Download
| Alert*
oval:org.secpod.oval:def:5800199
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix: * kernel: UAF in nftables when nft_set_lookup_global triggered after handling named and anonymous sets in batch requests * kernel: netfilter: ... oval:org.secpod.oval:def:2600320 The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. oval:org.secpod.oval:def:2600322 The kernel packages contain the Linux kernel, the core of any Linux operating system. oval:org.secpod.oval:def:507949 The kernel packages contain the Linux kernel, the core of any Linux operating system. The following packages have been upgraded to a later upstream version: kernel . Security Fix: * kernel: UAF in nftables when nft_set_lookup_global triggered after handling named and anonymous sets in batch requests ... oval:org.secpod.oval:def:1507002 - [5.14.0-284.30.0.1.el9_2.OL9] - x86/tsx: Add a feature bit for TSX control MSR support {CVE-2023-1637} - x86/speculation: Restore speculation related MSRs {CVE-2023-1637} - x86/pm: Save the MSR validity status at context setup {CVE-2023-1637} - x86/pm: Fix false positive kmemleak report in msr_bui ... oval:org.secpod.oval:def:89049102 The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-3090: Fixed a heap out-of-bounds write in the ipvlan network driver . * CVE-2023-3111: Fixed a use-after-free vulnerability in prepare_to_relocate in fs/bt ... oval:org.secpod.oval:def:89049088 The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-1077: Fixed a type confusion in pick_next_rt_entity, that could cause memory corruption . * CVE-2023-1079: Fixed a use-after-free problem that could ... oval:org.secpod.oval:def:89049098 The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-1079: Fixed a use-after-free problem that could have been triggered in asus_kbd_backlight_set when plugging/disconnecting a malicious USB device . * CVE-20 ... oval:org.secpod.oval:def:89049086 The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-2156: Fixed a flaw in the networking subsystem within the handling of the RPL protocol . * CVE-2023-1637: Fixed vulnerability that could lead to unauthoriz ... oval:org.secpod.oval:def:1601548 A memory leak flaw was found in the Linux kernel's DMA subsystem, in the way a user calls DMA_FROM_DEVICE. This flaw allows a local user to read random memory from the kernel space. A use-after-free flaw was found in the Linux kernel's FUSE filesystem in the way a user triggers write. This flaw allo ... oval:org.secpod.oval:def:1701419 A denial of service issue was found in the Linux kernel;rsquo;s smb2_ioctl_query_info function in the fs/cifs/smb2ops.c Common Internet File System due to an incorrect return from the memdup_user function. This flaw allows a local, privileged attacker to crash the system. When the KVM updates the ... oval:org.secpod.oval:def:1700909 A use-after-free flaw was found in the Linux kernel's FUSE filesystem in the way a user triggers write. This flaw allows a local user to gain unauthorized access to data from the FUSE filesystem, resulting in privilege escalation. A vulnerability was found in the pfkey_register function in net/key/a ... oval:org.secpod.oval:def:89048993 The SUSE Linux Enterprise 15 SP2 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-1637: Fixed vulnerability that could lead to unauthorized access to CPU memory after resuming CPU from suspend-to-RAM . * CVE-2022-3566: Fixed race co ... oval:org.secpod.oval:def:3302437 Security update for the Linux Kernel oval:org.secpod.oval:def:89049344 The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2022-36280: Fixed out-of-bounds memory access vulnerability found in vmwgfx driver . * CVE-2022-38096: Fixed NULL-ptr deref in vmw_cmd_dx_define_query . * CVE-2 ... oval:org.secpod.oval:def:1701423 An issue was discovered in fs/io_uring.c in the Linux kernel through 5.11.8. It allows attackers to cause a denial of service because exit may be waiting to park a SQPOLL thread, but concurrently that SQPOLL thread is waiting for a signal to start, aka CID-3ebba796fa25. A flaw was found in unrestri ... oval:org.secpod.oval:def:89048908 The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-1611: Fixed an use-after-free flaw in btrfs_search_slot . * CVE-2023-1838: Fixed an use-after-free flaw in virtio network subcomponent. This flaw could all ... oval:org.secpod.oval:def:89049268 The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2018-20784: Fixed a denial of service by mishandled leaf cfs_rq in kernel/sched/fair.c . * CVE-2018-3639: Fixed Speculative Store Bypass aka 'Memory Disambigua ... oval:org.secpod.oval:def:19500119 2023-05-11: CVE-2023-2019 was added to this advisory.A flaw was found in the Linux kernel's netdevsim device driver, within the scheduling of events. This issue results from the improper management of a reference count. This may allow an attacker to create a denial of service condition on the system ... |