Download
| Alert*
|
oval:org.secpod.oval:def:608638
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2021-4197 Eric Biederman reported that incorrect permission checks in the cgroup process migration implementation can allow a local attacker to escala ... oval:org.secpod.oval:def:88371 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2021-4197 Eric Biederman reported that incorrect permission checks in the cgroup process migration implementation can allow a local attacker to escala ... oval:org.secpod.oval:def:1700863 Amazon Linux has been made aware of a potential Branch Target Injection issue . This is a known cross-domain transient execution attack where a third party may seek to cause a disclosure gadget to be speculatively executed after an indirect branch prediction. Generally, actors who attempt transient ... oval:org.secpod.oval:def:707631 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems - linux-gcp-4.15: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle ... oval:org.secpod.oval:def:121424 The kernel meta package oval:org.secpod.oval:def:89045989 The SUSE Linux Enterprise 15 SP1 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-0435: Fixed remote stack overflow in net/tipc module that validate domain record count on input . - CVE-2022-0330: Fixed flush TLBs before releasing b ... oval:org.secpod.oval:def:121423 The kernel meta package oval:org.secpod.oval:def:1505774 [5.4.17-2136.308.7.el7uek] - uek-rpm: Update OL7/8 Secureboot certificate and shim versions. oval:org.secpod.oval:def:89045985 The SUSE Linux Enterprise 12 SP3 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-25020: Fixed an overflow in the BPF subsystem due to a mishandling of a long jump over an instruction sequence where inner instructions require substa ... oval:org.secpod.oval:def:3300454 SUSE Security Update: Security update for the Linux Kernel oval:org.secpod.oval:def:707144 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-azure-fde: Linux kernel for Microsoft Azure cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gke: Linux kernel for Go ... oval:org.secpod.oval:def:607379 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2021-4197 Eric Biederman reported that incorrect permission checks in the cgroup process migration implementation can allow a local attacker to escala ... oval:org.secpod.oval:def:86469 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-azure-fde: Linux kernel for Microsoft Azure cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gke: Linux kernel for Go ... oval:org.secpod.oval:def:89046067 The SUSE Linux Enterprise 12 SP2 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-25020: Fixed an overflow in the BPF subsystem due to a mishandling of a long jump over an instruction sequence where inner instructions require substa ... oval:org.secpod.oval:def:89045892 The SUSE Linux Enterprise 15 SP2 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-0185: Incorrect param length parsing in legacy_parse_param which could have led to a local privilege escalation . - CVE-2022-0322: Fixed a denial of s ... oval:org.secpod.oval:def:86388 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2021-4197 Eric Biederman reported that incorrect permission checks in the cgroup process migration implementation can allow a local attacker to escala ... oval:org.secpod.oval:def:89047619 The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-0185: Incorrect param length parsing in legacy_parse_param which could have led to a local privilege escalation . - CVE-2022-0322: Fixed a denial of servic ... oval:org.secpod.oval:def:79887 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-raspi: Linux kernel for Raspberry Pi systems - linux-aws-5.13: Linux kernel for Amazon Web Services sy ... oval:org.secpod.oval:def:89045962 The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-0435: Fixed remote stack overflow in net/tipc module that validate domain record count on input . - CVE-2021-3564: Fixed double-free memory corruption in t ... oval:org.secpod.oval:def:88553 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems - linux-gcp-4.15: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle ... oval:org.secpod.oval:def:706359 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-raspi: Linux kernel for Raspberry Pi systems - linux-aws-5.13: Linux kernel for Amazon Web Services sy ... oval:org.secpod.oval:def:1505764 [5.4.17-2136.308.7.el8] - uek-rpm: Update OL7/8 Secureboot certificate and shim versions. oval:org.secpod.oval:def:89045993 The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-0435: Fixed remote stack overflow in net/tipc module that validate domain record count on input . - CVE-2021-3564: Fixed double-free memory corruptio ... oval:org.secpod.oval:def:89045995 The SUSE Linux Enterprise 12 SP4 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-0435: Fixed remote stack overflow in net/tipc module that validate domain record count on input . - CVE-2022-0330: Fixed flush TLBs before releasing b ... oval:org.secpod.oval:def:1505768 [5.4.17-2136.308.7.el7] - uek-rpm: Update OL7/8 Secureboot certificate and shim versions. oval:org.secpod.oval:def:1505767 [5.4.17-2136.308.7.el8uek] - uek-rpm: Update OL7/8 Secureboot certificate and shim versions. oval:org.secpod.oval:def:89045991 The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-0435: Fixed remote stack overflow in net/tipc module that validate domain record count on input . - CVE-2021-3564: Fixed double-free memory corruption in the L ... oval:org.secpod.oval:def:3301076 SUSE Security Update: Security update for the Linux Kernel oval:org.secpod.oval:def:506895 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: fget: check that the fd still exists after getting a ref to it * kernel: avoid cyclic entity chains due to malformed USB descriptors * kernel: speculation on incompletely validated data on ... oval:org.secpod.oval:def:1505650 [4.18.0-372.9.1.OL8] - Update Oracle Linux certificates - Disable signing for aarch64 - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 [4.18.0-372.9.1] - scsi: qedi: F ... oval:org.secpod.oval:def:1601520 Amazon Linux has been made aware of a potential Branch Target Injection issue . This is a known cross-domain transient execution attack where a third party may seek to cause a disclosure gadget to be speculatively executed after an indirect branch prediction. Generally, actors who attempt transient ... oval:org.secpod.oval:def:2500747 The kernel packages contain the Linux kernel, the core of any Linux operating system. oval:org.secpod.oval:def:4500964 The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix: * kernel: fget: check that the fd still exists after getting a ref to it * kernel: avoid cyclic entity chains due to malformed USB descriptors ... oval:org.secpod.oval:def:4501055 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: fget: check that the fd still exists after getting a ref to it * kernel: avoid cyclic entity chains due to malformed USB descriptors * kernel: speculation on incompletely validated data on ... oval:org.secpod.oval:def:1700867 Amazon Linux has been made aware of a potential Branch Target Injection issue . This is a known cross-domain transient execution attack where a third party may seek to cause a disclosure gadget to be speculatively executed after an indirect branch prediction. Generally, actors who attempt transient ... oval:org.secpod.oval:def:706389 linux-azure-5.13: Linux kernel for Microsoft Azure cloud systems - linux-oracle-5.13: Linux kernel for Oracle Cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:86452 linux-azure-5.13: Linux kernel for Microsoft Azure cloud systems - linux-oracle-5.13: Linux kernel for Oracle Cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:1700859 Amazon Linux has been made aware of a potential Branch Target Injection issue . This is a known cross-domain transient execution attack where a third party may seek to cause a disclosure gadget to be speculatively executed after an indirect branch prediction. Generally, actors who attempt transient ... |
