Download
| Alert*
oval:org.secpod.oval:def:1505093
[4.1.12-124.53.5] - seq_file: disallow extremely large seq buffer allocations [Orabug: 33143006] {CVE-2021-33909} [4.1.12-124.53.3] - net/mlx4: Fix EEPROM dump support [Orabug: 31895301] {CVE-2020-14304} - net/mlx4_en: ethtool, Remove unsupported SFP EEPROM high pages query [Orabug: 31895301] {CV ... oval:org.secpod.oval:def:506332 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: out-of-bounds write in xt_compat_target_from_user in net/netfilter/x_tables.c * kernel: race condition for removal of the HCI controller * kernel: powerpc: RTAS calls can be used to compro ... oval:org.secpod.oval:def:89044458 The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-33200: Enforcing incorrect limits for pointer arithmetic operations by the BPF verifier could be abused to perform out-of-bounds reads and writes in kernel ... oval:org.secpod.oval:def:1505012 [4.14.35-2047.505.4.el7uek] - rds/ib: move rds_ib_clear_irq_miss to .h file [Orabug: 33044345] - rds/ib: recover rds connection from interrupt loss scenario [Orabug: 32804265] - rds/ib: handle posted ACK during connection shutdown [Orabug: 32863569] - rds/ib: reap tx completions during connection ... oval:org.secpod.oval:def:1505098 [3.10.0-1160.41.1.el7.OL7] - Update Oracle Linux certificates - Oracle Linux RHCK Module Signing Key was compiled into kernel - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 15-2.0.9.el7 - Update oracle value to match new certificate [3.10.0-1160.41.1.el7] - ixgbe: ... oval:org.secpod.oval:def:1505016 [5.4.17-2102.203.5.el7uek] - rds/ib: move rds_ib_clear_irq_miss to .h file [Orabug: 33044344] [5.4.17-2102.203.4.el7uek] - rds/ib: recover rds connection from interrupt loss scenario [Orabug: 32974199] - Revert Allow mce to reset instead of panic on UE [Orabug: 32820275] - bpf: Fix masking negati ... oval:org.secpod.oval:def:1505015 [5.4.17-2102.203.5.el8] - rds/ib: move rds_ib_clear_irq_miss to .h file [Orabug: 33044344] [5.4.17-2102.203.4.el8] - rds/ib: recover rds connection from interrupt loss scenario [Orabug: 32974199] - Revert Allow mce to reset instead of panic on UE [Orabug: 32820275] - bpf: Fix masking negation logi ... oval:org.secpod.oval:def:1505014 [5.4.17-2102.203.5.el8uek] - rds/ib: move rds_ib_clear_irq_miss to .h file [Orabug: 33044344] [5.4.17-2102.203.4.el8uek] - rds/ib: recover rds connection from interrupt loss scenario [Orabug: 32974199] - Revert Allow mce to reset instead of panic on UE [Orabug: 32820275] - bpf: Fix masking negati ... oval:org.secpod.oval:def:1505013 [5.4.17-2102.203.5.el7] - rds/ib: move rds_ib_clear_irq_miss to .h file [Orabug: 33044344] [5.4.17-2102.203.4.el7] - rds/ib: recover rds connection from interrupt loss scenario [Orabug: 32974199] - Revert Allow mce to reset instead of panic on UE [Orabug: 32820275] - bpf: Fix masking negation logi ... oval:org.secpod.oval:def:205891 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: out-of-bounds write in xt_compat_target_from_user in net/netfilter/x_tables.c * kernel: race condition for removal of the HCI controller * kernel: powerpc: RTAS calls can be used to compro ... oval:org.secpod.oval:def:4500020 The kernel packages contain the Linux kernel, the core of any Linux operating system. For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. oval:org.secpod.oval:def:506268 This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Security Fix: * kernel: size_t-to-int conversion vulnerability in the filesystem layer * kernel: race condition for removal of the HCI controller For more details ... oval:org.secpod.oval:def:1505022 [4.18.0-305.10.2_4.OL8] - Update Oracle Linux certificates - Disable signing for aarch64 - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 [4.18.0-305.10.2_4] - seq_fil ... oval:org.secpod.oval:def:74234 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: size_t-to-int conversion vulnerability in the filesystem layer * kernel: race condition for removal of the HCI controller For more details about the security issue, including the impact, a ... oval:org.secpod.oval:def:89044435 The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-33200: Enforcing incorrect limits for pointer arithmetic operations by the BPF verifier could be abused to perform out-of-bounds reads and writes in ... oval:org.secpod.oval:def:89044355 The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-33200: Enforcing incorrect limits for pointer arithmetic operations by the BPF verifier could be abused to perform out-of-bounds reads and writes in kernel ... oval:org.secpod.oval:def:1505038 [4.14.35-2047.505.4.el7] - rds/ib: move rds_ib_clear_irq_miss to .h file [Orabug: 33044345] - rds/ib: recover rds connection from interrupt loss scenario [Orabug: 32804265] - rds/ib: handle posted ACK during connection shutdown [Orabug: 32863569] - rds/ib: reap tx completions during connection sh ... oval:org.secpod.oval:def:2500479 The kernel packages contain the Linux kernel, the core of any Linux operating system. oval:org.secpod.oval:def:89044396 The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-33200: Enforcing incorrect limits for pointer arithmetic operations by the BPF verifier could be abused to perform out-of-bounds reads and writes in kernel ... oval:org.secpod.oval:def:89045040 This update for the Linux Kernel 4.4.180-94_138 fixes several issues. The following issues were fixed: - CVE-2021-33034: Fixed a use-after-free when destroying an hci_chan. This could lead to writing an arbitrary values . - CVE-2021-32399: Fixed a race condition when removing the HCI controller . - ... oval:org.secpod.oval:def:89045084 This update for the Linux Kernel 4.12.14-150_66 fixes several issues. The following security issues were fixed: - CVE-2021-33034: Fixed a use-after-free when destroying an hci_chan. This could lead to writing an arbitrary values . - CVE-2021-32399: Fixed a race condition when removing the HCI contro ... oval:org.secpod.oval:def:706078 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems - linux-gcp-4.15: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle ... oval:org.secpod.oval:def:706079 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle Cloud sys ... oval:org.secpod.oval:def:74547 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems - linux-gcp-4.15: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle ... oval:org.secpod.oval:def:74545 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle Cloud sys ... oval:org.secpod.oval:def:506247 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: size_t-to-int conversion vulnerability in the filesystem layer * kernel: race condition for removal of the HCI controller For more details about the security issue, including the impact, a ... oval:org.secpod.oval:def:1505043 [4.1.12-124.53.5.el7uek] - seq_file: disallow extremely large seq buffer allocations [Orabug: 33143006] {CVE-2021-33909} [4.1.12-124.53.3.el7uek] - net/mlx4: Fix EEPROM dump support [Orabug: 31895301] {CVE-2020-14304} - net/mlx4_en: ethtool, Remove unsupported SFP EEPROM high pages query [Orabug: ... oval:org.secpod.oval:def:1506010 [2.6.32-754.35.1.0.7.OL6] - bluetooth: eliminate the potential race condition when removing the HCI controller {CVE-2021-32399} [Orabug: 33763116] - RDMA/ucma: Put a lock around every call to the rdma_cm layer [Orabug: 33763116] - RDMA/cma: Add missing locking to rdma_accept [Orabug: 33763116] - ... oval:org.secpod.oval:def:506848 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: use-after-free in drivers/infiniband/core/ucma.c ctx use-after-free * kernel: race condition for removal of the HCI controller For more details about the security issue, including the impa ... oval:org.secpod.oval:def:506329 This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Security Fix: * kernel: out-of-bounds write in xt_compat_target_from_user in net/netfilter/x_tables.c * kernel: race condition for removal of the HCI controller F ... oval:org.secpod.oval:def:706067 linux-kvm: Linux kernel for cloud environments Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:74538 linux-oem-5.10: Linux kernel for OEM systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:74536 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gke: Linux kernel for Google Container Engine systems - linux-gkeop: Linux kernel for Goo ... oval:org.secpod.oval:def:74537 linux-kvm: Linux kernel for cloud environments Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:706064 linux-kvm: Linux kernel for cloud environments Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:706061 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gke: Linux kernel for Google Container Engine systems - linux-gkeop: Linux kernel for Goo ... oval:org.secpod.oval:def:706060 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-oracle: Linux kernel for Oracle Cloud systems - linux-raspi: Linux kernel for Raspberry Pi ... oval:org.secpod.oval:def:89045107 The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-22555: Fixed an heap out-of-bounds write in net/netfilter/x_tables.c that could allow local provilege escalation. - CVE-2021-33909: Fixed an out-of-bounds ... oval:org.secpod.oval:def:706057 linux-oem-5.10: Linux kernel for OEM systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:89045097 The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-0512: Fixed a possible out of bounds write due to a heap buffer overflow in __hidinput_change_resolution_multipliers. This could lead to local escalation o ... oval:org.secpod.oval:def:89047308 The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-33200: Enforcing incorrect limits for pointer arithmetic operations by the BPF verifier could be abused to perform out-of-bounds reads and writes in kernel ... oval:org.secpod.oval:def:89045118 The SUSE Linux Enterprise 15 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-22555: A heap out-of-bounds write was discovered in net/netfilter/x_tables.c . - CVE-2021-33909: Extremely large seq buffer allocations in seq_file could ... oval:org.secpod.oval:def:89045116 The SUSE Linux Enterprise 12 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-22555: Fixed an heap out-of-bounds write in net/netfilter/x_tables.c that could allow local provilege escalation. - CVE-2021-33909: Fixed an out-of-bounds ... oval:org.secpod.oval:def:89049473 The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-33200: Enforcing incorrect limits for pointer arithmetic operations by the BPF verifier could be abused to perform out-of-bounds reads and writes in kernel ... oval:org.secpod.oval:def:1700675 A vulnerability was found in the bluez, where Passkey Entry protocol used in Secure Simple Pairing , Secure Connections and LE Secure Connections of the Bluetooth Core Specification is vulnerable to an impersonation attack where an active attacker can impersonate the initiating device without any ... oval:org.secpod.oval:def:1700811 A flaw was found in the Linux kernels implementation of wifi fragmentation handling. An attacker with the ability to transmit within the wireless transmission range of an access point can abuse a flaw where previous contents of wifi fragments can be unintentionally transmitted to another device. A f ... oval:org.secpod.oval:def:1700828 A flaw was found in the Linux kernels implementation of wifi fragmentation handling. An attacker with the ability to transmit within the wireless transmission range of an access point can abuse a flaw where previous contents of wifi fragments can be unintentionally transmitted to another device. A f ... oval:org.secpod.oval:def:97561 [CLSA-2021:1632262269] Fixed 12 CVEs in kernel oval:org.secpod.oval:def:97562 [CLSA-2021:1632262296] Fix of 12 CVEs in kernel |