Download
| Alert*
oval:org.secpod.oval:def:89049268
The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2018-20784: Fixed a denial of service by mishandled leaf cfs_rq in kernel/sched/fair.c . * CVE-2018-3639: Fixed Speculative Store Bypass aka 'Memory Disambigua ... oval:org.secpod.oval:def:89049280 The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-3609: Fixed reference counter leak leading to overflow in net/sched . * CVE-2023-3611: Fixed an out-of-bounds write in net/sched sch_qfq. * CVE-2023- ... oval:org.secpod.oval:def:89049271 The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-3268: Fixed an out of bounds memory access flaw in relay_file_read_start_pos in the relayfs . * CVE-2023-3776: Fixed improper refcount update in cls_fw lea ... oval:org.secpod.oval:def:89045876 The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: Unprivileged BPF has been disabled by default to reduce attack surface as too many security issues have happened in the past You can reenable via systemctl setting /proc ... oval:org.secpod.oval:def:89002148 The SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.131 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-3639: Information leaks using quot;Memory Disambiguationquot; feature in modern CPUs were mitigated, aka quot;Spectre Variant 4quot; . A new boo ... oval:org.secpod.oval:def:1502240 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502241 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1100524 The remote host is missing a patch containing a security fix, which affects the following packages: bos.mp64. For more information please visit vendor advisory link. oval:org.secpod.oval:def:55650 Two vulnerabilities were discovered in Libvirt, a virtualisation abstraction library, allowing an API client with read-only permissions to execute arbitrary commands via the virConnectGetDomainCapabilities API, or read or execute arbitrary files via the virDomainSaveImageGetXMLDesc API. Additionally ... oval:org.secpod.oval:def:89043855 This update for xen fixes several issues. This feature was added: - Added support for qemu monitor command These security issues were fixed: - CVE-2018-3639: Prevent attackers with local user access from extracting information via a side-channel analysis, aka Speculative Store Bypass , Variant 4 . - ... oval:org.secpod.oval:def:89043524 This update for xen fixes several issues. These security issues were fixed: - CVE-2018-3639: Prevent attackers with local user access from extracting information via a side-channel analysis, aka Speculative Store Bypass , Variant 4 . - CVE-2017-5753,CVE-2017-5715,CVE-2017-5754: Improved Spectre v2 m ... oval:org.secpod.oval:def:89043867 This update for xen fixes several issues. This feature was added: - Added support for qemu monitor command These security issues were fixed: - CVE-2018-3639: Prevent attackers with local user access from extracting information via a side-channel analysis, aka Speculative Store Bypass , Variant 4 . - ... oval:org.secpod.oval:def:1504737 [15:3.0.0-1.el7] - net: ignore packet size greater than INT_MAX [Orabug: 28763782] {CVE-2018-17963} - pcnet: fix possible buffer overflow [Orabug: 28763774] {CVE-2018-17962} - rtl8139: fix possible out of bound access [Orabug: 28763765] {CVE-2018-17958} - ne2000: fix possible out of bound access ... oval:org.secpod.oval:def:60360 The remote host is missing a patch containing a security fix, which affects the following packages: bos.mp64. For more information please visit vendor advisory link. oval:org.secpod.oval:def:60359 The remote host is missing a patch containing a security fix, which affects the following packages: bos.mp64 and bos.mp. For more information please visit vendor advisory link. oval:org.secpod.oval:def:1504440 [15:3.0.0-1.el7] - net: ignore packet size greater than INT_MAX [Orabug: 28763782] {CVE-2018-17963} - pcnet: fix possible buffer overflow [Orabug: 28763774] {CVE-2018-17962} - rtl8139: fix possible out of bound access [Orabug: 28763765] {CVE-2018-17958} - ne2000: fix possible out of bound access ... oval:org.secpod.oval:def:89002246 The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-3639: Information leaks using quot;Memory Disambiguationquot; feature in modern CPUs were mitigated, aka quot;Spectre Variant 4quot; . A new boot commandli ... oval:org.secpod.oval:def:89049634 The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. The following new feature was added: - NVDIMM memory error notification The following security bugs were fixed: - CVE-2018-13406: An integer overflow in the uvesafb_setcmap function could have result in local ... oval:org.secpod.oval:def:89002178 This update for xen fixes the following issues: Security issues fixed: - CVE-2018-3639: Spectre V4 #226;#128;#147; Speculative Store Bypass aka quot;Memory Disambiguationquot; This feature can be controlled by the quot;ssbd=on/offquot; commandline flag for the XEN hypervisor. - CVE-2018-10982: x86 ... oval:org.secpod.oval:def:89002296 The SUSE Linux Enterprise 12 SP2 LTSS kernel was updated to receive various security and bugfixes. The following security bug was fixed: - CVE-2018-3639: Information leaks using quot;Memory Disambiguationquot; feature in modern CPUs were mitigated, aka quot;Spectre Variant 4quot; . A new boot comman ... oval:org.secpod.oval:def:502296 Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fix: * An industry-wide issue was found in the way many modern microprocessor designs ha ... oval:org.secpod.oval:def:115212 The kernel meta package oval:org.secpod.oval:def:502298 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load amp; Store instructions . It relies on the presence of a precisely-defin ... oval:org.secpod.oval:def:502297 The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Security Fix: * An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions . It ... oval:org.secpod.oval:def:51134 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oem: Linux kernel for OEM processors - linux-raspi2: Linux kernel for Raspberry Pi 2 Several security i ... oval:org.secpod.oval:def:502299 The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. Security Fix: * An industry-wide issue was found in the way many modern micro ... oval:org.secpod.oval:def:114599 The kernel meta package oval:org.secpod.oval:def:89043702 The SUSE Linux Enterprise 12 SP3 kernel for Azure was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-19407: The vcpu_scan_ioapic function in arch/x86/kvm/x86.c allowed local users to cause a denial of service via crafted system calls that reach ... oval:org.secpod.oval:def:89043832 This update for qemu fixes several issues. This security issue was fixed: - CVE-2018-3639: Spectre v4 vulnerability mitigation support for KVM guests . Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writ ... oval:org.secpod.oval:def:89043614 ucode-intel was updated to the 20180807 release. For the listed CPU chipsets this fixes CVE-2018-3640 , and is part of the mitigations for CVE-2018-3639 and CVE-2018-3646 . Processor Identifier Version Products Model Stepping F-MO-S/PI Old- gt;New ---- new platforms ------------------------------- ... oval:org.secpod.oval:def:51043 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oem: Linux kernel for OEM processors The ... oval:org.secpod.oval:def:53334 This update provides mitigations for the Spectre v4 variant in x86-based micro processors. On Intel CPUs this requires updated microcode which is currently not released publicly . For servers with AMD CPUs no microcode update is needed, please refer to https://xenbits.xen.org/xsa/advisory-263.html f ... oval:org.secpod.oval:def:89043744 This update for kvm fixes the following security issues: - CVE-2018-12617: qmp_guest_file_read had an integer overflow that could have been exploited by sending a crafted QMP command to the agent via the listening socket causing DoS - CVE-2018-11806: Prevent heap-based buffer overflow via incoming ... oval:org.secpod.oval:def:89043981 The Intel CPU microcode bundle was updated to the 20180703 release. For the listed CPU chipsets this fixes CVE-2018-3640 and helps mitigating CVE-2018-3639 . More information on: https://downloadcenter.intel.com/download/27945/Linux-Processor-Microcode-D ata-File Following chipsets are fixed in th ... oval:org.secpod.oval:def:89043728 The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-1749: Use ip6_dst_lookup_flow instead of ip6_dst_lookup . - CVE-2020-14314: Fixed a potential negative array index in do_split . - CVE-2020-14356: Fi ... oval:org.secpod.oval:def:51052 libvirt: Libvirt virtualization toolkit Side channel execution mitigations were added to libvirt. oval:org.secpod.oval:def:51054 qemu: Machine emulator and virtualizer Side channel execution mitigations were added to QEMU. oval:org.secpod.oval:def:115537 The kernel meta package oval:org.secpod.oval:def:114569 The kernel meta package oval:org.secpod.oval:def:114685 Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux . The main package includes the libvirtd server exporting the virtualization support. oval:org.secpod.oval:def:114687 The kernel meta package oval:org.secpod.oval:def:114684 QEMU is a generic and open source processor emulator which achieves a good emulation speed by using dynamic translation. QEMU has two operating modes: * Full system emulation. In this mode, QEMU emulates a full system , including a processor and various peripherials. It can be used to launch differe ... oval:org.secpod.oval:def:115530 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:89003057 This update for java-1_8_0-openjdk to version 8u212 fixes the following issues: Security issues fixed: - CVE-2019-2602: Better String parsing . - CVE-2019-2684: More dynamic RMI interactions . - CVE-2019-2698: Fuzzing TrueType fonts - setCurrGlyphID . - CVE-2019-2422: Better FileChannel . - CVE-2018 ... oval:org.secpod.oval:def:114559 The kernel meta package oval:org.secpod.oval:def:114551 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:89002199 This update for java-1_8_0-openjdk to the jdk8u181 release fixes the following issues: These security issues were fixed: - CVE-2018-2938: Difficult to exploit vulnerability allowed unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this ... oval:org.secpod.oval:def:89043818 This update for qemu fixes several issues. This security issue was fixed: - CVE-2018-3639: Spectre v4 vulnerability mitigation support for KVM guests . Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writ ... oval:org.secpod.oval:def:115435 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:51115 intel-microcode: Processor microcode for Intel CPUs The system could be made to expose sensitive information. oval:org.secpod.oval:def:53419 This update ships updated CPU microcode for additional models of Intel CPUs which were not yet covered by the Intel microcode update released as DSA-4273-1 oval:org.secpod.oval:def:1700060 An incomplete fix for CVE-2018-5748 that affects QEMU monitor leading to a resource exhaustion but now also triggered via QEMU guest agent.qemu/qemu_monitor.c in libvirt allows attackers to cause a denial of service via a large QEMU reply.An industry-wide issue was found in the way many modern micr ... oval:org.secpod.oval:def:114572 The kernel meta package oval:org.secpod.oval:def:704090 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-kvm: Linux kernel for cloud environments Several security issues were addressed in the Linux kernel. oval:org.secpod.oval:def:704086 linux: Linux kernel Several security issues were addressed in the Linux kernel. oval:org.secpod.oval:def:704088 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oem: Linux kernel for OEM processors The ... oval:org.secpod.oval:def:704083 linux: Linux kernel Several security issues were addressed in the Linux kernel. oval:org.secpod.oval:def:704084 linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-hwe: Linux hardware enablement kernel - linux-oem: Linux kernel for OEM processors Several security issues were addressed in the Linux kernel. oval:org.secpod.oval:def:704085 linux-aws: Linux kernel for Amazon Web Services systems - linux-lts-xenial: Linux hardware enablement kernel from Xenial for Trusty Several security issues were addressed in the Linux kernel. oval:org.secpod.oval:def:114881 The kernel meta package oval:org.secpod.oval:def:1502221 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502222 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1700053 An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load Store instructions . It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory read from address to which ... oval:org.secpod.oval:def:1502225 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1700052 An out-of-bounds read access issue was found in the VGA display emulator built into the Quick emulator . It could occur while reading VGA memory to update graphics display. A privileged user/process inside guest could use this flaw to crash the QEMU process on the host resulting in denial of service ... oval:org.secpod.oval:def:1502226 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1700051 An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load Store instructions . It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory read from address to which ... oval:org.secpod.oval:def:1502223 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:89043561 This update for kvm fixes one security issues. This security issue was fixed: - CVE-2018-3639: Spectre v4 vulnerability mitigation support for KVM guests . Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory ... oval:org.secpod.oval:def:1502224 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502229 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1700055 An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load Store instructions . It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory read from address to which ... oval:org.secpod.oval:def:1502227 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502228 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:116937 The OpenJDK runtime environment 8. oval:org.secpod.oval:def:114757 QEMU is a generic and open source processor emulator which achieves a good emulation speed by using dynamic translation. QEMU has two operating modes: * Full system emulation. In this mode, QEMU emulates a full system , including a processor and various peripherials. It can be used to launch differe ... oval:org.secpod.oval:def:114874 Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux . The main package includes the libvirtd server exporting the virtualization support. oval:org.secpod.oval:def:1700047 An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load Store instructions . It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory read from address to which ... oval:org.secpod.oval:def:1502233 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502230 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502231 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:114789 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:114549 The kernel meta package oval:org.secpod.oval:def:114783 The kernel meta package oval:org.secpod.oval:def:114653 The kernel meta package oval:org.secpod.oval:def:89043578 ucode-intel was updated to the 20180807 release. For the listed CPU chipsets this fixes CVE-2018-3640 and is part of the mitigations for CVE-2018-3639 and CVE-2018-3646 . Processor Identifier Version Products Model Stepping F-MO-S/PI Old- gt;New ---- new platforms -------------------------------- ... oval:org.secpod.oval:def:89045637 This update for java-1_7_0-openjdk fixes the following issues: - Update to 2.6.27 - OpenJDK 7u311 Security fixes: - CVE-2021-2341: Improve file transfers - CVE-2021-2369: Better jar file validation - CVE-2021-2432: Provide better LDAP provider support - CVE-2021-2163: Enhance opening JARs - CVE ... oval:org.secpod.oval:def:51202 linux-azure: Linux kernel for Microsoft Azure Cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:1502258 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:114727 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:114725 The kernel meta package oval:org.secpod.oval:def:1700251 An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load Store instructions . It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory read from address to which a ... oval:org.secpod.oval:def:89043868 This update for qemu fixes the following security issues: - CVE-2018-12617: qmp_guest_file_read had an integer overflow that could have been exploited by sending a crafted QMP command to the agent via the listening socket causing DoS - CVE-2018-11806: Prevent heap-based buffer overflow via incomin ... oval:org.secpod.oval:def:89043754 ucode-intel was updated to the 20180807 release. For the listed CPU chipsets this fixes CVE-2018-3640 and is part of the mitigations for CVE-2018-3639 and CVE-2018-3646 . Processor Identifier Version Products Model Stepping F-MO-S/PI Old- gt;New ---- new platforms -------------------------------- ... oval:org.secpod.oval:def:89043990 This update for qemu fixes several issues. This security issue was fixed: - CVE-2018-3639: Spectre v4 vulnerability mitigation support for KVM guests . Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writ ... oval:org.secpod.oval:def:115918 The OpenJDK runtime environment 8. oval:org.secpod.oval:def:603407 This update provides mitigations for the Spectre v4 variant in x86-based micro processors. On Intel CPUs this requires updated microcode which is currently not released publicly . For servers with AMD CPUs no microcode update is needed, please refer to https://xenbits.xen.org/xsa/advisory-263.html f ... oval:org.secpod.oval:def:1502441 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502440 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:60361 The remote host is missing a patch containing a security fix, which affects the following packages: bos.mp64. For more information please visit vendor advisory link. oval:org.secpod.oval:def:114734 The kernel meta package oval:org.secpod.oval:def:114614 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:114971 The kernel meta package oval:org.secpod.oval:def:603518 This update ships updated CPU microcode for additional models of Intel CPUs which were not yet covered by the Intel microcode update released as DSA-4273-1 oval:org.secpod.oval:def:704120 qemu: Machine emulator and virtualizer Side channel execution mitigations were added to QEMU. oval:org.secpod.oval:def:89049704 ucode-intel was updated to the 20180807 release. For the listed CPU chipsets this fixes CVE-2018-3640 and is part of the mitigations for CVE-2018-3639 and CVE-2018-3646 . Processor Identifier Version Products Model Stepping F-MO-S/PI Old- greater than New ---- new platforms ---------------------- ... oval:org.secpod.oval:def:204854 Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fix: * An industry-wide issue was found in the way many modern microprocessor designs ha ... oval:org.secpod.oval:def:89044015 The Intel CPU microcode bundle was updated to the 20180703 release. For the listed CPU chipsets this fixes CVE-2018-3640 and helps mitigating CVE-2018-3639 . More information on: https://downloadcenter.intel.com/download/27945/Linux-Processor-Microcode-D ata-File Following chipsets are fixed in th ... oval:org.secpod.oval:def:204852 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions . It relies on the presence of a precisely-defi ... oval:org.secpod.oval:def:114915 The kernel meta package oval:org.secpod.oval:def:89044002 The SUSE Linux Enterprise 12 SP2 LTSS kernel was updated to receive various security and bugfixes. The following security bug was fixed: - CVE-2018-3639: Information leaks using Memory Disambiguation feature in modern CPUs were mitigated, aka Spectre Variant 4 . A new boot commandline option was int ... oval:org.secpod.oval:def:204845 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load Store instructions . It relies on the presence of a precisely-defined in ... oval:org.secpod.oval:def:704118 libvirt: Libvirt virtualization toolkit Side channel execution mitigations were added to libvirt. oval:org.secpod.oval:def:704466 linux-gcp: Linux kernel for Google Cloud Platform systems - linux-hwe: Linux hardware enablement kernel Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:89049727 This update for ucode-intel fixes the following issues: The microcode bundles was updated to the 20180703 release For the listed CPU chipsets this fixes CVE-2018-3640 and helps mitigating CVE-2018-3639 . More information on: https://downloadcenter.intel.com/download/27945/Linux-Processor-Microcode ... oval:org.secpod.oval:def:204837 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load amp; Store instructions . It relies on the presence of a precisely-defin ... oval:org.secpod.oval:def:204836 Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fix: * An industry-wide issue was found in the way many modern microprocessor designs ha ... oval:org.secpod.oval:def:52926 linux-aws: Linux kernel for Amazon Web Services systems - linux-lts-xenial: Linux hardware enablement kernel from Xenial for Trusty Several security issues were addressed in the Linux kernel. oval:org.secpod.oval:def:52925 linux: Linux kernel Several security issues were addressed in the Linux kernel. oval:org.secpod.oval:def:204839 The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. Security Fix: * An industry-wide issue was found in the way many modern micro ... oval:org.secpod.oval:def:704330 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oem: Linux kernel for OEM processors - linux-raspi2: Linux kernel for Raspberry Pi 2 Several security i ... oval:org.secpod.oval:def:704457 linux-azure: Linux kernel for Microsoft Azure Cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:48684 The host is installed with Apple Mac OS X through 10.12.6, 10.13.6 or 10.14 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle multiple issues. Successful exploitation allows remote attackers to execute arbitrary code or read restricted ... oval:org.secpod.oval:def:704203 qemu: Machine emulator and virtualizer Side channel execution mitigations were added to QEMU. oval:org.secpod.oval:def:1502261 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502262 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:89002408 This update for qemu fixes the following issues: These security issues were fixed: - CVE-2018-12617: qmp_guest_file_read had an integer overflow that could have been exploited by sending a crafted QMP command to the agent via the listening socket causing DoS . - CVE-2018-11806: Prevent heap-based b ... oval:org.secpod.oval:def:1502263 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502270 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502271 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:89043591 This update for qemu fixes the following security issues: - CVE-2018-12617: qmp_guest_file_read had an integer overflow that could have been exploited by sending a crafted QMP command to the agent via the listening socket causing DoS - CVE-2018-11806: Prevent heap-based buffer overflow via incomin ... oval:org.secpod.oval:def:46441 The host is missing an important security update ADV180012 oval:org.secpod.oval:def:603489 This update ships updated CPU microcode for some types of Intel CPUs and provides SSBD support and fixes for "Spectre v3a". oval:org.secpod.oval:def:47664 The host is installed with Apple Mac OS before 10.14 and is prone to multiple vulnerabilities. The flaw is present in the application, which fails to properly handle multiple issues. Successful exploitation allows remote attackers to execute arbitrary code or read restricted memory. oval:org.secpod.oval:def:48630 The host is installed with Apple Mac OS X through 10.13.6 or before 10.11.6 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle a speculative execution of memory reads issue. Successful exploitation allows an attacker with loc ... oval:org.secpod.oval:def:704305 intel-microcode: Processor microcode for Intel CPUs The system could be made to expose sensitive information. oval:org.secpod.oval:def:1600899 An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions . It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory read from address to w ... oval:org.secpod.oval:def:1600898 An out-of-bounds read access issue was found in the VGA display emulator built into the Quick emulator . It could occur while reading VGA memory to update graphics display. A privileged user/process inside guest could use this flaw to crash the QEMU process on the host resulting in denial of service ... oval:org.secpod.oval:def:1600896 An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load amp; Store instructions . It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory read from address to wh ... oval:org.secpod.oval:def:89003429 This update for java-1_7_0-openjdk to version 7u231 fixes the following issues: Security issues fixed: - CVE_2019-2426: Improve web server connections . - CVE-2019-2745: Improved ECC Implementation . - CVE-2019-2762: Exceptional throw cases . - CVE-2019-2766: Improve file protocol handling . - CVE-2 ... oval:org.secpod.oval:def:117236 The OpenJDK runtime environment 8. oval:org.secpod.oval:def:116026 The OpenJDK runtime environment 8. oval:org.secpod.oval:def:502333 Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fix: * An industry-wide issue was found in the way many modern microprocessor designs ha ... oval:org.secpod.oval:def:502332 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load Store instructions . It relies on the presence of a precisely-defined in ... oval:org.secpod.oval:def:115165 The kernel meta package oval:org.secpod.oval:def:89003406 This update for java-1_7_0-openjdk to version 7u201 fixes the following issues: Security issues fixed: - CVE-2018-3136: Manifest better support - CVE-2018-3139: Better HTTP Redirection - CVE-2018-3149: Enhance JNDI lookups - CVE-2018-3169: Improve field accesses - CVE-2018-3180: Improve TLS conn ... oval:org.secpod.oval:def:89002315 This update for java-1_8_0-openjdk to the jdk8u181 release fixes the following issues: These security issues were fixed: - CVE-2018-2938: Difficult to exploit vulnerability allowed unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this ... oval:org.secpod.oval:def:2100357 Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store B ... oval:org.secpod.oval:def:45681 The host is installed with the Microsoft Windows, VMware Workstation 14.x before 14.1.2 or VMware Player 14.x before 14.1.2 and is prone to a speculative store bypass vulnerability. The application fails to properly handle speculative execution control mechanism issues. On successful exploitation, a ... oval:org.secpod.oval:def:89002425 This update for libvirt fixes the following issues: - CVE-2018-3639: cpu: add support for "ssbd" and "virt-ssbd" CPUID feature bits pass through oval:org.secpod.oval:def:45697 An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load and Store instructions (a commonly used performance optimization). It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the ... oval:org.secpod.oval:def:204809 The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Security Fix: * An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions . It ... oval:org.secpod.oval:def:115019 The kernel meta package oval:org.secpod.oval:def:89002493 This update for libvirt fixes the following issues: - CVE-2018-3639: cpu: Added support for "ssbd" and "virt-ssbd" CPUID feature bits pass through. oval:org.secpod.oval:def:115017 QEMU is a generic and open source processor emulator which achieves a good emulation speed by using dynamic translation. QEMU has two operating modes: * Full system emulation. In this mode, QEMU emulates a full system , including a processor and various peripherials. It can be used to launch differe ... oval:org.secpod.oval:def:204811 The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. Security Fix: * An industry-wide issue was found in the way many modern micro ... oval:org.secpod.oval:def:204810 Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fix: * An industry-wide issue was found in the way many modern microprocessor designs ha ... oval:org.secpod.oval:def:89049622 This update for qemu to version 2.11.2 fixes the following issues: Security issue fixed: - CVE-2018-11806: Fix heap buffer overflow issue that can happen while reassembling fragmented datagrams . - CVE-2018-3639: Mitigation functionality for Speculative Store Bypass issue in x86 . - CVE-2018-7550: F ... oval:org.secpod.oval:def:89002245 This update for libvirt fixes the following issues: Security issue fixed: - CVE-2018-3639: Add support for "ssbd" and "virt-ssbd" CPUID feature bits to address V4 Speculative Store Bypass aka quot;Memory Disambiguationquot; . Bug fixes: - bsc#1094325: Enable virsh blockresize for XEN guests . - bsc# ... oval:org.secpod.oval:def:115129 The kernel meta package oval:org.secpod.oval:def:115247 The kernel meta package oval:org.secpod.oval:def:52043 linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-hwe: Linux hardware enablement kernel - linux-oem: Linux kernel for OEM processors Several security issues were addressed in the Linux kernel. oval:org.secpod.oval:def:53011 linux-gcp: Linux kernel for Google Cloud Platform systems - linux-hwe: Linux hardware enablement kernel Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:52045 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-kvm: Linux kernel for cloud environments Several security issues were addressed in the Linux kernel. oval:org.secpod.oval:def:502300 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix: * An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions . It ... oval:org.secpod.oval:def:502302 Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fix: * An industry-wide issue was found in the way many modern microprocessor designs ha ... oval:org.secpod.oval:def:502301 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix: * An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions . It ... oval:org.secpod.oval:def:502304 The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. Security Fix: * An industry-wide issue was found in the way many modern micro ... oval:org.secpod.oval:def:502303 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions . It relies on the presence of a precisely-defi ... oval:org.secpod.oval:def:502305 The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Security Fix: * An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions . It ... oval:org.secpod.oval:def:204804 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions . It relies on the presence of a precisely-defi ... oval:org.secpod.oval:def:204803 The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Security Fix: * An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions . It ... oval:org.secpod.oval:def:204802 The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. Security Fix: * An industry-wide issue was found in the way many modern micro ... oval:org.secpod.oval:def:204808 Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fix: * An industry-wide issue was found in the way many modern microprocessor designs ha ... oval:org.secpod.oval:def:204807 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix: * An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions . It ... oval:org.secpod.oval:def:204806 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix: * An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions . It ... oval:org.secpod.oval:def:204805 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load amp; Store instructions . It relies on the presence of a precisely-defin ... oval:org.secpod.oval:def:45991 An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions . It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory read from address to w ... oval:org.secpod.oval:def:89002230 This update for microcode_ctl fixes the following issues: The Intel CPU Microcode bundle was updated to the 20180703 release For the listed CPU chipsets this fixes CVE-2018-3640 and helps mitigating CVE-2018-3639 More details can be found on: https://downloadcenter.intel.com/download/27945/Linux- ... oval:org.secpod.oval:def:115038 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:51087 qemu: Machine emulator and virtualizer Side channel execution mitigations were added to QEMU. oval:org.secpod.oval:def:502317 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load Store instructions . It relies on the presence of a precisely-defined i ... oval:org.secpod.oval:def:89002469 This update for libvirt fixes the following issues: - CVE-2018-3639: cpu: add support for "ssbd" and "virt-ssbd" CPUID feature bits pass through oval:org.secpod.oval:def:53397 This update ships updated CPU microcode for some types of Intel CPUs and provides SSBD support and fixes for "Spectre v3a". oval:org.secpod.oval:def:502324 The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. Security Fix: * An industry-wide issue was found in the way many modern micro ... oval:org.secpod.oval:def:502323 Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fix: * An industry-wide issue was found in the way many modern microprocessor designs ha ... oval:org.secpod.oval:def:1504074 [12:2.9.0-11.1.el7] - i386: Define the Virt SSBD MSR and handling of it [Orabug: 28110449] {CVE-2018-3639} - i386: define the AMD "virt-ssbd" CPUID feature bit [Orabug: 28110449] {CVE-2018-3639} - i386: define the "ssbd" CPUID feature bit [Orabug: 28110449] {CVE-2018-3639} oval:org.secpod.oval:def:502329 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load amp; Store instructions . It relies on the presence of a precisely-defin ... |