Download
| Alert*
oval:org.secpod.oval:def:1700578
A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_io.c and drivers/tty/tty_jobctrl.c may allow a read-after-free attack against TIOCGSID, aka CID-c8bcd9c5be24. A locking vulnerability was found in the tty subsystem of the Linux kern ... oval:org.secpod.oval:def:119204 The kernel meta package oval:org.secpod.oval:def:119201 The kernel meta package oval:org.secpod.oval:def:1700590 A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_io.c and drivers/tty/tty_jobctrl.c may allow a read-after-free attack against TIOCGSID, aka CID-c8bcd9c5be24. A locking vulnerability was found in the tty subsystem of the Linux kern ... oval:org.secpod.oval:def:1700588 A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_io.c and drivers/tty/tty_jobctrl.c may allow a read-after-free attack against TIOCGSID, aka CID-c8bcd9c5be24. A locking vulnerability was found in the tty subsystem of the Linux kern ... oval:org.secpod.oval:def:1700584 A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_io.c and drivers/tty/tty_jobctrl.c may allow a read-after-free attack against TIOCGSID, aka CID-c8bcd9c5be24. A locking vulnerability was found in the tty subsystem of the Linux kern ... oval:org.secpod.oval:def:70403 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems - linux-dell300x: Linux kernel for Dell 300x platforms - linux-gcp-4.15: Linux kernel for Google Cloud Platform systems - linux-gke-4.15: Linux kernel fo ... oval:org.secpod.oval:def:70400 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-kvm: Linux kernel for cloud environments - linux-raspi2: Linux kernel for Raspberry Pi systems - linux-snapdragon: Linux kernel for Qualcomm Snapdragon processors - linux-lts-xenial: Linux hardware enablement ker ... oval:org.secpod.oval:def:705918 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems - linux-dell300x: Linux kernel for Dell 300x platforms - linux-gcp-4.15: Linux kernel for Google Cloud Platform systems - linux-gke-4.15: Linux kernel fo ... oval:org.secpod.oval:def:705915 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-kvm: Linux kernel for cloud environments - linux-raspi2: Linux kernel for Raspberry Pi systems - linux-snapdragon: Linux kernel for Qualcomm Snapdragon processors - linux-lts-xenial: Linux hardware enablement ker ... oval:org.secpod.oval:def:89002775 The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-20669: Fixed an improper check i915_gem_execbuffer2_ioctl in drivers/gpu/drm/i915/i915_gem_execbuffer.c. oval:org.secpod.oval:def:89002777 The SUSE Linux Enterprise 12 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-3347: A use-after-free was discovered in the PI futexes during fault handling, allowing local users to execute code in the kernel . oval:org.secpod.oval:def:89002808 The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-28374: Fixed a LIO security issue . - CVE-2020-36158: Fixed a potential remote code execution in the Marvell mwifiex driver. oval:org.secpod.oval:def:89002761 The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-3348: Fixed a use-after-free in nbd_add_socket that could be triggered by local attackers via an I/O request . - CVE-2021-3347: A use-after-free was disco ... oval:org.secpod.oval:def:89002784 The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-3347: A use-after-free was discovered in the PI futexes during fault handling, allowing local users to execute code in the kernel . - CVE-2020-0465: Fixed ... oval:org.secpod.oval:def:89049431 The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-28374: Fixed a Linux SCSI target issue . - CVE-2020-36158: Fixed a potential remote code execution in the Marvell mwifiex driver . - CVE-2020-27825: Fixed ... oval:org.secpod.oval:def:89049464 The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-28374: Fixed a Linux SCSI target issue . - CVE-2020-36158: Fixed a potential remote code execution in the Marvell mwifiex driver . - CVE-2020-27825: Fixed ... oval:org.secpod.oval:def:69861 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2020-27815 A flaw was reported in the JFS filesystem code allowing a local attacker with the ability to set extended attributes to cause a denial of s ... oval:org.secpod.oval:def:1504735 [4.14.35-2025.405.3.el7] - Revert "rds: Deregister all FRWR mr with free_mr" [Orabug: 32426280] [4.14.35-2025.405.2.el7] - nfs: Fix security label length not being reset [Orabug: 32350995] [4.14.35-2025.405.1.el7] - net/rds: Fix gfp_t parameter [Orabug: 32372162] - uek-rpm: update kABI lists for ... oval:org.secpod.oval:def:70398 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gkeop: Linux kernel for Google Container Engine systems - linux-kvm: Linux kernel for clo ... oval:org.secpod.oval:def:70399 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle Cloud sys ... oval:org.secpod.oval:def:1504624 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:705913 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gkeop: Linux kernel for Google Container Engine systems - linux-kvm: Linux kernel for clo ... oval:org.secpod.oval:def:1504623 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:705914 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle Cloud sys ... oval:org.secpod.oval:def:1504627 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1504625 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:605419 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2020-27815 A flaw was reported in the JFS filesystem code allowing a local attacker with the ability to set extended attributes to cause a denial of s ... oval:org.secpod.oval:def:1504629 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:89002788 This update for the Linux Kernel 4.4.180-94_121 fixes several issues. The following security issues were fixed: - CVE-2020-36158: Fixed a potential remote code execution in the Marvell mwifiex driver . - CVE-2020-0465: Fixed multiple missing bounds checks in hid-multitouch.c that could have led to l ... oval:org.secpod.oval:def:70401 linux-oem-5.6: Linux kernel for OEM systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:89002847 The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-3348: Fixed a use-after-free in nbd_add_socket that could be triggered by local attackers via an I/O request at a certain point during device setup. oval:org.secpod.oval:def:1504618 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1504621 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:705916 linux-oem-5.6: Linux kernel for OEM systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:89002831 The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-3347: A use-after-free was discovered in the PI futexes during fault handling, allowing local users to execute code in the kernel . - CVE-2020-29569: Fixed ... oval:org.secpod.oval:def:1505219 [4.18.0-348.OL8] - Update Oracle Linux certificates - Disable signing for aarch64 - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 [4.18.0-348] - drm/nouveau/fifo/ga10 ... oval:org.secpod.oval:def:2500322 The kernel packages contain the Linux kernel, the core of any Linux operating system. oval:org.secpod.oval:def:506525 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: out-of-bounds reads in pinctrl subsystem * kernel: Improper input validation in some Intel Ethernet E810 Adapter drivers * kernel: Insufficient access control in some Intel Ethernet E810 A ... oval:org.secpod.oval:def:1601414 In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in __mutex_lock in kernel/locking/mutex.c. This is related to mutex_can_spin_on_owner in kernel/locking/mutex.c, __btrfs_qgroup_free_me ... oval:org.secpod.oval:def:1700542 In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in __mutex_lock in kernel/locking/mutex.c. This is related to mutex_can_spin_on_owner in kernel/locking/mutex.c, __btrfs_qgroup_free_me ... oval:org.secpod.oval:def:1700819 A flaw was found in the JFS filesystem code. This flaw allows a local attacker with the ability to set extended attributes to panic the system, causing memory corruption or escalating privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availabil ... |