Download
| Alert*
oval:org.secpod.oval:def:500033
The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issue: * A use-after-free flaw was found in the Linux kernel"s RPC server sockets implementation. A remote attacker could use this flaw to trigger a denial of service by sen ... oval:org.secpod.oval:def:1502072 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501848 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502156 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:502214 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions . There are three primary variants of the issue which differ in th ... oval:org.secpod.oval:def:502213 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions . There are three primary variants of the issue which differ in th ... oval:org.secpod.oval:def:502248 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * hw: cpu: speculative execution branch target injection * hw: cpu: speculative execution bounds-check bypass * hw: cpu: speculative execution permission faults handling For more details about t ... oval:org.secpod.oval:def:1500442 perf is installed oval:org.secpod.oval:def:506178 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: userspace applications can misuse the KVM API to cause a write of 16 bytes at an offset up to 32 GB from vcpu-run * kernel: nitro_enclaves stale file descriptors on failed usercopy For mor ... oval:org.secpod.oval:def:42210 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable , the loader could allow part of that application"s dat ... oval:org.secpod.oval:def:1601009 NOTE: CVE-2018-14634 was already fixed in the 4.14 kernel released with the 2018.03 AMI release. The advisory release date does not accurately reflect the date this was fixed. The actual date of the fix being released is: 2018-04-23.An integer overflow flaw was found in the Linux kernel's creat ... oval:org.secpod.oval:def:1601300 The Linux kernel before 3.2.2 does not properly restrict SG_IO ioctl calls, which allows local users to bypass intended restrictions on disk read and write operations by sending a SCSI command to a partition block device or an LVM volume. oval:org.secpod.oval:def:1601267 The journal_unmap_buffer function in fs/jbd2/transaction.c in the Linux kernel before 3.3.1 does not properly handle the _Delay and _Unwritten buffer head states, which allows local users to cause a denial of service by leveraging the presence of an ext4 filesystem that was mounted with a journal. oval:org.secpod.oval:def:1601245 IPv6 fragment identification value generation could allow a remote attacker to disrupt a target system"s networking, preventing legitimate users from accessing its services. A signedness issue was found in the Linux kernel"s CIFS implementation. A malicious CIFS server could send a specially-crafte ... oval:org.secpod.oval:def:202391 The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: * A NULL pointer dereference flaw was found in the nf_ct_frag6_reasm function in the Linux kernel"s netfilter IPv6 connection tracking implementation. A remote attac ... oval:org.secpod.oval:def:202319 The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: * Numerous reference count leaks were found in the Linux kernel"s block layer I/O context handling implementation. This could allow a local, unprivileged user to cau ... oval:org.secpod.oval:def:202421 The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: * An integer overflow flaw was found in the i915_gem_execbuffer2 function in the Intel i915 driver in the Linux kernel. A local, unprivileged user could use this fla ... oval:org.secpod.oval:def:202847 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security fix: * Using the SG_IO IOCTL to issue SCSI requests to partitions or LVM volumes resulted in the requests being passed to the underlying block device. If a privileged user only had access to a single parti ... oval:org.secpod.oval:def:203991 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: It was found that the RFC 5961 challenge ACK rate limiting as implemented in the Linux kernel"s networking subsystem allowed an off-path attacker to leak certain information about a given connection b ... oval:org.secpod.oval:def:204566 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable , the loader could allow part of that application"s dat ... oval:org.secpod.oval:def:204518 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A flaw was found in the way memory was being allocated on the stack for user space binaries. If heap and stack memory regions were adjacent to each other, an attacker could use this flaw to jump ov ... oval:org.secpod.oval:def:204729 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions . There are three primary variants of the issue which differ in th ... oval:org.secpod.oval:def:202306 The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issue: * It was found that permissions were not checked properly in the Linux kernel when handling the /proc/[pid]/mem writing functionality. A local, unprivileged user coul ... oval:org.secpod.oval:def:1601236 The epoll implementation in the Linux kernel 2.6.37.2 and earlier does not properly traverse a tree of epoll file descriptors, which allows local users to cause a denial of service via a crafted application that makes epoll_create and epoll_ctl system calls.Buffer overflow in the xfs_readlink funct ... oval:org.secpod.oval:def:203933 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A flaw was found in the way the Linux kernel"s ASN.1 DER decoder processed certain certificate files with tags of indefinite length. A local, unprivileged user could use a specially crafted X.509 ce ... oval:org.secpod.oval:def:203988 The kernel packages contain the Linux kernel, the core of any Linux operating system. It was found that the RFC 5961 challenge ACK rate limiting as implemented in the Linux kernel"s networking subsystem allowed an off-path attacker to leak certain information about a given connection by creating con ... oval:org.secpod.oval:def:204022 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * Linux kernel built with the 802.1Q/802.1ad VLAN OR Virtual eXtensible Local Area Network with Transparent Ethernet Bridging GRO support, is vulnerable to a stack overflow issue. It could occur while ... oval:org.secpod.oval:def:204452 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * Linux kernel built with the Kernel-based Virtual Machine support is vulnerable to a null pointer dereference flaw. It could occur on x86 platform, when emulating an undefined instruction. An attack ... oval:org.secpod.oval:def:204520 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A flaw was found in the way memory was being allocated on the stack for user space binaries. If heap and stack memory regions were adjacent to each other, an attacker could use this flaw to jump ov ... oval:org.secpod.oval:def:204720 The kernel packages contain the Linux kernel, the core of any Linux operating system. These updated kernel packages include several security issues and numerous bug fixes, some of which you can see below. Space precludes documenting all of these bug fixes in this advisory. To see the complete list o ... oval:org.secpod.oval:def:204725 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions . There are three primary variants of the issue which differ in th ... oval:org.secpod.oval:def:204878 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: Integer overflow in Linux"s create_elf_tables function For more details about the security issue, including the impact, a CVSS score, and other related information, refer to the CVE page li ... oval:org.secpod.oval:def:1601226 The skb_gro_header_slow function in include/linux/netdevice.h in the Linux kernel before 2.6.39.4, when Generic Receive Offload is enabled, resets certain fields in incorrect situations, which allows remote attackers to cause a denial of service via crafted network traffic. Race condition in the e ... oval:org.secpod.oval:def:500096 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security fix: * Using the SG_IO IOCTL to issue SCSI requests to partitions or LVM volumes resulted in the requests being passed to the underlying block device. If a privileged user only had access to a single parti ... oval:org.secpod.oval:def:500184 The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: * Flaws in the AGPGART driver implementation when handling certain IOCTL commands could allow a local user to cause a denial of service or escalate their privileges. ... oval:org.secpod.oval:def:1503456 Updated kernel packages that fix multiple security issues and various bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity rat ... oval:org.secpod.oval:def:1503420 Updated kernel packages that fix several security issues, various bugs, and add one enhancement are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System base scores, which give ... oval:org.secpod.oval:def:500046 The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: * It was found that the receive hook in the ipip_init function in the ipip module, and in the ipgre_init function in the ip_gre module, could be called before networ ... oval:org.secpod.oval:def:500063 The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: * The proc file system could allow a local, unprivileged user to obtain sensitive information or possibly cause integrity issues. * Non-member VLAN packet handling ... oval:org.secpod.oval:def:1503309 Updated kernel packages that fix several security issues, various bugs, and add an enhancement are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System base scores, which give ... oval:org.secpod.oval:def:500000 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security fixes: * An integer overflow flaw in ib_uverbs_poll_cq could allow a local, unprivileged user to cause a denial of service or escalate their privileges. * An integer signedness flaw in drm_modeset_ctl cou ... oval:org.secpod.oval:def:500195 The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: * Multiple buffer overflow flaws were found in the Linux kernel"s Management Module Support for Message Passing Technology based controllers. A local, unprivileged ... oval:org.secpod.oval:def:1503567 Updated kernel packages that fix several security issues, various bugs, and add two enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System base scores, which giv ... oval:org.secpod.oval:def:500150 Security issues: * Using PCI passthrough without interrupt remapping support allowed KVM guests to generate MSI interrupts and thus potentially inject traps. A privileged guest user could use this flaw to crash the host or possibly escalate their privileges on the host. The fix for this issue can pr ... oval:org.secpod.oval:def:1600715 An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be jmp"ed over, this affects Linux Kernel versions 4.11.5 and earlier . An issue was discovered in the size of the default stack guard page on GRSecurity/PAX Lin ... oval:org.secpod.oval:def:502362 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: Integer overflow in Linux"s create_elf_tables function For more details about the security issue, including the impact, a CVSS score, and other related information, refer to the CVE page li ... oval:org.secpod.oval:def:1502317 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1700507 NOTE: CVE-2018-14634 was already fixed in the 4.14 kernel released with the Amazon Linux 2 LTS release. The advisory release date does not accurately reflect the date this was fixed.An integer overflow flaw was found in the Linux kernel"s create_elf_tables function. An unprivileged local user with a ... oval:org.secpod.oval:def:1600904 Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue and tcp_prune_ofo_queue for every incoming packet which can lead to a denial of service. An attacker can induce a denial of service condition by sending specially modified packets within ongoing TCP sessi ... oval:org.secpod.oval:def:503199 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: nfs: use-after-free in svc_process_common * kernel: insufficient input validation in kernel mode driver in Intel i915 graphics leads to privilege escalation * kernel: nfs: NULL pointer der ... oval:org.secpod.oval:def:4500102 The kernel packages contain the Linux kernel, the core of any Linux operating system. For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. oval:org.secpod.oval:def:1504942 [4.18.0-305.3.1.el8_4.OL8] - Update Oracle Linux certificates - Disable signing for aarch64 - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 less than or equal 15-11.0 ... oval:org.secpod.oval:def:73631 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: userspace applications can misuse the KVM API to cause a write of 16 bytes at an offset up to 32 GB from vcpu-run * kernel: nitro_enclaves stale file descriptors on failed usercopy For mor ... oval:org.secpod.oval:def:2500406 The kernel packages contain the Linux kernel, the core of any Linux operating system. oval:org.secpod.oval:def:500919 The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: * A use-after-free flaw was found in the Linux kernel"s memory management subsystem in the way quota handling for huge pages was performed. A local, unprivileged use ... oval:org.secpod.oval:def:500784 The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: * Numerous reference count leaks were found in the Linux kernel"s block layer I/O context handling implementation. This could allow a local, unprivileged user to cau ... oval:org.secpod.oval:def:1500111 Updated kernel packages that fix multiple security issues, address severalhundred bugs, and add numerous enhancements are now available as part ofthe ongoing support and maintenance of Red Hat Enterprise Linux version 6.This is the fourth regular update.The Red Hat Security Response Team has rated t ... oval:org.secpod.oval:def:1503862 Updated kernel packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System base scores, which ... oval:org.secpod.oval:def:501068 The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: * A flaw was found in the way KVM initialized a guest"s registered pv_eoi indication flag when entering the guest. An unprivileged guest user could potentially use ... oval:org.secpod.oval:def:202486 The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: * A use-after-free flaw was found in the Linux kernel"s memory management subsystem in the way quota handling for huge pages was performed. A local, unprivileged use ... oval:org.secpod.oval:def:1500194 Updated kernel packages that fix three security issues, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System base scores, which give d ... oval:org.secpod.oval:def:1500126 Updated kernel packages that fix two security issues and several bugs arenow available for Red Hat Enterprise Linux 6.The Red Hat Security Response Team has rated this update as havingimportant security impact. Common Vulnerability Scoring System basescores, which give detailed severity ratings, ar ... oval:org.secpod.oval:def:1503897 Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity rat ... oval:org.secpod.oval:def:202897 The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: * A flaw was found in the way KVM initialized a guest"s registered pv_eoi indication flag when entering the guest. An unprivileged guest user could potentially use ... oval:org.secpod.oval:def:202643 The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: * A flaw was found in the way the xen_iret function in the Linux kernel used the DS register. A local, unprivileged user in a 32-bit, para-virtualized Xen hyperviso ... oval:org.secpod.oval:def:202624 The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: * A race condition was found in the way asynchronous I/O and fallocate interacted when using the ext4 file system. A local, unprivileged user could use this flaw to ... oval:org.secpod.oval:def:1500275 Updated kernel packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, ... oval:org.secpod.oval:def:202951 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel"s TCP/IP protocol suite implementation handled IPv6 sockets that used the UDP_CORK option. A local, unprivileged user could use this flaw to cause a denial of service. ... oval:org.secpod.oval:def:501026 The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: * A flaw was found in the way the xen_iret function in the Linux kernel used the DS register. A local, unprivileged user in a 32-bit, para-virtualized Xen hyperviso ... oval:org.secpod.oval:def:203528 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel handled GS segment register base switching when recovering from a #SS fault on an erroneous return to user space. A local, unprivileged user could use this flaw to es ... oval:org.secpod.oval:def:1500816 Updated kernel packages that fix one security issue are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the C ... oval:org.secpod.oval:def:502050 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A flaw was found in the way memory was being allocated on the stack for user space binaries. If heap and stack memory regions were adjacent to each other, an attacker could use this flaw to jump ov ... oval:org.secpod.oval:def:502053 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A flaw was found in the way memory was being allocated on the stack for user space binaries. If heap and stack memory regions were adjacent to each other, an attacker could use this flaw to jump ov ... oval:org.secpod.oval:def:502017 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A race condition flaw was found in the N_HLDC Linux kernel driver when accessing n_hdlc.tbuf list that can lead to double free. A local, unprivileged user able to set the HDLC line discipline on the ... oval:org.secpod.oval:def:1200158 A flaw was found in the way seunshare, a utility for running executables under a different security context, used the capng_lock functionality of the libcap-ng library. The subsequent invocation of suid root binaries that relied on the fact that the setuid system call, among others, also sets the sa ... oval:org.secpod.oval:def:1503795 Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity rat ... oval:org.secpod.oval:def:501826 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A flaw was found in the way the Linux kernel"s ASN.1 DER decoder processed certain certificate files with tags of indefinite length. A local, unprivileged user could use a specially crafted X.509 ce ... oval:org.secpod.oval:def:1501570 A flaw was discovered in processing setsockopt for 32 bit processes on 64 bit systems. This flaw will allow attackers to alter arbitrary kernel memory when unloading a kernel module. This action is usually restricted to root-privileged users but can also be leveraged if the kernel is compiled with C ... oval:org.secpod.oval:def:500911 The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issue: * A flaw was found in the way socket buffers requiring TSO were handled by the sfc driver. If the skb did not fit within the minimum-size of the transmission queue, ... oval:org.secpod.oval:def:1502022 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:204539 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lacked certain checks for the end of a buffer. A remote attacker could trigger a pointer-arithmetic error or possibly c ... oval:org.secpod.oval:def:500762 The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issue: * It was found that permissions were not checked properly in the Linux kernel when handling the /proc/[pid]/mem writing functionality. A local, unprivileged user coul ... oval:org.secpod.oval:def:204514 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A flaw was found in the Linux kernel"s handling of packets with the URG flag. Applications using the splice and tcp_splice_read functionality can allow a remote attacker to force the kernel to enter ... oval:org.secpod.oval:def:501870 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A security flaw was found in the Linux kernel in the mark_source_chains function in net/ipv4/netfilter/ip_tables.c. It is possible for a user-supplied ipt_entry structure to have a large next_offset ... oval:org.secpod.oval:def:1501826 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:501479 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel handled GS segment register base switching when recovering from a #SS fault on an erroneous return to user space. A local, unprivileged user could use this flaw to es ... oval:org.secpod.oval:def:1503609 Updated kernel packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, ... oval:org.secpod.oval:def:204030 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A race condition was found in the way the Linux kernel"s memory subsystem handled the copy-on-write breakage of private read-only memory mappings. An unprivileged, local user could use this flaw to ... oval:org.secpod.oval:def:204020 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A flaw was found in the Linux kernel"s keyring handling code, where in key_reject_and_link an uninitialized variable would eventually lead to arbitrary free address which could allow attacker to use ... oval:org.secpod.oval:def:204029 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A race condition was found in the way the Linux kernel"s memory subsystem handled the copy-on-write breakage of private read-only memory mappings. An unprivileged, local user could use this flaw to ... oval:org.secpod.oval:def:1503866 Updated kernel packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings ... oval:org.secpod.oval:def:502145 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable , the loader could allow part of that application"s dat ... oval:org.secpod.oval:def:1501016 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A buffer overflow flaw was found in the way the Linux kernel"s Intel AES-NI instructions optimized version of the RFC4106 GCM mode decryption functionality handled fragmented packets. A remote attacker could use ... oval:org.secpod.oval:def:204445 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * When creating audit records for parameters to executed children processes, an attacker can convince the Linux kernel audit subsystem can create corrupt records which may allow an attacker to misrepr ... oval:org.secpod.oval:def:500843 The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: * A NULL pointer dereference flaw was found in the nf_ct_frag6_reasm function in the Linux kernel"s netfilter IPv6 connection tracking implementation. A remote attac ... oval:org.secpod.oval:def:500868 The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: * An integer overflow flaw was found in the i915_gem_execbuffer2 function in the Intel i915 driver in the Linux kernel. A local, unprivileged user could use this fla ... oval:org.secpod.oval:def:204002 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A security flaw was found in the Linux kernel in the mark_source_chains function in net/ipv4/netfilter/ip_tables.c. It is possible for a user-supplied ipt_entry structure to have a large next_offset ... oval:org.secpod.oval:def:1503400 Updated kernel packages that fix multiple security issues and various bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ra ... oval:org.secpod.oval:def:204477 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A race condition flaw was found in the N_HLDC Linux kernel driver when accessing n_hdlc.tbuf list that can lead to double free. A local, unprivileged user able to set the HDLC line discipline on the ... oval:org.secpod.oval:def:1503663 Updated kernel packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rati ... oval:org.secpod.oval:def:1600703 Unsafe second checksum calculation in udp.c:The Linux kernel allows remote attackers to execute arbitrary code via UDP traffic that triggers an unsafe second checksum calculation during execution of a recv system call with the MSG_PEEK flag. This may create a kernel panic or memory corruption leadin ... oval:org.secpod.oval:def:500206 The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: * IPv6 fragment identification value generation could allow a remote attacker to disrupt a target system"s networking, preventing legitimate users from accessing its ... oval:org.secpod.oval:def:202476 The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issue: * A flaw was found in the way socket buffers requiring TSO were handled by the sfc driver. If the skb did not fit within the minimum-size of the transmission queue, ... oval:org.secpod.oval:def:202460 The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: * An integer overflow flaw was found in the i915_gem_do_execbuffer function in the Intel i915 driver in the Linux kernel. A local, unprivileged user could use this f ... oval:org.secpod.oval:def:500899 The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: * An integer overflow flaw was found in the i915_gem_do_execbuffer function in the Intel i915 driver in the Linux kernel. A local, unprivileged user could use this f ... oval:org.secpod.oval:def:1600366 When running as a Xen 64-bit PV guest, user mode processes not supposed to be able to access I/O ports may be granted such permission, potentially resulting in one or more of in-guest privilege escalation, guest crashes , or in-guest information leaks. In some cases, the kernel did not correctly fix ... oval:org.secpod.oval:def:203963 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A flaw was found in the way certain interfaces of the Linux kernel"s Infiniband subsystem used write as bi-directional ioctl replacement, which could lead to insufficient memory security checks when ... oval:org.secpod.oval:def:501568 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A buffer overflow flaw was found in the way the Linux kernel"s Intel AES-NI instructions optimized version of the RFC4106 GCM mode decryption functionality handled fragmented packets. A remote attacker could use ... oval:org.secpod.oval:def:501112 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel"s TCP/IP protocol suite implementation handled IPv6 sockets that used the UDP_CORK option. A local, unprivileged user could use this flaw to cause a denial of service. ... oval:org.secpod.oval:def:1501468 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service, information leak or data loss. CVE-2013-4312 Tetsuo Handa discovered that users can use pipes queued on local sockets to allocate an unfair share of kernel memory, leading to ... oval:org.secpod.oval:def:1501776 The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel mishandles DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service (double free) via an application that makes an IPV6_RECVPKTINFO setsocko ... oval:org.secpod.oval:def:1501788 Linux kernel built with the Kernel-based Virtual Machine (CONFIG_KVM) support is vulnerable to a null pointer dereference flaw. It could occur on x86 platform, when emulating an undefined instruction. An attacker could use this flaw to crash the host kernel resulting in DoS. (CVE-2016-8630) * A race ... oval:org.secpod.oval:def:1501790 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501554 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: It was found that the RFC 5961 challenge ACK rate limiting as implemented in the Linux kernel"s networking subsystem allowed an off-path attacker to leak certain information about a given connection b ... oval:org.secpod.oval:def:1501557 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: It was found that the RFC 5961 challenge ACK rate limiting as implemented in the Linux kernel"s networking subsystem allowed an off-path attacker to leak certain information about a given connection b ... oval:org.secpod.oval:def:1501511 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A flaw was found in the way certain interfaces of the Linux kernel"s Infiniband subsystem used write as bi-directional ioctl replacement, which could lead to insufficient memory security checks when ... oval:org.secpod.oval:def:1501592 A flaw was found in the Linux kernel's keyring handling code, where in key_reject_and_link() an uninitialized variable would eventually lead to arbitrary free address which could allow attacker to use a use-after-free style attack. (CVE-2016-4470, Important). A heap-based buffer overflow vulnerabili ... oval:org.secpod.oval:def:501882 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * Linux kernel built with the 802.1Q/802.1ad VLAN OR Virtual eXtensible Local Area Network with Transparent Ethernet Bridging GRO support, is vulnerable to a stack overflow issue. It could occur while ... oval:org.secpod.oval:def:501886 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A race condition was found in the way the Linux kernel"s memory subsystem handled the copy-on-write breakage of private read-only memory mappings. An unprivileged, local user could use this flaw to ... oval:org.secpod.oval:def:501887 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A race condition was found in the way the Linux kernel"s memory subsystem handled the copy-on-write breakage of private read-only memory mappings. An unprivileged, local user could use this flaw to ... oval:org.secpod.oval:def:1600403 The Linux kernel did not properly suppress hugetlbfs support in x86 PV guests, which could allow local PV guest users to cause a denial of service by attempting to access a hugetlbfs mapped area. A flaw was found in the way the Linux kernel's ASN.1 DER decoder processed certain certificate fil ... oval:org.secpod.oval:def:501847 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A flaw was found in the way certain interfaces of the Linux kernel"s Infiniband subsystem used write as bi-directional ioctl replacement, which could lead to insufficient memory security checks when ... oval:org.secpod.oval:def:501866 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: It was found that the RFC 5961 challenge ACK rate limiting as implemented in the Linux kernel"s networking subsystem allowed an off-path attacker to leak certain information about a given connection b ... oval:org.secpod.oval:def:501865 The kernel packages contain the Linux kernel, the core of any Linux operating system. It was found that the RFC 5961 challenge ACK rate limiting as implemented in the Linux kernel"s networking subsystem allowed an off-path attacker to leak certain information about a given connection by creating con ... oval:org.secpod.oval:def:1600406 The get_rock_ridge_filename function in fs/isofs/rock.c in the Linux kernel before 4.5.5 mishandles NM entries containing \\0 characters, which allows local users to obtain sensitive information from kernel memory or possibly have unspecified other impact via a crafted isofs filesystem oval:org.secpod.oval:def:501878 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A flaw was found in the Linux kernel"s keyring handling code, where in key_reject_and_link an uninitialized variable would eventually lead to arbitrary free address which could allow attacker to use ... oval:org.secpod.oval:def:1600445 A use after free vulnerability was found in tcp_xmit_retransmit_queue and other tcp_* functions. oval:org.secpod.oval:def:1600433 It was found that nfsd is missing permissions check when setting ACL on files, this may allow a local users to gain access to any file by setting a crafted ACL. A flaw was found in the Linux kernel"s keyring handling code, where in key_reject_and_link an uninitialised variable would eventually lead ... oval:org.secpod.oval:def:1600463 CVE-2016-5195 kernel: mm: privilege escalation via MAP_PRIVATE COW breakageA race condition was found in the way the Linux kernel"s memory subsystem handled the copy-on-write breakage of private read-only memory mappings. An unprivileged local user could use this flaw to gain write access to otherw ... oval:org.secpod.oval:def:1600467 The IP stack in the Linux kernel before 4.6 allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering use of the GRO path for packets with tunnel stacking, as demonstrated by interleaved IPv4 headers and GRE headers, a related issue to CVE-2016-703 ... oval:org.secpod.oval:def:1501601 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * Linux kernel built with the 802.1Q/802.1ad VLAN OR Virtual eXtensible Local Area Network with Transparent Ethernet Bridging GRO support, is vulnerable to a stack overflow issue. It could occur while ... oval:org.secpod.oval:def:1600479 CVE-2016-8645 kernel: a BUG statement can be hit in net/ipv4/tcp_input.cIt was discovered that the Linux kernel since 3.6-rc1 with net.ipv4.tcp_fastopen; set to 1 can hit BUG statement in tcp_collapse function after making a number of certain syscalls leading to a possible system crash.CVE-2016-8655 ... oval:org.secpod.oval:def:1600494 The sg implementation in the Linux kernel did not properly restrict write operations in situations where the KERNEL_DS option is set, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service by leveraging access to a /dev/sg device, related to bloc ... oval:org.secpod.oval:def:1501617 A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-only memory mappings. An unprivileged, local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on t ... oval:org.secpod.oval:def:1501616 A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-only memory mappings. An unprivileged, local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on t ... oval:org.secpod.oval:def:1600521 The skbs processed by ip_cmsg_recv are not guaranteed to be linear . Using csum_partial on potentially the whole skb len is dangerous; instead be on the safe side and use skb_checksum. This may lead to an infoleak as the kernel memory may be checksummed and sent as part of the packet. It was discove ... oval:org.secpod.oval:def:501981 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * When creating audit records for parameters to executed children processes, an attacker can convince the Linux kernel audit subsystem can create corrupt records which may allow an attacker to misrepr ... oval:org.secpod.oval:def:501987 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * Linux kernel built with the Kernel-based Virtual Machine support is vulnerable to a null pointer dereference flaw. It could occur on x86 platform, when emulating an undefined instruction. An attack ... oval:org.secpod.oval:def:502067 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lacked certain checks for the end of a buffer. A remote attacker could trigger a pointer-arithmetic error or possibly c ... oval:org.secpod.oval:def:502046 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A flaw was found in the Linux kernel"s handling of packets with the URG flag. Applications using the splice and tcp_splice_read functionality can allow a remote attacker to force the kernel to enter ... oval:org.secpod.oval:def:1502071 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501899 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501885 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501930 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501900 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501901 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:502201 The kernel packages contain the Linux kernel, the core of any Linux operating system. These updated kernel packages include several security issues and numerous bug fixes, some of which you can see below. Space precludes documenting all of these bug fixes in this advisory. To see the complete list o ... oval:org.secpod.oval:def:1700063 Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue and tcp_prune_ofo_queue for every incoming packet which can lead to a denial of service. An attacker can induce a denial of service condition by sending specially modified packets within ongoing TCP sessi ... oval:org.secpod.oval:def:1700816 A flaw was found in the Linux kernel. Memory corruption can be exploited to gain root privileges from unprivileged processes. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability oval:org.secpod.oval:def:1503165 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:69579 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: Local buffer overflow in ctnetlink_parse_tuple_filter in net/netfilter/nf_conntrack_netlink.c For more details about the security issue, including the impact, a CVSS score, acknowledgments, ... oval:org.secpod.oval:def:1700827 A flaw was found in the Linux kernel. A local attacker, able to inject conntrack netlink configuration, could overflow a local buffer causing crashes or triggering the use of incorrect protocol numbers in ctnetlink_parse_tuple_filter in net/netfilter/nf_conntrack_netlink.c. The highest threat from t ... oval:org.secpod.oval:def:1503071 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:204569 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * Kernel memory corruption due to a buffer overflow was found in brcmf_cfg80211_mgmt_tx function in Linux kernels from v3.9-rc1 to v4.13-rc1. The vulnerability can be triggered by sending a crafted NL ... oval:org.secpod.oval:def:1502030 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:502148 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * Kernel memory corruption due to a buffer overflow was found in brcmf_cfg80211_mgmt_tx function in Linux kernels from v3.9-rc1 to v4.13-rc1. The vulnerability can be triggered by sending a crafted NL ... oval:org.secpod.oval:def:500085 The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: * A divide-by-zero flaw was found in the tcp_select_initial_window function in the Linux kernel"s TCP/IP protocol suite implementation. A local, unprivileged user co ... oval:org.secpod.oval:def:1503582 Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ra ... oval:org.secpod.oval:def:500395 The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: * Missing sanity checks in the Intel i915 driver in the Linux kernel could allow a local, unprivileged user to escalate their privileges. * compat_alloc_user_space ... oval:org.secpod.oval:def:500112 * Buffer overflow in eCryptfs. When /dev/ecryptfs has world writable permissions , a local, unprivileged user could use this flaw to cause a denial of service or possibly escalate their privileges. * Integer overflow in the RDS protocol implementation could allow a local, unprivileged user to cause ... oval:org.secpod.oval:def:1503468 Updated kernel packages that fix multiple security issues and various bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ra ... oval:org.secpod.oval:def:500212 The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: * A flaw was found in the sctp_icmp_proto_unreachable function in the Linux kernel"s Stream Control Transmission Protocol implementation. A remote attacker could us ... oval:org.secpod.oval:def:500044 The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: * An integer underflow flaw, leading to a buffer overflow, was found in the Linux kernel"s Datagram Congestion Control Protocol implementation. This could allow a r ... oval:org.secpod.oval:def:19500277 Reserved CVE oval:org.secpod.oval:def:204748 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * An integer overflow vulnerability in ip6_find_1stfragopt function was found. A local attacker that has privileges to open raw socket can cause an infinite loop inside the ip6_find_1stfragopt functi ... oval:org.secpod.oval:def:1501832 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501835 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:204475 The kernel packages contain the Linux kernel, the core of any Linux operating system. These updated kernel packages include several security issues and numerous bug fixes. Space precludes documenting all of these bug fixes in this advisory. To see the complete list of bug fixes, users are directed t ... oval:org.secpod.oval:def:1600723 Module reference leak due to improper shut down of callback channel on umount:The NFSv4 implementation in the Linux kernel through 4.11.1 allows local users to cause a denial of service by leveraging improper channel callback shutdown when unmounting an NFSv4 filesystem, aka a "module reference and ... oval:org.secpod.oval:def:502230 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * An integer overflow vulnerability in ip6_find_1stfragopt function was found. A local attacker that has privileges to open raw socket can cause an infinite loop inside the ip6_find_1stfragopt functi ... oval:org.secpod.oval:def:505755 The kernel packages contain the Linux kernel, the core of any Linux operating system. These updated kernel packages include several security issues and numerous bug fixes. Space precludes documenting all of these bug fixes in this advisory. To see the complete list of bug fixes, users are directed t ... oval:org.secpod.oval:def:97552 [CLSA-2021:1632261894] Fixed CVE-2021-22555 in kernel oval:org.secpod.oval:def:97628 [CLSA-2022:1650576143] Update of kernel, kernel-headers, kernel-debug-devel, kernel-debug, perf, python-perf, kernel-debug-devel, kernel-devel oval:org.secpod.oval:def:1701283 An out-of-bounds memory access flaw was found in the Linux kernel's XFS file system in how a user restores an XFS image after failure . This flaw allows a local user to crash or potentially escalate their privileges on the system oval:org.secpod.oval:def:1701286 An out-of-bounds memory access flaw was found in the Linux kernel's XFS file system in how a user restores an XFS image after failure . This flaw allows a local user to crash or potentially escalate their privileges on the system oval:org.secpod.oval:def:19500162 An out-of-bounds memory access flaw was found in the Linux kernel's XFS file system in how a user restores an XFS image after failure . This flaw allows a local user to crash or potentially escalate their privileges on the system oval:org.secpod.oval:def:19500578 When a router encounters an IPv6 packet too big to transmit to the next-hop, it returns an ICMP6 "Packet Too Big" message to the sender. The sender caches this updated Maximum Transmission Unit so it knows not to exceed this value when subsequently routing to the same host.In Linux kernels prior t ... oval:org.secpod.oval:def:1701272 An issue was discovered in fs/io_uring.c in the Linux kernel through 5.11.8. It allows attackers to cause a denial of service because exit may be waiting to park a SQPOLL thread, but concurrently that SQPOLL thread is waiting for a signal to start, aka CID-3ebba796fa25 oval:org.secpod.oval:def:67994 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: net: bluetooth: heap buffer overflow when processing extended advertising report events * kernel: Red Hat only CVE-2020-12351 regression * kernel: Red Hat only CVE-2020-12352 regression F ... oval:org.secpod.oval:def:1504615 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:504709 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: net: bluetooth: heap buffer overflow when processing extended advertising report events * kernel: Red Hat only CVE-2020-12351 regression * kernel: Red Hat only CVE-2020-12352 regression F ... oval:org.secpod.oval:def:1502425 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:502598 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: Use-after-free due to race condition in AF_PACKET implementation * kernel: userfaultfd bypasses tmpfs file permissions For more details about the security issue, including the impact, a CV ... oval:org.secpod.oval:def:205149 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: Use-after-free due to race condition in AF_PACKET implementation * kernel: userfaultfd bypasses tmpfs file permissions For more details about the security issue, including the impact, a CV ... oval:org.secpod.oval:def:205581 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: NULL pointer dereference due to KEYCTL_READ on negative key For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, re ... oval:org.secpod.oval:def:1200115 A denial of service vulnerability was discovered in the keyring function"s garbage collector in the Linux kernel. The flaw allowed any local user account to trigger a kernel panic oval:org.secpod.oval:def:1501132 The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kernel provide inappropriate -EAGAIN return values, which allows remote attackers to cause a denial of service (EPOLLET epoll application read outage) via an incorrect checksum in a UDP packet. oval:org.secpod.oval:def:203690 The kernel packages contain the Linux kernel, the core of any Linux operating system. Two flaws were found in the way the Linux kernel"s networking implementation handled UDP packets with incorrect checksum values. A remote attacker could potentially use these flaws to trigger an infinite loop in th ... oval:org.secpod.oval:def:26793 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the kernel"s implementation of the Berkeley Packet Filter . A local attacker could craft BPF code to crash the system by creating a situation in which the JIT compiler would fail to correctly ... oval:org.secpod.oval:def:501655 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the kernel"s implementation of the Berkeley Packet Filter . A local attacker could craft BPF code to crash the system by creating a situation in which the JIT compiler would fail to correctly ... oval:org.secpod.oval:def:501625 The kernel packages contain the Linux kernel, the core of any Linux operating system. Two flaws were found in the way the Linux kernel"s networking implementation handled UDP packets with incorrect checksum values. A remote attacker could potentially use these flaws to trigger an infinite loop in th ... oval:org.secpod.oval:def:1200092 It was found that the Linux kernel"s implementation of vectored pipe read and write functionality did not take into account the I/O vectors that were already processed when retrying after a failed atomic access operation, potentially resulting in memory corruption due to an I/O vector array overrun. ... oval:org.secpod.oval:def:1500928 The kvm_iommu_map_pages function in virt/kvm/iommu.c in the Linux kernel through 3.17.2 miscalculates the number of pages during the handling of a mapping failure, which allows guest OS users to cause a denial of service (host OS page unpinning) or possibly have unspecified other impact by leveragin ... oval:org.secpod.oval:def:1501270 The KVM subsystem in the Linux kernel allow guest OS users to cause a denial of service (host OS panic or hang) by triggering many #AC (aka Alignment Check) exceptions, related to svm.c and vmx.c. oval:org.secpod.oval:def:1501279 The flaws were found in the way the Linux kernel's file system implementation handled rename operations in which the source was inside and the destination was outside of a bind mount. A privileged user inside a container could use this flaw to escape the bind mount and, potentially, escalate their p ... oval:org.secpod.oval:def:203571 The kernel packages contain the Linux kernel, the core of any Linux operating system. * It was found that the Linux kernel"s Infiniband subsystem did not properly sanitize input parameters while registering memory regions from user space via the verbs API. A local user with access to a /dev/infiniba ... oval:org.secpod.oval:def:204233 The kernel packages contain the Linux kernel, the core of any Linux operating system. * It was found that the x86 ISA is prone to a denial of service attack inside a virtualized environment in the form of an infinite loop in the microcode due to the way delivering of benign exceptions such as #AC ... oval:org.secpod.oval:def:501536 The kernel packages contain the Linux kernel, the core of any Linux operating system. * It was found that the Linux kernel"s Infiniband subsystem did not properly sanitize input parameters while registering memory regions from user space via the verbs API. A local user with access to a /dev/infiniba ... oval:org.secpod.oval:def:501723 The kernel packages contain the Linux kernel, the core of any Linux operating system. * It was found that the x86 ISA is prone to a denial of service attack inside a virtualized environment in the form of an infinite loop in the microcode due to the way delivering of benign exceptions such as #AC ... oval:org.secpod.oval:def:501728 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel"s file system implementation handled rename operations in which the source was inside and the destination was outside of a bind mount. A privileged user inside a conta ... oval:org.secpod.oval:def:203791 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel"s file system implementation handled rename operations in which the source was inside and the destination was outside of a bind mount. A privileged user inside a conta ... oval:org.secpod.oval:def:203729 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the kernel"s implementation of the Berkeley Packet Filter . A local attacker could craft BPF code to crash the system by creating a situation in which the JIT compiler would fail to correctly ... oval:org.secpod.oval:def:203641 The kernel packages contain the Linux kernel, the core of any Linux operating system. * It was found that the Linux kernel"s implementation of vectored pipe read and write functionality did not take into account the I/O vectors that were already processed when retrying after a failed atomic access o ... oval:org.secpod.oval:def:501674 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel"s VFS subsystem handled file system locks. A local, unprivileged user could use this flaw to trigger a deadlock in the kernel, causing a denial of service on the syste ... oval:org.secpod.oval:def:1500956 The kernel packages contain the Linux kernel, the core of any Linux operating system. * It was found that the Linux kernel"s Infiniband subsystem did not properly sanitize input parameters while registering memory regions from user space via the verbs API. A local user with access to a /dev/infiniba ... oval:org.secpod.oval:def:1200008 A buffer overflow flaw was found in the way the Linux kernel"s Intel AES-NI instructions optimized version of the RFC4106 GCM mode decryption functionality handled fragmented packets. A remote attacker could use this flaw to crash, or potentially escalate their privileges on, a system over a connect ... oval:org.secpod.oval:def:1501204 A buffer overflow flaw was found in the way the Linux kernel's virtio-net subsystem handled certain fraglists when the GRO (Generic Receive Offload) functionality was enabled in a bridged network configuration. An attacker on the local network could potentially use this flaw to crash the system, or, ... oval:org.secpod.oval:def:203582 The kernel packages contain the Linux kernel, the core of any Linux operating system. * It was found that the Linux kernel"s Infiniband subsystem did not properly sanitize input parameters while registering memory regions from user space via the verbs API. A local user with access to a /dev/infiniba ... oval:org.secpod.oval:def:1501031 The kernel package contains the Linux kernel , the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. oval:org.secpod.oval:def:203756 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel"s VFS subsystem handled file system locks. A local, unprivileged user could use this flaw to trigger a deadlock in the kernel, causing a denial of service on the syste ... oval:org.secpod.oval:def:501542 The kernel packages contain the Linux kernel, the core of any Linux operating system. * It was found that the Linux kernel"s Infiniband subsystem did not properly sanitize input parameters while registering memory regions from user space via the verbs API. A local user with access to a /dev/infiniba ... oval:org.secpod.oval:def:501576 The kernel packages contain the Linux kernel, the core of any Linux operating system. * It was found that the Linux kernel"s implementation of vectored pipe read and write functionality did not take into account the I/O vectors that were already processed when retrying after a failed atomic access o ... oval:org.secpod.oval:def:1500201 Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity rat ... oval:org.secpod.oval:def:500963 The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: * It was found that a deadlock could occur in the Out of Memory killer. A process could trigger this deadlock by consuming a large amount of memory, and then causin ... oval:org.secpod.oval:def:202375 The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: * A flaw was found in the way the Linux kernel"s Event Poll subsystem handled large, nested epoll structures. A local, unprivileged user could use this flaw to caus ... oval:org.secpod.oval:def:202360 The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: * A local, unprivileged user could use an integer overflow flaw in drm_mode_dirtyfb_ioctl to cause a denial of service or escalate their privileges. * A buffer over ... oval:org.secpod.oval:def:500933 The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: * It was found that the RHSA-2012:0862 update did not correctly fix the CVE-2011-4131 issue. A malicious Network File System version 4 server could return a crafted ... oval:org.secpod.oval:def:1500031 Updated kernel packages that fix three security issues and several bugs arenow available for Red Hat Enterprise Linux 6.The Red Hat Security Response Team has rated this update as having moderatesecurity impact. Common Vulnerability Scoring System base scores,which give detailed severity ratings, a ... oval:org.secpod.oval:def:500798 The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: * A flaw was found in the way the Linux kernel"s journal_unmap_buffer function handled buffer head states. On systems that have an ext4 file system with a journal mo ... oval:org.secpod.oval:def:202545 The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: * It was found that a deadlock could occur in the Out of Memory killer. A process could trigger this deadlock by consuming a large amount of memory, and then causin ... oval:org.secpod.oval:def:1500091 Updated kernel packages that fix one security issue are now available forRed Hat Enterprise Linux 6.The Red Hat Security Response Team has rated this update as havingimportant security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from ... oval:org.secpod.oval:def:500760 The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: * A buffer overflow flaw was found in the way the Linux kernel"s XFS file system implementation handled links with overly long path names. A local, unprivileged user ... oval:org.secpod.oval:def:202336 The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: * A flaw was found in the way the Linux kernel"s journal_unmap_buffer function handled buffer head states. On systems that have an ext4 file system with a journal mo ... oval:org.secpod.oval:def:501003 The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issue: * A race condition was found in the way the Linux kernel"s ptrace implementation handled PTRACE_SETREGS requests when the debuggee was woken due to a SIGKILL signal i ... oval:org.secpod.oval:def:202932 The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: * A flaw was found in the tcp_read_sock function in the Linux kernel"s IPv4 TCP/IP protocol suite implementation in the way socket buffers were handled. A local, un ... oval:org.secpod.oval:def:1601329 A buffer overflow flaw was found in the way the Linux kernel"s XFS file system implementation handled links with overly long path names. A local, unprivileged user could use this flaw to cause a denial of service or escalate their privileges by mounting a specially-crafted disk. Flaws in ghash_updat ... oval:org.secpod.oval:def:202503 The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: * It was found that the RHSA-2012:0862 update did not correctly fix the CVE-2011-4131 issue. A malicious Network File System version 4 server could return a crafted ... oval:org.secpod.oval:def:501046 Security: * An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way the Intel i915 driver in the Linux kernel handled the allocation of the buffer used for relocation copies. A local user with console access could use this flaw to cause a denial of service or escalate ... oval:org.secpod.oval:def:501079 The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: * A flaw was found in the tcp_read_sock function in the Linux kernel"s IPv4 TCP/IP protocol suite implementation in the way socket buffers were handled. A local, un ... oval:org.secpod.oval:def:1503641 Updated kernel packages that fix two security issues, address several hundred bugs and add numerous enhancements are now available as part of the ongoing support and maintenance of Red Hat Enterprise Linux version 6. This is the third regular update. The Red Hat Security Response Team has rated this ... oval:org.secpod.oval:def:202292 The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: * A buffer overflow flaw was found in the way the Linux kernel"s XFS file system implementation handled links with overly long path names. A local, unprivileged user ... oval:org.secpod.oval:def:500815 The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: * A local, unprivileged user could use an integer overflow flaw in drm_mode_dirtyfb_ioctl to cause a denial of service or escalate their privileges. * A buffer over ... oval:org.secpod.oval:def:1503662 Updated kernel packages that fix multiple security issues, numerous bugs and add one enhancement are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System base scores, which give ... oval:org.secpod.oval:def:500822 The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: * A flaw was found in the way the Linux kernel"s Event Poll subsystem handled large, nested epoll structures. A local, unprivileged user could use this flaw to caus ... oval:org.secpod.oval:def:1500158 Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ra ... oval:org.secpod.oval:def:202675 Security: * An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way the Intel i915 driver in the Linux kernel handled the allocation of the buffer used for relocation copies. A local user with console access could use this flaw to cause a denial of service or escalate ... oval:org.secpod.oval:def:202607 The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issue: * A race condition was found in the way the Linux kernel"s ptrace implementation handled PTRACE_SETREGS requests when the debuggee was woken due to a SIGKILL signal i ... oval:org.secpod.oval:def:1701968 A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.The function nft_trans_gc_catchall did not remove the catchall set element from the catchall_list when the argument sync is true, making it possible to free a ca ... oval:org.secpod.oval:def:19500481 A flaw in the kernel Xen event handler can cause a deadlock with Xen console handling in unprivileged Xen guests. An improper input validation flaw was found in the eBPF subsystem in the Linux kernel. The issue occurs due to a lack of proper validation of dynamic pointers within user-supplied eBPF p ... oval:org.secpod.oval:def:1701906 A flaw in the kernel Xen event handler can cause a deadlock with Xen console handling in unprivileged Xen guests oval:org.secpod.oval:def:1701912 A flaw in the kernel Xen event handler can cause a deadlock with Xen console handling in unprivileged Xen guests oval:org.secpod.oval:def:19500541 A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.The function nft_trans_gc_catchall did not remove the catchall set element from the catchall_list when the argument sync is true, making it possible to free a ca ... oval:org.secpod.oval:def:501059 The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issue: * It was found that the Red Hat Enterprise Linux 6.1 kernel update introduced an integer conversion issue in the Linux kernel"s Performance Events implementation. Th ... oval:org.secpod.oval:def:1500176 Updated kernel packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is ava ... oval:org.secpod.oval:def:202885 The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issue: * It was found that the Red Hat Enterprise Linux 6.1 kernel update introduced an integer conversion issue in the Linux kernel"s Performance Events implementation. Th ... oval:org.secpod.oval:def:1702178 dm_table_create in drivers/md/dm-table.c in the Linux kernel through 6.7.4 can attempt to allocate more than INT_MAX bytes, and crash, because of a missing check for struct dm_ioctl.target_count. A vulnerability was reported in the Open vSwitch sub-component in the Linux Kernel. The flaw occurs whe ... oval:org.secpod.oval:def:1702114 An out-of-bounds access vulnerability involving netfilter was reported and fixed as: f1082dd31fe4 ; While creating a new netfilter table, lack of a safeguard against invalid nf_tables family values within `nf_tables_newtable` function enables an attacker to achieve out-of-bounds access. A race cond ... oval:org.secpod.oval:def:1501145 Stack-based buffer overflow in the get_matching_model_microcode function in arch/x86/kernel/cpu/microcode/intel_early.c in the Linux kernel allows context-dependent attackers to gain privileges by constructing a crafted microcode header and leveraging root privileges for write access to the initrd. oval:org.secpod.oval:def:1501350 The kernel packages contain the Linux kernel, the core of any Linux operating system. * It was found that the Linux kernel"s keys subsystem did not correctly garbage collect uninstantiated keyrings. A local attacker could use this flaw to crash the system or, potentially, escalate their privileges o ... oval:org.secpod.oval:def:203683 The kernel packages contain the Linux kernel, the core of any Linux operating system. * An integer overflow flaw was found in the way the Linux kernel"s netfilter connection tracking implementation loaded extensions. An attacker on a local network could potentially send a sequence of specially craft ... oval:org.secpod.oval:def:501627 The kernel packages contain the Linux kernel, the core of any Linux operating system. * An integer overflow flaw was found in the way the Linux kernel"s netfilter connection tracking implementation loaded extensions. An attacker on a local network could potentially send a sequence of specially craft ... oval:org.secpod.oval:def:203838 The kernel packages contain the Linux kernel, the core of any Linux operating system. * It was found that the Linux kernel"s keys subsystem did not correctly garbage collect uninstantiated keyrings. A local attacker could use this flaw to crash the system or, potentially, escalate their privileges o ... oval:org.secpod.oval:def:501769 The kernel packages contain the Linux kernel, the core of any Linux operating system. * It was found that the Linux kernel"s keys subsystem did not correctly garbage collect uninstantiated keyrings. A local attacker could use this flaw to crash the system or, potentially, escalate their privileges o ... oval:org.secpod.oval:def:1702167 dm_table_create in drivers/md/dm-table.c in the Linux kernel through 6.7.4 can attempt to allocate more than INT_MAX bytes, and crash, because of a missing check for struct dm_ioctl.target_count. A flaw was found in the ATA over Ethernet driver in the Linux kernel. The aoecmd_cfg_pkts function imp ... oval:org.secpod.oval:def:1701903 An issue was discovered in drivers/mtd/ubi/cdev.c in the Linux kernel 6.2. There is a divide-by-zero error in do_div, used indirectly by ctrl_cdev_ioctl, when mtd-greater than erasesize is 0. A flaw in the kernel Xen event handler can cause a deadlock with Xen console handling in unprivileged Xen gu ... oval:org.secpod.oval:def:1702150 A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.The nft_verdict_init function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow function can cause a double free vulnerabi ... oval:org.secpod.oval:def:1702152 A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.The nft_verdict_init function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow function can cause a double free vulnerabi ... oval:org.secpod.oval:def:1702154 A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.The nft_verdict_init function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow function can cause a double free vulnerabi ... oval:org.secpod.oval:def:1702131 A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.The nft_verdict_init function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow function can cause a double free vulnerabi ... oval:org.secpod.oval:def:1600490 A flaw was found in the Linux kernel key management subsystem in which a local attacker could crash the kernel or corrupt the stack and additional memory by supplying a specially crafted RSA key. This flaw panics the machine during the verification of the RSA key. The blk_rq_map_user_iov function i ... oval:org.secpod.oval:def:1702186 dm_table_create in drivers/md/dm-table.c in the Linux kernel through 6.7.4 can attempt to allocate more than INT_MAX bytes, and crash, because of a missing check for struct dm_ioctl.target_count. In the Linux kernel, the following vulnerability has been resolved:net: prevent mss overflow in skb_seg ... oval:org.secpod.oval:def:1702071 An out-of-bounds read vulnerability was found in smbCalcSize in fs/smb/client/netmisc.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information oval:org.secpod.oval:def:1702073 An out-of-bounds read vulnerability was found in smbCalcSize in fs/smb/client/netmisc.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information. A use-after-free flaw was found in the netfilter subsystem of the Linux kernel. If the catchal ... oval:org.secpod.oval:def:1702062 An out-of-bounds read vulnerability was found in smbCalcSize in fs/smb/client/netmisc.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information oval:org.secpod.oval:def:1702069 An issue was discovered in the Linux kernel through 6.5.9. During a race with SQ thread exit, an io_uring/fdinfo.c io_uring_show_fdinfo NULL pointer dereference can occur. An out-of-bounds read vulnerability was found in the NVMe-oF/TCP subsystem in the Linux kernel. This flaw allows a remote attack ... oval:org.secpod.oval:def:1702064 A race condition leading to a use-after-free issue was found in the QXL driver in the Linux kernel. An issue was discovered in the Linux kernel through 6.5.9. During a race with SQ thread exit, an io_uring/fdinfo.c io_uring_show_fdinfo NULL pointer dereference can occur. An out-of-bounds read vulner ... oval:org.secpod.oval:def:1702065 An out-of-bounds read vulnerability was found in smbCalcSize in fs/smb/client/netmisc.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information. A use-after-free flaw was found in the netfilter subsystem of the Linux kernel. If the catchal ... oval:org.secpod.oval:def:1701300 An out-of-bounds memory access flaw was found in the Linux kernel's XFS file system in how a user restores an XFS image after failure . This flaw allows a local user to crash or potentially escalate their privileges on the system. cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 ... oval:org.secpod.oval:def:1701997 A race condition leading to a use-after-free issue was found in the QXL driver in the Linux kernel. An issue was discovered in the Linux kernel through 6.5.9. During a race with SQ thread exit, an io_uring/fdinfo.c io_uring_show_fdinfo NULL pointer dereference can occur. An out-of-bounds read vulner ... oval:org.secpod.oval:def:1701995 An issue was discovered in the Linux kernel through 6.5.9. During a race with SQ thread exit, an io_uring/fdinfo.c io_uring_show_fdinfo NULL pointer dereference can occur. An out-of-bounds read vulnerability was found in the NVMe-oF/TCP subsystem in the Linux kernel. This flaw allows a remote attack ... oval:org.secpod.oval:def:1701950 A race condition between two functions, lmLogClose and txEnd, in the Linux kernel's JFS filesystem can lead to a use-after-free vulnerability and crash. A heap out-of-bounds write vulnerability in the Linux kernel's Linux Kernel Performance Events component can be exploited to achieve local privile ... oval:org.secpod.oval:def:1701939 A race condition between two functions, lmLogClose and txEnd, in the Linux kernel's JFS filesystem can lead to a use-after-free vulnerability and crash. An issue was discovered in the Linux kernel before 6.5.9, exploitable by local users with userspace access to MMIO registers. Incorrect access chec ... oval:org.secpod.oval:def:1701944 An issue was discovered in the Linux kernel before 6.5.9, exploitable by local users with userspace access to MMIO registers. Incorrect access checking in the #VC handler and instruction emulation of the SEV-ES emulation of MMIO accesses could lead to arbitrary write access to kernel memory . This d ... oval:org.secpod.oval:def:1701929 A race condition between two functions, lmLogClose and txEnd, in the Linux kernel's JFS filesystem can lead to a use-after-free vulnerability and crash. A heap out-of-bounds write vulnerability in the Linux kernel's Linux Kernel Performance Events component can be exploited to achieve local privile ... oval:org.secpod.oval:def:19500603 A flaw has been found in Xen. An unprivileged guest can cause Denial of Service of the host by sending network packets to the backend, causing the backend to crash. A Null pointer dereference problem was found in ida_free in lib/idr.c in the Linux Kernel. This issue may allow an attacker using this ... oval:org.secpod.oval:def:1702120 A memory corruption flaw was found in the Linux kernel's human interface device subsystem in how a user inserts a malicious USB device. This flaw allows a local user to crash or potentially escalate their privileges on the system oval:org.secpod.oval:def:1702119 A flaw has been found in Xen. An unprivileged guest can cause Denial of Service of the host by sending network packets to the backend, causing the backend to crash. An out-of-bounds access vulnerability involving netfilter was reported and fixed as: f1082dd31fe4 ; While creating a new netfilter tab ... oval:org.secpod.oval:def:1702105 A flaw has been found in Xen. An unprivileged guest can cause Denial of Service of the host by sending network packets to the backend, causing the backend to crash. An out-of-bounds access vulnerability involving netfilter was reported and fixed as: f1082dd31fe4 ; While creating a new netfilter tab ... oval:org.secpod.oval:def:1702106 A flaw has been found in Xen. An unprivileged guest can cause Denial of Service of the host by sending network packets to the backend, causing the backend to crash. An out-of-bounds access vulnerability involving netfilter was reported and fixed as: f1082dd31fe4 ; While creating a new netfilter tab ... oval:org.secpod.oval:def:19500580 An out-of-bounds read vulnerability was found in smbCalcSize in fs/smb/client/netmisc.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information. A use-after-free flaw was found in the netfilter subsystem of the Linux kernel. If the catchal ... oval:org.secpod.oval:def:19500502 An issue was discovered in the Linux kernel before 6.5.9, exploitable by local users with userspace access to MMIO registers. Incorrect access checking in the #VC handler and instruction emulation of the SEV-ES emulation of MMIO accesses could lead to arbitrary write access to kernel memory . This d ... oval:org.secpod.oval:def:1501774 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501773 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501780 The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel mishandles DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service (double free) via an application that makes an IPV6_RECVPKTINFO setsocko ... oval:org.secpod.oval:def:97783 [CLSA-2024:1705494430] kernel: Fix of 13 CVEs oval:org.secpod.oval:def:97544 [CLSA-2021:1632261664] Fixed CVEs in kernel: CVE-2021-27365, CVE-2021-27363, CVE-2021-27364 oval:org.secpod.oval:def:19500291 A use-after-free flaw was found in the Netfilter subsystem of the Linux kernel when processing named and anonymous sets in batch requests, which can lead to performing arbitrary reads and writes in kernel memory. This flaw allows a local user with CAP_NET_ADMIN capability to crash or potentially esc ... oval:org.secpod.oval:def:19500057 A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2 attacks on L1 due to L1 thinking it doesn't need retpolines or IBPB after running L2 due to KVM advertising eIBRS support to L1. An attacker at L2 with code execution ... oval:org.secpod.oval:def:1701585 A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality oval:org.secpod.oval:def:19500276 An issue was found in the Linux kernel's IPv6 TCP connection tracking code, which could lead to high CPU usage with certain traffic patterns oval:org.secpod.oval:def:1701575 A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality. A use-after-free vulnerability was found in the Linux kernel's netfilter subsystem in net/netfilter/nf_tables_api.c.Mishandled error handling with NFT_MSG_NEWRULE makes it po ... oval:org.secpod.oval:def:1701574 A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality oval:org.secpod.oval:def:1701573 A Gather Data Sampling transient execution side-channel vulnerability was found affecting certain Intel processors. This issue may allow a local attacker using gather instruction to infer stale data from previously used vector registers on the same physical core. A division-by-zero error on some A ... oval:org.secpod.oval:def:95300 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): kernel: tun: avoid double free in tun_free_netdev (CVE-2022-4744) kernel: net/sched: multiple vulnerabilities (CVE-2023-3609, CVE-2023-3611, CVE-2023-4128, CVE-2023-4206, CVE-2023-4207, CVE-2023- ... oval:org.secpod.oval:def:19500258 A flaw was found in the Linux kernel's networking subsystem within the RPL protocol's handling. This issue results from the improper handling of user-supplied data, which can lead to an assertion failure. This flaw allows an unauthenticated, remote attacker to create a denial of service condition on ... oval:org.secpod.oval:def:19500463 A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.Due to a race condition between nf_tables netlink control plane transaction and nft_set element garbage collection, it is possible to underflow the reference cou ... oval:org.secpod.oval:def:19500238 In the Linux kernel through 6.2.7, fs/ntfs3/inode.c has an invalid kfree because it does not validate MFT flags before replaying logs oval:org.secpod.oval:def:1601703 A use-after-free vulnerability was found in the Linux kernel's ext4 filesystem in the way it handled the extra inode size for extended attributes. This flaw could allow a privileged local user to cause a system crash or other undefined behaviors. qfq_change_class in net/sched/sch_qfq.c in the Linux ... oval:org.secpod.oval:def:1701999 An out-of-bounds read vulnerability was found in the NVMe-oF/TCP subsystem in the Linux kernel. This flaw allows a remote attacker to send a crafted TCP packet, triggering a heap-based buffer overflow that results in kmalloc data to be printed to the kernel ring buffer . A heap out-of-bounds write ... oval:org.secpod.oval:def:1601736 An issue was found in the Linux kernel's IPv6 TCP connection tracking code, which could lead to high CPU usage with certain traffic patterns oval:org.secpod.oval:def:1701985 A use-after-free flaw was found in vcs_read in drivers/tty/vt/vc_screen.c in vc_screen in the Linux Kernel. In this flaw an attacker with local user access may lead to a system crash or a leak of internal kernel information oval:org.secpod.oval:def:19500429 An integer overflow in kmalloc_reserve in the Linux kernel may allow a local user to crash the system, or in some cases obtain code execution in kernel space. A use-after-free vulnerability in the Linux kernel's net/sched: sch_hfsc component can be exploited to achieve local privilege escalation.If ... oval:org.secpod.oval:def:205851 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: out-of-bounds read in libiscsi module * kernel: heap buffer overflow in the iSCSI subsystem * kernel: iscsi: unrestricted access to sessions and handles For more details about the securit ... oval:org.secpod.oval:def:19500404 KVM: arm64: Prevent unconditional donation of unmapped regions from the hostNOTE: https://source.android.com/docs/security/bulletin/2023-08-01NOTE: https://git.kernel.org/linus/09cce60bddd6461a93a5bf434265a47827d1bc6f A vulnerability was found due to a missing lock for the IOPOLL in io_cqring_event_ ... oval:org.secpod.oval:def:1507356 [3.10.0-1160.108.1.0.1.el7.OL7] - debug: lock down kgdb [Orabug: 34270798] {CVE-2022-21499} [3.10.0-1160.108.1.el7.OL7] - Update Oracle Linux certificates - Oracle Linux RHCK Module Signing Key was compiled into kernel - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 & ... oval:org.secpod.oval:def:1700836 A use-after-free flaw was found in the Linux kernel's NFC LLCP protocol implementation in the way the user performs manipulation with an unknown input for the llcp_sock_bind function. This flaw allows a local user to crash or escalate their privileges on the system. A use-after-free flaw was found i ... oval:org.secpod.oval:def:1507366 [4.18.0-513.18.0.2.el8_9] - net/sched: sch_hfsc: Ensure inner classes have fsc curve {CVE-2023-4623} - net/sched: sch_hfsc: upgrade "rt" to "sc" when it becomes a inner curve {CVE-2023-4623} - x86/sev: Check for user-space IOIO pointing to kernel space {CVE-2023-46813} - x86/sev: Check IOBM for IOIO ... oval:org.secpod.oval:def:1700834 An issue was discovered in the Linux kernel. Fastrpc_internal_invoke in drivers/misc/fastrpc.c does not prevent user applications from sending kernel RPC messages. This is a related issue to CVE-2019-2308. A flaw was found in the Linux kernel. The rtw_wx_set_scan driver allows writing beyond the end ... oval:org.secpod.oval:def:1507380 [5.14.0-362.18.1.el9_3.OL9] - Update Oracle Linux certificates - Disable signing for aarch64 - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 = 15.3-1.0.5.el9 - Remove ... oval:org.secpod.oval:def:1700813 A NULL pointer dereference flaw was found in the Linux kernel's GPU Nouveau driver functionality in the way the user calls ioctl DRM_IOCTL_NOUVEAU_CHANNEL_ALLOC. This flaw allows a local user to crash the system. An issue was discovered in the Linux kernel 3.11 through 5.10.16, as used by Xen. To se ... oval:org.secpod.oval:def:95286 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: net/sched: sch_qfq component can be exploited if in qfq_change_agg function happens qfq_enqueue overhead (CVE-2023-3611) * kernel: net/sched: cls_fw component can be exploited as result ... oval:org.secpod.oval:def:1507181 [4.18.0-513.9.1.el8_9.OL8] - media: dvb-core: Fix use-after-free due to race at dvb_register_device {CVE-2022-45884} - cifs: Fix UAF in cifs_demultiplex_thread {CVE-2023-1192} - nvmet-tcp: Fix a possible UAF in queue intialization setup {CVE-2023-5178} - net: tun: fix bugs for oversize packet whe ... oval:org.secpod.oval:def:1702121 A memory corruption flaw was found in the Linux kernel's human interface device subsystem in how a user inserts a malicious USB device. This flaw allows a local user to crash or potentially escalate their privileges on the system. In the Linux kernel 6.0.8, there is a use-after-free in inode_cgwb_m ... oval:org.secpod.oval:def:19500196 kernel: Type confusion in pick_next_rt_entity, which can result in memory corruption. A flaw use after free in the Linux kernel integrated infrared receiver/transceiver driver was found in the way user detaching rc device. A local user could use this flaw to crash the system or potentially escalate ... oval:org.secpod.oval:def:204442 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A use-after-free flaw was found in the way the Linux kernel"s Datagram Congestion Control Protocol implementation freed SKB resources for a DCCP_PKT_REQUEST packet when the IPV6_RECVPKTINFO option ... oval:org.secpod.oval:def:204446 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A use-after-free flaw was found in the way the Linux kernel"s Datagram Congestion Control Protocol implementation freed SKB resources for a DCCP_PKT_REQUEST packet when the IPV6_RECVPKTINFO option ... oval:org.secpod.oval:def:19500174 qfq_change_class in net/sched/sch_qfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write because lmax can exceed QFQ_MIN_LMAX oval:org.secpod.oval:def:1701238 A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2 attacks on L1 due to L1 thinking it doesn't need retpolines or IBPB after running L2 due to KVM advertising eIBRS support to L1. An attacker at L2 with code execution ... oval:org.secpod.oval:def:1506973 [3.10.0-1160.99.1.0.1.el7.OL7] - debug: lock down kgdb [Orabug: 34270798] {CVE-2022-21499} [3.10.0-1160.99.1.el7.OL7] - Update Oracle Linux certificates - Oracle Linux RHCK Module Signing Key was compiled into kernel - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 < ... oval:org.secpod.oval:def:1701231 In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure during the renaming of a device oval:org.secpod.oval:def:19500387 A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality. A buffer overrun vulnerability was found in the netback driver in Xen due to an unusual split packet. This flaw allows an unprivileged guest to cause a denial of service of ... oval:org.secpod.oval:def:1701228 A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2 attacks on L1 due to L1 thinking it doesn't need retpolines or IBPB after running L2 due to KVM advertising eIBRS support to L1. An attacker at L2 with code execution ... oval:org.secpod.oval:def:1701220 A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2 attacks on L1 due to L1 thinking it doesn't need retpolines or IBPB after running L2 due to KVM advertising eIBRS support to L1. An attacker at L2 with code execution ... oval:org.secpod.oval:def:2501253 The kernel packages contain the Linux kernel, the core of any Linux operating system. oval:org.secpod.oval:def:1505839 [4.18.0-372.9.1.0.2.el8.OL8] - debug: lockdown kgdb [Orabug: 34270802] {CVE-2022-21499} [4.18.0-372.9.1.0.1.el8.OL8] - mei: me: disable driver on the ign firmware [Orabug: 34176425] oval:org.secpod.oval:def:19500342 An issue was discovered in the Linux kernel before 6.2. The ntfs3 subsystem does not properly check for correctness during disk reads, leading to an out-of-bounds read in ntfs_set_ea in fs/ntfs3/xattr.c. An issue in "Zen 2" CPUs, under specific microarchitectural circumstances, may allow an attacker ... oval:org.secpod.oval:def:19500358 An out-of-bounds write vulnerability in the Linux kernel's net/sched: sch_qfq component can be exploited to achieve local privilege escalation.The qfq_change_agg function in net/sched/sch_qfq.c allows an out-of-bounds write because lmax is updated according to packet sizes without bounds checks.We r ... oval:org.secpod.oval:def:19500115 It has been discovered that on some AMD CPUs, the RAS is dynamically partitioned between non-idle threads. This allows an attacker to control speculative execution on the adjacent thread. The upstream bug report describes this issue as follows:A flaw found in the Linux Kernel in RDS protocol. The ... oval:org.secpod.oval:def:1701892 An issue was discovered in drivers/mtd/ubi/cdev.c in the Linux kernel 6.2. There is a divide-by-zero error in do_div, used indirectly by ctrl_cdev_ioctl, when mtd-greater than erasesize is 0. A flaw in the kernel Xen event handler can cause a deadlock with Xen console handling in unprivileged Xen gu ... oval:org.secpod.oval:def:501979 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A use-after-free flaw was found in the way the Linux kernel"s Datagram Congestion Control Protocol implementation freed SKB resources for a DCCP_PKT_REQUEST packet when the IPV6_RECVPKTINFO option ... oval:org.secpod.oval:def:1701839 A flaw was found in rsvp_change. The root cause is an slab-out-of-bound access, but since the offset to the original pointer is an `unsign int` fully controlled by users, the behavior is usually a wild pointer access. A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables componen ... oval:org.secpod.oval:def:1701843 A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.Due to a race condition between nf_tables netlink control plane transaction and nft_set element garbage collection, it is possible to underflow the reference cou ... oval:org.secpod.oval:def:501980 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A use-after-free flaw was found in the way the Linux kernel"s Datagram Congestion Control Protocol implementation freed SKB resources for a DCCP_PKT_REQUEST packet when the IPV6_RECVPKTINFO option ... oval:org.secpod.oval:def:1701833 A use-after-free vulnerability in the Linux kernel's net/sched: cls_route component can be exploited to achieve local privilege escalation.When route4_change is called on an existing filter, the whole tcf_result struct is always copied into the new instance of the filter. This causes a problem when ... oval:org.secpod.oval:def:509085 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: kernel: netfilter: potential slab-out-of-bound access due to integer underflow For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related inform ... oval:org.secpod.oval:def:1701819 A flaw was found in the Linux kernel's IP framework for transforming packets . This issue may allow a malicious user with CAP_NET_ADMIN privileges to directly dereference a NULL pointer in xfrm_update_ae_params, leading to a possible kernel crash and denial of service. A use-after-free vulnerability ... oval:org.secpod.oval:def:1701821 A flaw was found in the Linux kernel's IP framework for transforming packets . This issue may allow a malicious user with CAP_NET_ADMIN privileges to directly dereference a NULL pointer in xfrm_update_ae_params, leading to a possible kernel crash and denial of service. The upstream commit describes ... oval:org.secpod.oval:def:1701820 A use-after-free vulnerability in the Linux kernel's net/sched: cls_route component can be exploited to achieve local privilege escalation.When route4_change is called on an existing filter, the whole tcf_result struct is always copied into the new instance of the filter. This causes a problem when ... oval:org.secpod.oval:def:509094 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: kernel: tun: bugs for oversize packet when napi frags enabled in tun_napi_alloc_frags kernel: use after free in unix_stream_sendpage kernel: net/sched: sch_hfsc UAF kernel: use after free in nvmet_ ... oval:org.secpod.oval:def:1701809 A use-after-free vulnerability in the Linux kernel's net/sched: sch_hfsc component can be exploited to achieve local privilege escalation.If a class with a link-sharing curve has a parent without a link-sharing curve, then init_vf will call vttree_insert on the parent, but vttree_remove will be sk ... oval:org.secpod.oval:def:1507002 - [5.14.0-284.30.0.1.el9_2.OL9] - x86/tsx: Add a feature bit for TSX control MSR support {CVE-2023-1637} - x86/speculation: Restore speculation related MSRs {CVE-2023-1637} - x86/pm: Save the MSR validity status at context setup {CVE-2023-1637} - x86/pm: Fix false positive kmemleak report in msr_bui ... oval:org.secpod.oval:def:1701811 The upstream commit describes this issue as follows:The missing IP_SET_HASH_WITH_NET0 macro in ip_set_hash_netportnet can lead to the use of wrong `CIDR_POS` for calculating array offsets, which can lead to integer underflow. As a result, it leads to slab out-of-bound access. A use-after-free vulner ... oval:org.secpod.oval:def:507926 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: cls_flower: out-of-bounds write in fl_set_geneve_opt * hw: amd: Cross-Process Information Leak For more details about the security issue, including the impact, a CVSS score, acknowledgment ... oval:org.secpod.oval:def:1700909 A use-after-free flaw was found in the Linux kernel's FUSE filesystem in the way a user triggers write. This flaw allows a local user to gain unauthorized access to data from the FUSE filesystem, resulting in privilege escalation. A vulnerability was found in the pfkey_register function in net/key/a ... oval:org.secpod.oval:def:1507227 [5.14.0-362.13.1.el9_3.OL9] - x86/retpoline: Document some thunk handling aspects {CVE-2023-20569} - objtool: Fix return thunk patching in retpolines {CVE-2023-20569} - x86/srso: Remove unnecessary semicolon {CVE-2023-20569} - x86/calldepth: Rename __x86_return_skl to call_depth_return_thunk {CV ... oval:org.secpod.oval:def:507586 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: tun: avoid double free in tun_free_netdev * ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF * kernel: net: CPU soft lockup in TC mirred egress-to-ingress action For mor ... oval:org.secpod.oval:def:19500230 A denial of service problem was found, due to a possible recursive locking scenario, resulting in a deadlock in table_clear in drivers/md/dm-ioctl.c in the Linux Kernel Device Mapper-Multipathing sub-component. In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processin ... oval:org.secpod.oval:def:1506630 [4.18.0-477.13.1_8.OL8] - Update Oracle Linux certificates - Disable signing for aarch64 - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 - Remove upstream reference d ... oval:org.secpod.oval:def:19500169 do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6.2.6 lacks a lock_sock call, leading to a race condition oval:org.secpod.oval:def:19500173 A flaw was found in the Linux kernel Traffic Control subsystem. Using a specific networking configuration a local unprivileged user could trigger a CPU soft lockup when the transport protocol in use does a retransmission, resulting in a denial of service condition. A NULL pointer dereference has ... oval:org.secpod.oval:def:2500473 The kernel packages contain the Linux kernel, the core of any Linux operating system. oval:org.secpod.oval:def:1701102 A flaw was found in the Linux kernel. A denial of service flaw may occur if there is a consecutive request of the NVME_IOCTL_RESET and the NVME_IOCTL_SUBSYS_RESET through the device file of the driver, resulting in a PCIe link disconnect oval:org.secpod.oval:def:1701100 A flaw was found in the Linux kernel. A denial of service flaw may occur if there is a consecutive request of the NVME_IOCTL_RESET and the NVME_IOCTL_SUBSYS_RESET through the device file of the driver, resulting in a PCIe link disconnect oval:org.secpod.oval:def:4501206 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: memory corruption in AX88179_178A based USB ethernet device. * kernel: i915: Incorrect GPU TLB flush can lead to random memory access For more details about the security issue, including t ... oval:org.secpod.oval:def:1601729 A use-after-free flaw was found in nf_tables cross-table in the net/netfilter/nf_tables_api.c function in the Linux kernel. This flaw allows a local, privileged attacker to cause a use-after-free problem at the time of table deletion, possibly leading to local privilege escalation. A heap buffer ove ... oval:org.secpod.oval:def:2500919 The kernel packages contain the Linux kernel, the core of any Linux operating system. oval:org.secpod.oval:def:4500057 The kernel packages contain the Linux kernel, the core of any Linux operating system. For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. oval:org.secpod.oval:def:507880 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: ipvlan: out-of-bounds write caused by unclear skb-cb * kernel: cls_flower: out-of-bounds write in fl_set_geneve_opt * kernel: KVM: x86/mmu: race condition in direct_page_fault * kernel: s ... oval:org.secpod.oval:def:1701267 RESERVEDNOTE: https://www.openwall.com/lists/oss-security/2022/12/14/3NOTE: https://lore.kernel.org/all/1670885411-10060-1-git-send-email-dai.ngo@oracle.com/ do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6.2.6 lacks a lock_sock call, leading to a race condition oval:org.secpod.oval:def:1701239 A flaw was found in the Linux kernel's Layer 2 Tunneling Protocol . A missing lock when clearing sk_user_data can lead to a race condition and NULL pointer dereference. A local user could use this flaw to potentially crash the system causing a denial of service oval:org.secpod.oval:def:1701219 A flaw was found in the Linux kernel's Layer 2 Tunneling Protocol . A missing lock when clearing sk_user_data can lead to a race condition and NULL pointer dereference. A local user could use this flaw to potentially crash the system causing a denial of service oval:org.secpod.oval:def:73715 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: use-after-free in net/bluetooth/hci_event.c when destroying an hci_chan * kernel: security bypass in certs/blacklist.c and certs/system_keyring.c For more details about the security issue, ... oval:org.secpod.oval:def:1700994 An out-of-bounds write flaw was found in the Linux kernel's framebuffer-based console driver functionality in the way a user triggers ioctl FBIOPUT_VSCREENINFO with malicious data. This flaw allows a local user to crash or potentially escalate their privileges on the system. The Linux kernel before ... oval:org.secpod.oval:def:1506389 [3.10.0-1160.83.1.0.1.el7.OL7] - debug: lock down kgdb [Orabug: 34270798] {CVE-2022-21499} [3.10.0-1160.83.1.el7.OL7] - Update Oracle Linux certificates - Oracle Linux RHCK Module Signing Key was compiled into kernel - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 15- ... oval:org.secpod.oval:def:1506351 [4.18.0-425.10.1.el8.OL8] - Update Oracle Linux certificates - Disable signing for aarch64 - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 15.3-1.0.3 - Remove upstrea ... oval:org.secpod.oval:def:1702036 A race condition leading to a use-after-free issue was found in the QXL driver in the Linux kernel. A use-after-free vulnerability in the Linux kernel's ipv4: igmp component can be exploited to achieve local privilege escalation.A race condition can be exploited to cause a timer be mistakenly regist ... oval:org.secpod.oval:def:507734 The kernel packages contain the Linux kernel, the core of any Linux operating system. The following packages have been upgraded to a later upstream version: kernel . Security Fix: * use-after-free caused by l2cap_reassemble_sdu in net/bluetooth/l2cap_core.c * net/ulp: use-after-free in listening U ... oval:org.secpod.oval:def:1701153 In the Linux kernel before 6.1.6, a NULL pointer dereference bug in the traffic control subsystem allows an unprivileged user to trigger a denial of service via a crafted traffic control configuration that is set up with "tc qdisc" and "tc class" commands. This affects qdisc_graft in net/sched/sch_ ... oval:org.secpod.oval:def:2600093 The kernel packages contain the Linux kernel, the core of any Linux operating system. oval:org.secpod.oval:def:1701143 In the Linux kernel before 6.1.6, a NULL pointer dereference bug in the traffic control subsystem allows an unprivileged user to trigger a denial of service via a crafted traffic control configuration that is set up with "tc qdisc" and "tc class" commands. This affects qdisc_graft in net/sched/sch_ ... oval:org.secpod.oval:def:507595 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: stack overflow in do_proc_dointvec and proc_skip_spaces * ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF * kernel: FUSE filesystem low-privileged user privileges escala ... oval:org.secpod.oval:def:1701139 Guests can trigger NIC interface reset/abort/crash via netback It is possible for a guest to trigger a NIC interface reset/abort/crash in a Linux based network backend by sending certain kinds of packets. It appears to be an assumption in the rest of the Linux network stack that packet protocol hea ... oval:org.secpod.oval:def:5800008 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: watch queue race condition can lead to privilege escalation * kernel: memory corruption in AX88179_178A based USB ethernet device. * kernel: i915: Incorrect GPU TLB flush can lead to rando ... oval:org.secpod.oval:def:507364 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * off-path attacker may inject data or terminate victim"s TCP session. oval:org.secpod.oval:def:1505998 [4.18.0-372.26.1.0.1.el8_6.OL8] - Update Oracle Linux certificates - Disable signing for aarch64 - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 15-11.0.5 debug: lock ... oval:org.secpod.oval:def:5800066 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * posix cpu timer use-after-free may lead to local privilege escalation * Unprivileged users may use PTRACE_SEIZE to set PTRACE_O_SUSPEND_SECCOMP option For more details about the security issue, in ... oval:org.secpod.oval:def:1505928 [3.10.0-1160.76.1.0.1.el7.OL7] [debug: lock down kgdb [Orabug: 34270798] {CVE-2022-21499} [3.10.0-1160.76.1.el7.OL7] [Update Oracle Linux certificates [Oracle Linux RHCK Module Signing Key was compiled into kernel [Update x509.genkey [Orabug: 24817676] [Conflict with shim-ia32 and shim-x64 lt;= 15- ... oval:org.secpod.oval:def:507542 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: mm/mremap.c use-after-free vulnerability * kernel: nfsd buffer overflow by RPC message over TCP with garbage data * kernel: an out-of-bounds vulnerability in i2c-ismt driver For more deta ... oval:org.secpod.oval:def:1701101 A memory overflow vulnerability was found in the Linux kernel's ipc functionality of the memcg subsystem, in the way a user calls the semget function multiple times, creating semaphores. This flaw allows a local user to starve the resources, causing a denial of service. The highest threat from this ... oval:org.secpod.oval:def:1505933 [5.14.0-70.22.1.0.1.el9_0.OL9] [lockdown: also lock down previous kgdb use [Orabug: 34290418] {CVE-2022-21499} [5.14.0-70.22.1.el9_0.OL9] [Update Oracle Linux certificates [Disable signing for aarch64 [Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list [Orabug: 295392 ... oval:org.secpod.oval:def:507550 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: use-after-free caused by l2cap_reassemble_sdu in net/bluetooth/l2cap_core.c * kernel: stack overflow in do_proc_dointvec and proc_skip_spaces * kernel: use-after-free in __nfs42_ssc_open i ... oval:org.secpod.oval:def:97725 [CLSA-2023:1682705952] kernel: Fix of 7 CVEs oval:org.secpod.oval:def:4501210 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: mm/mremap.c use-after-free vulnerability * kernel: nfsd buffer overflow by RPC message over TCP with garbage data * kernel: an out-of-bounds vulnerability in i2c-ismt driver For more deta ... oval:org.secpod.oval:def:1506672 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1506440 [4.18.0-425.13.1.el8_7.OL8] - Update Oracle Linux certificates - Disable signing for aarch64 - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list oval:org.secpod.oval:def:1506453 - [5.14.0-162.18.1.el9_1.OL9] - Update Oracle Linux certificates - Disable signing for aarch64 - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64] - Remove nmap referenc ... oval:org.secpod.oval:def:507148 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * Incomplete cleanup of multi-core shared buffers * Incomplete cleanup of microarchitectural fill buffers * Incomplete cleanup in specific special register write operations For more details abou ... oval:org.secpod.oval:def:507164 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: heap overflow in nft_set_elem_init * kernel: vulnerability of buffer overflow in nft_set_desc_concat_parse For more details about the security issue, including the impact, a CVSS score, ac ... oval:org.secpod.oval:def:2600088 The kernel packages contain the Linux kernel, the core of any Linux operating system. oval:org.secpod.oval:def:1506024 [5.14.0-70.26.1.0.1.el9_0.OL9] - lockdown: also lock down previous kgdb use oval:org.secpod.oval:def:1506245 [5.14.0-162.6.1_1.OL9] - Update Oracle Linux certificates - Disable signing for aarch64 - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 - Remove nmap references from ... oval:org.secpod.oval:def:2600007 The kernel packages contain the Linux kernel, the core of any Linux operating system. oval:org.secpod.oval:def:2600002 The kernel packages contain the Linux kernel, the core of any Linux operating system. oval:org.secpod.oval:def:1601589 An out-of-bounds write flaw was found in the Linux kernel and rsquo;s framebuffer-based console driver functionality in the way a user triggers ioctl FBIOPUT_VSCREENINFO with malicious data. This flaw allows a local user to crash or potentially escalate their privileges on the system. A vulnerabilit ... oval:org.secpod.oval:def:2500940 The kernel packages contain the Linux kernel, the core of any Linux operating system. oval:org.secpod.oval:def:1701099 A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function ipv6_renew_options of the component IPv6 Handler. The manipulation leads to memory leak. The attack can be launched remotely. It is recommended to apply a patch to fix this ... oval:org.secpod.oval:def:1701077 In v4l2_m2m_querybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ... oval:org.secpod.oval:def:206019 Security Fix: kernel: stack overflow in do_proc_dointvec and proc_skip_spaces kernel: use-after-free related to leaf anon_vma double reuse For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in ... oval:org.secpod.oval:def:1701284 A double-free flaw was found in the Linux kernel and rsquo;s TUN/TAP device driver functionality in how a user registers the device when the register_netdevice function fails . This flaw allows a local user to crash or potentially escalate their privileges on the system. A use-after-free flaw was fo ... oval:org.secpod.oval:def:507614 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: stack overflow in do_proc_dointvec and proc_skip_spaces For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer ... oval:org.secpod.oval:def:1701274 A flaw was found in the Linux kernel Traffic Control subsystem. Using a specific networking configuration a local unprivileged user could trigger a CPU soft lockup when the transport protocol in use does a retransmission, resulting in a denial of service condition. RESERVEDNOTE: https://www.open ... oval:org.secpod.oval:def:507241 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A use-after-free in cls_route filter implementation may lead to privilege escalation * Information leak in scsi_ioctl * A kernel-info-leak issue in pfkey_register * RetBleed Arbitrary Speculative ... oval:org.secpod.oval:def:507249 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * a use-after-free in cls_route filter implementation may lead to privilege escalation * RetBleed Arbitrary Speculative Code Execution with Return Instructions * Branch Type Confusion * Intel: Pos ... oval:org.secpod.oval:def:507258 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * posix cpu timer use-after-free may lead to local privilege escalation * Unprivileged users may use PTRACE_SEIZE to set PTRACE_O_SUSPEND_SECCOMP option For more details about the security issue, in ... oval:org.secpod.oval:def:507498 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: watch queue race condition can lead to privilege escalation * kernel: memory corruption in AX88179_178A based USB ethernet device. * kernel: i915: Incorrect GPU TLB flush can lead to rando ... oval:org.secpod.oval:def:1505815 [3.10.0-1160.71.1.0.1.el7] - debug: lock down kgdb [Orabug: 34270798] {CVE-2022-21499} [3.10.0-1160.71.1.el7.OL7] - Update Oracle Linux certificates - Oracle Linux RHCK Module Signing Key was compiled into kernel - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 less th ... oval:org.secpod.oval:def:1505818 [4.18.0-372.16.1.0.1.el8_6.OL8] - Update Oracle Linux certificates - Disable signing for aarch64 - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 less than or equal 15 ... oval:org.secpod.oval:def:507697 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * use-after-free in l2cap_connect and l2cap_le_connect_req in net/bluetooth/l2cap_core.c * net/ulp: use-after-free in listening ULP sockets * cpu: AMD CPUs may transiently execute beyond uncondition ... oval:org.secpod.oval:def:1506784 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:2600144 The kernel packages contain the Linux kernel, the core of any Linux operating system. oval:org.secpod.oval:def:507272 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * off-path attacker may inject data or terminate victim"s TCP session. oval:org.secpod.oval:def:1506533 [3.10.0-1160.90.1.0.1.el7.OL7] - debug: lock down kgdb [Orabug: 34270798] {CVE-2022-21499} [3.10.0-1160.90.1.el7.OL7] - Update Oracle Linux certificates - Oracle Linux RHCK Module Signing Key was compiled into kernel - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 lt; ... oval:org.secpod.oval:def:2500804 The kernel packages contain the Linux kernel, the core of any Linux operating system. oval:org.secpod.oval:def:507907 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: use-after-free in l2cap_connect and l2cap_le_connect_req in net/bluetooth/l2cap_core.c * kernel: tcindex: use-after-free vulnerability in traffic control index filter allows privilege escal ... oval:org.secpod.oval:def:1506390 [5.14.0-162.12.1.el9_1.OL9] - Update Oracle Linux certificates - Disable signing for aarch64 - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 15.3-1.0.5] - Remove nmap ... oval:org.secpod.oval:def:1506178 [4.18.0-425.3.1.OL8] - Update Oracle Linux certificates - Disable signing for aarch64 - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 - Remove upstream reference duri ... oval:org.secpod.oval:def:2500850 The kernel packages contain the Linux kernel, the core of any Linux operating system. oval:org.secpod.oval:def:2500835 The kernel packages contain the Linux kernel, the core of any Linux operating system. oval:org.secpod.oval:def:2500228 The kernel packages contain the Linux kernel, the core of any Linux operating system. oval:org.secpod.oval:def:2500525 The kernel packages contain the Linux kernel, the core of any Linux operating system. oval:org.secpod.oval:def:1505588 [4.18.0-348.23.1.el8_5.OL8] - Update Oracle Linux certificates - Disable signing for aarch64 - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 lt;= 15-11.0.5.el8 [4.18. ... oval:org.secpod.oval:def:1601512 A flaw in the processing of received ICMP errors in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypass the source port UDP randomization. The highest threat from this vulnerability is to confid ... oval:org.secpod.oval:def:1700859 Amazon Linux has been made aware of a potential Branch Target Injection issue . This is a known cross-domain transient execution attack where a third party may seek to cause a disclosure gadget to be speculatively executed after an indirect branch prediction. Generally, actors who attempt transient ... oval:org.secpod.oval:def:78275 The kernel packages contain the Linux kernel, the core of any Linux operating system. The following packages have been upgraded to a later upstream version: kernel . Security Fix: * kernel: improper initialization of the flags member of the new pipe_buffer * kernel: Use After Free in unix_gc which ... oval:org.secpod.oval:def:1700863 Amazon Linux has been made aware of a potential Branch Target Injection issue . This is a known cross-domain transient execution attack where a third party may seek to cause a disclosure gadget to be speculatively executed after an indirect branch prediction. Generally, actors who attempt transient ... oval:org.secpod.oval:def:1700867 Amazon Linux has been made aware of a potential Branch Target Injection issue . This is a known cross-domain transient execution attack where a third party may seek to cause a disclosure gadget to be speculatively executed after an indirect branch prediction. Generally, actors who attempt transient ... oval:org.secpod.oval:def:1601529 A buffer overflow flaw was found in the Linux kernel's NFC protocol functionality. This flaw allows a local user to crash or escalate their privileges on the system. A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a loca ... oval:org.secpod.oval:def:1700837 A denial of service flaw for virtual machine guests in the Linux kernel's Xen hypervisor subsystem was found in the way users call some interrupts with high frequency from one of the guests.A local user could use this flaw to starve the resources resulting in a denial of service. A denial of service ... oval:org.secpod.oval:def:1601520 Amazon Linux has been made aware of a potential Branch Target Injection issue . This is a known cross-domain transient execution attack where a third party may seek to cause a disclosure gadget to be speculatively executed after an indirect branch prediction. Generally, actors who attempt transient ... oval:org.secpod.oval:def:1700825 A denial of service flaw for virtual machine guests in the Linux kernel's Xen hypervisor subsystem was found in the way users call some interrupts with high frequency from one of the guests.A local user could use this flaw to starve the resources resulting in a denial of service. A denial of service ... oval:org.secpod.oval:def:1506014 [2.6.32-754.35.1.0.6.OL6] [[:digit]o_epoll_ctl: clean the failure exits up a bit {CVE-2020-0466} [Orabug: 34086960] - epoll: Keep a reference on files added to the check list {CVE-2020-0466} [Orabug: 34086960] - fix regression in "epoll: Keep a reference on files added to the check list {CVE-2021 ... oval:org.secpod.oval:def:4500017 The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed i ... oval:org.secpod.oval:def:4500078 The kernel packages contain the Linux kernel, the core of any Linux operating system. For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. oval:org.secpod.oval:def:97631 [CLSA-2022:1650986589] Fix of CVE: CVE-2021-0920, CVE-2022-0492, CVE-2020-0466, CVE-2021-4155 oval:org.secpod.oval:def:4501323 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: In Overlayfs missing a check for a negative dentry before calling vfs_rename For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other relate ... oval:org.secpod.oval:def:97622 [CLSA-2022:1650377052] Fix of CVE: CVE-2022-28390, CVE-2021-3609 oval:org.secpod.oval:def:19500119 2023-05-11: CVE-2023-2019 was added to this advisory.A flaw was found in the Linux kernel's netdevsim device driver, within the scheduling of events. This issue results from the improper management of a reference count. This may allow an attacker to create a denial of service condition on the system ... oval:org.secpod.oval:def:1505228 [4.18.0-348.2.1_5.OL8] - Update Oracle Linux certificates - Disable signing for aarch64 - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 [4.18.0-348.2.1_5] - tipc: fix ... oval:org.secpod.oval:def:1505650 [4.18.0-372.9.1.OL8] - Update Oracle Linux certificates - Disable signing for aarch64 - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 [4.18.0-372.9.1] - scsi: qedi: F ... oval:org.secpod.oval:def:1505424 [4.18.0-348.7.1_5.OL8] - Update Oracle Linux certificates - Disable signing for aarch64 - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 [4.18.0-348.7.1_5] - sched: Fi ... oval:org.secpod.oval:def:2500423 The kernel packages contain the Linux kernel, the core of any Linux operating system. oval:org.secpod.oval:def:1601643 A flaw in the processing of received ICMP errors in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypass the source port UDP randomization. The highest threat from this vulnerability is to confid ... oval:org.secpod.oval:def:506838 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: use after free in eventpoll.c may lead to escalation of privilege * kernel: Use After Free in unix_gc which could result in a local privilege escalation * kernel: xfs: raw block device dat ... oval:org.secpod.oval:def:2600105 The kernel packages contain the Linux kernel, the core of any Linux operating system. oval:org.secpod.oval:def:1600061 The sctp_process_param function in net/sctp/sm_make_chunk.c in the SCTP implementation in the Linux kernel before 3.17.4, when ASCONF is used, allows remote attackers to cause a denial of service via a malformed INIT chunk. The pivot_root implementation in fs/namespace.c in the Linux kernel through ... oval:org.secpod.oval:def:4501274 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: SVM nested virtualization issue in KVM For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page ... oval:org.secpod.oval:def:1500897 Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are ... oval:org.secpod.oval:def:97556 [CLSA-2021:1632261987] Fixed CVE-2021-33909 in kernel oval:org.secpod.oval:def:97562 [CLSA-2021:1632262296] Fix of 12 CVEs in kernel oval:org.secpod.oval:def:1503941 Updated kernel packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, whic ... oval:org.secpod.oval:def:205891 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: out-of-bounds write in xt_compat_target_from_user in net/netfilter/x_tables.c * kernel: race condition for removal of the HCI controller * kernel: powerpc: RTAS calls can be used to compro ... oval:org.secpod.oval:def:205897 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: use-after-free in route4_change in net/sched/cls_route.c For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer ... oval:org.secpod.oval:def:205880 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: size_t-to-int conversion vulnerability in the filesystem layer * kernel: use-after-free in net/bluetooth/hci_event.c when destroying an hci_chan * kernel: use-after-free in show_numa_stats ... oval:org.secpod.oval:def:2500479 The kernel packages contain the Linux kernel, the core of any Linux operating system. oval:org.secpod.oval:def:2500464 The kernel packages contain the Linux kernel, the core of any Linux operating system. oval:org.secpod.oval:def:2500294 The kernel packages contain the Linux kernel, the core of any Linux operating system. oval:org.secpod.oval:def:4500101 The kernel packages contain the Linux kernel, the core of any Linux operating system. For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. oval:org.secpod.oval:def:1700696 A flaw was found in the Linux kernel, where an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack. This issue occurs when the protection mechanism neglects the possibility of uninitialized memory locations on the BPF stack. ... oval:org.secpod.oval:def:1500900 Updated kernel packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are avai ... oval:org.secpod.oval:def:506292 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: race condition in net/can/bcm.c leads to local privilege escalation * kernel: Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks * kernel: out-of-bounds write in xt_comp ... oval:org.secpod.oval:def:2500335 The kernel packages contain the Linux kernel, the core of any Linux operating system. oval:org.secpod.oval:def:2500322 The kernel packages contain the Linux kernel, the core of any Linux operating system. oval:org.secpod.oval:def:1505310 [3.10.0-1160.49.1.OL7] - Update Oracle Linux certificates - Oracle Linux RHCK Module Signing Key was compiled into kernel - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 - Update oracle value to match new certificate [3.10.0-1160.49.1] - NFS: Fix interrupted slots b ... oval:org.secpod.oval:def:2500315 The kernel packages contain the Linux kernel, the core of any Linux operating system. oval:org.secpod.oval:def:501495 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel"s SCTP implementation validated INIT chunks when performing Address Configuration Change . A remote attacker could use this flaw to crash the system by sending a speci ... oval:org.secpod.oval:def:501494 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel"s SCTP implementation validated INIT chunks when performing Address Configuration Change . A remote attacker could use this flaw to crash the system by sending a speci ... oval:org.secpod.oval:def:1700828 A flaw was found in the Linux kernels implementation of wifi fragmentation handling. An attacker with the ability to transmit within the wireless transmission range of an access point can abuse a flaw where previous contents of wifi fragments can be unintentionally transmitted to another device. A f ... oval:org.secpod.oval:def:1700829 A flaw was found in the Linux kernel. This flaw allows attackers to cause a denial of service by triggering the destruction of a large SEV VM, which requires unregistering many encrypted regions. The highest threat from this vulnerability is to system availability. A flaw was found in the Linux ker ... oval:org.secpod.oval:def:1700831 A race condition accessing file object in the Linux kernel OverlayFS subsystem was found in the way users do rename in specific way with OverlayFS. A local user could use this flaw to crash the system. A flaw was found in the Linux kernel. A memory leak in the ccp-ops crypto driver can allow attacke ... oval:org.secpod.oval:def:1700830 A vulnerability was found in Linux kernel, where a use-after-frees in nouveau's postclose handler could happen if removing device . A flaw use-after-free in function sco_sock_sendmsg of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIO_REGISTER or other way triggers race con ... oval:org.secpod.oval:def:1700835 A flaw was found in the Linux kernel. When reusing a socket with an attached dccps_hc_tx_ccid as a listener, the socket will be used after being released leading to denial of service or a potential code execution. The highest threat from this vulnerability is to data confidentiality and integrity a ... oval:org.secpod.oval:def:1700817 A race problem was seen in the vt_k_ioctl in drivers/tty/vt/vt_ioctl.c in the Linux kernel, which may cause an out of bounds read in vt as the write access to vc_mode is not protected by lock-in vt_ioctl . The highest threat from this vulnerability is to data confidentiality. A flaw was found in the ... oval:org.secpod.oval:def:1700815 A flaw was found in the Linux kernel's implementation of wireless drivers using the Atheros chipsets. An attacker within wireless range could send crafted traffic leading to information disclosure. A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when ... oval:org.secpod.oval:def:1700814 A use-after-free flaw was found in kernel/trace/ring_buffer.c in Linux kernel. There was a race problem in trace_open and resize of cpu buffer running parallely on different cpus, may cause a denial of service problem . This flaw could even allow a local attacker with special user privilege to a ker ... oval:org.secpod.oval:def:1700818 An out-of-bounds write flaw was found in the Linux kernel's seq_file in the Filesystem layer. This flaw allows a local attacker with a user privilege to gain access to out-of-bound memory, leading to a system crash or a leak of internal kernel information. The issue results from not validating the s ... oval:org.secpod.oval:def:1700820 A flaw was found in the Linux kernel, where a BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack. This issue occurs when the protection mechanism neglects the possibility of uninitialized memory locations on the BPF stack. The highest t ... oval:org.secpod.oval:def:1700824 An out-of-bounds write flaw was found in the Linux kernel's seq_file in the Filesystem layer. This flaw allows a local attacker with a user privilege to gain access to out-of-bound memory, leading to a system crash or a leak of internal kernel information. The issue results from not validating the s ... oval:org.secpod.oval:def:1700821 A flaw was found in the Linux kernel. When reusing a socket with an attached dccps_hc_tx_ccid as a listener, the socket will be used after being released leading to denial of service or a potential code execution. The highest threat from this vulnerability is to data confidentiality and integrity a ... oval:org.secpod.oval:def:1700809 A vulnerability was found in Linux kernel, where a use-after-frees in nouveau's postclose handler could happen if removing device . A flaw use-after-free in function sco_sock_sendmsg of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIO_REGISTER or other way triggers race con ... oval:org.secpod.oval:def:1700811 A flaw was found in the Linux kernels implementation of wifi fragmentation handling. An attacker with the ability to transmit within the wireless transmission range of an access point can abuse a flaw where previous contents of wifi fragments can be unintentionally transmitted to another device. A f ... oval:org.secpod.oval:def:1700810 A flaw was found in the Linux kernel. A memory leak in the ccp-ops crypto driver can allow attackers to cause a denial of service. This vulnerability is similar with the older CVE-2019-18808. The highest threat from this vulnerability is to system availability. A memory leak flaw was found in the Li ... oval:org.secpod.oval:def:1506010 [2.6.32-754.35.1.0.7.OL6] - bluetooth: eliminate the potential race condition when removing the HCI controller {CVE-2021-32399} [Orabug: 33763116] - RDMA/ucma: Put a lock around every call to the rdma_cm layer [Orabug: 33763116] - RDMA/cma: Add missing locking to rdma_accept [Orabug: 33763116] - ... oval:org.secpod.oval:def:1600168 arch/x86/kernel/entry_32.S in the Linux kernel through 3.15.1 on 32-bit x86 platforms, when syscall auditing is enabled and the sep CPU feature flag is set, allows local users to cause a denial of service via an invalid syscall number, as demonstrated by number 1000. Array index error in the aio_re ... oval:org.secpod.oval:def:1600152 fs/namespace.c in the Linux kernel through 3.16.1 does not properly restrict clearing MNT_NODEV, MNT_NOSUID, and MNT_NOEXEC and changing MNT_ATIME_MASK during a remount of a bind mount, which allows local users to gain privileges, interfere with backups and auditing on systems that had atime enabled ... oval:org.secpod.oval:def:4500024 The kernel packages contain the Linux kernel, the core of any Linux operating system. For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. oval:org.secpod.oval:def:4500020 The kernel packages contain the Linux kernel, the core of any Linux operating system. For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. oval:org.secpod.oval:def:4500053 The kernel packages contain the Linux kernel, the core of any Linux operating system. For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. Additional Changes: For detaile ... oval:org.secpod.oval:def:4500077 The kernel packages contain the Linux kernel, the core of any Linux operating system. oval:org.secpod.oval:def:4500082 The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed i ... oval:org.secpod.oval:def:4500087 The kernel packages contain the Linux kernel, the core of any Linux operating system. For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. oval:org.secpod.oval:def:97664 [CLSA-2022:1659018147] Fixed CVE-2021-22543 in kernel oval:org.secpod.oval:def:1702100 A Linux Kernel flaw found in memory management. If allocation failure happens in pagefault_out_of_memory with VM_FAULT_OOM, then it can lead to memory overflow when many tasks trigger this. An issue may cause multi-tenant denial of service . It was reported that a malicious workload may be allowed t ... oval:org.secpod.oval:def:506334 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: use-after-free in route4_change in net/sched/cls_route.c For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer ... oval:org.secpod.oval:def:506332 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: out-of-bounds write in xt_compat_target_from_user in net/netfilter/x_tables.c * kernel: race condition for removal of the HCI controller * kernel: powerpc: RTAS calls can be used to compro ... oval:org.secpod.oval:def:506337 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: powerpc: KVM guest OS users can cause host OS memory corruption * kernel: slab-out-of-bounds access in xdr_set_page_base in net/sunrpc/xdr.c For more details about the security issue, incl ... oval:org.secpod.oval:def:4500016 The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. oval:org.secpod.oval:def:4500002 The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed i ... oval:org.secpod.oval:def:1505219 [4.18.0-348.OL8] - Update Oracle Linux certificates - Disable signing for aarch64 - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 [4.18.0-348] - drm/nouveau/fifo/ga10 ... oval:org.secpod.oval:def:205929 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: perf_event_parse_addr_filter memory * kernel: fuse: fuse_do_getattr calls make_bad_inode in inappropriate situations * kernel: Heap buffer overflow in firedtv driver For more details abou ... oval:org.secpod.oval:def:205916 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: use-after-free in drivers/infiniband/core/ucma.c ctx use-after-free For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related informa ... oval:org.secpod.oval:def:205912 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks * kernel: powerpc: KVM guest OS users can cause host OS memory corruption * kernel: SVM nested virtualization issue in ... oval:org.secpod.oval:def:203556 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel"s SCTP implementation validated INIT chunks when performing Address Configuration Change . A remote attacker could use this flaw to crash the system by sending a speci ... oval:org.secpod.oval:def:203554 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel"s SCTP implementation validated INIT chunks when performing Address Configuration Change . A remote attacker could use this flaw to crash the system by sending a speci ... oval:org.secpod.oval:def:1700758 A flaw use-after-free in function sco_sock_sendmsg of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIO_REGISTER or other way triggers race condition of the call sco_conn_del together with the call sco_sock_sendmsg with the expected controllable faulting memory page. A privi ... oval:org.secpod.oval:def:1505442 [3.10.0-1160.53.1.OL7] - Update Oracle Linux certificates - Oracle Linux RHCK Module Signing Key was compiled into kernel - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 - Update oracle value to match new certificate [3.10.0-1160.53.1] - fuse: fix live lock in fuse_ ... oval:org.secpod.oval:def:1700726 A flaw was found in the Linux kernel. A corrupted timer tree caused the task wakeup to be missing in the timerqueue_add function in lib/timerqueue.c. This flaw allows a local attacker with special user privileges to cause a denial of service, slowing and eventually stopping the system while running ... oval:org.secpod.oval:def:1505055 [4.18.0-305.12.1.el8_4.OL8] - Update Oracle Linux certificates - Disable signing for aarch64 - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 15-11.0.5.el8 [4.18.0-305 ... oval:org.secpod.oval:def:1700720 A flaw was found in the Linux kernel. A race condition was discovered in the ext4 subsystem. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability oval:org.secpod.oval:def:506833 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: size_t-to-int conversion vulnerability in the filesystem layer * kernel: Integer overflow in Intel Graphics Drivers * kernel: Use after free via PI futex state For more details about the ... oval:org.secpod.oval:def:506839 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: locking issue in drivers/tty/tty_jobctrl.c can lead to an use-after-free * kernel: out-of-bounds read in libiscsi module * kernel: heap buffer overflow in the iSCSI subsystem * kernel: in ... oval:org.secpod.oval:def:506849 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * Kernel: x86_32: BUG in syscall auditing For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed i ... oval:org.secpod.oval:def:506848 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: use-after-free in drivers/infiniband/core/ucma.c ctx use-after-free * kernel: race condition for removal of the HCI controller For more details about the security issue, including the impa ... oval:org.secpod.oval:def:501329 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel"s futex subsystem handled the requeuing of certain Priority Inheritance futexes. A local, unprivileged user could use this flaw to escalate their privileges on the sy ... oval:org.secpod.oval:def:1601440 kernel: refcount leak in llcp_sock_bind kernel: refcount leak in llcp_sock_connect kernel: memory leak in llcp_sock_connect An issue was discovered in the Linux kernel related to mm/gup.c and mm/huge_memory.c. The get_user_pages implementation, when used for a copy-on-write page, does not properly ... oval:org.secpod.oval:def:1504642 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1505594 [2.6.32-754.35.1.0.5.OL6] - [kernel] futex: Use pi_state_update_owner in put_pi_state [1922249] {CVE-2021-3347} [Orabug: 33150734] - [kernel] futex: Handle faults correctly for PI futexes [1922249] {CVE-2021-3347} [Orabug: 33150734] - [kernel] futex: Provide and use pi_state_update_owner [1922249 ... oval:org.secpod.oval:def:1700403 In the Linux kernel 5.0.21 and 5.3.11, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in try_merge_free_space in fs/btrfs/free-space-cache.c because the pointer to a left data structure can be the same as the p ... oval:org.secpod.oval:def:2500324 The kernel packages contain the Linux kernel, the core of any Linux operating system. oval:org.secpod.oval:def:2500301 The kernel packages contain the Linux kernel, the core of any Linux operating system. oval:org.secpod.oval:def:1700819 A flaw was found in the JFS filesystem code. This flaw allows a local attacker with the ability to set extended attributes to panic the system, causing memory corruption or escalating privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availabil ... oval:org.secpod.oval:def:1700823 A flaw was found in the Linux kernel. A use-after-free memory flaw was found in the perf subsystem allowing a local attacker with permission to monitor perf events to corrupt memory and possibly escalate privileges. The highest threat from this vulnerability is to data confidentiality and integrity ... oval:org.secpod.oval:def:1700822 A use-after-free flaw was found in the Linux kernel's NFC LLCP protocol implementation in the way the user performs manipulation with an unknown input for the llcp_sock_bind function. This flaw allows a local user to crash or escalate their privileges on the system. A use-after-free flaw was found i ... oval:org.secpod.oval:def:1700542 In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in __mutex_lock in kernel/locking/mutex.c. This is related to mutex_can_spin_on_owner in kernel/locking/mutex.c, __btrfs_qgroup_free_me ... oval:org.secpod.oval:def:1601138 In the Linux kernel 5.0.21, a setxattr operation, after a mount of a crafted ext4 image, can cause a slab-out-of-bounds write access because of an ext4_xattr_set_entry use-after-free in fs/ext4/xattr.c when a large old_size value is used in a memset call.In the Linux kernel 5.4.0-rc2, there is a use ... oval:org.secpod.oval:def:1601129 A NULL pointer dereference flaw was found in the Linux kernel"s SELinux subsystem. This flaw occurs while importing the Commercial IP Security Option protocol"s category bitmap into the SELinux extensible bitmap via the" ebitmap_netlbl_import" routine. While processing the CIPSO restricted bitmap t ... oval:org.secpod.oval:def:502287 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * Kernel: KVM: error in exception handling leads to wrong debug stack value * Kernel: error in exception handling leads to DoS * Kernel: ipsec: xfrm: use-after-free leading to potential privilege es ... oval:org.secpod.oval:def:1700044 A weakness was found in the Linux kernel#039;s implementation of random seed data. Programs, early in the boot sequence, could use the data allocated for the seed before it was sufficiently generated. A flaw was found in the way the Linux kernel handled exceptions delivered after a stack switch oper ... oval:org.secpod.oval:def:1502207 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:503831 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: lockdown: bypass through ACPI write via efivar_ssdt * kernel: lockdown: bypass through ACPI write via acpi_configfs For more details about the security issue, including the impact, a CVSS ... oval:org.secpod.oval:def:205869 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: Integer overflow in Intel Graphics Drivers * kernel: Use after free via PI futex state * kernel: use-after-free in n_tty_receive_buf_common function in drivers/tty/n_tty.c * kernel: Impro ... oval:org.secpod.oval:def:1600892 A weakness was found in the Linux kernel#039;s implementation of random seed data. Programs, early in the boot sequence, could use the data allocated for the seed before it was sufficiently generated. A flaw was found in the way the Linux kernel handled exceptions delivered after a stack switch oper ... oval:org.secpod.oval:def:1700838 A logic bug flaw was found in the Linux kernel's implementation of SSBD. A bug in the logic handling allows an attacker with a local account to disable SSBD protection during a context switch when additional speculative execution mitigations are in place. This issue was introduced when the per task/ ... oval:org.secpod.oval:def:1700832 A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem. This flaw occurs while importing the Commercial IP Security Option protocol's category bitmap into the SELinux extensible bitmap via the' ebitmap_netlbl_import' routine. While processing the CIPSO restricted bitmap t ... oval:org.secpod.oval:def:1700812 A NULL pointer dereference flaw may occur in the Linux kernel's relay_open in kernel/relay.c. if the alloc_percpu function is not validated in time of failure and used as a valid address for access. An attacker could use this flaw to cause a denial of service. A new domain bypass transient execution ... oval:org.secpod.oval:def:1601113 In the Linux kernel before 5.1, there is a memory leak in __feat_register_sp in net/dccp/feat.c, which may cause denial of service, aka CID-1d3ff0950e2b. An issue was discovered in the Linux kernel before 5.0.10. SMB2_negotiate in fs/cifs/smb2pdu.c has an out-of-bounds read because data structures a ... oval:org.secpod.oval:def:205587 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * Kernel: vfio: access to disabled MMIO space of some devices may lead to DoS scenario For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other relate ... oval:org.secpod.oval:def:1700376 An issue where a provided address with access_ok is not checked was discovered in i915_gem_execbuffer2_ioctl in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Linux kernel through 4.19.13. A local attacker can craft a malicious IOCTL function call to overwrite arbitrary kernel memory, resulting i ... oval:org.secpod.oval:def:1504966 [3.10.0-1160.31.1.el7.OL7] - Update Oracle Linux certificates - Oracle Linux RHCK Module Signing Key was compiled into kernel - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 less than or = 15-2.0.9.el7 - Update oracle value to match new certificate [3.10.0-1160.31.1. ... oval:org.secpod.oval:def:1700348 A signal access-control issue was discovered in the Linux kernel before 5.6.5, aka CID-7395ea4e65c2. Because exec_id in include/linux/sched.h is only 32 bits, an integer overflow can interfere with a do_notify_parent protection mechanism. A child process can send an arbitrary signal to a parent proc ... oval:org.secpod.oval:def:204822 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * Kernel: KVM: error in exception handling leads to wrong debug stack value * Kernel: error in exception handling leads to DoS * Kernel: ipsec: xfrm: use-after-free leading to potential privilege es ... oval:org.secpod.oval:def:1503021 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:66560 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: use-after-free in sound/core/timer.c * kernel: kernel: DAX hugepages not considered during mremap * kernel: Rogue cross-process SSBD shutdown. Linux scheduler logical bug allows an attacke ... oval:org.secpod.oval:def:66551 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * Kernel: NetLabel: null pointer dereference while receiving CIPSO packet with null category may cause kernel panic * Kernel: s390: page table upgrade in secondary address mode may lead to privilege ... oval:org.secpod.oval:def:1700833 A flaw was found in the Linux kernel's implementation of BTRFS free space management, where the kernel does not correctly manage the lifetime of internal data structures used. An attacker could use this flaw to corrupt memory or escalate privileges. A use-after-free flaw was found in the debugfs_rem ... oval:org.secpod.oval:def:97626 [CLSA-2022:1650576075] Fixed 13 CVEs in kernel oval:org.secpod.oval:def:1700316 A flaw was found in the way KVM hypervisor handled instruction emulation for the L2 guest when nested virtualization is enabled. In the instruction emulation, the L2 guest could trick the L0 hypervisor into accessing sensitive bits of the L1 hypervisor. An L2 guest could use this flaw to potentially ... oval:org.secpod.oval:def:1503068 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:67952 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: use after free in the video driver leads to local privilege escalation * kernel: use-after-free in drivers/bluetooth/hci_ldisc.c * kernel: out-of-bounds access in function hclge_tm_schd_mo ... oval:org.secpod.oval:def:503399 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: nfs: use-after-free in svc_process_common * Kernel: vhost_net: infinite loop while receiving packets leads to DoS * Kernel: page cache side channel attacks * hardware: bluetooth: BR/EDR e ... oval:org.secpod.oval:def:97550 [CLSA-2021:1632261839] Fix of CVE: CVE-2020-29661, CVE-2019-19532, CVE-2020-25656, CVE-2020-25211 oval:org.secpod.oval:def:205657 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: use-after-free in sound/core/timer.c * kernel: out of bounds write in function i2c_smbus_xfer_emulated in drivers/i2c/i2c-core-smbus.c * kernel: race condition in smp_task_timedout and smp ... oval:org.secpod.oval:def:1504894 [4.18.0-305.OL8] - Update Oracle Linux certificates - Disable signing for aarch64 - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 [4.18.0-305] - perf/x86/intel/uncore ... oval:org.secpod.oval:def:1700276 A flaw was found in the way Intel CPUs handle inconsistency between, virtual to physical memory address translations in CPU#039;s local cache and system software#039;s Paging structure entries. A privileged guest user may use this flaw to induce a hardware Machine Check Error on the host processor, ... oval:org.secpod.oval:def:97767 [CLSA-2023:1700591071] kernel: Fix of 10 CVEs oval:org.secpod.oval:def:2500053 The kernel packages contain the Linux kernel, the core of any Linux operating system. oval:org.secpod.oval:def:205467 The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix: * kernel: Count overflow in FUSE request leading to use-after-free issues. * kernel: rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps ... oval:org.secpod.oval:def:1502678 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502679 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:205446 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: heap overflow in mwifiex_update_vs_ie function of Marvell WiFi driver * kernel: heap-based buffer overflow in mwifiex_process_country_ie function in drivers/net/wireless/marvell/mwifiex/sta ... oval:org.secpod.oval:def:1502683 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:205436 The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix: * kernel: heap overflow in mwifiex_update_vs_ie function of Marvell WiFi driver * kernel: heap-based buffer overflow in mwifiex_process_countr ... oval:org.secpod.oval:def:1700217 An out-of-bounds access issue was found in the way Linux kernels KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer struct kvm_coalesced_mmio object, wherein write indices ring-gt;first and ring-gt;last value could be supplied by a host user-space proces ... oval:org.secpod.oval:def:503834 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: kernel: DAX hugepages not considered during mremap * kernel: buffer overflow in mwifiex_cmd_append_vsie_tlv function in drivers/net/wireless/marvell/mwifiex/scan.c * kernel: heap-based buf ... oval:org.secpod.oval:def:503608 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: out of bound read in DVB connexant driver. * kernel: Missing permissions check for request_key destination allows local attackers to add keys to keyring without Write permission * kernel: ... oval:org.secpod.oval:def:504755 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: use after free in the video driver leads to local privilege escalation * kernel: use-after-free in drivers/bluetooth/hci_ldisc.c * kernel: out-of-bounds access in function hclge_tm_schd_mo ... oval:org.secpod.oval:def:66475 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: nfs: use-after-free in svc_process_common * Kernel: vhost_net: infinite loop while receiving packets leads to DoS * Kernel: page cache side channel attacks * hardware: bluetooth: BR/EDR e ... oval:org.secpod.oval:def:1700826 A flaw was found in the AMD Cryptographic Co-processor driver in the Linux kernel. An attacker, able to send invalid SHA type commands, could cause the system to crash. The highest threat from this vulnerability is to system availability. A flaw was found in the Linux kernel. The CX23888 Integrated ... oval:org.secpod.oval:def:503455 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * Kernel: KVM: OOB memory access via mmio ring buffer * kernel: local attacker can trigger multiple use-after-free conditions results in privilege escalation For more details about the security issu ... oval:org.secpod.oval:def:503649 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: powerpc: local user can read vector registers of other users" processes via a Facility Unavailable exception * kernel: powerpc: local user can read vector registers of other users" processe ... oval:org.secpod.oval:def:66520 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: heap overflow in mwifiex_update_vs_ie function of Marvell WiFi driver * kernel: heap-based buffer overflow in mwifiex_process_country_ie function in drivers/net/wireless/marvell/mwifiex/sta ... oval:org.secpod.oval:def:66503 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * hw: Intel GPU blitter manipulation can allow for arbitrary kernel memory write For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related info ... oval:org.secpod.oval:def:205370 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A buffer overflow flaw was found in the way Linux kernel"s vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able ... oval:org.secpod.oval:def:66541 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: powerpc: local user can read vector registers of other users" processes via a Facility Unavailable exception * kernel: powerpc: local user can read vector registers of other users" processe ... oval:org.secpod.oval:def:205592 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: kernel: DAX hugepages not considered during mremap * kernel: buffer overflow in mwifiex_cmd_append_vsie_tlv function in drivers/net/wireless/marvell/mwifiex/scan.c * kernel: heap-based buf ... oval:org.secpod.oval:def:1601056 An out-of-bounds access issue was found in the way Linux kernel#039;s KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer #039;struct kvm_coalesced_mmio#039; object, wherein write indices #039;ring-gt;first#039; and #039;ring-gt;last#039; value could be s ... oval:org.secpod.oval:def:1601048 A backporting error was discovered in the Linux stable/longterm kernel 4.4.x through 4.4.190, 4.9.x through 4.9.190, 4.14.x through 4.14.141, 4.19.x through 4.19.69, and 5.2.x through 5.2.11. Misuse of the upstream "x86/ptrace: Fix possible spectre-v1 in ptrace_get_debugreg" commit reintro ... oval:org.secpod.oval:def:1601075 This security update is only applicable to EC2 Bare Metal instance types using Intel processors. Intel has released microcode updates for certain Intel CPUs. After installing the updated microcode_ctl package, the microcode will be automatically activated on next boot. Improper conditions check in t ... oval:org.secpod.oval:def:205534 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: out of bound read in DVB connexant driver. * kernel: Missing permissions check for request_key destination allows local attackers to add keys to keyring without Write permission * kernel: ... oval:org.secpod.oval:def:1700150 A kernel memory leak was found in the kernel_read_file function in the fs/exec.c file in the Linux kernel. An attacker could use this flaw to cause a memory leak and thus a denial of service .A flaw was found in mmap in the Linux kernel allowing the process to map a null page. This allows attackers ... oval:org.secpod.oval:def:1502792 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:2500395 The kernel packages contain the Linux kernel, the core of any Linux operating system. oval:org.secpod.oval:def:1600990 A kernel memory leak was found in the kernel_read_file function in the fs/exec.c file in the Linux kernel. An attacker could use this flaw to cause a memory leak and thus a denial of service . A flaw was found in mmap in the Linux kernel allowing the process to map a null page. This allows attackers ... oval:org.secpod.oval:def:503515 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: heap overflow in mwifiex_update_vs_ie function of Marvell WiFi driver * kernel: heap-based buffer overflow in mwifiex_process_country_ie function in drivers/net/wireless/marvell/mwifiex/sta ... oval:org.secpod.oval:def:503518 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: heap overflow in mwifiex_update_vs_ie function of Marvell WiFi driver * kernel: heap-based buffer overflow in mwifiex_process_country_ie function in drivers/net/wireless/marvell/mwifiex/sta ... oval:org.secpod.oval:def:503140 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * An integer overflow flaw was found in the way the Linux kernel"s networking subsystem processed TCP Selective Acknowledgment segments. While processing SACK segments, the Linux kernel"s socket buff ... oval:org.secpod.oval:def:503138 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * An integer overflow flaw was found in the way the Linux kernel"s networking subsystem processed TCP Selective Acknowledgment segments. While processing SACK segments, the Linux kernel"s socket buff ... oval:org.secpod.oval:def:503137 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * An integer overflow flaw was found in the way the Linux kernel"s networking subsystem processed TCP Selective Acknowledgment segments. While processing SACK segments, the Linux kernel"s socket buff ... oval:org.secpod.oval:def:1502497 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:205216 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * An integer overflow flaw was found in the way the Linux kernel"s networking subsystem processed TCP Selective Acknowledgment segments. While processing SACK segments, the Linux kernel"s socket buff ... oval:org.secpod.oval:def:205218 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * An integer overflow flaw was found in the way the Linux kernel"s networking subsystem processed TCP Selective Acknowledgment segments. While processing SACK segments, the Linux kernel"s socket buff ... oval:org.secpod.oval:def:205195 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * Kernel: KVM: potential use-after-free via kvm_ioctl_create_device * Kernel: KVM: nVMX: use-after-free of the hrtimer for emulation of the preemption timer For more details about the security issue ... oval:org.secpod.oval:def:66439 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * An integer overflow flaw was found in the way the Linux kernel"s networking subsystem processed TCP Selective Acknowledgment segments. While processing SACK segments, the Linux kernel"s socket buff ... oval:org.secpod.oval:def:1601015 CVE-2019-11477 , CVE-2019-11478 and CVE-2019-11479 describe vulnerabilities in the Linux kernel that can be remotely exploited using a specially crafted TCP connection, crashing the targeted system. The latest Amazon Linux AMIs as available in AWS EC2 already contain these kernels and are not vulner ... oval:org.secpod.oval:def:205374 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: Use-after-free in __blk_drain_queue function in block/blk-core.c * kernel: Heap overflow in mwifiex_update_bss_desc_with_ie function in marvell/mwifiex/scan.c * hardware: bluetooth: BR/EDR ... oval:org.secpod.oval:def:1601021 An infinite loop issue was found in the vhost_net kernel module while handling incoming packets in handle_rx. The infinite loop could occur if one end sends packets faster than the other end can process them. A guest user, maybe a remote one, could use this flaw to stall the vhost_net kernel thread, ... oval:org.secpod.oval:def:205354 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * Kernel: vhost_net: infinite loop while receiving packets leads to DoS * Kernel: page cache side channel attacks * kernel: Buffer overflow in hidp_process_report * kernel: l2tp: Race condition bet ... oval:org.secpod.oval:def:503259 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * Kernel: vhost_net: infinite loop while receiving packets leads to DoS * Kernel: page cache side channel attacks * kernel: Buffer overflow in hidp_process_report * kernel: l2tp: Race condition bet ... oval:org.secpod.oval:def:1700184 CVE-2019-11477 , CVE-2019-11478 and CVE-2019-11479 describe vulnerabilities in the Linux kernel that can be remotely exploited using a specially crafted TCP connection, crashing the targeted system. The latest Amazon Linux 2 AMIs as available in AWS EC2 already contain these kernels and are not vuln ... oval:org.secpod.oval:def:1700188 An infinite loop issue was found in the vhost_net kernel module while handling incoming packets in handle_rx. The infinite loop could occur if one end sends packets faster than the other end can process them. A guest user, maybe a remote one, could use this flaw to stall the vhost_net kernel thread, ... oval:org.secpod.oval:def:1700113 In the Linux kernel af_alg_release in crypto/af_alg.c neglects to set a NULL value for a certain structure member, which leads to a use-after-free in sockfs_setattr. A local attacker can use this flaw to escalate privileges and take control of the system. oval:org.secpod.oval:def:1600979 In the Linux kernel af_alg_release in crypto/af_alg.c neglects to set a NULL value for a certain structure member, which leads to a use-after-free in sockfs_setattr. A local attacker can use this flaw to escalate privileges and take control of the system oval:org.secpod.oval:def:502649 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * Kernel: KVM: potential use-after-free via kvm_ioctl_create_device * Kernel: KVM: nVMX: use-after-free of the hrtimer for emulation of the preemption timer For more details about the security issue ... oval:org.secpod.oval:def:1700091 An issue was discovered in the proc_pid_stack function in fs/proc/base.c in the Linux kernel. An attacker with a local account can trick the stack unwinder code to leak stack contents to userspace. The fix allows only root to inspect the kernel stack of an arbitrary task.A vulnerability was discover ... oval:org.secpod.oval:def:1700012 Stack-based out-of-bounds read via vmcall instructionLinux kernel compiled with the KVM virtualization support is vulnerable to an out-of-bounds read access issue. It could occur when emulating vmcall instructions invoked by a guest. A guest user/process could use this flaw to disclose kernel memor ... oval:org.secpod.oval:def:1600944 An issue was discovered in the proc_pid_stack function in fs/proc/base.c in the Linux kernel. An attacker with a local account can trick the stack unwinder code to leak stack contents to userspace. The fix allows only root to inspect the kernel stack of an arbitrary task.A vulnerability was discover ... oval:org.secpod.oval:def:205206 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A flaw was found in the implementation of the quot;fill bufferquot;, a mechanism used by modern CPUs when a cache-miss is made on L1 CPU cache. If an attacker can generate a load operation that woul ... oval:org.secpod.oval:def:205207 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A flaw was found in the implementation of the quot;fill bufferquot;, a mechanism used by modern CPUs when a cache-miss is made on L1 CPU cache. If an attacker can generate a load operation that woul ... oval:org.secpod.oval:def:205686 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: Count overflow in FUSE request leading to use-after-free issues. For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related informatio ... oval:org.secpod.oval:def:1600844 Kernel address information leak in drivers/acpi/sbshc.c:acpi_smbus_hc_add function potentially allowing KASLR bypassThe acpi_smbus_hc_add function in drivers/acpi/sbshc.c in the Linux kernel, through 4.14.15, allows local users to obtain sensitive address information by reading dmesg data from an SB ... oval:org.secpod.oval:def:203648 The kernel packages contain the Linux kernel, the core of any Linux operating system. * It was found that the Linux kernel"s implementation of vectored pipe read and write functionality did not take into account the I/O vectors that were already processed when retrying after a failed atomic access o ... oval:org.secpod.oval:def:1502094 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502095 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:203674 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A NULL pointer dereference flaw was found in the way the Linux kernel"s virtual console implementation handled reference counting when accessing pseudo-terminal device files . A local, unprivileged attacker could ... oval:org.secpod.oval:def:204762 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * hw: cpu: speculative execution branch target injection * hw: cpu: speculative execution bounds-check bypass * hw: cpu: speculative execution permission faults handling For more details about t ... oval:org.secpod.oval:def:502711 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A flaw was found in the implementation of the quot;fill bufferquot;, a mechanism used by modern CPUs when a cache-miss is made on L1 CPU cache. If an attacker can generate a load operation that woul ... oval:org.secpod.oval:def:502710 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A flaw was found in the implementation of the quot;fill bufferquot;, a mechanism used by modern CPUs when a cache-miss is made on L1 CPU cache. If an attacker can generate a load operation that woul ... oval:org.secpod.oval:def:204741 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions . There are three primary variants of the issue which differ in th ... oval:org.secpod.oval:def:502727 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A flaw was found in the implementation of the quot;fill bufferquot;, a mechanism used by modern CPUs when a cache-miss is made on L1 CPU cache. If an attacker can generate a load operation that woul ... oval:org.secpod.oval:def:66434 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A flaw was found in the implementation of the quot;fill bufferquot;, a mechanism used by modern CPUs when a cache-miss is made on L1 CPU cache. If an attacker can generate a load operation that woul ... oval:org.secpod.oval:def:66452 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: broken permission and object lifetime handling for PTRACE_TRACEME * kernel: hw: Spectre SWAPGS gadget vulnerability For more details about the security issue, including the impact, a CVSS ... oval:org.secpod.oval:def:1502503 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1601001 - Microarchitectural Store Buffer Data Sampling - Microarchitectural Fill Buffer Data Sampling - Microarchitectural Load Port Data Sampling - Microarchitectural Data Sampling Uncacheable Memory MSBDS leaks Store Buffer Entries which can be speculatively forwarded to a dependent load as an optim ... oval:org.secpod.oval:def:1601000 A flaw was found in the Linux kernel's implementation of logical link control and adaptation protocol , part of the Bluetooth stack in the l2cap_parse_conf_rsp and l2cap_parse_conf_req functions. An attacker with physical access within the range of standard Bluetooth transmission can create a s ... oval:org.secpod.oval:def:1601007 A flaw was found in the Linux kernel#039;s freescale hypervisor manager implementation. A parameter passed via to an ioctl was incorrectly validated and used in size calculations for the page size calculation. An attacker can use this flaw to crash the system or corrupt memory or, possibly, create o ... oval:org.secpod.oval:def:1601006 A flaw was found in the Linux kernel's implementation of RDS over TCP. A system that has the rds_tcp kernel module loaded could possibly cause a use after free in which an attacker who is able to manipulate socket state while a network namespace is being torn down. This can lead to possible m ... oval:org.secpod.oval:def:1502511 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:205364 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: hw: Spectre SWAPGS gadget vulnerability * kernel: brcmfmac heap buffer overflow in brcmf_wowl_nd_results For more details about the security issue, including the impact, a CVSS score, ackn ... oval:org.secpod.oval:def:205173 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: Memory corruption due to incorrect socket cloning * kernel: Unprivileged users able to inspect kernel stacks of arbitrary tasks * kernel: Faulty computation of numberic bounds in the BPF v ... oval:org.secpod.oval:def:1700170 A flaw was found in the Linux kernel#039;s implementation of RDS over TCP. A system that has the rds_tcp kernel module loaded could possibly cause a use after free in which an attacker who is able to manipulate socket state while a network namespace is being torn down. This can lead to possible me ... oval:org.secpod.oval:def:1700175 A flaw was found in the Linux kernels freescale hypervisor manager implementation. A parameter passed via to an ioctl was incorrectly validated and used in size calculations for the page size calculation. An attacker can use this flaw to crash the system or corrupt memory or, possibly, create other ... oval:org.secpod.oval:def:1700166 A flaw was found in the Linux kernel#039;s implementation of logical link control and adaptation protocol , part of the Bluetooth stack in the l2cap_parse_conf_rsp and l2cap_parse_conf_req functions. An attacker with physical access within the range of standard Bluetooth transmission can create a sp ... oval:org.secpod.oval:def:1501040 The kernel packages contain the Linux kernel, the core of any Linux operating system. * It was found that the Linux kernel"s implementation of vectored pipe read and write functionality did not take into account the I/O vectors that were already processed when retrying after a failed atomic access o ... oval:org.secpod.oval:def:1700130 The USB subsystem mishandles size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c.A flaw was found where an attacker may be able to have an uncontrolled read to kernel-memory from within a vm guest. A race condition between connect an ... oval:org.secpod.oval:def:1700116 A flaw was found in the Linux kernel"s NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption and a ... oval:org.secpod.oval:def:1700114 A use-after-free vulnerability was found in the way the Linux kernel#039;s KVM hypervisor implements its device control API. While creating a device via kvm_ioctl_create_device, the device holds a reference to a VM object, later this reference is transferred to the caller#039;s file descriptor table ... oval:org.secpod.oval:def:502626 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: Memory corruption due to incorrect socket cloning * kernel: Unprivileged users able to inspect kernel stacks of arbitrary tasks * kernel: Faulty computation of numberic bounds in the BPF v ... oval:org.secpod.oval:def:1503053 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1600978 A use-after-free vulnerability was found in the way the Linux kernel's KVM hypervisor emulates a preemption timer for L2 guests when nested virtualization is enabled. This high resolution timer runs when a L2 guest is active. After VM exit, the sync_vmcs12 timer object is stopped. The use-afte ... oval:org.secpod.oval:def:1600973 A flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption ... oval:org.secpod.oval:def:1600970 The USB subsystem mishandles size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c.A flaw was found where an attacker may be able to have an uncontrolled read to kernel-memory from within a vm guest. A race condition between connect an ... oval:org.secpod.oval:def:1501070 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A NULL pointer dereference flaw was found in the way the Linux kernel"s virtual console implementation handled reference counting when accessing pseudo-terminal device files . A local, unprivileged attacker could ... oval:org.secpod.oval:def:503309 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: broken permission and object lifetime handling for PTRACE_TRACEME * kernel: hw: Spectre SWAPGS gadget vulnerability For more details about the security issue, including the impact, a CVSS ... oval:org.secpod.oval:def:503313 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * Kernel: page cache side channel attacks * kernel: Salsa20 encryption algorithm does not correctly handle zero-length inputs allowing local attackers to cause denial-of-service * kernel: Unprivileg ... oval:org.secpod.oval:def:501583 The kernel packages contain the Linux kernel, the core of any Linux operating system. * It was found that the Linux kernel"s implementation of vectored pipe read and write functionality did not take into account the I/O vectors that were already processed when retrying after a failed atomic access o ... oval:org.secpod.oval:def:501595 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A NULL pointer dereference flaw was found in the way the Linux kernel"s virtual console implementation handled reference counting when accessing pseudo-terminal device files . A local, unprivileged attacker could ... oval:org.secpod.oval:def:205357 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: Memory corruption due to incorrect socket cloning * kernel: a NULL pointer dereference in drivers/scsi/megaraid/megaraid_sas_base.c leading to DoS For more details about the security issue ... oval:org.secpod.oval:def:507501 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: memory corruption in AX88179_178A based USB ethernet device. * hw: cpu: LFENCE/JMP Mitigation Update for CVE-2017-5715 For more details about the security issue, including the impact, a CV ... oval:org.secpod.oval:def:502298 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load amp; Store instructions . It relies on the presence of a precisely-defin ... oval:org.secpod.oval:def:502267 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * hw: cpu: speculative execution permission faults handling * kernel: Buffer overflow in firewire driver via crafted incoming packets * kernel: Use-after-free vulnerability in DCCP socket * Kernel: ... oval:org.secpod.oval:def:1700069 Fixes for L1Terminal Fault security issues:L1 Terminal Fault-OS/ SMM:Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault an ... oval:org.secpod.oval:def:1700064 An issue was discovered in the XFS filesystem in fs/xfs/libxfs/xfs_attr_leaf.c in the Linux kernel. A NULL pointer dereference may occur for a corrupted xfs image after xfs_da_shrink_inode is called with a NULL bp. This can lead to a system crash and a denial of service.An issue was discovered in th ... oval:org.secpod.oval:def:1700061 The fs/ext4/inline.c:ext4_read_inline_data function in the Linux kernel performs a memcpy with an untrusted length value in certain circumstances involving a crafted filesystem that stores the system.data extended attribute value in a dedicated inode. The unbound copy can cause memory corruption or ... oval:org.secpod.oval:def:1700059 A NULL pointer dereference issue was found in the Linux kernel. If the close and fchownat system calls share a socket file descriptor as an argument, then the two calls can race and trigger a NULL pointer dereference leading to a system crash and a denial of service. oval:org.secpod.oval:def:1502221 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502222 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1700051 An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load Store instructions . It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory read from address to which ... oval:org.secpod.oval:def:1502486 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:204798 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * hw: cpu: speculative execution permission faults handling * Kernel: error in exception handling leads to DoS * kernel: nfsd: Incorrect handling of long RPC replies * kernel: Use-after-free vulner ... oval:org.secpod.oval:def:1502251 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1700026 Race condition in the store_int_with_restart function in cpu/mcheck/mce.c:A race condition in the store_int_with_restart function in arch/x86/kernel/cpu/mcheck/mce.c in the Linux kernel allows local users to cause a denial of service by leveraging root access to write to the check_interval file in ... oval:org.secpod.oval:def:1502258 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1700014 Out-of-bounds write via userland offsets in ebt_entry struct in netfilter/ebtables.c:A flaw was found in the Linux kernel's implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory. oval:org.secpod.oval:def:1600910 Fixes for L1Terminal Fault security issues:L1 Terminal Fault-OS/ SMM:Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault an ... oval:org.secpod.oval:def:1600905 An issue was discovered in the XFS filesystem in fs/xfs/libxfs/xfs_attr_leaf.c in the Linux kernel. A NULL pointer dereference may occur for a corrupted xfs image after xfs_da_shrink_inode is called with a NULL bp. This can lead to a system crash and a denial of service.An issue was discovered in th ... oval:org.secpod.oval:def:1600903 The fs/ext4/inline.c:ext4_read_inline_data function in the Linux kernel performs a memcpy with an untrusted length value in certain circumstances involving a crafted filesystem that stores the system.data extended attribute value in a dedicated inode. The unbound copy can cause memory corruption or ... oval:org.secpod.oval:def:1600901 A NULL pointer dereference issue was found in the Linux kernel. If the close and fchownat system calls share a socket file descriptor as an argument, then the two calls can race and trigger a NULL pointer dereference leading to a system crash and a denial of service. oval:org.secpod.oval:def:1600829 An updated kernel release for Amazon Linux has been made available which prevents speculative execution of indirect branches within the kernel. This release incorporates latest stable open source Linux security improvements to address CVE-2017-5715 within the kernel and builds upon previously incorp ... oval:org.secpod.oval:def:1700206 A buffer overflow due to a singed-unsigned comparsion was found in hidp_process_report in the net/bluetooth/hidp/core.c in the Linux kernel. The buffer length is an unsigned int but gets cast to a signed int which in certain conditions can lead to a system panic and a denial-of-service. It was found ... oval:org.secpod.oval:def:1700205 A buffer overflow due to a singed-unsigned comparsion was found in hidp_process_report in the net/bluetooth/hidp/core.c in the Linux kernel. The buffer length is an unsigned int but gets cast to a signed int which in certain conditions can lead to a system panic and a denial-of-service. It was found ... oval:org.secpod.oval:def:1600852 Out-of-bounds write via userland offsets in ebt_entry struct in netfilter/ebtables.c:A flaw was found in the Linux kernel's implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory oval:org.secpod.oval:def:1600872 Missing length check of payload in net/sctp/sm_make_chunk.c:_sctp_make_chunk function allows denial of service:An error in the _sctp_make_chunk function when handling SCTP, packet length can be exploited by a malicious local user to cause a kernel crash and a DoS. Mishandling mutex within libsas al ... oval:org.secpod.oval:def:1502270 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502291 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1600896 An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load amp; Store instructions . It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory read from address to wh ... oval:org.secpod.oval:def:1502292 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:502332 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load Store instructions . It relies on the presence of a precisely-defined in ... oval:org.secpod.oval:def:502348 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * Modern operating systems implement virtualization of physical memory to efficiently use available system resources and provide inter-domain protection through access control and isolation. The L1TF ... oval:org.secpod.oval:def:502347 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * Modern operating systems implement virtualization of physical memory to efficiently use available system resources and provide inter-domain protection through access control and isolation. The L1TF ... oval:org.secpod.oval:def:502303 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions . It relies on the presence of a precisely-defi ... oval:org.secpod.oval:def:502313 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * Kernel: FPU state information leakage via lazy FPU restore For more details about the security issue, including the impact, a CVSS score, and other related information, refer to the CVE page listed ... oval:org.secpod.oval:def:502317 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load Store instructions . It relies on the presence of a precisely-defined i ... oval:org.secpod.oval:def:502329 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load amp; Store instructions . It relies on the presence of a precisely-defin ... oval:org.secpod.oval:def:205186 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: Missing check in fs/inode.c:inode_init_owner does not clear SGID bit on non-directories for non-members For more details about the security issue, including the impact, a CVSS score, acknow ... oval:org.secpod.oval:def:1601047 It was found that paravirt_patch_call/jump functions in the arch/x86/kernel/paravirt.c in the Linux kernel mishandles certain indirect calls, which makes it easier for attackers to conduct Spectre-v2 attacks against paravirtualized guests.A buffer overflow due to a singed-unsigned comparsion was fou ... oval:org.secpod.oval:def:507466 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * hw: cpu: LFENCE/JMP Mitigation Update for CVE-2017-5715 For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the C ... oval:org.secpod.oval:def:204852 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions . It relies on the presence of a precisely-defi ... oval:org.secpod.oval:def:204845 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load Store instructions . It relies on the presence of a precisely-defined in ... oval:org.secpod.oval:def:204830 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * Kernel: FPU state information leakage via lazy FPU restore For more details about the security issue, including the impact, a CVSS score, and other related information, refer to the CVE page listed ... oval:org.secpod.oval:def:204837 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load amp; Store instructions . It relies on the presence of a precisely-defin ... oval:org.secpod.oval:def:502639 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: Missing check in fs/inode.c:inode_init_owner does not clear SGID bit on non-directories for non-members For more details about the security issue, including the impact, a CVSS score, acknow ... oval:org.secpod.oval:def:204866 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * Modern operating systems implement virtualization of physical memory to efficiently use available system resources and provide inter-domain protection through access control and isolation. The L1TF ... oval:org.secpod.oval:def:204865 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * Modern operating systems implement virtualization of physical memory to efficiently use available system resources and provide inter-domain protection through access control and isolation. The L1TF ... oval:org.secpod.oval:def:204804 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions . It relies on the presence of a precisely-defi ... oval:org.secpod.oval:def:204805 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load amp; Store instructions . It relies on the presence of a precisely-defin ... oval:org.secpod.oval:def:502286 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * hw: cpu: speculative execution permission faults handling * Kernel: error in exception handling leads to DoS * kernel: nfsd: Incorrect handling of long RPC replies * kernel: Use-after-free vulner ... oval:org.secpod.oval:def:1502206 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1700209 An issue was discovered in the fd_locked_ioctl function in drivers/block/floppy.c in the Linux kernel. The floppy driver will copy a kernel pointer to user memory in response to the FDGETPRM ioctl. An attacker can send the FDGETPRM ioctl and use the obtained kernel pointer to discover the location o ... oval:org.secpod.oval:def:204758 The kernel packages contain the Linux kernel, the core of any Linux operating system. These updated kernel packages include several security issues and numerous bug fixes, some of which you can see below. Space precludes documenting all of these bug fixes in this advisory. To see the complete list o ... oval:org.secpod.oval:def:1600698 Infinite recursion in ahash.c by triggering EBUSY on a full queue:A vulnerability was found in crypto/ahash.c in the Linux kernel which allows attackers to cause a denial of service by triggering EBUSY on a full queue.Time subsystem allows local users to discover real PID values:The time subsystem ... oval:org.secpod.oval:def:1601049 An issue was discovered in the fd_locked_ioctl function in drivers/block/floppy.c in the Linux kernel. The floppy driver will copy a kernel pointer to user memory in response to the FDGETPRM ioctl. An attacker can send the FDGETPRM ioctl and use the obtained kernel pointer to discover the location o ... oval:org.secpod.oval:def:1600821 A flaw was found in the patches used to fix the #039;dirtycow#039; vulnerability . An attacker, able to run local code, can exploit a race condition in transparent huge pages to modify usually read-only huge pages. Linux kernel Virtualization Module for the Intel processor family is vulnerable to ... oval:org.secpod.oval:def:1502144 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1600748 Buffer overflow in mp_override_legacy_irq:Buffer overflow in the mp_override_legacy_irq function in arch/x86/kernel/acpi/boot.c in the Linux kernel through 4.12.2 allows local users to gain privileges via a crafted ACPI table. A race between inotify_handle_event and sys_rename:A race condition was f ... oval:org.secpod.oval:def:1502175 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1600794 stack buffer overflow in the native Bluetooth stackA stack buffer overflow flaw was found in the way the Bluetooth subsystem of the Linux kernel processed pending L2CAP configuration responses from a client. On systems with the stack protection feature enabled in the kernel , an unauthenticated atta ... oval:org.secpod.oval:def:502226 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions . There are three primary variants of the issue which differ in th ... oval:org.secpod.oval:def:502241 The kernel packages contain the Linux kernel, the core of any Linux operating system. These updated kernel packages include several security issues and numerous bug fixes, some of which you can see below. Space precludes documenting all of these bug fixes in this advisory. To see the complete list o ... oval:org.secpod.oval:def:1700082 A security flaw was found in the chap_server_compute_md5 function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is processed. An unauthenticated remote attacker can cause a stack buffer overflow and smash up to 17 bytes of the stack. The atta ... oval:org.secpod.oval:def:1501989 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:204579 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * Out-of-bounds kernel heap access vulnerability was found in xfrm, kernel"s IP framework for transforming packets. An error dealing with netlink messages from an unprivileged user leads to arbitrary ... oval:org.secpod.oval:def:204554 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A stack buffer overflow flaw was found in the way the Bluetooth subsystem of the Linux kernel processed pending L2CAP configuration responses from a client. On systems with the stack protection feat ... oval:org.secpod.oval:def:204553 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A stack buffer overflow flaw was found in the way the Bluetooth subsystem of the Linux kernel processed pending L2CAP configuration responses from a client. On systems with the stack protection feat ... oval:org.secpod.oval:def:1502011 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502449 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1600933 A security flaw was found in the chap_server_compute_md5 function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is processed. An unauthenticated remote attacker can cause a stack buffer overflow and smash up to 17 bytes of the stack. The atta ... oval:org.secpod.oval:def:1502061 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1700211 A flaw was found in the Linux kernel in the hid_debug_events_read function in the drivers/hid/hid-debug.c file. A lack of the certain checks may allow a privileged user to achieve an out-of-bounds write and thus receiving user space buffer corruption oval:org.secpod.oval:def:1600826 Race condition in raw_sendmsg function allows denial-of-service or kernel addresses leakA flaw was found in the Linux kernel's implementation of raw_sendmsg allowing a local attacker to panic the kernel or possibly leak kernel addresses. A local attacker, with the privilege of creating raw sock ... oval:org.secpod.oval:def:204705 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A race condition issue leading to a use-after-free flaw was found in the way the raw packet sockets are implemented in the Linux kernel networking subsystem handling synchronization. A local user ab ... oval:org.secpod.oval:def:1502026 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502029 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502042 Several security issues were fixed in Linux kernel, python-perf and perf. oval:org.secpod.oval:def:1502043 Several security issues were fixed in Linux kernel, python-perf and perf. oval:org.secpod.oval:def:502125 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A race condition was found in the Linux kernel, present since v3.14-rc1 through v4.12. The race happens between threads of inotify_handle_event and vfs_rename while running the rename operation agai ... oval:org.secpod.oval:def:502541 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: stack-based buffer overflow in chap_server_compute_md5 in iscsi target * kernel: NULL pointer dereference in af_netlink.c:__netlink_ns_capable allows for denial of service For more details ... oval:org.secpod.oval:def:205130 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: stack-based buffer overflow in chap_server_compute_md5 in iscsi target * kernel: NULL pointer dereference in af_netlink.c:__netlink_ns_capable allows for denial of service For more details ... oval:org.secpod.oval:def:502194 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A race condition issue leading to a use-after-free flaw was found in the way the raw packet sockets are implemented in the Linux kernel networking subsystem handling synchronization. A local user ab ... oval:org.secpod.oval:def:1601050 A flaw was found in the Linux kernel in the hid_debug_events_read function in the drivers/hid/hid-debug.c file. A lack of the certain checks may allow a privileged user to achieve an out-of-bounds write and thus receiving user space buffer corruption.Note: The Release Date is incorrect. This CVE wa ... oval:org.secpod.oval:def:502371 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A flaw named FragmentSmack was found in the way the Linux kernel handled reassembly of fragmented IPv4 and IPv6 packets. A remote attacker could use this flaw to trigger time and calculation expensi ... oval:org.secpod.oval:def:502135 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A stack buffer overflow flaw was found in the way the Bluetooth subsystem of the Linux kernel processed pending L2CAP configuration responses from a client. On systems with the stack protection feat ... oval:org.secpod.oval:def:502137 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A stack buffer overflow flaw was found in the way the Bluetooth subsystem of the Linux kernel processed pending L2CAP configuration responses from a client. On systems with the stack protection feat ... oval:org.secpod.oval:def:205163 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: MIDI driver race condition leads to a double-free For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the ... oval:org.secpod.oval:def:502159 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * Out-of-bounds kernel heap access vulnerability was found in xfrm, kernel"s IP framework for transforming packets. An error dealing with netlink messages from an unprivileged user leads to arbitrary ... oval:org.secpod.oval:def:1700105 A security flaw was found in the Linux kernel in a way that the cleancache subsystem clears an inode after the final file truncation . The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one.An issue was discovered in the Linux ... oval:org.secpod.oval:def:1600809 Incorrect updates of uninstantiated keys crash the kernelA vulnerability was found in the key management subsystem of the Linux kernel. An update on an uninstantiated key could cause a kernel panic, leading to denial of service . Memory leak when merging buffers in SCSI IO vectorsIt was found that i ... oval:org.secpod.oval:def:502617 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: MIDI driver race condition leads to a double-free For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the ... oval:org.secpod.oval:def:1600746 Exploitable memory corruption due to UFO to non-UFO path switch heap out-of-bounds in AF_PACKET sockets oval:org.secpod.oval:def:1600968 A security flaw was found in the Linux kernel in a way that the cleancache subsystem clears an inode after the final file truncation . The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one.An issue was discovered in the Linux ... oval:org.secpod.oval:def:204652 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A race condition was found in the Linux kernel, present since v3.14-rc1 through v4.12. The race happens between threads of inotify_handle_event and vfs_rename while running the rename operation agai ... oval:org.secpod.oval:def:1502392 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:204889 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A flaw named FragmentSmack was found in the way the Linux kernel handled reassembly of fragmented IPv4 and IPv6 packets. A remote attacker could use this flaw to trigger time and calculation expensi ... oval:org.secpod.oval:def:1600783 A buffer overflow was discovered in tpacket_rcv function in the Linux kernel since v4.6-rc1 through v4.13. A number of socket-related syscalls can be made to set up a configuration when each packet received by a network interface can cause writing up to 10 bytes to a kernel memory outside of a kerne ... oval:org.secpod.oval:def:1600775 The xen_biovec_phys_mergeable function in drivers/xen/biomerge.c in Xen might allow local OS guest users to corrupt block device data streams and consequently obtain sensitive memory information, cause a denial of service, or gain host OS privileges by leveraging incorrect block IO merge-ability cal ... oval:org.secpod.oval:def:1501941 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501530 Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:502062 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A flaw was found in the way Linux kernel allocates heap memory to build the scattergather list from a fragment list in the socket buffer. The heap overflow occurred if "MAX_SKB_FRAGS + 1" parameter ... oval:org.secpod.oval:def:502088 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * An use-after-free flaw was found in the Linux kernel which enables a race condition in the L2TPv3 IP Encapsulation feature. A local user could use this flaw to escalate their privileges or crash the ... oval:org.secpod.oval:def:1501326 A use-after-free flaw was found in the way the Linux kernel's key management subsystem handled keyring object reference counting in certain error path of the join_session_keyring() function. A local, unprivileged user could use this flaw to escalate their privileges on the system. oval:org.secpod.oval:def:1501726 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A use-after-free vulnerability was found in the kernels socket recvmmsg subsystem. This may allow remote attackers to corrupt memory and may allow execution of arbitrary code. This corruption takes ... oval:org.secpod.oval:def:1501738 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501507 The kernel packages contain the Linux kernel, the core of any Linux operating system. These updated kernel packages include several security issues and numerous bug fixes, some of which you can see below. Space precludes documenting all of these bug fixes in this advisory. To see the complete list o ... oval:org.secpod.oval:def:502042 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * It was found that the packet_set_ring function of the Linux kernel"s networking implementation did not properly validate certain block-size data. A local attacker with CAP_NET_RAW capability could u ... oval:org.secpod.oval:def:501813 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A flaw was found in the way the Linux kernel handled IRET faults during the processing of NMIs. An unprivileged, local user could use this flaw to crash the system or, potentially , escalate their p ... oval:org.secpod.oval:def:501824 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * It was found that reporting emulation failures to user space could lead to either a local or a L2-L1 denial of service. In the case of a local denial of service, an attacker must have access to th ... oval:org.secpod.oval:def:204100 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * It was found that reporting emulation failures to user space could lead to either a local or a L2->L1 denial of service. In the case of a local denial of service, an attacker must have access t ... oval:org.secpod.oval:def:204584 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * An use-after-free flaw was found in the Linux kernel which enables a race condition in the L2TPv3 IP Encapsulation feature. A local user could use this flaw to escalate their privileges or crash the ... oval:org.secpod.oval:def:203877 The kernel packages contain the Linux kernel, the core of any Linux operating system. * It was found that the fix for CVE-2015-1805 incorrectly kept buffer offset and buffer length in sync on a failed atomic read, potentially resulting in a pipe buffer state corruption. A local, unprivileged user co ... oval:org.secpod.oval:def:204533 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A flaw was found in the way Linux kernel allocates heap memory to build the scattergather list from a fragment list in the socket buffer. The heap overflow occurred if "MAX_SKB_FRAGS + 1" parameter ... oval:org.secpod.oval:def:501857 The kernel packages contain the Linux kernel, the core of any Linux operating system. These updated kernel packages include several security issues and numerous bug fixes, some of which you can see below. Space precludes documenting all of these bug fixes in this advisory. To see the complete list o ... oval:org.secpod.oval:def:1600421 A flaw was discovered in processing setsockopt for 32 bit processes on 64 bit systems. This flaw will allow attackers to alter arbitrary kernel memory when unloading a kernel module. This action is usually restricted to root-privileged users but can also be leveraged if the kernel is compiled with C ... oval:org.secpod.oval:def:204506 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * It was found that the packet_set_ring function of the Linux kernel"s networking implementation did not properly validate certain block-size data. A local attacker with CAP_NET_RAW capability could u ... oval:org.secpod.oval:def:1501808 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * It was discovered that a remote attacker could leverage the generation of IPv6 atomic fragments to trigger the use of fragmentation in an arbitrary IPv6 flow and could subsequently perform any type ... oval:org.secpod.oval:def:203832 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A use-after-free flaw was found in the way the Linux kernel"s key management subsystem handled keyring object reference counting in certain error path of the join_session_keyring function. A local, unprivileged u ... oval:org.secpod.oval:def:1501409 The kernel packages contain the Linux kernel, the core of any Linux operating system. * It was found that the fix for CVE-2015-1805 incorrectly kept buffer offset and buffer length in sync on a failed atomic read, potentially resulting in a pipe buffer state corruption. A local, unprivileged user co ... oval:org.secpod.oval:def:1501659 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * It was found that the Linux kernel"s IPv6 implementation mishandled socket options. A local attacker could abuse concurrent access to the socket options to escalate their privileges, or cause a deni ... oval:org.secpod.oval:def:1600398 The Linux kernel before 4.4.1 allows local users to bypass file-descriptor limits and cause a denial of service by sending each descriptor over a UNIX socket before closing it, related to net/unix/af_unix.c and net/unix/garbage.c. A race condition in the tty_ioctl function in drivers/tty/tty_io.c i ... oval:org.secpod.oval:def:204041 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * It was found that stacking a file system over procfs in the Linux kernel could lead to a kernel stack overflow due to deep nesting, as demonstrated by mounting ecryptfs over procfs and creating a re ... oval:org.secpod.oval:def:1200015 Race condition in the IPC object implementation in the Linux kernel through 4.2.3 allows local users to gain privileges by triggering an ipc_addid call that leads to uid and gid comparisons against uninitialized data, related to msg.c, shm.c, and util.c. Linux kernels built with the name spaces supp ... oval:org.secpod.oval:def:1501666 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * It was found that stacking a file system over procfs in the Linux kernel could lead to a kernel stack overflow due to deep nesting, as demonstrated by mounting ecryptfs over procfs and creating a re ... oval:org.secpod.oval:def:1501443 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A flaw was found in the way the Linux kernel handled IRET faults during the processing of NMIs. An unprivileged, local user could use this flaw to crash the system or, potentially , escalate their p ... oval:org.secpod.oval:def:204097 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * It was found that the Linux kernel"s IPv6 implementation mishandled socket options. A local attacker could abuse concurrent access to the socket options to escalate their privileges, or cause a deni ... oval:org.secpod.oval:def:204082 The kernel packages contain the Linux kernel, the core of any Linux operating system. These updated kernel packages include several security issues and numerous bug fixes, some of which you can see below. Space precludes documenting all of these bug fixes in this advisory. To see the complete list o ... oval:org.secpod.oval:def:204073 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A use-after-free vulnerability was found in the kernels socket recvmmsg subsystem. This may allow remote attackers to corrupt memory and may allow execution of arbitrary code. This corruption takes ... oval:org.secpod.oval:def:1501881 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501883 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:501933 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * It was found that stacking a file system over procfs in the Linux kernel could lead to a kernel stack overflow due to deep nesting, as demonstrated by mounting ecryptfs over procfs and creating a re ... oval:org.secpod.oval:def:204671 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * It was discovered that a remote attacker could leverage the generation of IPv6 atomic fragments to trigger the use of fragmentation in an arbitrary IPv6 flow and could subsequently perform any type ... oval:org.secpod.oval:def:1501470 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service, information leak or data loss. CVE-2013-4312 Tetsuo Handa discovered that users can use pipes queued on local sockets to allocate an unfair share of kernel memory, leading to ... oval:org.secpod.oval:def:501901 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * It was found that the Linux kernel"s IPv6 implementation mishandled socket options. A local attacker could abuse concurrent access to the socket options to escalate their privileges, or cause a deni ... oval:org.secpod.oval:def:204616 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * An use-after-free flaw was found in the Linux kernel which enables a race condition in the L2TPv3 IP Encapsulation feature. A local user could use this flaw to escalate their privileges or crash the ... oval:org.secpod.oval:def:501788 The kernel packages contain the Linux kernel, the core of any Linux operating system. * It was found that the fix for CVE-2015-1805 incorrectly kept buffer offset and buffer length in sync on a failed atomic read, potentially resulting in a pipe buffer state corruption. A local, unprivileged user co ... oval:org.secpod.oval:def:203979 The kernel packages contain the Linux kernel, the core of any Linux operating system. These updated kernel packages include several security issues and numerous bug fixes, some of which you can see below. Space precludes documenting all of these bug fixes in this advisory. To see the complete list o ... oval:org.secpod.oval:def:1600525 Possible double free in stcp_sendmsg :It was found that the code in net/sctp/socket.c in the Linux kernel through 4.10.1 does not properly restrict association peel-off operations during certain wait states, which allows local users to cause a denial of service via a multithreaded application. This ... oval:org.secpod.oval:def:501960 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A use-after-free vulnerability was found in the kernels socket recvmmsg subsystem. This may allow remote attackers to corrupt memory and may allow execution of arbitrary code. This corruption takes ... oval:org.secpod.oval:def:501966 The kernel packages contain the Linux kernel, the core of any Linux operating system. These updated kernel packages include several security issues and numerous bug fixes, some of which you can see below. Space precludes documenting all of these bug fixes in this advisory. To see the complete list o ... oval:org.secpod.oval:def:1600505 A use-after-free flaw was found in the way the Linux kernel"s Datagram Congestion Control Protocol implementation freed SKB resources for a DCCP_PKT_REQUEST packet when the IPV6_RECVPKTINFO option is set on the socket. A local, unprivileged user could use this flaw to alter the kernel memory, allo ... oval:org.secpod.oval:def:501754 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A use-after-free flaw was found in the way the Linux kernel"s key management subsystem handled keyring object reference counting in certain error path of the join_session_keyring function. A local, unprivileged u ... oval:org.secpod.oval:def:501998 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * It was discovered that a remote attacker could leverage the generation of IPv6 atomic fragments to trigger the use of fragmentation in an arbitrary IPv6 flow and could subsequently perform any type ... oval:org.secpod.oval:def:203925 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A flaw was found in the way the Linux kernel handled IRET faults during the processing of NMIs. An unprivileged, local user could use this flaw to crash the system or, potentially , escalate their p ... oval:org.secpod.oval:def:1600345 An integer overflow vulnerability was found in xt_alloc_table_info, which on 32-bit systems can lead to small structure allocation and a copy_from_user based heap corruption. In the mark_source_chains function it is possible for a user-supplied ipt_entry structure to have a large next_offset field. ... oval:org.secpod.oval:def:1600346 Perception Point Research identified a use-after-free vulnerability, representing a local privilege escalation vulnerability in the Linux kernel. Their post contains a detailed analysis of the bug.kernel-4.1.13-19.30.amzn1 and earlier versions are impacted. oval:org.secpod.oval:def:1501955 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501956 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:203960 The kernel packages contain the Linux kernel, the core of any Linux operating system. These updated kernel packages include several security issues and numerous bug fixes, some of which you can see below. Space precludes documenting all of these bug fixes in this advisory. To see the complete list o ... oval:org.secpod.oval:def:1501918 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501919 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1600040 The sctp_sf_do_5_1D_ce function in net/sctp/sm_statefuns.c in the Linux kernel through 3.13.6 does not validate certain auth_enable and auth_capable fields before making an sctp_sf_authenticate call, which allows remote attackers to cause a denial of service via an SCTP handshake with a modified IN ... oval:org.secpod.oval:def:1600039 The media_device_enum_entities function in drivers/media/media-device.c in the Linux kernel before 3.14.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory by leveraging /dev/media0 read access for a MEDIA_IOC_ENUM_ENTITIES ioct ... oval:org.secpod.oval:def:1500220 Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ra ... oval:org.secpod.oval:def:1600051 The ip6_route_add function in net/ipv6/route.c in the Linux kernel through 3.13.6 does not properly count the addition of routes, which allows remote attackers to cause a denial of service via a flood of ICMPv6 Router Advertisement packets.drivers/vhost/net.c in the Linux kernel before 3.13.10, whe ... oval:org.secpod.oval:def:1500636 Updated kernel packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are available f ... oval:org.secpod.oval:def:501162 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel"s TCP/IP protocol suite implementation handled sending of certain UDP packets over sockets that used the UDP_CORK option when the UDP Fragmentation Offload feature wa ... oval:org.secpod.oval:def:1500640 It was found that the Linux kernel's ptrace subsystem allowed a traced process' instruction pointer to be set to a non-canonical memory address without forcing the non-sysret code path when returning to user space. A local, unprivileged user could use this flaw to crash the system or, potentially, e ... oval:org.secpod.oval:def:501187 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A buffer overflow flaw was found in the way the qeth_snmp_command function in the Linux kernel"s QETH network device driver implementation handled SNMP IOCTL requests with an out-of-bounds length. A local, unpriv ... oval:org.secpod.oval:def:1500662 Updated kernel packages that fix multiple security issues, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which giv ... oval:org.secpod.oval:def:1503946 Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ra ... oval:org.secpod.oval:def:1503943 Updated kernel packages that fix one security issue are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available ... oval:org.secpod.oval:def:203488 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A race condition flaw was found in the way the Linux kernel"s KVM subsystem handled PIT emulation. A guest user who has access to the PIT I/O ports could use this flaw to crash the host. * A memory corruption f ... oval:org.secpod.oval:def:203474 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security fixes: * A race condition flaw was found in the way the Linux kernel"s KVM subsystem handled PIT emulation. A guest user who has access to the PIT I/O ports could use this flaw to crash the host. * A NUL ... oval:org.secpod.oval:def:203227 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the get_rx_bufs function in the vhost_net implementation in the Linux kernel handled error conditions reported by the vhost_get_vq_desc function. A privileged guest user could use this ... oval:org.secpod.oval:def:203029 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A buffer overflow flaw was found in the way the qeth_snmp_command function in the Linux kernel"s QETH network device driver implementation handled SNMP IOCTL requests with an out-of-bounds length. A local, unpriv ... oval:org.secpod.oval:def:501432 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A NULL pointer dereference flaw was found in the way the Linux kernel"s Stream Control Transmission Protocol implementation handled simultaneous connections between the same hosts. A remote attacker could use th ... oval:org.secpod.oval:def:501439 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security fixes: * A race condition flaw was found in the way the Linux kernel"s KVM subsystem handled PIT emulation. A guest user who has access to the PIT I/O ports could use this flaw to crash the host. * A NULL ... oval:org.secpod.oval:def:203617 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way seunshare, a utility for running executables under a different security context, used the capng_lock functionality of the libcap-ng library. The subsequent invocation of suid root bina ... oval:org.secpod.oval:def:501622 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way Linux kernel"s Transparent Huge Pages implementation handled non-huge page migration. A local, unprivileged user could use this flaw to crash the kernel by migrating transparent hugep ... oval:org.secpod.oval:def:203426 The kernel packages contain the Linux kernel, the core of any Linux operating system. * An out-of-bounds memory access flaw was found in the Linux kernel"s system call auditing implementation. On a system with existing audit rules defined, a local, unprivileged user could use this flaw to leak kerne ... oval:org.secpod.oval:def:203419 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel"s futex subsystem handled reference counting when requeuing futexes during futex_wait. A local, unprivileged user could use this flaw to zero out the reference counter ... oval:org.secpod.oval:def:1500724 Updated kernel packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is avai ... oval:org.secpod.oval:def:1500995 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way seunshare, a utility for running executables under a different security context, used the capng_lock functionality of the libcap-ng library. The subsequent invocation of suid root bina ... oval:org.secpod.oval:def:202925 The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: * A flaw was found in the way the Linux kernel"s Stream Control Transmission Protocol implementation handled duplicate cookies. If a local user queried SCTP connect ... oval:org.secpod.oval:def:202990 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel"s TCP/IP protocol suite implementation handled sending of certain UDP packets over sockets that used the UDP_CORK option when the UDP Fragmentation Offload feature wa ... oval:org.secpod.oval:def:501452 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A race condition flaw was found in the way the Linux kernel"s KVM subsystem handled PIT emulation. A guest user who has access to the PIT I/O ports could use this flaw to crash the host. * A memory corruption f ... oval:org.secpod.oval:def:501694 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel"s file system implementation handled rename operations in which the source was inside and the destination was outside of a bind mount. A privileged user inside a conta ... oval:org.secpod.oval:def:501455 The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: * A flaw was found in the way the Linux kernel"s IPv6 implementation handled certain UDP packets when the UDP Fragmentation Offload feature was enabled. A remote at ... oval:org.secpod.oval:def:501464 * A flaw was found in the way the Linux kernel"s SCTP implementation handled malformed or duplicate Address Configuration Change Chunks . A remote attacker could use either of these flaws to crash the system. * A flaw was found in the way the Linux kernel"s SCTP implementation handled the associati ... oval:org.secpod.oval:def:1500947 The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the "LECHO & !OPOST" case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition inv ... oval:org.secpod.oval:def:1500706 Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are ... oval:org.secpod.oval:def:501475 * A flaw was found in the way the Linux kernel handled GS segment register base switching when recovering from a #SS fault on an erroneous return to user space. A local, unprivileged user could use this flaw to escalate their privileges on the system. * A flaw was found in the way the Linux kernel ... oval:org.secpod.oval:def:1500321 Updated kernel packages that fix multiple security issues, address several hundred bugs, and add numerous enhancements are now available as part of the ongoing support and maintenance of Red Hat Enterprise Linux version 6. This is the fifth regular update. The Red Hat Security Response Team has rate ... oval:org.secpod.oval:def:204288 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A NULL pointer dereference flaw was found in the way the Linux kernel"s Stream Control Transmission Protocol implementation handled simultaneous connections between the same hosts. A remote attacker could use th ... oval:org.secpod.oval:def:1500331 Updated kernel packages that fix multiple security issues, several bugs, and add two enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System base scores, which gi ... oval:org.secpod.oval:def:204270 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel"s file system implementation handled rename operations in which the source was inside and the destination was outside of a bind mount. A privileged user inside a conta ... oval:org.secpod.oval:def:1500582 Updated kernel packages that fix three security issues and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratin ... oval:org.secpod.oval:def:204263 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel"s XFS file system handled replacing of remote attributes under certain conditions. A local user with access to XFS file system mount could potentially use this flaw to ... oval:org.secpod.oval:def:1500779 Updated kernel packages that fix multiple security issues, address several hundred bugs, and add numerous enhancements are now available as part of the ongoing support and maintenance of Red Hat Enterprise Linux version 6. This is the sixth regular update. Red Hat Product Security has rated this upd ... oval:org.secpod.oval:def:501073 The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: * A flaw was found in the way the Linux kernel"s Stream Control Transmission Protocol implementation handled duplicate cookies. If a local user queried SCTP connect ... oval:org.secpod.oval:def:1500794 Updated kernel packages that fix several security issues and bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are availabl ... oval:org.secpod.oval:def:203365 The kernel packages contain the Linux kernel, the core of any Linux operating system. * It was found that the Linux kernel"s ptrace subsystem allowed a traced process" instruction pointer to be set to a non-canonical memory address without forcing the non-sysret code path when returning to user spac ... oval:org.secpod.oval:def:1501253 The flaws were found in the way the Linux kernel's file system implementation handled rename operations in which the source was inside and the destination was outside of a bind mount. A privileged user inside a container could use this flaw to escape the bind mount and, potentially, escalate their p ... oval:org.secpod.oval:def:203345 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel"s futex subsystem handled the requeuing of certain Priority Inheritance futexes. A local, unprivileged user could use this flaw to escalate their privileges on the sy ... oval:org.secpod.oval:def:204242 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way Linux kernel"s Transparent Huge Pages implementation handled non-huge page migration. A local, unprivileged user could use this flaw to crash the kernel by migrating transparent hugep ... oval:org.secpod.oval:def:1500371 Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ra ... oval:org.secpod.oval:def:203380 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A use-after-free flaw was found in the way the ping_init_sock function of the Linux kernel handled the group_info reference counter. A local, unprivileged user could use this flaw to crash the system or, potentia ... oval:org.secpod.oval:def:203383 The kernel packages contain the Linux kernel, the core of any Linux operating system. * It was found that Linux kernel"s ptrace subsystem did not properly sanitize the address-space-control bits when the program-status word was being set. On IBM S/390 systems, a local, unprivileged user could use t ... oval:org.secpod.oval:def:203372 The kernel packages contain the Linux kernel, the core of any Linux operating system. * It was found that the Linux kernel"s ptrace subsystem allowed a traced process" instruction pointer to be set to a non-canonical memory address without forcing the non-sysret code path when returning to user spac ... oval:org.secpod.oval:def:203521 * A flaw was found in the way the Linux kernel handled GS segment register base switching when recovering from a #SS fault on an erroneous return to user space. A local, unprivileged user could use this flaw to escalate their privileges on the system. * A flaw was found in the way the Linux kernel ... oval:org.secpod.oval:def:203505 * A flaw was found in the way the Linux kernel"s SCTP implementation handled malformed or duplicate Address Configuration Change Chunks . A remote attacker could use either of these flaws to crash the system. * A flaw was found in the way the Linux kernel"s SCTP implementation handled the associati ... oval:org.secpod.oval:def:501310 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A race condition flaw, leading to heap-based buffer overflows, was found in the way the Linux kernel"s N_TTY line discipline implementation handled concurrent processing of echo output and TTY write operations o ... oval:org.secpod.oval:def:501512 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel"s XFS file system handled replacing of remote attributes under certain conditions. A local user with access to XFS file system mount could potentially use this flaw to ... oval:org.secpod.oval:def:1500605 Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ra ... oval:org.secpod.oval:def:1500852 Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are ... oval:org.secpod.oval:def:1500859 Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are ... oval:org.secpod.oval:def:501381 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel"s futex subsystem handled reference counting when requeuing futexes during futex_wait. A local, unprivileged user could use this flaw to zero out the reference counter ... oval:org.secpod.oval:def:501387 The kernel packages contain the Linux kernel, the core of any Linux operating system. * An out-of-bounds memory access flaw was found in the Linux kernel"s system call auditing implementation. On a system with existing audit rules defined, a local, unprivileged user could use this flaw to leak kerne ... oval:org.secpod.oval:def:1600123 The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the "LECHO & !OPOST" case, which allows local users to cause a denial of service or gain privileges by triggering a race condition involving read and write operations wit ... oval:org.secpod.oval:def:501561 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way seunshare, a utility for running executables under a different security context, used the capng_lock functionality of the libcap-ng library. The subsequent invocation of suid root bina ... oval:org.secpod.oval:def:501328 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel"s futex subsystem handled the requeuing of certain Priority Inheritance futexes. A local, unprivileged user could use this flaw to escalate their privileges on the sy ... oval:org.secpod.oval:def:501342 The kernel packages contain the Linux kernel, the core of any Linux operating system. * It was found that the Linux kernel"s ptrace subsystem allowed a traced process" instruction pointer to be set to a non-canonical memory address without forcing the non-sysret code path when returning to user spac ... oval:org.secpod.oval:def:501344 The kernel packages contain the Linux kernel, the core of any Linux operating system. * It was found that the Linux kernel"s ptrace subsystem allowed a traced process" instruction pointer to be set to a non-canonical memory address without forcing the non-sysret code path when returning to user spac ... oval:org.secpod.oval:def:501349 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A use-after-free flaw was found in the way the ping_init_sock function of the Linux kernel handled the group_info reference counter. A local, unprivileged user could use this flaw to crash the system or, potentia ... oval:org.secpod.oval:def:1500822 Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are ... oval:org.secpod.oval:def:1600130 The futex_requeue function in kernel/futex.c in the Linux kernel through 3.14.5 does not ensure that calls have two different futex addresses, which allows local users to gain privileges via a crafted FUTEX_REQUEUE command that facilitates unsafe waiter modification. oval:org.secpod.oval:def:501354 The kernel packages contain the Linux kernel, the core of any Linux operating system. * It was found that Linux kernel"s ptrace subsystem did not properly sanitize the address-space-control bits when the program-status word was being set. On IBM S/390 systems, a local, unprivileged user could use t ... oval:org.secpod.oval:def:1507396 [3.10.0-1160.114.2.0.1.el7.OL7] - debug: lock down kgdb [Orabug: 34270798] {CVE-2022-21499} [3.10.0-1160.114.2.el7.OL7] - Update Oracle Linux certificates - Oracle Linux RHCK Module Signing Key was compiled into kernel - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 = ... oval:org.secpod.oval:def:1702192 dm_table_create in drivers/md/dm-table.c in the Linux kernel through 6.7.4 can attempt to allocate more than INT_MAX bytes, and crash, because of a missing check for struct dm_ioctl.target_count. In the Linux kernel, the following vulnerability has been resolved:net: prevent mss overflow in skb_seg ... oval:org.secpod.oval:def:1507377 [4.18.0-513.18.1.el8_9.OL8] - Update Oracle Linux certificates - Disable signing for aarch64 - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 = 15.3-1.0.3 - Remove ups ... oval:org.secpod.oval:def:1507394 [5.14.0-362.24.1.el9_3.OL9] - Update Oracle Linux certificates - Disable signing for aarch64 - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 = 15.3-1.0.5] - Remove nm ... oval:org.secpod.oval:def:509091 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: kernel: net/sched: sch_hfsc UAF kernel: use-after-free in sch_qfq network scheduler kernel: inactive elements in nft_pipapo_walk kernel: IGB driver inadequate buffer size for frames larger than MTU ... |