Download
| Alert*
oval:org.secpod.oval:def:505756
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: Local buffer overflow in ctnetlink_parse_tuple_filter in net/netfilter/nf_conntrack_netlink.c For more details about the security issue, including the impact, a CVSS score, acknowledgments, ... oval:org.secpod.oval:def:118718 The kernel meta package oval:org.secpod.oval:def:118715 The kernel meta package oval:org.secpod.oval:def:69579 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: Local buffer overflow in ctnetlink_parse_tuple_filter in net/netfilter/nf_conntrack_netlink.c For more details about the security issue, including the impact, a CVSS score, acknowledgments, ... oval:org.secpod.oval:def:1503165 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1700827 A flaw was found in the Linux kernel. A local attacker, able to inject conntrack netlink configuration, could overflow a local buffer causing crashes or triggering the use of incorrect protocol numbers in ctnetlink_parse_tuple_filter in net/netfilter/nf_conntrack_netlink.c. The highest threat from t ... oval:org.secpod.oval:def:705793 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems - linux-gcp-4.15: Linux kernel for Google Cloud Platform systems - linux-gke-4.15: Linux kernel for Google Container Engine systems - linux-kvm: Linux k ... oval:org.secpod.oval:def:70295 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems - linux-gcp-4.15: Linux kernel for Google Cloud Platform systems - linux-gke-4.15: Linux kernel for Google Container Engine systems - linux-kvm: Linux k ... oval:org.secpod.oval:def:89002777 The SUSE Linux Enterprise 12 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-3347: A use-after-free was discovered in the PI futexes during fault handling, allowing local users to execute code in the kernel . oval:org.secpod.oval:def:205845 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: Local buffer overflow in ctnetlink_parse_tuple_filter in net/netfilter/nf_conntrack_netlink.c * kernel: SCSI target write to any block on ILO backstore * kernel: locking issue in drivers/ ... oval:org.secpod.oval:def:89002761 The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-3348: Fixed a use-after-free in nbd_add_socket that could be triggered by local attackers via an I/O request . - CVE-2021-3347: A use-after-free was disco ... oval:org.secpod.oval:def:89002784 The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-3347: A use-after-free was discovered in the PI futexes during fault handling, allowing local users to execute code in the kernel . - CVE-2020-0465: Fixed ... oval:org.secpod.oval:def:505972 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: Local buffer overflow in ctnetlink_parse_tuple_filter in net/netfilter/nf_conntrack_netlink.c * kernel: SCSI target write to any block on ILO backstore * kernel: locking issue in drivers/ ... oval:org.secpod.oval:def:1504775 [3.10.0-1160.21.1.el7.OL7] - Oracle Linux certificates - Oracle Linux RHCK Module Signing Key was compiled into kernel - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 = 15-2.0.3.el7 [3.10.0-1160.21.1.el7] - [pinctrl] devicetree: Avoid taking direct reference to device ... oval:org.secpod.oval:def:605205 Several vulnerabilities have been discovered in the Linux kernel that may lead to the execution of arbitrary code, privilege escalation, denial of service or information leaks. CVE-2020-12351 Andy Nguyen discovered a flaw in the Bluetooth implementation in the way L2CAP packets with A2MP CID are han ... oval:org.secpod.oval:def:89002851 The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-3347: A use-after-free was discovered in the PI futexes during fault handling, allowing local users to execute code in the kernel. oval:org.secpod.oval:def:1601215 In binder_release_work of binder.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndro ... oval:org.secpod.oval:def:89049470 The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-3347: A use-after-free was discovered in the PI futexes during fault handling, allowing local users to execute code in the kernel . - CVE-2021-3348: Fixed ... oval:org.secpod.oval:def:1700403 In the Linux kernel 5.0.21 and 5.3.11, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in try_merge_free_space in fs/btrfs/free-space-cache.c because the pointer to a left data structure can be the same as the p ... oval:org.secpod.oval:def:69820 Several vulnerabilities have been discovered in the Linux kernel that may lead to the execution of arbitrary code, privilege escalation, denial of service or information leaks. CVE-2020-12351 Andy Nguyen discovered a flaw in the Bluetooth implementation in the way L2CAP packets with A2MP CID are han ... oval:org.secpod.oval:def:1700461 In binder_release_work of binder.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndro ... oval:org.secpod.oval:def:705791 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle Cloud sys ... oval:org.secpod.oval:def:705784 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-kvm: Linux kernel for cloud environments - linux-raspi2: Linux kernel for Raspberry Pi systems - linux-snapdragon: Linux kernel for Qualcomm Snapdragon processors - linux-lts-xenial: Linux hardware enablement ker ... oval:org.secpod.oval:def:89002847 The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-3348: Fixed a use-after-free in nbd_add_socket that could be triggered by local attackers via an I/O request at a certain point during device setup. oval:org.secpod.oval:def:70287 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-kvm: Linux kernel for cloud environments - linux-raspi2: Linux kernel for Raspberry Pi systems - linux-snapdragon: Linux kernel for Qualcomm Snapdragon processors - linux-lts-xenial: Linux hardware enablement ker ... oval:org.secpod.oval:def:70293 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle Cloud sys ... oval:org.secpod.oval:def:1700599 A flaw was found in the Linux kernel. A local attacker, able to inject conntrack netlink configuration, could overflow a local buffer causing crashes or triggering the use of incorrect protocol numbers in ctnetlink_parse_tuple_filter in net/netfilter/nf_conntrack_netlink.c. The highest threat from t ... oval:org.secpod.oval:def:1700600 A flaw was found in the Linux kernel. A local attacker, able to inject conntrack netlink configuration, could overflow a local buffer causing crashes or triggering the use of incorrect protocol numbers in ctnetlink_parse_tuple_filter in net/netfilter/nf_conntrack_netlink.c. The highest threat from t ... oval:org.secpod.oval:def:89002831 The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-3347: A use-after-free was discovered in the PI futexes during fault handling, allowing local users to execute code in the kernel . - CVE-2020-29569: Fixed ... oval:org.secpod.oval:def:1503076 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:97549 [CLSA-2021:1632261812] Fixed CVEs in kernel: CVE-2020-29661, CVE-2020-25211, CVE-2019-19532, CVE-2020-25656 oval:org.secpod.oval:def:1503081 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:97550 [CLSA-2021:1632261839] Fix of CVE: CVE-2020-29661, CVE-2019-19532, CVE-2020-25656, CVE-2020-25211 oval:org.secpod.oval:def:1503094 The advisory is missing the security advisory description. For more information please visit the reference link |