-2022-40090)

    * libtiff: segmentation fault in Fax3Encode in libtiff/tif_fax3.c (CVE-2023-3618)

    * libtiff: integer overflow in tiffcp.c (CVE-2023-40745)

    * libtiff: potential integer overflow in raw2tiff.c (CVE-2023-41175)

    * libtiff: heap-based buffer overflow in cpStripToTile() in tools/tiffcp.c (CVE-2023-6228)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.4 Release Notes     linked from the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:2483 advisory.

    The traceroute utility displays the route used by IP packets on their way to a specified network (or     Internet) host.

    Security Fix(es):

    * traceroute: improper command line parsing (CVE-2023-46316)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.4 Release Notes     linked from the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:2463 advisory.

    The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and     LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for     starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups.
    In addition, it supports snapshotting and restoring of the system state, maintains mount and automount     points, and implements an elaborate transactional dependency-based service control logic. It can also work     as a drop-in replacement for sysvinit.

    Security Fix(es):

    * systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes (CVE-2023-7008)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.4 Release Notes     linked from the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:2368 advisory.

    The mod_http2 Apache httpd module implements the HTTP2 protocol (h2+h2c) on top of libnghttp2 for httpd     2.4 servers.

    Security Fix(es):

    * httpd: mod_http2: DoS in HTTP/2 with initial window size 0 (CVE-2023-43622)

    * mod_http2: reset requests exhaust memory (incomplete fix of CVE-2023-44487) (CVE-2023-45802)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.4 Release Notes     linked from the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2113 advisory.

    The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities.

    Security Fix(es):

    * rubygem-rack: Denial of Service Vulnerability in Rack Content-Type Parsing (CVE-2024-25126)

    * rubygem-rack: Possible DoS Vulnerability with Range Header in Rack (CVE-2024-26141)

    * rubygem-rack: Possible Denial of Service Vulnerability in Rack Header Parsing (CVE-2024-26146)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.4 Release Notes     linked from the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2245 advisory.

    The buildah package provides a tool for facilitating building OCI container images. Among other things,     buildah enables you to: Create a working container, either from scratch or using an image as a starting     point; Create an image, either from a working container or using the instructions in a Dockerfile; Build     both Docker and OCI images.

    Security Fix(es):

    * golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests     (CVE-2023-39326)

    * golang: crypto/tls: Timing Side Channel attack in RSA based TLS key exchanges. (CVE-2023-45287)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.4 Release Notes     linked from the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2287 advisory.

    GStreamer is a streaming media framework based on graphs of filters which operate on media data. The     gstreamer1-plugins-bad-free package contains a collection of plug-ins for GStreamer.

    Security Fix(es):

    * gstreamer-plugins-bad: Integer overflow leading to heap overwrite in MXF file handling with uncompressed     video (CVE-2023-40474)

    * gstreamer-plugins-bad: Integer overflow leading to heap overwrite in MXF file handling with AES3 audio     (CVE-2023-40475)

    * gstreamer-plugins-bad: Integer overflow in H.265 video parser leading to stack overwrite     (CVE-2023-40476)

    * gstreamer-plugins-bad-free: buffer overflow vulnerability (CVE-2023-50186)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.4 Release Notes     linked from the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2193 advisory.

    The podman tool manages pods, container images, and containers. It is part of the libpod library, which is     for applications that use container pods. Container pods is a concept in Kubernetes.

    Security Fix(es):

    * golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests     (CVE-2023-39326)

    * golang: crypto/tls: Timing Side Channel attack in RSA based TLS key exchanges. (CVE-2023-45287)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.4 Release Notes     linked from the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:2213 advisory.

    Performance Co-Pilot (PCP) is a suite of tools, services, and libraries for acquisition, archiving, and     analysis of system-level performance measurements. Its light-weight distributed architecture makes it     particularly well-suited to centralized analysis of complex systems.

    Security Fix(es):

    * pcp: unsafe use of directories allows pcp to root privilege escalation (CVE-2023-6917)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.4 Release Notes     linked from the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2366 advisory.

    freeglut is a completely open source alternative to the OpenGL Utility Toolkit (GLUT) library with an OSI     approved free software license.

    Security Fix(es):

    * freeglut: memory leak via glutAddSubMenu() function (CVE-2024-24258)

    * freeglut: memory leak via glutAddMenuEntry() function (CVE-2024-24259)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.4 Release Notes     linked from the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:2228 advisory.

    Perl is a high-level programming language that is commonly used for system administration utilities and     web programming.

    Security Fix(es):

    * perl: Write past buffer end via illegal user-defined Unicode property (CVE-2023-47038)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.4 Release Notes     linked from the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2394 advisory.

    The kernel packages contain the Linux kernel, the core of any Linux operating system.

    Security Fix(es):

    * kernel: GSM multiplexing race condition leads to privilege escalation (CVE-2023-6546)

    * kernel: multiple use-after-free vulnerabilities (CVE-2024-1086, CVE-2023-3567, CVE-2023-4133,     CVE-2023-6932, CVE-2023-39198, CVE-2023-51043, CVE-2023-51779, CVE-2023-51780, CVE-2024-1085,     CVE-2024-26582)

    * kernel: Bluetooth BR/EDR PIN Pairing procedure is vulnerable to an impersonation attack (CVE-2020-26555)

    * kernel: memcg does not limit the number of POSIX file locks allowing memory exhaustion (CVE-2022-0480)

    * kernel: multiple NULL pointer dereference vulnerabilities (CVE-2022-38096, CVE-2023-6622, CVE-2023-6915,     CVE-2023-42754, CVE-2023-46862, CVE-2023-52574, CVE-2024-0841, CVE-2023-52448)

    * kernel: integer overflow in l2cap_config_req() in net/bluetooth/l2cap_core.c (CVE-2022-45934)

    * kernel: netfilter: nf_tables: out-of-bounds access in nf_tables_newtable() (CVE-2023-6040)

    * kernel: GC's deletion of an SKB races with unix_stream_read_generic()  leading to UAF (CVE-2023-6531)

    * kernel: Out of boundary write in perf_read_group() as result of overflow a perf_event's read_size     (CVE-2023-6931)

    * kernel: Bluetooth Forward and Future Secrecy Attacks and Defenses (CVE-2023-24023)

    * kernel: irdma: Improper access control (CVE-2023-25775)

    * Kernel: double free in hci_conn_cleanup of the bluetooth subsystem (CVE-2023-28464)

    * kernel: Bluetooth: HCI: global out-of-bounds access in net/bluetooth/hci_sync.c (CVE-2023-28866)

    * kernel: race condition between HCIUARTSETPROTO and HCIUARTGETPROTO in hci_uart_tty_ioctl     (CVE-2023-31083)

    * kernel: multiple out-of-bounds read vulnerabilities (CVE-2023-37453, CVE-2023-39189, CVE-2023-39193,     CVE-2023-6121, CVE-2023-39194)

    * kernel: netfilter: race condition between IPSET_CMD_ADD and IPSET_CMD_SWAP (CVE-2023-42756)

    * kernel: lib/kobject.c vulnerable to fill_kobj_path out-of-bounds write (CVE-2023-45863)

    * kernel: smb: client: fix potential OOBs in smb2_parse_contexts() (CVE-2023-52434)

    * kernel: mm/sparsemem: fix race in accessing memory_section->usage (CVE-2023-52489)

    * kernel: net: fix possible store tearing in neigh_periodic_work() (CVE-2023-52522)

    * kernel: multiple memory leak vulnerabilities (CVE-2023-52529, CVE-2023-52581)

    * kernel: net: bridge: data races indata-races in br_handle_frame_finish() (CVE-2023-52578)

    * kernel: net/core: kernel crash in ETH_P_1588 flow dissector (CVE-2023-52580)

    * kernel: net/sched: act_ct: fix skb leak and crash on ooo frags (CVE-2023-52610)

    * kernel: CIFS Filesystem Decryption Improper Input Validation Remote Code Execution Vulnerability in     function receive_encrypted_standard of client (CVE-2024-0565)

    * kernel: tls: race between async notify and socket close (CVE-2024-26583)

    * kernel: tls: handle backlogging of crypto requests (CVE-2024-26584)

    * kernel: tls: race between tx work scheduling and socket close (CVE-2024-26585)

    * kernel: mlxsw: spectrum_acl_tcam: Fix stack corruption (CVE-2024-26586)

    * kernel: i2c: i801: Fix block process call transactions (CVE-2024-26593)

    * kernel: sched/membarrier: reduce the ability to hammer on sys_membarrier (CVE-2024-26602)

    * kernel: netfilter: nf_tables: reject QUEUE/DROP verdict parameters (CVE-2024-26609)

    * kernel: local dos vulnerability in scatterwalk_copychunks (CVE-2023-6176)

    * kernel: perf/x86/lbr: Filter vsyscall addresses (CVE-2023-52476)

    * kernel: netfilter: nf_tables: disallow timeout for anonymous sets (CVE-2023-52620)

    * kernel: ip6_tunnel: fix NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim() (CVE-2024-26633)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.4 Release Notes     linked from the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:2170 advisory.

    Xwayland is an X server for running X clients under Wayland.

    Security Fix(es):

    * xorg-x11-server: Out-of-bounds write in XIChangeDeviceProperty/RRChangeOutputProperty (CVE-2023-5367)

    * xorg-x11-server: out-of-bounds memory reads/writes in XKB button actions (CVE-2023-6377)

    * xorg-x11-server: out-of-bounds memory read in RRChangeOutputProperty and RRChangeProviderProperty     (CVE-2023-6478)

    * xorg-x11-server: Heap buffer overflow in DeviceFocusEvent and ProcXIQueryPointer (CVE-2023-6816)

    * xorg-x11-server: reattaching to different master device may lead to out-of-bounds memory access     (CVE-2024-0229)

    * xorg-x11-server: SELinux unlabeled GLX PBuffer (CVE-2024-0408)

    * xorg-x11-server: SELinux context corruption (CVE-2024-0409)

    * xorg-x11-server: heap buffer overflow in XISendDeviceHierarchyEvent (CVE-2024-21885)

    * xorg-x11-server: heap buffer overflow in DisableDevice (CVE-2024-21886)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.4 Release Notes     linked from the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:2303 advisory.

    GStreamer is a streaming media framework based on graphs of filters which operate on media data. The     gstreamer1-plugins-good packages contain a collection of well-supported plug-ins of good quality and under     the LGPL license.

    Security Fix(es):

    * gstreamer-plugins-good: integer overflow leading to heap overwrite in FLAC image tag handling     (CVE-2023-37327)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.4 Release Notes     linked from the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:2295 advisory.

    The libjpeg-turbo packages contain a library of functions for manipulating JPEG images. They also contain     simple client programs for accessing the libjpeg functions. These packages provide the same functionality     and API as libjpeg but with better performance.

    Security Fix(es):

    * libjpeg-turbo: heap-buffer-overflow vulnerability in decompress_smooth_data in jdcoefct.c     (CVE-2021-29390)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.4 Release Notes     linked from the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:2292 advisory.

    Python is an interpreted, interactive, object-oriented programming language, which includes modules,     classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to     many system calls and libraries, as well as to various windowing systems.

    Security Fix(es):

    * python: Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple     (CVE-2023-27043)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.4 Release Notes     linked from the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:2272 advisory.

    The Container Network Interface (CNI) project consists of a specification and libraries for writing plug-     ins for configuring network interfaces in Linux containers, along with a number of supported plug-ins. CNI     concerns itself only with network connectivity of containers and removing allocated resources when the     container is deleted.

    Security Fix(es):

    * golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests     (CVE-2023-39326)

    * golang: crypto/tls: Timing Side Channel attack in RSA based TLS key exchanges. (CVE-2023-45287)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.4 Release Notes     linked from the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:2180 advisory.

    The runC tool is a lightweight, portable implementation of the Open Container Format (OCF) that provides     container runtime.

    Security Fix(es):

    * golang: io/fs: stack exhaustion in Glob (CVE-2022-30630)

    * golang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631)

    * golang: path/filepath: stack exhaustion in Glob (CVE-2022-30632)

    * golang: crypto/tls: Timing Side Channel attack in RSA based TLS key exchanges. (CVE-2023-45287)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.4 Release Notes     linked from the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2169 advisory.

    X.Org is an open-source implementation of the X Window System. It provides the basic low-level     functionality that full-fledged graphical user interfaces are designed upon.

    Security Fix(es):

    * xorg-x11-server: Out-of-bounds write in XIChangeDeviceProperty/RRChangeOutputProperty (CVE-2023-5367)

    * xorg-x11-server: out-of-bounds memory reads/writes in XKB button actions (CVE-2023-6377)

    * xorg-x11-server: out-of-bounds memory read in RRChangeOutputProperty and RRChangeProviderProperty     (CVE-2023-6478)

    * xorg-x11-server: Heap buffer overflow in DeviceFocusEvent and ProcXIQueryPointer (CVE-2023-6816)

    * xorg-x11-server: reattaching to different master device may lead to out-of-bounds memory access     (CVE-2024-0229)

    * xorg-x11-server: SELinux unlabeled GLX PBuffer (CVE-2024-0408)

    * xorg-x11-server: SELinux context corruption (CVE-2024-0409)

    * xorg-x11-server: heap buffer overflow in XISendDeviceHierarchyEvent (CVE-2024-21885)

    * xorg-x11-server: heap buffer overflow in DisableDevice (CVE-2024-21886)

    * xorg-x11-server: Use-after-free bug in DestroyWindow (CVE-2023-5380)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.4 Release Notes     linked from the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2126 advisory.

    WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform.

    Security Fix(es):

    * webkitgtk: use-after-free in the MediaRecorder API of the WebKit GStreamer-based ports (CVE-2023-39928)

    * webkitgtk: Arbitrary Remote Code Execution (CVE-2023-42917)

    * webkitgtk: processing a malicious image may lead to a denial of service (CVE-2023-42883)

    * webkitgtk: processing malicious web content may lead to arbitrary code execution (CVE-2023-42890)

    * webkitgtk: Processing web content may lead to arbitrary code execution (CVE-2023-40414)

    * webkitgtk: Processing a file may lead to a denial of service or potentially disclose memory contents     (CVE-2014-1745)

    * webkitgtk: User password may be read aloud by a text-to-speech accessibility feature (CVE-2023-32359)

    * webkitgtk: Processing web content may lead to a denial of service (CVE-2023-41983)

    * webkitgtk: Processing web content may lead to arbitrary code execution (CVE-2023-42852)

    * webkitgtk: A malicious website may cause unexpected cross-origin behavior (CVE-2024-23271)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 9 Release Notes     linked from the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:2137 advisory.

    LibRaw is a library for reading RAW files obtained from digital photo cameras (CRW/CR2, NEF, RAF, DNG, and     others).

    Security Fix(es):

    * LibRaw: a heap-buffer-overflow in raw2image_ex() (CVE-2023-1729)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.4 Release Notes     linked from the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:2410 advisory.

    HarfBuzz is an implementation of the OpenType Layout engine.

    Security Fix(es):

    * harfbuzz: allows attackers to trigger O(n^2) growth via consecutive marks (CVE-2023-25193)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.4 Release Notes     linked from the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:2517 advisory.

    The wpa_supplicant packages contain an 802.1X Supplicant with support for WEP, WPA, WPA2 (IEEE 802.11i /     RSN), and various EAP authentication methods. They implement key negotiation with a WPA Authenticator for     client stations and controls the roaming and IEEE 802.11 authentication and association of the WLAN     driver.

    Security Fix(es):

    * wpa_supplicant: potential authorization bypass (CVE-2023-52160)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.4 Release Notes     linked from the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2156 advisory.

    FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3,     ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and BFD.

    Security Fix(es):

    * frr: incorrect length check in bgp_capability_llgr() can lead do DoS (CVE-2023-31489)

    * frr: missing length check in bgp_attr_psid_sub() can lead do DoS (CVE-2023-31490)

    * frr: processes invalid NLRIs if attribute length is zero (CVE-2023-41358)

    * frr: out of bounds read in bgp_attr_aigp_valid (CVE-2023-41359)

    * frr: NULL pointer dereference in bgp_nlri_parse_flowspec() in bgpd/bgp_flowspec.c (CVE-2023-41909)

    * frr: mishandled malformed data leading to a crash (CVE-2023-46752)

    * frr: crafted BGP UPDATE message leading to a crash (CVE-2023-46753)

    * frr: ahead-of-stream read of ORF header (CVE-2023-41360)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.4 Release Notes     linked from the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:2353 advisory.

    MinGW (Minimalist GNU for Windows) is a free and open source software development environment to create     Microsoft Windows applications.

    Security Fix(es):

    * binutils: Heap-buffer-overflow binutils-gdb/bfd/libbfd.c in bfd_getl64 (CVE-2023-1579)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.4 Release Notes     linked from the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2132 advisory.

    The fence-agents packages provide a collection of scripts for handling remote power management for cluster     devices. They allow failed or unreachable nodes to be forcibly restarted and removed from the cluster.

    Security Fix(es):

    * urllib3: Request body not stripped after redirect from 303 status changes request method to GET     (CVE-2023-45803)

    * pycryptodome: side-channel leakage for OAEP decryption in PyCryptodome and pycryptodomex     (CVE-2023-52323)

    * jinja2: HTML attribute injection when passing user input as keys to xmlattr filter (CVE-2024-22195)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.4 Release Notes     linked from the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2456 advisory.

    The grub2 packages provide version 2 of the Grand Unified Boot Loader (GRUB), a highly configurable and     customizable boot loader with modular architecture. The packages support a variety of kernel formats, file     systems, computer architectures, and hardware devices.

    Security Fix(es):

    * grub2: grub2-set-bootflag can be abused by local (pseudo-)users (CVE-2024-1048)

    * grub2: Out-of-bounds write at fs/ntfs.c may lead to unsigned code execution (CVE-2023-4692)

    * grub2: out-of-bounds read at fs/ntfs.c (CVE-2023-4693)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.4 Release Notes     linked from the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2204 advisory.

    Network Block Device (NBD) is a protocol for accessing Block Devices (hard disks and disk-like devices)     over a Network. The libnbd is a userspace client library for writing NBD clients.

    Security Fix(es):

    * libnbd: Malicious NBD server may crash libnbd (CVE-2023-5871)

    * libnbd: Crash or misbehaviour when NBD server returns an unexpected block size (CVE-2023-5215)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.4 Release Notes     linked from the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:2348 advisory.

    The python-jinja2 package contains Jinja2, a template engine written in pure Python. Jinja2 provides a     Django inspired non-XML syntax but supports inline expressions and an optional sandboxed environment.

    Security Fix(es):

    * jinja2: HTML attribute injection when passing user input as keys to xmlattr filter (CVE-2024-22195)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.4 Release Notes     linked from the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2145 advisory.

    The libX11 packages contain the core X11 protocol client library.

    Security Fix(es):

    * libX11: out-of-bounds memory access in _XkbReadKeySyms() (CVE-2023-43785)

    * libX11: stack exhaustion from infinite recursion in PutSubImage() (CVE-2023-43786)

    * libX11: integer overflow in XCreateImage() leading to a heap overflow (CVE-2023-43787)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.4 Release Notes     linked from the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:2396 advisory.

    SquashFS is a highly compressed read-only file system for Linux. These packages contain the utilities for     manipulating squashfs file systems.

    Security Fix(es):

    * squashfs-tools: unvalidated filepaths allow writing outside of destination (CVE-2021-40153)

    * squashfs-tools: possible Directory Traversal via symbolic link (CVE-2021-41072)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.4 Release Notes     linked from the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:2159 advisory.

    The python-urllib3 package provides the Python HTTP module with connection pooling and file POST     abilities.

    Security Fix(es):

    * python-urllib3: Cookie request header isn't stripped during cross-origin redirects (CVE-2023-43804)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.4 Release Notes     linked from the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:2236 advisory.

    The libvirt library contains a C API for managing and interacting with the virtualization capabilities of     Linux and other operating systems. In addition, libvirt provides tools for remote management of     virtualized systems.

    Security Fix(es):

    * libvirt: NULL pointer dereference in udevConnectListAllInterfaces() (CVE-2024-2496)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.4 Release Notes     linked from the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:2184 advisory.

    libsndfile is a C library for reading and writing files containing sampled sound, such as AIFF, AU, or     WAV.

    Security Fix(es):

    * libsndfile: integer overflow in src/mat4.c and src/au.c leads to DoS (CVE-2022-33065)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.4 Release Notes     linked from the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2146 advisory.

    X.Org X11 libXpm runtime library.

    Security Fix(es):

    * libXpm: out of bounds read in XpmCreateXpmImageFromBuffer() (CVE-2023-43788)

    * libXpm: out of bounds read on XPM with corrupted colormap (CVE-2023-43789)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.4 Release Notes     linked from the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:2119 advisory.

    Image Builder is a service for building customized OS artifacts, such as VM images and OSTree commits,     that uses osbuild under the hood.

    Security Fix(es):

    * osbuild-composer: race condition may disable GPG verification for package repositories (CVE-2024-2307)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.4 Release Notes     linked from the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:2302 advisory.

    GStreamer is a streaming media framework based on graphs of filters which operate on media data. The     gstreamer1-plugins-base packages contain a collection of well-maintained base plug-ins.

    Security Fix(es):

    * gstreamer-plugins-base: heap overwrite in subtitle parsing (CVE-2023-37328)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.4 Release Notes     linked from the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:2438 advisory.

    Pluggable Authentication Modules (PAM) provide a system to set up authentication policies without the need     to recompile programs to handle authentication.

    Security Fix(es):

    * pam: allowing unprivileged user to block another user namespace (CVE-2024-22365)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.4 Release Notes     linked from the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:2337 advisory.

    The python-cryptography packages contain a Python Cryptographic Authority's (PyCA's) cryptography library,     which provides cryptographic primitives and recipes to Python developers.

    Security Fix(es):

    * python-cryptography: NULL-dereference when loading PKCS7 certificates (CVE-2023-49083)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.4 Release Notes     linked from the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:2211 advisory.

    The tcpdump packages contain the tcpdump utility for monitoring network traffic. The tcpdump utility can     capture and display the packet headers on a particular network interface or on all interfaces.

    Security Fix(es):

    * tcpslice: use-after-free in extract_slice() (CVE-2021-41043)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.4 Release Notes     linked from the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:2525 advisory.

    Pixman is a pixel manipulation library for the X Window System and Cairo.

    Security Fix(es):

    * pixman: Integer overflow in pixman_sample_floor_y leading to heap out-of-bounds write (CVE-2022-44638)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.4 Release Notes     linked from the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

ID	Name	Severity
194814	RHEL 9 : freerdp (RHSA-2024:2208)	critical
194813	RHEL 9 : skopeo (RHSA-2024:2239)	high
194812	RHEL 9 : httpd (RHSA-2024:2278)	high
194811	RHEL 9 : mingw-glib2 (RHSA-2024:2528)	high
194810	RHEL 9 : edk2 (RHSA-2024:2264)	critical
194809	RHEL 9 : openssl and openssl-fips-provider (RHSA-2024:2447)	critical
194808	RHEL 9 : motif (RHSA-2024:2217)	medium
194807	RHEL 9 : toolbox (RHSA-2024:2160)	medium
194806	RHEL 9 : ipa (RHSA-2024:2147)	medium
194805	RHEL 9 : libtiff (RHSA-2024:2289)	medium
194804	RHEL 9 : traceroute (RHSA-2024:2483)	medium
194803	RHEL 9 : systemd (RHSA-2024:2463)	medium
194802	RHEL 9 : mod_http2 (RHSA-2024:2368)	high
194801	RHEL 9 : pcs (RHSA-2024:2113)	high
194800	RHEL 9 : buildah (RHSA-2024:2245)	high
194799	RHEL 9 : gstreamer1-plugins-bad-free (RHSA-2024:2287)	high
194798	RHEL 9 : podman (RHSA-2024:2193)	high
194797	RHEL 9 : pcp (RHSA-2024:2213)	medium
194796	RHEL 9 : freeglut (RHSA-2024:2366)	high
194795	RHEL 9 : perl (RHSA-2024:2228)	high
194794	RHEL 9 : kernel (RHSA-2024:2394)	critical
194793	RHEL 9 : xorg-x11-server-Xwayland (RHSA-2024:2170)	critical
194792	RHEL 9 : gstreamer1-plugins-good (RHSA-2024:2303)	high
194791	RHEL 9 : libjpeg-turbo (RHSA-2024:2295)	high
194790	RHEL 9 : python3.11 (RHSA-2024:2292)	critical
194789	RHEL 9 : containernetworking-plugins (RHSA-2024:2272)	high
194788	RHEL 9 : runc (RHSA-2024:2180)	high
194787	RHEL 9 : xorg-x11-server (RHSA-2024:2169)	critical
194786	RHEL 9 : webkit2gtk3 (RHSA-2024:2126)	critical
194785	RHEL 9 : LibRaw (RHSA-2024:2137)	medium
194784	RHEL 9 : harfbuzz (RHSA-2024:2410)	high
194783	RHEL 9 : wpa_supplicant (RHSA-2024:2517)	medium
194782	RHEL 9 : frr (RHSA-2024:2156)	critical
194781	RHEL 9 : mingw components (RHSA-2024:2353)	high
194780	RHEL 9 : fence-agents (RHSA-2024:2132)	medium
194779	RHEL 9 : grub2 (RHSA-2024:2456)	high
194778	RHEL 9 : libnbd (RHSA-2024:2204)	medium
194777	RHEL 9 : python-jinja2 (RHSA-2024:2348)	medium
194776	RHEL 9 : libX11 (RHSA-2024:2145)	high
194775	RHEL 9 : squashfs-tools (RHSA-2024:2396)	high
194774	RHEL 9 : python3.11-urllib3 (RHSA-2024:2159)	critical
194773	RHEL 9 : libvirt (RHSA-2024:2236)	medium
194772	RHEL 9 : libsndfile (RHSA-2024:2184)	high
194771	RHEL 9 : libXpm (RHSA-2024:2146)	medium
194770	RHEL 9 : Image builder components (RHSA-2024:2119)	medium
194769	RHEL 9 : gstreamer1-plugins-base (RHSA-2024:2302)	high
194768	RHEL 9 : pam (RHSA-2024:2438)	medium
194767	RHEL 9 : python3.11-cryptography (RHSA-2024:2337)	critical
194766	RHEL 9 : tcpdump (RHSA-2024:2211)	medium
194765	RHEL 9 : mingw-pixman (RHSA-2024:2525)	high

Detections

Analytics

Red Hat Local Security Checks Family for Nessus

critical

high

high

high

critical

critical

medium

medium

medium

medium

medium

medium

high

high

high

high

high

medium

high

high

critical

critical

high

high

critical

high

high

critical

critical

medium

high

medium

critical

high

medium

high

medium

medium

high

high

critical

medium

high

medium

medium

high

medium

critical

medium

high