Download
| Alert*
|
oval:org.secpod.oval:def:506011
This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Security Fix: * kernel: out-of-bounds read in libiscsi module * kernel: heap buffer overflow in the iSCSI subsystem For more details about the security issue, inc ... oval:org.secpod.oval:def:506014 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: out-of-bounds read in libiscsi module * kernel: heap buffer overflow in the iSCSI subsystem * kernel: iscsi: unrestricted access to sessions and handles For more details about the securit ... oval:org.secpod.oval:def:705939 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems - linux-gcp-4.15: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-raspi2: Linux kernel for Raspbe ... oval:org.secpod.oval:def:89044137 This update for the Linux Kernel 4.12.14-122_222 fixes several issues. The following security issues were fixed: - CVE-2021-27365: Fixed an issue where data structures did not have appropriate length constraints or checks, and could exceed the PAGE_SIZE value . - CVE-2021-27363: Fixed a kernel point ... oval:org.secpod.oval:def:89044171 This update for the Linux Kernel 4.4.121-92_138 fixes several issues. The following security issues were fixed: - CVE-2021-27365: Fixed an issue where data structures did not have appropriate length constraints or checks, and could exceed the PAGE_SIZE value . - CVE-2021-27363: Fixed a kernel pointe ... oval:org.secpod.oval:def:1504802 [4.14.35-2047.501.2.el7] - scsi: iscsi: Verify lengths on passthrough PDUs [Orabug: 32634994] {CVE-2021-27363} {CVE-2021-27364} {CVE-2021-27365} - scsi: iscsi: Ensure sysfs attributes are limited to PAGE_SIZE [Orabug: 32634994] {CVE-2021-27363} {CVE-2021-27364} {CVE-2021-27365} - scsi: iscsi: Repo ... oval:org.secpod.oval:def:1504808 [5.4.17-2102.200.13] - bpf, selftests: Fix up some test_verifier cases for unprivileged [Orabug: 32656761] {CVE-2020-27170} {CVE-2020-27171} - bpf: Add sanity check for upper ptr_limit [Orabug: 32656761] {CVE-2020-27170} {CVE-2020-27171} - bpf: Simplify alu_limit masking for pointer arithmetic [O ... oval:org.secpod.oval:def:1504807 [5.4.17-2102.200.13.el7] - bpf, selftests: Fix up some test_verifier cases for unprivileged [Orabug: 32656761] {CVE-2020-27170} {CVE-2020-27171} - bpf: Add sanity check for upper ptr_limit [Orabug: 32656761] {CVE-2020-27170} {CVE-2020-27171} - bpf: Simplify alu_limit masking for pointer arithmetic ... oval:org.secpod.oval:def:1504806 [4.1.12-124.48.6] - scsi: iscsi: Verify lengths on passthrough PDUs [Orabug: 32603382] - scsi: iscsi: Ensure sysfs attributes are limited to PAGE_SIZE [Orabug: 32603382] {CVE-2021-27363} {CVE-2021-27364} {CVE-2021-27365} - scsi: iscsi: Report connection state in sysfs [Orabug: 32603382] {CVE-2021 ... oval:org.secpod.oval:def:97544 [CLSA-2021:1632261664] Fixed CVEs in kernel: CVE-2021-27365, CVE-2021-27363, CVE-2021-27364 oval:org.secpod.oval:def:1504774 [4.14.35-2047.501.2.el7uek] - scsi: iscsi: Verify lengths on passthrough PDUs [Orabug: 32634994] {CVE-2021-27363} {CVE-2021-27364} {CVE-2021-27365} - scsi: iscsi: Ensure sysfs attributes are limited to PAGE_SIZE [Orabug: 32634994] {CVE-2021-27363} {CVE-2021-27364} {CVE-2021-27365} - scsi: iscsi: R ... oval:org.secpod.oval:def:1504773 [5.4.17-2036.104.5.el8uek] - scsi: iscsi: Verify lengths on passthrough PDUs [Orabug: 32603379] {CVE-2021-27363} {CVE-2021-27364} {CVE-2021-27365} - scsi: iscsi: Ensure sysfs attributes are limited to PAGE_SIZE [Orabug: 32603379] {CVE-2021-27363} {CVE-2021-27364} {CVE-2021-27365} - scsi: iscsi: Re ... oval:org.secpod.oval:def:205851 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: out-of-bounds read in libiscsi module * kernel: heap buffer overflow in the iSCSI subsystem * kernel: iscsi: unrestricted access to sessions and handles For more details about the securit ... oval:org.secpod.oval:def:1504772 [5.4.17-2036.104.5.el8] - scsi: iscsi: Verify lengths on passthrough PDUs [Orabug: 32603379] {CVE-2021-27363} {CVE-2021-27364} {CVE-2021-27365} - scsi: iscsi: Ensure sysfs attributes are limited to PAGE_SIZE [Orabug: 32603379] {CVE-2021-27363} {CVE-2021-27364} {CVE-2021-27365} - scsi: iscsi: Repor ... oval:org.secpod.oval:def:1504810 [5.4.17-2036.104.5] - scsi: iscsi: Verify lengths on passthrough PDUs [Orabug: 32603379] {CVE-2021-27363} {CVE-2021-27364} {CVE-2021-27365} - scsi: iscsi: Ensure sysfs attributes are limited to PAGE_SIZE [Orabug: 32603379] {CVE-2021-27363} {CVE-2021-27364} {CVE-2021-27365} - scsi: iscsi: Report co ... oval:org.secpod.oval:def:1504777 [5.4.17-2036.104.5.el7] - scsi: iscsi: Verify lengths on passthrough PDUs [Orabug: 32603379] {CVE-2021-27363} {CVE-2021-27364} {CVE-2021-27365} - scsi: iscsi: Ensure sysfs attributes are limited to PAGE_SIZE [Orabug: 32603379] {CVE-2021-27363} {CVE-2021-27364} {CVE-2021-27365} - scsi: iscsi: Repor ... oval:org.secpod.oval:def:1504776 [4.1.12-124.48.6.el7uek] - scsi: iscsi: Verify lengths on passthrough PDUs [Orabug: 32603382] - scsi: iscsi: Ensure sysfs attributes are limited to PAGE_SIZE [Orabug: 32603382] {CVE-2021-27363} {CVE-2021-27364} {CVE-2021-27365} - scsi: iscsi: Report connection state in sysfs [Orabug: 32603382] {C ... oval:org.secpod.oval:def:1504818 [3.10.0-1160.24.1.el7.OL7] - Update Oracle Linux certificates - Oracle Linux RHCK Module Signing Key was compiled into kernel - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 less than or equal 15-2.0.9.el7 - Update oracle value to match new certificate [3.10.0-1160.2 ... oval:org.secpod.oval:def:71241 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems - linux-gcp-4.15: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-raspi2: Linux kernel for Raspbe ... oval:org.secpod.oval:def:71243 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle Cloud sys ... oval:org.secpod.oval:def:1700591 A flaw was found in the way access to sessions and handles was handled in the iSCSI driver in the Linux kernel. A local user could use this flaw to leak iSCSI transport handle kernel address or end arbitrary iSCSI connections on the system. A flaw was found in the Linux kernel. An out-of-bounds read ... oval:org.secpod.oval:def:1700593 A flaw was found in the way access to sessions and handles was handled in the iSCSI driver in the Linux kernel. A local user could use this flaw to leak iSCSI transport handle kernel address or end arbitrary iSCSI connections on the system. A flaw was found in the Linux kernel. An out-of-bounds read ... oval:org.secpod.oval:def:705943 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle Cloud sys ... oval:org.secpod.oval:def:1504836 [4.14.35-2047.502.4] - Revert "rds: ib: Remove two ib_modify_qp calls" [Orabug: 32715567] - uek-rpm: Update SecureBoot Digicert 2021 certificates [Orabug: 32532514] [4.14.35-2047.502.3] - video: hyperv_fb: Fix the mmap regression for v5.4.y and older [Orabug: 32620797] - video: hyperv_fb: Fix the ... oval:org.secpod.oval:def:1504835 [4.14.35-2047.502.4.el7] - Revert "rds: ib: Remove two ib_modify_qp calls" [Orabug: 32715567] - uek-rpm: Update SecureBoot Digicert 2021 certificates [Orabug: 32532514] [4.14.35-2047.502.3.el7] - video: hyperv_fb: Fix the mmap regression for v5.4.y and older [Orabug: 32620797] - video: hyperv_fb: ... oval:org.secpod.oval:def:1700582 A flaw was found in the way access to sessions and handles was handled in the iSCSI driver in the Linux kernel. A local user could use this flaw to leak iSCSI transport handle kernel address or end arbitrary iSCSI connections on the system. A flaw was found in the Linux kernel. An out-of-bounds read ... oval:org.secpod.oval:def:89044334 The SUSE Linux Enterprise 12 SP4 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-36312: Fixed an issue in virt/kvm/kvm_main.c that had a kvm_io_bus_unregister_dev memory leak upon a kmalloc failure . - CVE-2021-29650: Fixed an issu ... oval:org.secpod.oval:def:89044168 This update for the Linux Kernel 4.4.180-94_141 fixes several issues. The following security issues were fixed: - CVE-2021-27365: Fixed an issue where data structures did not have appropriate length constraints or checks, and could exceed the PAGE_SIZE value . - CVE-2021-27363: Fixed a kernel pointe ... oval:org.secpod.oval:def:89044324 The SUSE Linux Enterprise 12 SP2 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-36312: Fixed an issue in virt/kvm/kvm_main.c that had a kvm_io_bus_unregister_dev memory leak upon a kmalloc failure . - CVE-2021-29650: Fixed an issu ... oval:org.secpod.oval:def:89044320 The SUSE Linux Enterprise 12 SP2 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-36312: Fixed an issue in virt/kvm/kvm_main.c that had a kvm_io_bus_unregister_dev memory leak upon a kmalloc failure . - CVE-2021-29650: Fixed an issu ... oval:org.secpod.oval:def:89049481 The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-3444: Fixed an issue with the bpf verifier which did not properly handle mod32 destination register truncation when the source register was known to be 0 l ... oval:org.secpod.oval:def:89044307 The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-36312: Fixed an issue in virt/kvm/kvm_main.c that had a kvm_io_bus_unregister_dev memory leak upon a kmalloc failure . - CVE-2021-29650: Fixed an issue inside ... oval:org.secpod.oval:def:89044316 The SUSE Linux Enterprise 15 SP1 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-36312: Fixed an issue in virt/kvm/kvm_main.c that had a kvm_io_bus_unregister_dev memory leak upon a kmalloc failure . - CVE-2021-29650: Fixed an issu ... oval:org.secpod.oval:def:89044159 This update for the Linux Kernel 4.4.121-92_152 fixes several issues. The following security issues were fixed: - CVE-2021-27365: Fixed an issue where data structures did not have appropriate length constraints or checks, and could exceed the PAGE_SIZE value . - CVE-2021-27363: Fixed a kernel pointe ... oval:org.secpod.oval:def:89044153 The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-3444: Fixed an issue with the bpf verifier which did not properly handle mod32 destination register truncation when the source register was known to ... oval:org.secpod.oval:def:506839 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: locking issue in drivers/tty/tty_jobctrl.c can lead to an use-after-free * kernel: out-of-bounds read in libiscsi module * kernel: heap buffer overflow in the iSCSI subsystem * kernel: in ... oval:org.secpod.oval:def:1504868 [2.6.32-754.35.1.0.3.OL6] - Fixes for RHSA-2021:1288 [Orabug: 32809880] oval:org.secpod.oval:def:89044342 The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-3483: Fixed a use-after-free in nosy.c . - CVE-2021-30002: Fixed a memory leak for large arguments in video_usercopy . - CVE-2021-29650: Fixed an issue whe ... oval:org.secpod.oval:def:89044143 The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-3444: Fixed an issue with the bpf verifier which did not properly handle mod32 destination register truncation when the source register was known to be 0 l ... oval:org.secpod.oval:def:506013 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: use after free in eventpoll.c may lead to escalation of privilege * kernel: SCSI target write to any block on ILO backstore * kernel: Use after free via PI futex state * kernel: race con ... oval:org.secpod.oval:def:71254 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: use after free in eventpoll.c may lead to escalation of privilege * kernel: SCSI target write to any block on ILO backstore * kernel: Use after free via PI futex state * kernel: race con ... oval:org.secpod.oval:def:2500324 The kernel packages contain the Linux kernel, the core of any Linux operating system. oval:org.secpod.oval:def:1504819 [4.18.0-240.22.1.el8_3.OL8] - Update Oracle Linux certificates - Disable signing for aarch64 - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 less than or equal 15-11. ... oval:org.secpod.oval:def:1504820 [4.1.12-124.49.3.1] - SecureBoot Digicert 2021 certificates update [Orabug: 32532671] [4.1.12-124.49.3] - xen/netback: avoid race in xenvif_rx_ring_slots_available [Orabug: 32485156] - audit: fix error handling in audit_data_to_entry [Orabug: 32608451] {CVE-2020-0444} [4.1.12-124.49.2] - scsi: is ... oval:org.secpod.oval:def:89047308 The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-33200: Enforcing incorrect limits for pointer arithmetic operations by the BPF verifier could be abused to perform out-of-bounds reads and writes in kernel ... oval:org.secpod.oval:def:1507165 [5.4.17-2136.325.5.el7] - perf symbols: Symbol lookup with kcore can fail if multiple segments match stext [Orabug: 35905508] - char: misc: Increase the maximum number of dynamic misc devices to 1048448 [Orabug: 35905508] - perf/arm-cmn: Fix invalid pointer when access dtc object sharing the same ... oval:org.secpod.oval:def:1601423 An issue was discovered in the Linux kernel 3.11 through 5.10.16, as used by Xen. To service requests to the PV backend, the driver maps grant references provided by the frontend. In this process, errors may be encountered. In one case, an error encountered earlier might be discarded by later proces ... oval:org.secpod.oval:def:1700572 An issue was discovered in the Linux kernel 3.11 through 5.10.16, as used by Xen. To service requests to the PV backend, the driver maps grant references provided by the frontend. In this process, errors may be encountered. In one case, an error encountered earlier might be discarded by later proces ... oval:org.secpod.oval:def:1700813 A NULL pointer dereference flaw was found in the Linux kernel's GPU Nouveau driver functionality in the way the user calls ioctl DRM_IOCTL_NOUVEAU_CHANNEL_ALLOC. This flaw allows a local user to crash the system. An issue was discovered in the Linux kernel 3.11 through 5.10.16, as used by Xen. To se ... |
