Download
| Alert*
oval:org.secpod.oval:def:120224
The kernel meta package oval:org.secpod.oval:def:506233 This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Security Fix: * kernel: use-after-free in net/bluetooth/hci_event.c when destroying an hci_chan For more details about the security issue, including the impact, a ... oval:org.secpod.oval:def:1700674 A use-after-free flaw was found in hci_send_acl in the bluetooth host controller interface in Linux kernel, where a local attacker with an access rights could cause a denial of service problem on the system The issue results from the object hchan, freed in hci_disconn_loglink_complete_evt, yet stil ... oval:org.secpod.oval:def:1700672 A use-after-free flaw was found in hci_send_acl in the bluetooth host controller interface in Linux kernel, where a local attacker with an access rights could cause a denial of service problem on the system The issue results from the object hchan, freed in hci_disconn_loglink_complete_evt, yet stil ... oval:org.secpod.oval:def:1700670 A use-after-free flaw was found in hci_send_acl in the bluetooth host controller interface in Linux kernel, where a local attacker with an access rights could cause a denial of service problem on the system The issue results from the object hchan, freed in hci_disconn_loglink_complete_evt, yet stil ... oval:org.secpod.oval:def:1700669 A use-after-free flaw was found in hci_send_acl in the bluetooth host controller interface in Linux kernel, where a local attacker with an access rights could cause a denial of service problem on the system The issue results from the object hchan, freed in hci_disconn_loglink_complete_evt, yet stil ... oval:org.secpod.oval:def:73715 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: use-after-free in net/bluetooth/hci_event.c when destroying an hci_chan * kernel: security bypass in certs/blacklist.c and certs/system_keyring.c For more details about the security issue, ... oval:org.secpod.oval:def:4500057 The kernel packages contain the Linux kernel, the core of any Linux operating system. For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. oval:org.secpod.oval:def:506238 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: use-after-free in net/bluetooth/hci_event.c when destroying an hci_chan * kernel: security bypass in certs/blacklist.c and certs/system_keyring.c For more details about the security issue, ... oval:org.secpod.oval:def:2500473 The kernel packages contain the Linux kernel, the core of any Linux operating system. oval:org.secpod.oval:def:1504998 [4.18.0-305.7.1.el8_4.OL8] - Update Oracle Linux certificates - Disable signing for aarch64 - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 15-11.0.5.el8 [4.18.0-305. ... oval:org.secpod.oval:def:89044458 The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-33200: Enforcing incorrect limits for pointer arithmetic operations by the BPF verifier could be abused to perform out-of-bounds reads and writes in kernel ... oval:org.secpod.oval:def:1505012 [4.14.35-2047.505.4.el7uek] - rds/ib: move rds_ib_clear_irq_miss to .h file [Orabug: 33044345] - rds/ib: recover rds connection from interrupt loss scenario [Orabug: 32804265] - rds/ib: handle posted ACK during connection shutdown [Orabug: 32863569] - rds/ib: reap tx completions during connection ... oval:org.secpod.oval:def:1505016 [5.4.17-2102.203.5.el7uek] - rds/ib: move rds_ib_clear_irq_miss to .h file [Orabug: 33044344] [5.4.17-2102.203.4.el7uek] - rds/ib: recover rds connection from interrupt loss scenario [Orabug: 32974199] - Revert Allow mce to reset instead of panic on UE [Orabug: 32820275] - bpf: Fix masking negati ... oval:org.secpod.oval:def:1505015 [5.4.17-2102.203.5.el8] - rds/ib: move rds_ib_clear_irq_miss to .h file [Orabug: 33044344] [5.4.17-2102.203.4.el8] - rds/ib: recover rds connection from interrupt loss scenario [Orabug: 32974199] - Revert Allow mce to reset instead of panic on UE [Orabug: 32820275] - bpf: Fix masking negation logi ... oval:org.secpod.oval:def:1505014 [5.4.17-2102.203.5.el8uek] - rds/ib: move rds_ib_clear_irq_miss to .h file [Orabug: 33044344] [5.4.17-2102.203.4.el8uek] - rds/ib: recover rds connection from interrupt loss scenario [Orabug: 32974199] - Revert Allow mce to reset instead of panic on UE [Orabug: 32820275] - bpf: Fix masking negati ... oval:org.secpod.oval:def:1505013 [5.4.17-2102.203.5.el7] - rds/ib: move rds_ib_clear_irq_miss to .h file [Orabug: 33044344] [5.4.17-2102.203.4.el7] - rds/ib: recover rds connection from interrupt loss scenario [Orabug: 32974199] - Revert Allow mce to reset instead of panic on UE [Orabug: 32820275] - bpf: Fix masking negation logi ... oval:org.secpod.oval:def:506269 This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Security Fix: * kernel: size_t-to-int conversion vulnerability in the filesystem layer * kernel: use-after-free in net/bluetooth/hci_event.c when destroying an hci ... oval:org.secpod.oval:def:1505021 [3.10.0-1160.36.2.OL7] - Update Oracle Linux certificates - Oracle Linux RHCK Module Signing Key was compiled into kernel - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 - Update oracle value to match new certificate [3.10.0-1160.36.2] - seq_file: Disallow extremely ... oval:org.secpod.oval:def:506270 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: size_t-to-int conversion vulnerability in the filesystem layer * kernel: use-after-free in net/bluetooth/hci_event.c when destroying an hci_chan * kernel: use-after-free in show_numa_stats ... oval:org.secpod.oval:def:205880 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: size_t-to-int conversion vulnerability in the filesystem layer * kernel: use-after-free in net/bluetooth/hci_event.c when destroying an hci_chan * kernel: use-after-free in show_numa_stats ... oval:org.secpod.oval:def:89044435 The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-33200: Enforcing incorrect limits for pointer arithmetic operations by the BPF verifier could be abused to perform out-of-bounds reads and writes in ... oval:org.secpod.oval:def:89044355 The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-33200: Enforcing incorrect limits for pointer arithmetic operations by the BPF verifier could be abused to perform out-of-bounds reads and writes in kernel ... oval:org.secpod.oval:def:1505038 [4.14.35-2047.505.4.el7] - rds/ib: move rds_ib_clear_irq_miss to .h file [Orabug: 33044345] - rds/ib: recover rds connection from interrupt loss scenario [Orabug: 32804265] - rds/ib: handle posted ACK during connection shutdown [Orabug: 32863569] - rds/ib: reap tx completions during connection sh ... oval:org.secpod.oval:def:89044396 The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-33200: Enforcing incorrect limits for pointer arithmetic operations by the BPF verifier could be abused to perform out-of-bounds reads and writes in kernel ... oval:org.secpod.oval:def:89045040 This update for the Linux Kernel 4.4.180-94_138 fixes several issues. The following issues were fixed: - CVE-2021-33034: Fixed a use-after-free when destroying an hci_chan. This could lead to writing an arbitrary values . - CVE-2021-32399: Fixed a race condition when removing the HCI controller . - ... oval:org.secpod.oval:def:89045084 This update for the Linux Kernel 4.12.14-150_66 fixes several issues. The following security issues were fixed: - CVE-2021-33034: Fixed a use-after-free when destroying an hci_chan. This could lead to writing an arbitrary values . - CVE-2021-32399: Fixed a race condition when removing the HCI contro ... oval:org.secpod.oval:def:706078 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems - linux-gcp-4.15: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle ... oval:org.secpod.oval:def:706079 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle Cloud sys ... oval:org.secpod.oval:def:74547 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems - linux-gcp-4.15: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle ... oval:org.secpod.oval:def:74545 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle Cloud sys ... oval:org.secpod.oval:def:1505009 [4.1.12-124.52.4] - IB/core: Only update PKEY and GID caches on respective events [Orabug: 32816368] - Revert "Allow mce to reset instead of panic on UE" [Orabug: 32820278] - Bluetooth: verify AMP hci_chan before amp_destroy [Orabug: 32912103] {CVE-2021-33034} - Bluetooth: Fix slab-out-of-bounds ... oval:org.secpod.oval:def:89045073 This update for the Linux Kernel 4.4.180-94_144 fixes several issues. The following issues were fixed: - CVE-2021-33034: Fixed a use-after-free when destroying an hci_chan. This could lead to writing an arbitrary values . - CVE-2021-28688: Fixed an issue introduced by XSA-365, leaving around zombie ... oval:org.secpod.oval:def:1504999 [4.1.12-124.52.4.el7uek] - IB/core: Only update PKEY and GID caches on respective events [Orabug: 32816368] - Revert Allow mce to reset instead of panic on UE [Orabug: 32820278] - Bluetooth: verify AMP hci_chan before amp_destroy [Orabug: 32912103] {CVE-2021-33034} - Bluetooth: Fix slab-out-of-bo ... oval:org.secpod.oval:def:706067 linux-kvm: Linux kernel for cloud environments Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:74538 linux-oem-5.10: Linux kernel for OEM systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:74536 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gke: Linux kernel for Google Container Engine systems - linux-gkeop: Linux kernel for Goo ... oval:org.secpod.oval:def:74537 linux-kvm: Linux kernel for cloud environments Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:706064 linux-kvm: Linux kernel for cloud environments Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:706061 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gke: Linux kernel for Google Container Engine systems - linux-gkeop: Linux kernel for Goo ... oval:org.secpod.oval:def:706060 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-oracle: Linux kernel for Oracle Cloud systems - linux-raspi: Linux kernel for Raspberry Pi ... oval:org.secpod.oval:def:89045107 The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-22555: Fixed an heap out-of-bounds write in net/netfilter/x_tables.c that could allow local provilege escalation. - CVE-2021-33909: Fixed an out-of-bounds ... oval:org.secpod.oval:def:706057 linux-oem-5.10: Linux kernel for OEM systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:89047308 The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-33200: Enforcing incorrect limits for pointer arithmetic operations by the BPF verifier could be abused to perform out-of-bounds reads and writes in kernel ... oval:org.secpod.oval:def:89045118 The SUSE Linux Enterprise 15 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-22555: A heap out-of-bounds write was discovered in net/netfilter/x_tables.c . - CVE-2021-33909: Extremely large seq buffer allocations in seq_file could ... oval:org.secpod.oval:def:89045116 The SUSE Linux Enterprise 12 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-22555: Fixed an heap out-of-bounds write in net/netfilter/x_tables.c that could allow local provilege escalation. - CVE-2021-33909: Fixed an out-of-bounds ... oval:org.secpod.oval:def:89049473 The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-33200: Enforcing incorrect limits for pointer arithmetic operations by the BPF verifier could be abused to perform out-of-bounds reads and writes in kernel ... oval:org.secpod.oval:def:1700675 A vulnerability was found in the bluez, where Passkey Entry protocol used in Secure Simple Pairing , Secure Connections and LE Secure Connections of the Bluetooth Core Specification is vulnerable to an impersonation attack where an active attacker can impersonate the initiating device without any ... oval:org.secpod.oval:def:1700811 A flaw was found in the Linux kernels implementation of wifi fragmentation handling. An attacker with the ability to transmit within the wireless transmission range of an access point can abuse a flaw where previous contents of wifi fragments can be unintentionally transmitted to another device. A f ... oval:org.secpod.oval:def:1700828 A flaw was found in the Linux kernels implementation of wifi fragmentation handling. An attacker with the ability to transmit within the wireless transmission range of an access point can abuse a flaw where previous contents of wifi fragments can be unintentionally transmitted to another device. A f ... oval:org.secpod.oval:def:1507165 [5.4.17-2136.325.5.el7] - perf symbols: Symbol lookup with kcore can fail if multiple segments match stext [Orabug: 35905508] - char: misc: Increase the maximum number of dynamic misc devices to 1048448 [Orabug: 35905508] - perf/arm-cmn: Fix invalid pointer when access dtc object sharing the same ... |