Download
| Alert*
oval:org.secpod.oval:def:70219
linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems - linux-gke-4.15: Linux kernel for Google Container Engine systems - linux-kvm: Linux kernel for cloud environments - linux-oem: Linux kernel for OEM sys ... oval:org.secpod.oval:def:705533 linux-gke-5.0: Linux kernel for Google Container Engine systems - linux-oem-osp1: Linux kernel for OEM systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:1601138 In the Linux kernel 5.0.21, a setxattr operation, after a mount of a crafted ext4 image, can cause a slab-out-of-bounds write access because of an ext4_xattr_set_entry use-after-free in fs/ext4/xattr.c when a large old_size value is used in a memset call.In the Linux kernel 5.4.0-rc2, there is a use ... oval:org.secpod.oval:def:70231 linux-gke-5.0: Linux kernel for Google Container Engine systems - linux-oem-osp1: Linux kernel for OEM systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:1700812 A NULL pointer dereference flaw may occur in the Linux kernel's relay_open in kernel/relay.c. if the alloc_percpu function is not validated in time of failure and used as a valid address for access. An attacker could use this flaw to cause a denial of service. A new domain bypass transient execution ... oval:org.secpod.oval:def:70228 linux: Linux kernel - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle Cloud systems - linux-gcp-5.3: Linux kernel for Google Cloud Platfor ... oval:org.secpod.oval:def:69816 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2019-3016 It was discovered that the KVM implementation for x86 did not always perform TLB flushes when needed, if the paravirtualised TLB flush featu ... oval:org.secpod.oval:def:89000665 The SUSE Linux Enterprise 12 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-10135: Legacy pairing and secure-connections pairing authentication in Bluetooth may have allowed an unauthenticated user to complete authentication withou ... oval:org.secpod.oval:def:89000642 kernel package information. oval:org.secpod.oval:def:70220 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-kvm: Linux kernel for cloud environments - linux-lts-xenial: Linux hardware enablement kernel from Xenial for Trusty Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:70221 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle Cloud sys ... oval:org.secpod.oval:def:1503042 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1503044 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:705507 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems - linux-gke-4.15: Linux kernel for Google Container Engine systems - linux-kvm: Linux kernel for cloud environments - linux-oem: Linux kernel for OEM sys ... oval:org.secpod.oval:def:705529 linux: Linux kernel - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle Cloud systems - linux-gcp-5.3: Linux kernel for Google Cloud Platfor ... oval:org.secpod.oval:def:604882 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2019-3016 It was discovered that the KVM implementation for x86 did not always perform TLB flushes when needed, if the paravirtualised TLB flush featu ... oval:org.secpod.oval:def:705508 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-kvm: Linux kernel for cloud environments - linux-lts-xenial: Linux hardware enablement kernel from Xenial for Trusty Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:705509 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle Cloud sys ... oval:org.secpod.oval:def:1700341 In the Linux kernel 5.0.21, a setxattr operation, after a mount of a crafted ext4 image, can cause a slab-out-of-bounds write access because of an ext4_xattr_set_entry use-after-free in fs/ext4/xattr.c when a large old_size value is used in a memset call.In the Linux kernel 5.4.0-rc2, there is a use ... oval:org.secpod.oval:def:70632 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. oval:org.secpod.oval:def:65553 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. oval:org.secpod.oval:def:2500053 The kernel packages contain the Linux kernel, the core of any Linux operating system. oval:org.secpod.oval:def:504755 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: use after free in the video driver leads to local privilege escalation * kernel: use-after-free in drivers/bluetooth/hci_ldisc.c * kernel: out-of-bounds access in function hclge_tm_schd_mo ... oval:org.secpod.oval:def:1503051 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1505010 [4.18.0-240.OL8] - Oracle Linux certificates - Disable signing for aarch64 - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 [4.18.0-240] - [include] block: allow for_e ... oval:org.secpod.oval:def:1503052 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:504339 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: use-after-free in sound/core/timer.c * kernel: out of bounds write in function i2c_smbus_xfer_emulated in drivers/i2c/i2c-core-smbus.c * kernel: race condition in smp_task_timedout and smp ... oval:org.secpod.oval:def:1504006 [3.10.0-1160.OL7] - Oracle Linux certificates - Oracle Linux RHCK Module Signing Key was compiled into kernel - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 [3.10.0-1160] - [kernel] modsign: Add nomokvarconfig kernel parameter [1867857] - [firmware] modsign: Add su ... oval:org.secpod.oval:def:67952 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: use after free in the video driver leads to local privilege escalation * kernel: use-after-free in drivers/bluetooth/hci_ldisc.c * kernel: out-of-bounds access in function hclge_tm_schd_mo ... oval:org.secpod.oval:def:205657 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: use-after-free in sound/core/timer.c * kernel: out of bounds write in function i2c_smbus_xfer_emulated in drivers/i2c/i2c-core-smbus.c * kernel: race condition in smp_task_timedout and smp ... oval:org.secpod.oval:def:1503041 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:89000395 Kernel-azure package information oval:org.secpod.oval:def:89050491 The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2019-19462: relay_open in kernel/relay.c in the Linux kernel allowed local users to cause a denial of service by triggering a NULL alloc_percpu result . - CVE- ... oval:org.secpod.oval:def:89050225 The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-0543: Fixed a side channel attack against special registers which could have resulted in leaking of read values to cores other than the one which called it ... oval:org.secpod.oval:def:89000562 kernel package information. oval:org.secpod.oval:def:89000561 kernel package information. oval:org.secpod.oval:def:89002963 The SUSE Linux Enterprise 15 kernel was updated receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-0543: Fixed a side channel attack against special registers which could have resulted in leaking of read values to cores other than the one which called it. This ... oval:org.secpod.oval:def:89043774 The SUSE Linux Enterprise 12 SP4 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-0543: Fixed a side channel attack against special registers which could have resulted in leaking of read values to cores other than the one which cal ... oval:org.secpod.oval:def:89050517 The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2019-19462: relay_open in kernel/relay.c in the Linux kernel allowed local users to cause a denial of service by triggering a NULL alloc_percpu result . - CVE- ... |