Download
| Alert*
oval:org.secpod.oval:def:89044335
The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-36312: Fixed an issue within virt/kvm/kvm_main.c that had a kvm_io_bus_unregister_dev memory leak upon a kmalloc failure . - CVE-2021-29650: Fixed an ... oval:org.secpod.oval:def:89044331 The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-36312: Fixed an issue within virt/kvm/kvm_main.c that had a kvm_io_bus_unregister_dev memory leak upon a kmalloc failure . - CVE-2021-29650: Fixed an issue ... oval:org.secpod.oval:def:89049481 The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-3444: Fixed an issue with the bpf verifier which did not properly handle mod32 destination register truncation when the source register was known to be 0 l ... oval:org.secpod.oval:def:1505151 [4.14.35-2047.508.3.el7uek] - fuse: fix live lock in fuse_iget [Orabug: 33396682] {CVE-2021-28950} - block: workaround to avoid self-deadlock in del_gendisk [Orabug: 33392821] - net: bonding: add new option arp_allslaves for arp_ip_target [Orabug: 33352735] [4.14.35-2047.508.2.el7uek] - KVM: x86: ... oval:org.secpod.oval:def:506653 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: perf_event_parse_addr_filter memory * kernel: fuse: fuse_do_getattr calls make_bad_inode in inappropriate situations * kernel: Heap buffer overflow in firedtv driver For more details abou ... oval:org.secpod.oval:def:89044307 The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-36312: Fixed an issue in virt/kvm/kvm_main.c that had a kvm_io_bus_unregister_dev memory leak upon a kmalloc failure . - CVE-2021-29650: Fixed an issue inside ... oval:org.secpod.oval:def:79852 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2020-29374 Jann Horn of Google reported a flaw in Linux"s virtual memory management. A parent and child process initially share all their memory, but ... oval:org.secpod.oval:def:76586 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems - linux-dell300x: Linux kernel for Dell 300x platforms - linux-gcp-4.15: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for clo ... oval:org.secpod.oval:def:89047308 The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-33200: Enforcing incorrect limits for pointer arithmetic operations by the BPF verifier could be abused to perform out-of-bounds reads and writes in kernel ... oval:org.secpod.oval:def:89044316 The SUSE Linux Enterprise 15 SP1 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-36312: Fixed an issue in virt/kvm/kvm_main.c that had a kvm_io_bus_unregister_dev memory leak upon a kmalloc failure . - CVE-2021-29650: Fixed an issu ... oval:org.secpod.oval:def:89044334 The SUSE Linux Enterprise 12 SP4 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-36312: Fixed an issue in virt/kvm/kvm_main.c that had a kvm_io_bus_unregister_dev memory leak upon a kmalloc failure . - CVE-2021-29650: Fixed an issu ... oval:org.secpod.oval:def:205929 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: perf_event_parse_addr_filter memory * kernel: fuse: fuse_do_getattr calls make_bad_inode in inappropriate situations * kernel: Heap buffer overflow in firedtv driver For more details abou ... oval:org.secpod.oval:def:606192 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2020-29374 Jann Horn of Google reported a flaw in Linux"s virtual memory management. A parent and child process initially share all their memory, but ... oval:org.secpod.oval:def:706208 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems - linux-dell300x: Linux kernel for Dell 300x platforms - linux-gcp-4.15: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for clo ... oval:org.secpod.oval:def:1601520 Amazon Linux has been made aware of a potential Branch Target Injection issue . This is a known cross-domain transient execution attack where a third party may seek to cause a disclosure gadget to be speculatively executed after an indirect branch prediction. Generally, actors who attempt transient ... oval:org.secpod.oval:def:1505165 [4.14.35-2047.508.3.el7] - fuse: fix live lock in fuse_iget [Orabug: 33396682] {CVE-2021-28950} - block: workaround to avoid self-deadlock in del_gendisk [Orabug: 33392821] - net: bonding: add new option arp_allslaves for arp_ip_target [Orabug: 33352735] [4.14.35-2047.508.2] - KVM: x86: Check kvm ... oval:org.secpod.oval:def:1505126 [4.14.35-2047.507.7.5.el7uek] - Bluetooth: defer cleanup of resources in hci_unregister_dev [Orabug: 33369947] {CVE-2021-3573} - Bluetooth: use correct lock to prevent UAF of hdev object [Orabug: 33369947] - Bluetooth: fix the erroneous flush_work order [Orabug: 33369947] {CVE-2021-3564} - ext4: ... oval:org.secpod.oval:def:1700867 Amazon Linux has been made aware of a potential Branch Target Injection issue . This is a known cross-domain transient execution attack where a third party may seek to cause a disclosure gadget to be speculatively executed after an indirect branch prediction. Generally, actors who attempt transient ... oval:org.secpod.oval:def:1505168 [4.14.35-2047.507.7.5.el7] - Bluetooth: defer cleanup of resources in hci_unregister_dev [Orabug: 33369947] {CVE-2021-3573} - Bluetooth: use correct lock to prevent UAF of hdev object [Orabug: 33369947] - Bluetooth: fix the erroneous flush_work order [Orabug: 33369947] {CVE-2021-3564} - ext4: fix ... oval:org.secpod.oval:def:89044324 The SUSE Linux Enterprise 12 SP2 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-36312: Fixed an issue in virt/kvm/kvm_main.c that had a kvm_io_bus_unregister_dev memory leak upon a kmalloc failure . - CVE-2021-29650: Fixed an issu ... oval:org.secpod.oval:def:1505442 [3.10.0-1160.53.1.OL7] - Update Oracle Linux certificates - Oracle Linux RHCK Module Signing Key was compiled into kernel - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 - Update oracle value to match new certificate [3.10.0-1160.53.1] - fuse: fix live lock in fuse_ ... oval:org.secpod.oval:def:89044320 The SUSE Linux Enterprise 12 SP2 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-36312: Fixed an issue in virt/kvm/kvm_main.c that had a kvm_io_bus_unregister_dev memory leak upon a kmalloc failure . - CVE-2021-29650: Fixed an issu ... oval:org.secpod.oval:def:89044342 The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-3483: Fixed a use-after-free in nosy.c . - CVE-2021-30002: Fixed a memory leak for large arguments in video_usercopy . - CVE-2021-29650: Fixed an issue whe ... oval:org.secpod.oval:def:89044438 This update for the Linux Kernel 4.4.180-94_138 fixes several issues. The following security issues were fixed: - CVE-2020-36322: Fixed an issue inside the FUSE filesystem implementation where fuse_do_getattr calls make_bad_inode in inappropriate situations, could have caused a system crash. NOTE: t ... oval:org.secpod.oval:def:89044356 This update for the Linux Kernel 4.4.180-94_130 fixes several issues. The following security issues were fixed: - Fix a kernel warning during sysfs read - CVE-2020-36322: An issue was discovered in the FUSE filesystem implementation in the Linux kernel aka CID-5d069dbe8aaf. fuse_do_getattr calls ma ... oval:org.secpod.oval:def:2500395 The kernel packages contain the Linux kernel, the core of any Linux operating system. oval:org.secpod.oval:def:1504894 [4.18.0-305.OL8] - Update Oracle Linux certificates - Disable signing for aarch64 - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 [4.18.0-305] - perf/x86/intel/uncore ... oval:org.secpod.oval:def:506091 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: Integer overflow in Intel Graphics Drivers * kernel: memory leak in sof_set_get_large_ctrl_data function in sound/soc/sof/ipc.c * kernel: use-after-free caused by a malicious USB device in ... |