Download
| Alert*
oval:org.secpod.oval:def:706188
linux: Linux kernel - linux-bluefield: Linux kernel for NVIDIA BlueField platforms - linux-kvm: Linux kernel for cloud environments - linux-gcp-5.4: Linux kernel for Google Cloud Platform systems - linux-hwe-5.4: Linux hardware enablement kernel Several security issues were fixed in the Linux kern ... oval:org.secpod.oval:def:706187 linux-oem-5.10: Linux kernel for OEM systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:706189 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-raspi: Linux kernel for Raspberry Pi syst ... oval:org.secpod.oval:def:706184 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems - linux-dell300x: Linux kernel for Dell 300x platforms - linux-gcp-4.15: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for clo ... oval:org.secpod.oval:def:75989 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-raspi: Linux kernel for Raspberry Pi syst ... oval:org.secpod.oval:def:89045817 The SUSE Linux Enterprise 12 SP2 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - Unprivileged BPF has been disabled by default to reduce attack surface as too many security issues have happened in the past You can reenable via systemctl se ... oval:org.secpod.oval:def:75992 linux: Linux kernel - linux-bluefield: Linux kernel for NVIDIA BlueField platforms - linux-kvm: Linux kernel for cloud environments - linux-gcp-5.4: Linux kernel for Google Cloud Platform systems - linux-hwe-5.4: Linux hardware enablement kernel Several security issues were fixed in the Linux kern ... oval:org.secpod.oval:def:75991 linux-oem-5.10: Linux kernel for OEM systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:75990 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems - linux-dell300x: Linux kernel for Dell 300x platforms - linux-gcp-4.15: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for clo ... oval:org.secpod.oval:def:1505137 [5.4.17-2102.206.1.el7uek] - Revert scsi: core: Cap scsi_host cmd_per_lun at can_queue [Orabug: 33403144] [5.4.17-2102.206.0.el7uek] - Revert uek-rpm: Don"t recompute build-ids for kernel-uek-debuginfo [Orabug: 33245043] - integrity: Load mokx variables into the blacklist keyring [Orabug: 3341849 ... oval:org.secpod.oval:def:1505136 [5.4.17-2102.206.1.el7] - Revert scsi: core: Cap scsi_host cmd_per_lun at can_queue [Orabug: 33403144] [5.4.17-2102.206.0.el7] - Revert uek-rpm: Don"t recompute build-ids for kernel-uek-debuginfo [Orabug: 33245043] - integrity: Load mokx variables into the blacklist keyring [Orabug: 33418496] - p ... oval:org.secpod.oval:def:1505135 [4.1.12-124.56.1.el7uek] - ocfs2: subsystem.su_mutex is required while accessing the item->ci_parent [Orabug: 29184589] {CVE-2017-18216} - bcache: fix potential deadlock problem in btree_gc_coalesce {CVE-2020-12771} - filldir[64]: remove WARN_ON_ONCE for bad directory entries [Orabug: 31351271 ... oval:org.secpod.oval:def:89045863 The SUSE Linux Enterprise 12 SP3 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - Unprivileged BPF has been disabled by default to reduce attack surface as too many security issues have happened in the past You can reenable via systemctl se ... oval:org.secpod.oval:def:1505139 [5.4.17-2102.206.1.el8uek] - Revert scsi: core: Cap scsi_host cmd_per_lun at can_queue [Orabug: 33403144] [5.4.17-2102.206.0.el8uek] - Revert uek-rpm: Don"t recompute build-ids for kernel-uek-debuginfo [Orabug: 33245043] - integrity: Load mokx variables into the blacklist keyring [Orabug: 3341849 ... oval:org.secpod.oval:def:605640 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2020-3702 A flaw was found in the driver for Atheros IEEE 802.11n family of chipsets allowing information disclosure. CVE-2020-16119 Hadar Manor repo ... oval:org.secpod.oval:def:1505138 [5.4.17-2102.206.1.el8] - Revert scsi: core: Cap scsi_host cmd_per_lun at can_queue [Orabug: 33403144] [5.4.17-2102.206.0.el8] - Revert uek-rpm: Don"t recompute build-ids for kernel-uek-debuginfo [Orabug: 33245043] - integrity: Load mokx variables into the blacklist keyring [Orabug: 33418496] - p ... oval:org.secpod.oval:def:86599 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2020-3702 A flaw was found in the driver for Atheros IEEE 802.11n family of chipsets allowing information disclosure. CVE-2020-16119 Hadar Manor repo ... oval:org.secpod.oval:def:120738 The kernel meta package oval:org.secpod.oval:def:75974 linux-oem-5.13: Linux kernel for OEM systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:120740 The kernel meta package oval:org.secpod.oval:def:1700720 A flaw was found in the Linux kernel. A race condition was discovered in the ext4 subsystem. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability oval:org.secpod.oval:def:1505148 [5.4.17-2136.300.7.el8] - KVM: SVM: Fix mismerge in svm_update_pi_irte [Orabug: 33446526] - Revert KVM: x86: hyperv: Remove duplicate definitions of Reference TSC Page [Orabug: 33450675] [5.4.17-2136.300.6.el8] - Revert scsi: core: Cap scsi_host cmd_per_lun at can_queue [Orabug: 33441404] [5.4.17 ... oval:org.secpod.oval:def:1507165 [5.4.17-2136.325.5.el7] - perf symbols: Symbol lookup with kcore can fail if multiple segments match stext [Orabug: 35905508] - char: misc: Increase the maximum number of dynamic misc devices to 1048448 [Orabug: 35905508] - perf/arm-cmn: Fix invalid pointer when access dtc object sharing the same ... oval:org.secpod.oval:def:1505147 [5.4.17-2136.300.7.el8uek] - KVM: SVM: Fix mismerge in svm_update_pi_irte [Orabug: 33446526] - Revert KVM: x86: hyperv: Remove duplicate definitions of Reference TSC Page [Orabug: 33450675] oval:org.secpod.oval:def:1601475 A flaw was found in the Linux kernel. When reusing a socket with an attached dccps_hc_tx_ccid as a listener, the socket will be used after being released leading to denial of service or a potential code execution. The highest threat from this vulnerability is to data confidentiality and integrity a ... oval:org.secpod.oval:def:1700707 ALAS2LIVEPATCH-2021-061: Vulnerability in kernel-livepatch oval:org.secpod.oval:def:1700705 ALAS2LIVEPATCH-2021-062: Vulnerability in kernel-livepatch oval:org.secpod.oval:def:706163 linux-oem-5.13: Linux kernel for OEM systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:1505151 [4.14.35-2047.508.3.el7uek] - fuse: fix live lock in fuse_iget [Orabug: 33396682] {CVE-2021-28950} - block: workaround to avoid self-deadlock in del_gendisk [Orabug: 33392821] - net: bonding: add new option arp_allslaves for arp_ip_target [Orabug: 33352735] [4.14.35-2047.508.2.el7uek] - KVM: x86: ... oval:org.secpod.oval:def:1505150 [5.4.17-2136.300.7.el7] - KVM: SVM: Fix mismerge in svm_update_pi_irte [Orabug: 33446526] - Revert KVM: x86: hyperv: Remove duplicate definitions of Reference TSC Page [Orabug: 33450675] - Revert scsi: core: Cap scsi_host cmd_per_lun at can_queue [Orabug: 33441404] [5.4.17-2136.300.5.el7] - dccp: ... oval:org.secpod.oval:def:1700709 A flaw was found in the KVM"s AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB provided by the L1 guest to spawn/handle a nested guest . Due to improper validation of the "int_ctl" field, this issue could allow a malicious L1 to enable AVIC support for th ... oval:org.secpod.oval:def:76583 linux-azure-5.8: Linux kernel for Microsoft Azure cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:1505152 [5.4.17-2136.300.7.el7uek] - KVM: SVM: Fix mismerge in svm_update_pi_irte [Orabug: 33446526] - Revert KVM: x86: hyperv: Remove duplicate definitions of Reference TSC Page [Orabug: 33450675] [5.4.17-2136.300.6.el7uek] - Revert scsi: core: Cap scsi_host cmd_per_lun at can_queue [Orabug: 33441404] [ ... oval:org.secpod.oval:def:76582 linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gke: Linux kernel for Google Container Engine systems - linux-gkeop: Linux kernel for Google Container Engine systems - linux-oracle: Linux kernel for Oracle Cloud systems ... oval:org.secpod.oval:def:1505597 [4.1.12-124.54.6.1] - fs/namespace.c: fix mountpoint reference counter race [Orabug: 33369433] {CVE-2020-12114} {CVE-2020-12114} - btrfs: only search for left_info if there is no right_info in try_merge_free_space [Orabug: 33369414] {CVE-2019-19448} {CVE-2019-19448} - cfg80211: wext: avoid copying ... oval:org.secpod.oval:def:89045687 The SUSE Linux Enterprise 12 SP5 kernel was updated. The following security bugs were fixed: - CVE-2020-3702: Fixed a bug which could be triggered with specifically timed and handcrafted traffic and cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a conseque ... oval:org.secpod.oval:def:89049485 The SUSE Linux Enterprise 15 SP2 kernel was updated. The following security bugs were fixed: - CVE-2020-3702: Fixed a bug which could be triggered with specifically timed and handcrafted traffic and cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a conseque ... oval:org.secpod.oval:def:89047094 The SUSE Linux Enterprise 15 SP3 kernel was updated. The following security bugs were fixed: - CVE-2020-3702: Fixed a bug which could be triggered with specifically timed and handcrafted traffic and cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a conseque ... oval:org.secpod.oval:def:1700817 A race problem was seen in the vt_k_ioctl in drivers/tty/vt/vt_ioctl.c in the Linux kernel, which may cause an out of bounds read in vt as the write access to vc_mode is not protected by lock-in vt_ioctl . The highest threat from this vulnerability is to data confidentiality. A flaw was found in the ... oval:org.secpod.oval:def:89045829 The SUSE Linux Enterprise 15 SP1 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - Unprivileged BPF has been disabled by default to reduce attack surface as too many security issues have happened in the past You can reenable via systemctl se ... oval:org.secpod.oval:def:1700815 A flaw was found in the Linux kernel's implementation of wireless drivers using the Atheros chipsets. An attacker within wireless range could send crafted traffic leading to information disclosure. A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when ... oval:org.secpod.oval:def:706191 linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gke: Linux kernel for Google Container Engine systems - linux-gkeop: Linux kernel for Google Container Engine systems - linux-oracle: Linux kernel for Oracle Cloud systems ... oval:org.secpod.oval:def:89045869 The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - Unprivileged BPF has been disabled by default to reduce attack surface as too many security issues have happened in the past You can reenable via systemctl setting ... oval:org.secpod.oval:def:706193 linux-azure-5.8: Linux kernel for Microsoft Azure cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:1505165 [4.14.35-2047.508.3.el7] - fuse: fix live lock in fuse_iget [Orabug: 33396682] {CVE-2021-28950} - block: workaround to avoid self-deadlock in del_gendisk [Orabug: 33392821] - net: bonding: add new option arp_allslaves for arp_ip_target [Orabug: 33352735] [4.14.35-2047.508.2] - KVM: x86: Check kvm ... oval:org.secpod.oval:def:89045876 The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: Unprivileged BPF has been disabled by default to reduce attack surface as too many security issues have happened in the past You can reenable via systemctl setting /proc ... oval:org.secpod.oval:def:1505126 [4.14.35-2047.507.7.5.el7uek] - Bluetooth: defer cleanup of resources in hci_unregister_dev [Orabug: 33369947] {CVE-2021-3573} - Bluetooth: use correct lock to prevent UAF of hdev object [Orabug: 33369947] - Bluetooth: fix the erroneous flush_work order [Orabug: 33369947] {CVE-2021-3564} - ext4: ... oval:org.secpod.oval:def:1700703 ALAS2LIVEPATCH-2021-064: Vulnerability in kernel-livepatch oval:org.secpod.oval:def:1505125 [4.1.12-124.54.6.1.el7uek] - fs/namespace.c: fix mountpoint reference counter race [Orabug: 33369433] {CVE-2020-12114} {CVE-2020-12114} - btrfs: only search for left_info if there is no right_info in try_merge_free_space [Orabug: 33369414] {CVE-2019-19448} {CVE-2019-19448} - cfg80211: wext: avoid ... oval:org.secpod.oval:def:89045710 The SUSE Linux Enterprise 12 SP56 kernel was updated. The following security bugs were fixed: - CVE-2020-3702: Fixed a bug which could be triggered with specifically timed and handcrafted traffic and cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequ ... oval:org.secpod.oval:def:1505168 [4.14.35-2047.507.7.5.el7] - Bluetooth: defer cleanup of resources in hci_unregister_dev [Orabug: 33369947] {CVE-2021-3573} - Bluetooth: use correct lock to prevent UAF of hdev object [Orabug: 33369947] - Bluetooth: fix the erroneous flush_work order [Orabug: 33369947] {CVE-2021-3564} - ext4: fix ... oval:org.secpod.oval:def:1700701 ALAS2LIVEPATCH-2021-063: Vulnerability in kernel-livepatch oval:org.secpod.oval:def:1700700 ALAS2LIVEPATCH-2021-060: Vulnerability in kernel-livepatch |