Download
| Alert*
oval:org.secpod.oval:def:3300768
SUSE Security Update: Security update for the Linux Kernel oval:org.secpod.oval:def:89048073 The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-4378: Fixed stack overflow in __do_proc_dointvec . - CVE-2022-42328: Guests could trigger denial of service via the netback driver . - CVE-2022-42329: Gues ... oval:org.secpod.oval:def:3300902 SUSE Security Update: Security update for the Linux Kernel oval:org.secpod.oval:def:3300885 SUSE Security Update: Security update for the Linux Kernel oval:org.secpod.oval:def:3301238 SUSE Security Update: Security update for the Linux Kernel oval:org.secpod.oval:def:206019 Security Fix: kernel: stack overflow in do_proc_dointvec and proc_skip_spaces kernel: use-after-free related to leaf anon_vma double reuse For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in ... oval:org.secpod.oval:def:89047984 The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-4037: Fixed function logic vulnerability that allowed local users to create files for the XFS file-system with an unintended group ownership and with group ... oval:org.secpod.oval:def:88418 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2021-4037 Christian Brauner reported that the inode_init_owner function for the XFS filesystem in the Linux kernel allows local users to create files ... oval:org.secpod.oval:def:1701284 A double-free flaw was found in the Linux kernel and rsquo;s TUN/TAP device driver functionality in how a user registers the device when the register_netdevice function fails . This flaw allows a local user to crash or potentially escalate their privileges on the system. A use-after-free flaw was fo ... oval:org.secpod.oval:def:89048058 The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-3635: Fixed a use-after-free in the tst_timer of the file drivers/atm/idt77252.c . - CVE-2022-3424: Fixed use-after-free in gru_set_context_option, gru_fau ... oval:org.secpod.oval:def:89047881 The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-4037: Fixed function logic vulnerability that allowed local users to create files for the XFS file-system with an unintended group ownership and with group ... oval:org.secpod.oval:def:89048057 The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-4378: Fixed stack overflow in __do_proc_dointvec . - CVE-2022-42328: Guests could trigger denial of service via the netback driver . - CVE-2022-42329: Guests c ... oval:org.secpod.oval:def:89048056 The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-4378: Fixed stack overflow in __do_proc_dointvec . - CVE-2022-42328: Guests could trigger denial of service via the netback driver . - CVE-2022-42329: Gues ... oval:org.secpod.oval:def:89047682 The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-39190: Fixed an issue that was discovered in net/netfilter/nf_tables_api.c and could cause a denial of service upon binding to an already bound chain . - C ... oval:org.secpod.oval:def:89048075 The SUSE Linux Enterprise 12 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-3635: Fixed a use-after-free in the tst_timer of the file drivers/atm/idt77252.c . - CVE-2022-3424: Fixed use-after-free in gru_set_context_option, gru_fau ... oval:org.secpod.oval:def:1506472 [3.10.0-1160.88.1.0.1.el7.OL7] - debug: lock down kgdb [Orabug: 34270798] {CVE-2022-21499} [3.10.0-1160.88.1.el7.OL7] - Update Oracle Linux certificates - Oracle Linux RHCK Module Signing Key was compiled into kernel - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 - U ... oval:org.secpod.oval:def:89047998 The SUSE Linux Enterprise 12 SP5 Azure kernel was updated. The following security bugs were fixed: - CVE-2021-4037: Fixed function logic vulnerability that allowed local users to create files for the XFS file-system with an unintended group ownership and with group execution and SGID permission bits ... oval:org.secpod.oval:def:1701052 A vulnerability was found in the fs/inode.c:inode_init_owner function logic of the LInux kernel that allows local users to create files for the XFS file-system with an unintended group ownership and with group execution and SGID permission bits set, in a scenario where a directory is SGID and belong ... oval:org.secpod.oval:def:610217 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2021-4037 Christian Brauner reported that the inode_init_owner function for the XFS filesystem in the Linux kernel allows local users to create files ... oval:org.secpod.oval:def:89048068 The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-4378: Fixed stack overflow in __do_proc_dointvec . - CVE-2022-3635: Fixed a use-after-free in the tst_timer of the file drivers/atm/idt77252.c . - CVE-2022 ... oval:org.secpod.oval:def:3301154 SUSE Security Update: Security update for the Linux Kernel oval:org.secpod.oval:def:2500747 The kernel packages contain the Linux kernel, the core of any Linux operating system. oval:org.secpod.oval:def:506895 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: fget: check that the fd still exists after getting a ref to it * kernel: avoid cyclic entity chains due to malformed USB descriptors * kernel: speculation on incompletely validated data on ... oval:org.secpod.oval:def:1505650 [4.18.0-372.9.1.OL8] - Update Oracle Linux certificates - Disable signing for aarch64 - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 [4.18.0-372.9.1] - scsi: qedi: F ... oval:org.secpod.oval:def:4500964 The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix: * kernel: fget: check that the fd still exists after getting a ref to it * kernel: avoid cyclic entity chains due to malformed USB descriptors ... oval:org.secpod.oval:def:4501055 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: fget: check that the fd still exists after getting a ref to it * kernel: avoid cyclic entity chains due to malformed USB descriptors * kernel: speculation on incompletely validated data on ... |