Download
| Alert*
oval:org.secpod.oval:def:604512
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2018-20836 chenxiang reported a race condition in libsas, the kernel subsystem supporting Serial Attached SCSI devices, which could lead to a use-aft ... oval:org.secpod.oval:def:69738 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2018-20836 chenxiang reported a race condition in libsas, the kernel subsystem supporting Serial Attached SCSI devices, which could lead to a use-aft ... oval:org.secpod.oval:def:70171 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-kvm: Linux kernel for cloud environments - linux-raspi2: Linux kernel for Raspberry Pi 2 - linux-snapdragon: Linux kernel for Snapdragon processors Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:1502598 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:705113 linux: Linux kernel - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-raspi2: Linux kernel for Raspberry Pi 2 - linux-snapdragon: Linux kernel for Snapdragon processors - ... oval:org.secpod.oval:def:705111 linux: Linux kernel - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gke-4.15: Linux kernel for Google Container Engine systems - linux-kvm: Linux kernel for cloud environments - linux-oem: Linux kernel for OEM processors - linux-oracle: Linux kernel for Oracle Cloud systems - l ... oval:org.secpod.oval:def:705112 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-kvm: Linux kernel for cloud environments - linux-raspi2: Linux kernel for Raspberry Pi 2 - linux-snapdragon: Linux kernel for Snapdragon processors Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:58363 linux: Linux kernel - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gke-4.15: Linux kernel for Google Container Engine systems - linux-kvm: Linux kernel for cloud environments - linux-oem: Linux kernel for OEM processors - linux-oracle: Linux kernel for Oracle Cloud systems - l ... oval:org.secpod.oval:def:58364 linux: Linux kernel - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-raspi2: Linux kernel for Raspberry Pi 2 - linux-snapdragon: Linux kernel for Snapdragon processors - ... oval:org.secpod.oval:def:116946 This package contains the tools/ directory from the kernel source and the supporting documentation. oval:org.secpod.oval:def:57841 A Spectre gadget was found in the Linux kernel's implementation of system interrupts. An attacker with local access could use this information to reveal private data through a Spectre like side channel. oval:org.secpod.oval:def:57324 The host is missing an important security update for KB4507449 oval:org.secpod.oval:def:57323 The host is missing an important security update for KB4507448 oval:org.secpod.oval:def:1502588 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:503309 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: broken permission and object lifetime handling for PTRACE_TRACEME * kernel: hw: Spectre SWAPGS gadget vulnerability For more details about the security issue, including the impact, a CVSS ... oval:org.secpod.oval:def:1502589 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:116936 This package contains the tools/ directory from the kernel source and the supporting documentation. oval:org.secpod.oval:def:57332 The host is missing a critical security update for KB4507460 oval:org.secpod.oval:def:116931 Kernel-headers includes the C header files that specify the interface between the Linux kernel and userspace libraries and programs. The header files define structures and constants that are needed for building most standard programs and are also needed for rebuilding the glibc package. oval:org.secpod.oval:def:57331 The host is missing a critical security update for KB4507458 oval:org.secpod.oval:def:116932 Kernel-headers includes the C header files that specify the interface between the Linux kernel and userspace libraries and programs. The header files define structures and constants that are needed for building most standard programs and are also needed for rebuilding the glibc package. oval:org.secpod.oval:def:57330 The host is missing an important security update for KB4507457 oval:org.secpod.oval:def:57336 The host is missing an important security update for KB4507469 oval:org.secpod.oval:def:57335 The host is missing an important security update for KB4507464 oval:org.secpod.oval:def:57334 The host is missing an important security update for KB4507462 oval:org.secpod.oval:def:57333 The host is missing an important security update for KB4507461 oval:org.secpod.oval:def:57329 The host is missing an important security update for KB4507456 oval:org.secpod.oval:def:503313 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * Kernel: page cache side channel attacks * kernel: Salsa20 encryption algorithm does not correctly handle zero-length inputs allowing local attackers to cause denial-of-service * kernel: Unprivileg ... oval:org.secpod.oval:def:57326 The host is missing an important security update for KB4507452 oval:org.secpod.oval:def:1502596 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1601034 There is a newly discovered variant side-channel attack of Spectre V1 which leverages SWAPGS instructions to bypass KPTI/KVA mitigations. This could lead to a kernel information disclosure oval:org.secpod.oval:def:57780 An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory. An attacker who successfully exploited the vulnerability could read privileged data across trust boundaries. To exploit this vulnerability, an attacker would have to log on to an a ... oval:org.secpod.oval:def:205364 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: hw: Spectre SWAPGS gadget vulnerability * kernel: brcmfmac heap buffer overflow in brcmf_wowl_nd_results For more details about the security issue, including the impact, a CVSS score, ackn ... oval:org.secpod.oval:def:205248 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * Kernel: page cache side channel attacks * kernel: Salsa20 encryption algorithm does not correctly handle zero-length inputs allowing local attackers to cause denial-of-service * kernel: Unprivileg ... oval:org.secpod.oval:def:503326 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: hw: Spectre SWAPGS gadget vulnerability * kernel: brcmfmac heap buffer overflow in brcmf_wowl_nd_results For more details about the security issue, including the impact, a CVSS score, ackn ... oval:org.secpod.oval:def:1504745 [4.14.35-1902.3.2] - x86/speculation: Exclude ATOMs from speculation through SWAPGS [Orabug: 29967570] {CVE-2019-1125} - x86/speculation: Enable Spectre v1 swapgs mitigations [Orabug: 29967570] {CVE-2019-1125} - x86/speculation: Prepare entry code for Spectre v1 swapgs mitigations [Orabug: 299675 ... oval:org.secpod.oval:def:1700195 There is a newly discovered variant side-channel attack of Spectre V1 which leverages SWAPGS instructions to bypass KPTI/KVA mitigations. This could lead to a kernel information disclosure. oval:org.secpod.oval:def:705117 linux-aws: Linux kernel for Amazon Web Services systems - linux-aws-hwe: Linux kernel for Amazon Web Services systems The system could be made to expose sensitive information. oval:org.secpod.oval:def:1502603 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502604 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502605 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502606 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:58367 linux-aws: Linux kernel for Amazon Web Services systems - linux-aws-hwe: Linux kernel for Amazon Web Services systems The system could be made to expose sensitive information. oval:org.secpod.oval:def:1502658 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:66452 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: broken permission and object lifetime handling for PTRACE_TRACEME * kernel: hw: Spectre SWAPGS gadget vulnerability For more details about the security issue, including the impact, a CVSS ... oval:org.secpod.oval:def:89003269 The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2019-3819: A flaw was fixed in the function hid_debug_events_read in drivers/hid/hid-debug.c file which may have enter an infinite loop with certain parameters ... oval:org.secpod.oval:def:89050768 The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-20855: An issue was discovered in the Linux kernel In create_qp_common in drivers/infiniband/hw/mlx5/qp.c, mlx5_ib_create_qp_resp was never initialized, re ... oval:org.secpod.oval:def:89050605 The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-20855: An issue was discovered in the Linux kernel In create_qp_common in drivers/infiniband/hw/mlx5/qp.c, mlx5_ib_create_qp_resp was never initialized, result ... oval:org.secpod.oval:def:89003432 The SUSE Linux Enterprise 12 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2019-1125: Enable Spectre v1 swapgs mitigations . - CVE-2018-20855: An issue was discovered in create_qp_common in drivers/infiniband/hw/mlx5/qp.c, mlx5_ib_crea ... oval:org.secpod.oval:def:89003036 The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes. oval:org.secpod.oval:def:89003119 The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes. oval:org.secpod.oval:def:89003478 The SUSE Linux Enterprise 12 kernel was updated to receive various security and bugfixes. oval:org.secpod.oval:def:89050932 The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-20855: An issue was discovered in the Linux kernel In create_qp_common in drivers/infiniband/hw/mlx5/qp.c, mlx5_ib_create_qp_resp was never initialized, re ... oval:org.secpod.oval:def:116945 The kernel meta package oval:org.secpod.oval:def:604500 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2015-8553 Jan Beulich discovered that CVE-2015-2150 was not completely addressed. If a PCI physical function is passed through to a Xen guest, the gue ... oval:org.secpod.oval:def:116934 The kernel meta package oval:org.secpod.oval:def:69740 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2015-8553 Jan Beulich discovered that CVE-2015-2150 was not completely addressed. If a PCI physical function is passed through to a Xen guest, the gue ... |