Download
| Alert*
oval:org.secpod.oval:def:509094
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: kernel: tun: bugs for oversize packet when napi frags enabled in tun_napi_alloc_frags kernel: use after free in unix_stream_sendpage kernel: net/sched: sch_hfsc UAF kernel: use after free in nvmet_ ... oval:org.secpod.oval:def:1507292 - [5.14.0-362.18.0.1.el9_3.OL9] - nfp: fix use-after-free in area_cache_get {CVE-2022-3545} - drivers: net: slip: fix NPD bug in sl_tx_timeout {CVE-2022-41858} - can: af_can: fix NULL pointer dereference in can_rcv_filter {CVE-2023-2166} - RDMA/core: Fix resolve_prepare_src error cleanup {CVE-20 ... oval:org.secpod.oval:def:1507380 [5.14.0-362.18.1.el9_3.OL9] - Update Oracle Linux certificates - Disable signing for aarch64 - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 = 15.3-1.0.5.el9 - Remove ... oval:org.secpod.oval:def:509085 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: kernel: netfilter: potential slab-out-of-bound access due to integer underflow For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related inform ... oval:org.secpod.oval:def:96926 An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the h nets array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound. This issue may allow a local us ... oval:org.secpod.oval:def:96925 An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the h nets array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound. This issue may allow a local us ... oval:org.secpod.oval:def:1507073 [5.4.17-2136.324.5.3.el8] - Revert quot;jbd2: Fix wrongly judgement for buffer head removing while doing checkpointquot; [Orabug: 35896102] [5.4.17-2136.324.5.2.el8] - fix breakage in do_rmdir [Orabug: 35885837] [5.4.17-2136.324.5.1.el8] - x86: KVM: SVM: always update the x2avic msr interception ... oval:org.secpod.oval:def:1507031 [5.15.0-105.125.6.2.2.el8uek] - netfilter: nfnetlink_osf: avoid OOB read [Orabug: 35824297] - netfilter: nftables: exthdr: fix 4-byte stack OOB write [Orabug: 35824297] - netfilter: xt_sctp: validate the flag_info count [Orabug: 35824297] - netfilter: xt_u32: validate user space input [Orabug: 3 ... oval:org.secpod.oval:def:1507032 [5.4.17-2136.323.8.2.el7uek] - netfilter: nfnetlink_osf: avoid OOB read [Orabug: 35824307] - netfilter: xt_sctp: validate the flag_info count [Orabug: 35824307] - netfilter: xt_u32: validate user space input [Orabug: 35824307] - netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip ... oval:org.secpod.oval:def:4501523 The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix: * kernel: use after free in unix_stream_sendpage * kernel: vmwgfx: reference count issue leads to use-after-free in surface handling * kernel ... oval:org.secpod.oval:def:1507070 [5.4.17-2136.324.5.2.el8uek] - fix breakage in do_rmdir [Orabug: 35885837] [5.4.17-2136.324.5.1.el8uek] - x86: KVM: SVM: always update the x2avic msr interception [Orabug: 35857366] {CVE-2023-5090} [5.4.17-2136.324.5.el8uek] - netfilter: nfnetlink_osf: avoid OOB read - dlm: fix plock lookup when ... oval:org.secpod.oval:def:1507071 [5.4.17-2136.324.5.3.el7] - Revert quot;jbd2: Fix wrongly judgement for buffer head removing while doing checkpointquot; [Orabug: 35896102] [5.4.17-2136.324.5.2.el7] - fix breakage in do_rmdir [Orabug: 35885837] [5.4.17-2136.324.5.1.el7] - x86: KVM: SVM: always update the x2avic msr interception ... oval:org.secpod.oval:def:1507356 [3.10.0-1160.108.1.0.1.el7.OL7] - debug: lock down kgdb [Orabug: 34270798] {CVE-2022-21499} [3.10.0-1160.108.1.el7.OL7] - Update Oracle Linux certificates - Oracle Linux RHCK Module Signing Key was compiled into kernel - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 & ... oval:org.secpod.oval:def:1507033 [5.4.17-2136.323.8.2.el8uek] - netfilter: nfnetlink_osf: avoid OOB read [Orabug: 35824307] - netfilter: xt_sctp: validate the flag_info count [Orabug: 35824307] - netfilter: xt_u32: validate user space input [Orabug: 35824307] - netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip ... oval:org.secpod.oval:def:1507034 [5.15.0-105.125.6.2.2.el9uek] - netfilter: nfnetlink_osf: avoid OOB read [Orabug: 35824297] - netfilter: nftables: exthdr: fix 4-byte stack OOB write [Orabug: 35824297] - netfilter: xt_sctp: validate the flag_info count [Orabug: 35824297] - netfilter: xt_u32: validate user space input [Orabug: 3 ... oval:org.secpod.oval:def:1507078 [5.4.17-2136.323.8.2.el8] - netfilter: nfnetlink_osf: avoid OOB read [Orabug: 35824307] - netfilter: xt_sctp: validate the flag_info count [Orabug: 35824307] - netfilter: xt_u32: validate user space input [Orabug: 35824307] - netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_se ... oval:org.secpod.oval:def:1507035 [4.14.35-2047.529.3.2.el7uek] - netfilter: xt_sctp: validate the flag_info count [Orabug: 35824309] - netfilter: xt_u32: validate user space input [Orabug: 35824309] - netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c [Orabug: 35824309] {CVE-2023-42753} oval:org.secpod.oval:def:508006 This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Security Fix: kernel: use after free in unix_stream_sendpage kernel: netfilter: potential slab-out-of-bound access due to integer underflow For more details about ... oval:org.secpod.oval:def:1507082 [5.4.17-2136.323.8.2.el7] - netfilter: nfnetlink_osf: avoid OOB read [Orabug: 35824307] - netfilter: xt_sctp: validate the flag_info count [Orabug: 35824307] - netfilter: xt_u32: validate user space input [Orabug: 35824307] - netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_se ... oval:org.secpod.oval:def:508003 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: kernel: use after free in unix_stream_sendpage kernel: vmwgfx: reference count issue leads to use-after-free in surface handling kernel: netfilter: potential slab-out-of-bound access due to integer ... oval:org.secpod.oval:def:1507249 [4.18.0-513.11.1.0.1.el8_9.OL8] - scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress {CVE-2023-2162} - af_unix: Fix null-ptr-deref in unix_stream_sendpage {CVE-2023-4622} - netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet {CVE-2023-42753} oval:org.secpod.oval:def:94963 linux-oem-6.1: Linux kernel for OEM systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:89051082 The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-1206: Fixed a hash collision flaw in the IPv6 connection lookup table. A user located in the local network or with a high bandwidth connection can increase ... oval:org.secpod.oval:def:206059 Security Fix: kernel: netfilter: potential slab-out-of-bound access due to integer underflow For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. Bug Fix: oval:org.secpod.oval:def:1507057 [5.15.0-106.131.4.el9uek] - jbd2: check "jh-gt;b_transaction" before removing it from checkpoint - jbd2: fix checkpoint cleanup performance regression - scsi: qla2xxx: Fix TMF leak through - scsi: qla2xxx: Fix command flush during TMF - scsi: qla2xxx: Limit TMF to 8 per function - Revert quot;d ... oval:org.secpod.oval:def:1507058 [5.15.0-106.131.4.el8uek] - jbd2: check "jh-gt;b_transaction" before removing it from checkpoint - jbd2: fix checkpoint cleanup performance regression - scsi: qla2xxx: Fix TMF leak through - scsi: qla2xxx: Fix command flush during TMF - scsi: qla2xxx: Limit TMF to 8 per function - Revert quot;d ... oval:org.secpod.oval:def:708508 linux-oem-6.1: Linux kernel for OEM systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:97887 This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Security Fix: kernel: tun: bugs for oversize packet when napi frags enabled in tun_napi_alloc_frags kernel: net/sched: sch_hfsc UAF kernel: use after free in unix ... oval:org.secpod.oval:def:1507065 [5.4.17-2136.324.5.3.el7uek] - Revert quot;jbd2: Fix wrongly judgement for buffer head removing while doing checkpointquot; [Orabug: 35896102] [5.4.17-2136.324.5.2.el7uek] - fix breakage in do_rmdir [Orabug: 35885837] [5.4.17-2136.324.5.1.el7uek] - x86: KVM: SVM: always update the x2avic msr inter ... oval:org.secpod.oval:def:508022 The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fix: golang: crypto/tls: slow verification of certificate chains containing large RSA keys golang: ... oval:org.secpod.oval:def:89050938 The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2023-4389: Fixed a reference counting issue in the Btrfs filesystem that could be exploited in order to leak internal kernel information or crash the system . * CVE ... oval:org.secpod.oval:def:2501312 The kernel packages contain the Linux kernel, the core of any Linux operating system. oval:org.secpod.oval:def:1507067 [4.14.35-2047.530.5.1.el7uek] - Revert quot;rtnetlink: Reject negative ifindexes in RTM_NEWLINKquot; [Orabug: 35896831] [4.14.35-2047.530.5.el7uek] - netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c [Orabug: 35824288] {CVE-2023-42753} - netfilter: xt_u32: ... oval:org.secpod.oval:def:1507145 [5.4.17-2136.325.5.el8uek] - perf symbols: Symbol lookup with kcore can fail if multiple segments match stext [Orabug: 35905508] - char: misc: Increase the maximum number of dynamic misc devices to 1048448 [Orabug: 35905508] - perf/arm-cmn: Fix invalid pointer when access dtc object sharing the sa ... oval:org.secpod.oval:def:1507146 [5.4.17-2136.325.5.el7uek] - perf symbols: Symbol lookup with kcore can fail if multiple segments match stext [Orabug: 35905508] - char: misc: Increase the maximum number of dynamic misc devices to 1048448 [Orabug: 35905508] - perf/arm-cmn: Fix invalid pointer when access dtc object sharing the sa ... oval:org.secpod.oval:def:19500429 An integer overflow in kmalloc_reserve in the Linux kernel may allow a local user to crash the system, or in some cases obtain code execution in kernel space. A use-after-free vulnerability in the Linux kernel's net/sched: sch_hfsc component can be exploited to achieve local privilege escalation.If ... oval:org.secpod.oval:def:1507314 [4.14.35-2047.533.3.el7uek] - net: rfkill: gpio: set GPIO direction - sched/fair: Fix tg-gt;load when offlining a CPU [Orabug: 36185208] - IB/cm: Cancel mad on the DREQ event when the state is MRA_REP_RCVD [Orabug: 36143229] - sched/rt: pick_next_rt_entity: check list_entry [Orabug: 35181559] {C ... oval:org.secpod.oval:def:1701811 The upstream commit describes this issue as follows:The missing IP_SET_HASH_WITH_NET0 macro in ip_set_hash_netportnet can lead to the use of wrong `CIDR_POS` for calculating array offsets, which can lead to integer underflow. As a result, it leads to slab out-of-bound access. A use-after-free vulner ... oval:org.secpod.oval:def:708564 linux-nvidia-6.2: Linux kernel for NVIDIA systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:1701819 A flaw was found in the Linux kernel's IP framework for transforming packets . This issue may allow a malicious user with CAP_NET_ADMIN privileges to directly dereference a NULL pointer in xfrm_update_ae_params, leading to a possible kernel crash and denial of service. A use-after-free vulnerability ... oval:org.secpod.oval:def:1701821 A flaw was found in the Linux kernel's IP framework for transforming packets . This issue may allow a malicious user with CAP_NET_ADMIN privileges to directly dereference a NULL pointer in xfrm_update_ae_params, leading to a possible kernel crash and denial of service. The upstream commit describes ... oval:org.secpod.oval:def:1601809 A flaw was found in the Linux kernel's IP framework for transforming packets . This issue may allow a malicious user with CAP_NET_ADMIN privileges to directly dereference a NULL pointer in xfrm_update_ae_params, leading to a possible kernel crash and denial of service. A use-after-free vulnerability ... oval:org.secpod.oval:def:3301742 Security update for the Linux Kernel oval:org.secpod.oval:def:96419 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-lowlatency: Linux low latency kernel - li ... oval:org.secpod.oval:def:96418 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-azure-fde: Linux kernel for Microsoft Azure CVM cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gke: Linux kernel fo ... oval:org.secpod.oval:def:708552 linux-oracle-5.15: Linux kernel for Oracle Cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:708555 linux-iot: Linux kernel for IoT platforms - linux-raspi: Linux kernel for Raspberry Pi systems - linux-raspi-5.4: Linux kernel for Raspberry Pi systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:3301531 Security update for the Linux Kernel oval:org.secpod.oval:def:708546 linux-gcp-5.15: Linux kernel for Google Cloud Platform systems - linux-gkeop-5.15: Linux kernel for Google Container Engine systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:94968 linux-starfive-6.2: Linux kernel for StarFive processors Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:94966 linux-intel-iotg: Linux kernel for Intel IoT platforms Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:708542 linux-starfive-6.2: Linux kernel for StarFive processors Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:708543 linux-intel-iotg-5.15: Linux kernel for Intel IoT platforms Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:95062 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gkeop: Linux kernel for Google Container Engine systems - linux-ibm: Linux kernel for IBM ... oval:org.secpod.oval:def:95061 linux-bluefield: Linux kernel for NVIDIA BlueField platforms Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:95066 linux-gcp-5.15: Linux kernel for Google Cloud Platform systems - linux-gkeop-5.15: Linux kernel for Google Container Engine systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:95064 linux-intel-iotg-5.15: Linux kernel for Intel IoT platforms Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:708535 linux-bluefield: Linux kernel for NVIDIA BlueField platforms Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:89051077 The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-4563: Fixed an use-after-free flaw in the nftables sub-component. This vulnerability could allow a local attacker to crash the system or lead to a kernel i ... oval:org.secpod.oval:def:708534 linux-intel-iotg: Linux kernel for Intel IoT platforms Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:3302319 Security update for the Linux Kernel oval:org.secpod.oval:def:708537 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gkeop: Linux kernel for Google Container Engine systems - linux-ibm: Linux kernel for IBM ... oval:org.secpod.oval:def:708533 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-azure-fde: Linux kernel for Microsoft Azure CVM cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gke: Linux kernel fo ... oval:org.secpod.oval:def:89051079 The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-39194: Fixed a flaw in the processing of state filters which could allow a local attackers to disclose sensitive information. * CVE-2023-39193: Fixed a fl ... oval:org.secpod.oval:def:95069 linux-iot: Linux kernel for IoT platforms - linux-raspi: Linux kernel for Raspberry Pi systems - linux-raspi-5.4: Linux kernel for Raspberry Pi systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:94971 linux-nvidia-6.2: Linux kernel for NVIDIA systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:95068 linux-oracle-5.15: Linux kernel for Oracle Cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:708538 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-lowlatency: Linux low latency kernel - li ... oval:org.secpod.oval:def:3301672 Security update for the Linux Kernel oval:org.secpod.oval:def:1507165 [5.4.17-2136.325.5.el7] - perf symbols: Symbol lookup with kcore can fail if multiple segments match stext [Orabug: 35905508] - char: misc: Increase the maximum number of dynamic misc devices to 1048448 [Orabug: 35905508] - perf/arm-cmn: Fix invalid pointer when access dtc object sharing the same ... |