Download
| Alert*
oval:org.secpod.oval:def:96366
amd64-microcode: Processor microcode firmware for AMD CPUs AMD processors may allow an attacker to expose sensitive information due to a speculative execution vulnerability. oval:org.secpod.oval:def:508198 The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Security Fix: hw amd: Return Address Predictor vulnerability leading to information disclosure hw: amd: Cross-Process Information Leak For more details about the security issue, including ... oval:org.secpod.oval:def:1506947 [20230516-999.25.git6c9e0ed5.el8] - Add missing amd-ucode/ files to nano and core rpm - Add posttrans scriptlet to reload microcode on AMD - Recreate initramfs for AMD systems [20230516-999.24.git6c9e0ed5.el7] - 8a07fa49 linux-firmware: Update AMD fam19h cpu microcode oval:org.secpod.oval:def:1506900 [20230516-999.25.git6c9e0ed5.el9] - Add missing amd-ucode/ files to nano and core rpm - Add posttrans scriptlet to reload microcode on AMD - Recreate initramfs for AMD systems [20230516-999.24.git6c9e0ed5.el7] - 8a07fa49 linux-firmware: Update AMD fam19h cpu microcode oval:org.secpod.oval:def:1506945 [20230516-999.25.git6c9e0ed5.el7] - Add missing amd-ucode/ files to nano rpm - Add posttrans scriptlet to reload microcode on AMD - Recreate initramfs for AMD systems [20230516-999.24.git6c9e0ed5.el7] - 8a07fa49 linux-firmware: Update AMD fam19h cpu microcode oval:org.secpod.oval:def:89049250 This update for kernel-firmware fixes the following issues: * CVE-2023-20569: Fixed AMD 19h ucode to mitigate a side channel vulnerability in some of the AMD CPUs. ## Special Instructions and Notes: * Please reboot the system after installing this update. oval:org.secpod.oval:def:2600387 The linux-firmware packages contain all of the firmware files that are required by various devices to operate. oval:org.secpod.oval:def:89049290 This update for kernel-firmware fixes the following issues: * CVE-2023-20569: Fixed AMD 19h ucode to mitigate a side channel vulnerability in some of the AMD CPUs. ## Special Instructions and Notes: * Please reboot the system after installing this update. oval:org.secpod.oval:def:508125 The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Security Fix: hw amd: Return Address Predictor vulnerability leading to information disclosure For more details about the security issue, including the impact, a CVSS score, acknowledgment ... oval:org.secpod.oval:def:708392 amd64-microcode: Processor microcode firmware for AMD CPUs AMD processors may allow an attacker to expose sensitive information due to a speculative execution vulnerability. oval:org.secpod.oval:def:89049257 This update for kernel-firmware fixes the following issues: * CVE-2023-20569: Fixed AMD 19h ucode to mitigate a side channel vulnerability in some of the AMD CPUs. ## Special Instructions and Notes: * Please reboot the system after installing this update. oval:org.secpod.oval:def:89049298 This update for kernel-firmware fixes the following issues: * CVE-2023-20569: Fixed AMD 19h ucode to mitigate a side channel vulnerability in some of the AMD CPUs. ## Special Instructions and Notes: * Please reboot the system after installing this update. oval:org.secpod.oval:def:89049284 This update for kernel-firmware fixes the following issues: * CVE-2023-20569: Fixed AMD 19h ucode to mitigate a side channel vulnerability in some of the AMD CPUs. ## Special Instructions and Notes: * Please reboot the system after installing this update. oval:org.secpod.oval:def:91853 The host is missing a critical security update for KB5029244 oval:org.secpod.oval:def:91855 The host is missing a critical security update for KB5029250 oval:org.secpod.oval:def:91854 The host is missing a critical security update for KB5029247 oval:org.secpod.oval:def:91857 The host is missing a critical security update for KB5029259 oval:org.secpod.oval:def:91856 The host is missing a critical security update for KB5029253 oval:org.secpod.oval:def:508093 The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Security Fix: hw: intel: Improper access control for some Intel PROSet/Wireless WiFi hw: intel: Improper access control for some Intel PROSet/Wireless WiFi hw: intel: Protection mechanism ... oval:org.secpod.oval:def:91859 The host is missing a critical security update for KB5029295 oval:org.secpod.oval:def:91858 The host is missing a critical security update for KB5029263 oval:org.secpod.oval:def:206050 Security Fix: hw amd: Return Address Predictor vulnerability leading to information disclosure hw: amd: Cross-Process Information Leak For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the ... oval:org.secpod.oval:def:91851 The host is missing a critical security update for KB5029242 oval:org.secpod.oval:def:89049285 This update for kernel-firmware fixes the following issues: * CVE-2023-20569: Fixed AMD 19h ucode to mitigate a side channel vulnerability in some of the AMD CPUs. ## Special Instructions and Notes: * Please reboot the system after installing this update. oval:org.secpod.oval:def:91864 The host is missing a critical security update for KB5029308 oval:org.secpod.oval:def:91863 The host is missing a critical security update for KB5029307 oval:org.secpod.oval:def:91866 The host is missing a critical security update for KB5029318 oval:org.secpod.oval:def:91865 The host is missing a critical security update for KB5029312 oval:org.secpod.oval:def:91860 The host is missing a critical security update for KB5029296 oval:org.secpod.oval:def:91862 The host is missing a critical security update for KB5029304 oval:org.secpod.oval:def:91861 The host is missing a critical security update for KB5029301 oval:org.secpod.oval:def:2501277 The linux-firmware packages contain all of the firmware files that are required by various devices to operate. oval:org.secpod.oval:def:125983 The kernel meta package oval:org.secpod.oval:def:125979 The kernel meta package oval:org.secpod.oval:def:1507070 [5.4.17-2136.324.5.2.el8uek] - fix breakage in do_rmdir [Orabug: 35885837] [5.4.17-2136.324.5.1.el8uek] - x86: KVM: SVM: always update the x2avic msr interception [Orabug: 35857366] {CVE-2023-5090} [5.4.17-2136.324.5.el8uek] - netfilter: nfnetlink_osf: avoid OOB read - dlm: fix plock lookup when ... oval:org.secpod.oval:def:1507065 [5.4.17-2136.324.5.3.el7uek] - Revert quot;jbd2: Fix wrongly judgement for buffer head removing while doing checkpointquot; [Orabug: 35896102] [5.4.17-2136.324.5.2.el7uek] - fix breakage in do_rmdir [Orabug: 35885837] [5.4.17-2136.324.5.1.el7uek] - x86: KVM: SVM: always update the x2avic msr inter ... oval:org.secpod.oval:def:508011 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: kernel: use-after-free vulnerability in the smb client component kernel: IGB driver inadequate buffer size for frames larger than MTU hw amd: Return Address Predictor vulnerability leading to inform ... oval:org.secpod.oval:def:1507227 [5.14.0-362.13.1.el9_3.OL9] - x86/retpoline: Document some thunk handling aspects {CVE-2023-20569} - objtool: Fix return thunk patching in retpolines {CVE-2023-20569} - x86/srso: Remove unnecessary semicolon {CVE-2023-20569} - x86/calldepth: Rename __x86_return_skl to call_depth_return_thunk {CV ... oval:org.secpod.oval:def:1507073 [5.4.17-2136.324.5.3.el8] - Revert quot;jbd2: Fix wrongly judgement for buffer head removing while doing checkpointquot; [Orabug: 35896102] [5.4.17-2136.324.5.2.el8] - fix breakage in do_rmdir [Orabug: 35885837] [5.4.17-2136.324.5.1.el8] - x86: KVM: SVM: always update the x2avic msr interception ... oval:org.secpod.oval:def:1507071 [5.4.17-2136.324.5.3.el7] - Revert quot;jbd2: Fix wrongly judgement for buffer head removing while doing checkpointquot; [Orabug: 35896102] [5.4.17-2136.324.5.2.el7] - fix breakage in do_rmdir [Orabug: 35885837] [5.4.17-2136.324.5.1.el7] - x86: KVM: SVM: always update the x2avic msr interception ... oval:org.secpod.oval:def:89049306 This update for xen fixes the following issues: * CVE-2023-20569: Fixed side channel attack Inception or RAS Poisoning. * CVE-2022-40982: Fixed transient execution attack called 'Gather Data Sampling'. * CVE-2023-20593: Fixed a ZenBleed issue in 'Zen 2' CPUs that could allow an attacker to potenti ... oval:org.secpod.oval:def:89049348 This update for xen fixes the following issues: Update to Xen 4.13.5 bug fix release . * CVE-2023-20569: Fixed x86/AMD Speculative Return Stack Overflow . * CVE-2022-40982: Fixed x86/Intel Gather Data Sampling . * CVE-2023-20593: Fixed x86/AMD Zenbleed . oval:org.secpod.oval:def:89049347 This update for xen fixes the following issues: * CVE-2023-20569: Fixed x86/AMD Speculative Return Stack Overflow . * CVE-2022-40982: Fixed x86/Intel Gather Data Sampling . * CVE-2023-20593: Fixed x86/AMD Zenbleed . oval:org.secpod.oval:def:89049346 This update for xen fixes the following issues: * CVE-2023-20569: Fixed x86/AMD Speculative Return Stack Overflow . * CVE-2022-40982: Fixed x86/Intel Gather Data Sampling . * CVE-2023-20593: Fixed x86/AMD Zenbleed . oval:org.secpod.oval:def:89049268 The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2018-20784: Fixed a denial of service by mishandled leaf cfs_rq in kernel/sched/fair.c . * CVE-2018-3639: Fixed Speculative Store Bypass aka 'Memory Disambigua ... oval:org.secpod.oval:def:89049266 The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2022-40982: A transient execution attack called 'Gather Data Sampling' affecting is mitigated, together with respective Intel CPU Microcode updates . * CVE-2023 ... oval:org.secpod.oval:def:89049339 The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2022-40982: Fixed transient execution attack called "Gather Data Sampling" . * CVE-2023-0459: Fixed information leak in __uaccess_begin_nospec . * CVE-2023-2056 ... oval:org.secpod.oval:def:89049337 The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2022-40982: Fixed transient execution attack called "Gather Data Sampling" . * CVE-2023-0459: Fixed information leak in __uaccess_begin_nospec . * CVE-2023-2056 ... oval:org.secpod.oval:def:3301831 Security update for the Linux Kernel oval:org.secpod.oval:def:89049280 The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-3609: Fixed reference counter leak leading to overflow in net/sched . * CVE-2023-3611: Fixed an out-of-bounds write in net/sched sch_qfq. * CVE-2023- ... oval:org.secpod.oval:def:3301997 Security update for xen oval:org.secpod.oval:def:126059 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:89049322 This update for xen fixes the following issues: * CVE-2023-20569: Fixed side channel attack Inception or RAS Poisoning. * CVE-2022-40982: Fixed transient execution attack called "Gather Data Sampling". * CVE-2023-20593: Fixed a ZenBleed issue in "Zen 2" CPUs that could allow an attacker to potenti ... oval:org.secpod.oval:def:95188 CVE-2022-40982 Daniel Moghimi discovered Gather Data Sampling , a hardware vulnerability for Intel CPUs which allows unprivileged speculative access to data which was previously stored in vector registers. This mitigation requires updated CPU microcode provided in the intel-microcode package. For de ... oval:org.secpod.oval:def:612610 CVE-2022-40982 Daniel Moghimi discovered Gather Data Sampling , a hardware vulnerability for Intel CPUs which allows unprivileged speculative access to data which was previously stored in vector registers. This mitigation requires updated CPU microcode provided in the intel-microcode package. For de ... oval:org.secpod.oval:def:126026 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:3302002 Security update for the Linux Kernel oval:org.secpod.oval:def:89049336 The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2022-40982: Fixed transient execution attack called "Gather Data Sampling" . * CVE-2023-0459: Fixed information leak in __uaccess_begin_nospec . * CVE-2023-2056 ... oval:org.secpod.oval:def:3302303 Security update for the Linux Kernel oval:org.secpod.oval:def:3302065 Security update for the Linux Kernel oval:org.secpod.oval:def:19500342 An issue was discovered in the Linux kernel before 6.2. The ntfs3 subsystem does not properly check for correctness during disk reads, leading to an out-of-bounds read in ntfs_set_ea in fs/ntfs3/xattr.c. An issue in "Zen 2" CPUs, under specific microarchitectural circumstances, may allow an attacker ... oval:org.secpod.oval:def:1701518 A use-after-free vulnerability in the Linux kernel's net/sched: cls_u32 component can be exploited to achieve local privilege escalation.If tcf_change_indev fails, u32_set_parms will immediately return an error after incrementing or decrementing the reference counter in tcf_bind_filter. If an attack ... oval:org.secpod.oval:def:1701529 A use-after-free vulnerability in the Linux kernel's net/sched: cls_u32 component can be exploited to achieve local privilege escalation.If tcf_change_indev fails, u32_set_parms will immediately return an error after incrementing or decrementing the reference counter in tcf_bind_filter. If an attack ... oval:org.secpod.oval:def:1701530 An issue was discovered in the Linux kernel before 6.2. The ntfs3 subsystem does not properly check for correctness during disk reads, leading to an out-of-bounds read in ntfs_set_ea in fs/ntfs3/xattr.c. An issue in "Zen 2" CPUs, under specific microarchitectural circumstances, may allow an attacker ... oval:org.secpod.oval:def:1701533 An issue in "Zen 2" CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information. An out-of-bounds write vulnerability in the Linux kernel's net/sched: sch_qfq component can be exploited to achieve local privilege escalation.The qfq_change_ ... oval:org.secpod.oval:def:1507165 [5.4.17-2136.325.5.el7] - perf symbols: Symbol lookup with kcore can fail if multiple segments match stext [Orabug: 35905508] - char: misc: Increase the maximum number of dynamic misc devices to 1048448 [Orabug: 35905508] - perf/arm-cmn: Fix invalid pointer when access dtc object sharing the same ... oval:org.secpod.oval:def:1507145 [5.4.17-2136.325.5.el8uek] - perf symbols: Symbol lookup with kcore can fail if multiple segments match stext [Orabug: 35905508] - char: misc: Increase the maximum number of dynamic misc devices to 1048448 [Orabug: 35905508] - perf/arm-cmn: Fix invalid pointer when access dtc object sharing the sa ... oval:org.secpod.oval:def:1507146 [5.4.17-2136.325.5.el7uek] - perf symbols: Symbol lookup with kcore can fail if multiple segments match stext [Orabug: 35905508] - char: misc: Increase the maximum number of dynamic misc devices to 1048448 [Orabug: 35905508] - perf/arm-cmn: Fix invalid pointer when access dtc object sharing the sa ... oval:org.secpod.oval:def:4501523 The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix: * kernel: use after free in unix_stream_sendpage * kernel: vmwgfx: reference count issue leads to use-after-free in surface handling * kernel ... oval:org.secpod.oval:def:508003 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: kernel: use after free in unix_stream_sendpage kernel: vmwgfx: reference count issue leads to use-after-free in surface handling kernel: netfilter: potential slab-out-of-bound access due to integer ... oval:org.secpod.oval:def:94963 linux-oem-6.1: Linux kernel for OEM systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:708508 linux-oem-6.1: Linux kernel for OEM systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:2501312 The kernel packages contain the Linux kernel, the core of any Linux operating system. oval:org.secpod.oval:def:91797 AMD: CVE-2023-20569 Return Address Predictor. The vulnerability assigned to this CVE is in certain processor models offered by AMD. The mitigation for this vulnerability requires a Windows update. This CVE is being documented in the Security Update Guide to announce that the latest builds of Windows ... oval:org.secpod.oval:def:96406 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-lowlatency: Linux low latency kernel - li ... oval:org.secpod.oval:def:708564 linux-nvidia-6.2: Linux kernel for NVIDIA systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:89049309 The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2022-40982: Fixed transient execution attack called 'Gather Data Sampling' . * CVE-2023-0459: Fixed information leak in __uaccess_begin_nospec . * CVE-2023-2056 ... oval:org.secpod.oval:def:96410 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-azure-fde: Linux kernel for Microsoft Azure CVM cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gke: Linux kernel fo ... oval:org.secpod.oval:def:95051 linux-hwe-5.15: Linux hardware enablement kernel - linux-oracle-5.15: Linux kernel for Oracle Cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:94965 linux-raspi: Linux kernel for Raspberry Pi systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:94966 linux-intel-iotg: Linux kernel for Intel IoT platforms Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:708500 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-lowlatency: Linux low latency kernel - li ... oval:org.secpod.oval:def:708543 linux-intel-iotg-5.15: Linux kernel for Intel IoT platforms Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:95064 linux-intel-iotg-5.15: Linux kernel for Intel IoT platforms Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:708509 linux-hwe-5.15: Linux hardware enablement kernel - linux-oracle-5.15: Linux kernel for Oracle Cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:708507 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-azure-fde: Linux kernel for Microsoft Azure CVM cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gke: Linux kernel fo ... oval:org.secpod.oval:def:708534 linux-intel-iotg: Linux kernel for Intel IoT platforms Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:708532 linux-raspi: Linux kernel for Raspberry Pi systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:94971 linux-nvidia-6.2: Linux kernel for NVIDIA systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:89049311 The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2022-40982: Fixed transient execution attack called 'Gather Data Sampling' . * CVE-2023-0459: Fixed information leak in __uaccess_begin_nospec . * CVE-2023-2056 ... |