Download
| Alert*
|
oval:org.secpod.oval:def:2000478
In pppol2tp_connect, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-38159931. oval:org.secpod.oval:def:704863 linux-aws: Linux kernel for Amazon Web Services systems - linux-lts-xenial: Linux hardware enablement kernel from Xenial for Trusty Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:54114 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-kvm: Linux kernel for cloud environments - linux-raspi2: Linux kernel for Raspberry Pi 2 - linux-snapdragon: Linux kernel for Snapdragon processors Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:54115 linux-aws: Linux kernel for Amazon Web Services systems - linux-lts-xenial: Linux hardware enablement kernel from Xenial for Trusty Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:704867 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-kvm: Linux kernel for cloud environments - linux-raspi2: Linux kernel for Raspberry Pi 2 - linux-snapdragon: Linux kernel for Snapdragon processors Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:1505595 [4.1.12-124.56.1] - ocfs2: subsystem.su_mutex is required while accessing the item- oval:org.secpod.oval:def:89048275 The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-9517: Fixed possible memory corruption due to a use after free in pppol2tp_connect . - CVE-2022-3564: Fixed use-after-free in l2cap_core.c of the Bluetooth ... oval:org.secpod.oval:def:503259 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * Kernel: vhost_net: infinite loop while receiving packets leads to DoS * Kernel: page cache side channel attacks * kernel: Buffer overflow in hidp_process_report * kernel: l2tp: Race condition bet ... oval:org.secpod.oval:def:205354 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * Kernel: vhost_net: infinite loop while receiving packets leads to DoS * Kernel: page cache side channel attacks * kernel: Buffer overflow in hidp_process_report * kernel: l2tp: Race condition bet ... oval:org.secpod.oval:def:1504148 [3.10.0-1062.OL7] - Oracle Linux certificates - Oracle Linux RHCK Module Signing Key was compiled into kernel - Update x509.genkey [Orabug: 24817676] [3.10.0-1062] - [fs] revert "xfs: disable copy_file_range to avoid broken splice copy" [1731205] [3.10.0-1061] - [linux] efi: Disable local interru ... oval:org.secpod.oval:def:89048955 The SUSE Linux Enterprise 11 SP4 LTSS EXTREME CORE kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-2162: Fixed an use-after-free flaw in iscsi_sw_tcp_session_create . * CVE-2023-32269: Fixed a use-after-free in af_netrom.c, related to t ... oval:org.secpod.oval:def:89045829 The SUSE Linux Enterprise 15 SP1 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - Unprivileged BPF has been disabled by default to reduce attack surface as too many security issues have happened in the past You can reenable via systemctl se ... oval:org.secpod.oval:def:89045869 The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - Unprivileged BPF has been disabled by default to reduce attack surface as too many security issues have happened in the past You can reenable via systemctl setting ... oval:org.secpod.oval:def:89045876 The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: Unprivileged BPF has been disabled by default to reduce attack surface as too many security issues have happened in the past You can reenable via systemctl setting /proc ... oval:org.secpod.oval:def:1505135 [4.1.12-124.56.1.el7uek] - ocfs2: subsystem.su_mutex is required while accessing the item->ci_parent [Orabug: 29184589] {CVE-2017-18216} - bcache: fix potential deadlock problem in btree_gc_coalesce {CVE-2020-12771} - filldir[64]: remove WARN_ON_ONCE for bad directory entries [Orabug: 31351271 ... oval:org.secpod.oval:def:89045643 The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-9517: Fixed possible memory corruption due to a use after free in pppol2tp_connect . - CVE-2019-3874: Fixed possible denial of service attack via SCT ... oval:org.secpod.oval:def:89045681 The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-9517: Fixed possible memory corruption due to a use after free in pppol2tp_connect . - CVE-2019-3874: Fixed possible denial of service attack via SCTP sock ... |
