Download
| Alert*
oval:org.secpod.oval:def:3300768
SUSE Security Update: Security update for the Linux Kernel oval:org.secpod.oval:def:94904 linux-ibm: Linux kernel for IBM cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:2600093 The kernel packages contain the Linux kernel, the core of any Linux operating system. oval:org.secpod.oval:def:609245 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2022-2585 A use-after-free flaw in the implementation of POSIX CPU timers may result in denial of service or in local privilege escalation. CVE-2022-2 ... oval:org.secpod.oval:def:89046876 The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-36557: Fixed a race condition between the VT_DISALLOCATE ioctl and closing/opening of ttys could lead to a use-after-free . - CVE-2020-36558: Fixed a race ... oval:org.secpod.oval:def:89047682 The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-39190: Fixed an issue that was discovered in net/netfilter/nf_tables_api.c and could cause a denial of service upon binding to an already bound chain . - C ... oval:org.secpod.oval:def:2600061 The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. oval:org.secpod.oval:def:1701015 An out-of-bounds write flaw was found in the Linux kernel and rsquo;s framebuffer-based console driver functionality in the way a user triggers ioctl FBIOPUT_VSCREENINFO with malicious data. This flaw allows a local user to crash or potentially escalate their privileges on the system. A vulnerabilit ... oval:org.secpod.oval:def:3300902 SUSE Security Update: Security update for the Linux Kernel oval:org.secpod.oval:def:507364 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * off-path attacker may inject data or terminate victim"s TCP session. oval:org.secpod.oval:def:1506245 [5.14.0-162.6.1_1.OL9] - Update Oracle Linux certificates - Disable signing for aarch64 - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 - Remove nmap references from ... oval:org.secpod.oval:def:1700996 A bug in the IMA subsystem was discovered which would incorrectly allow kexec to be used when kernel lockdown was enabled A flaw was found in hw. Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions ... oval:org.secpod.oval:def:1701004 A use-after-free flaw was found in the Linux kernel's Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages. This flaw allows a local user to crash or potentially escalate their privileges on the system. A flaw was found in t ... oval:org.secpod.oval:def:89048277 The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-13695: Fixed fix acpi operand cache leak in nseval.c . - CVE-2018-7755: Fixed bypass of kernel security protections such as KASLR using fd_locked_ioctl fun ... oval:org.secpod.oval:def:707766 linux-ibm: Linux kernel for IBM cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:1601589 An out-of-bounds write flaw was found in the Linux kernel and rsquo;s framebuffer-based console driver functionality in the way a user triggers ioctl FBIOPUT_VSCREENINFO with malicious data. This flaw allows a local user to crash or potentially escalate their privileges on the system. A vulnerabilit ... oval:org.secpod.oval:def:89047018 The SUSE Linux Enterprise 12 SP4 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-36946: Fixed a denial of service inside nfqnl_mangle in net/netfilter/nfnetlink_queue.c . - CVE-2022-36879: Fixed an issue in xfrm_expand_policies in ... oval:org.secpod.oval:def:3301154 SUSE Security Update: Security update for the Linux Kernel oval:org.secpod.oval:def:85951 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2022-2585 A use-after-free flaw in the implementation of POSIX CPU timers may result in denial of service or in local privilege escalation. CVE-2022-2 ... oval:org.secpod.oval:def:94901 linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gke: Linux kernel for Google Container Engine systems - linux-raspi: Linux kernel for Raspberry Pi systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:94902 linux-gkeop: Linux kernel for Google Container Engine systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:94900 linux-oem-5.17: Linux kernel for OEM systems The system could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:94903 linux-intel-iotg: Linux kernel for Intel IoT platforms Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:707751 linux-gcp-5.4: Linux kernel for Google Cloud Platform systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:707743 linux-gcp-5.15: Linux kernel for Google Cloud Platform systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:707745 linux-gke-5.15: Linux kernel for Google Container Engine systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:707744 linux-gcp: Linux kernel for Google Cloud Platform systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:707740 linux-oracle: Linux kernel for Oracle Cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:89046869 The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-36557: Fixed race condition between the VT_DISALLOCATE ioctl and closing/opening of ttys that could lead to a use-after-free . - CVE-2020-36558: Fixed race ... oval:org.secpod.oval:def:89046867 The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-36946: Fixed an incorrect packet trucation operation which could lead to denial of service . - CVE-2022-20166: Fixed several possible memory safety issues ... oval:org.secpod.oval:def:86507 linux-gcp-5.4: Linux kernel for Google Cloud Platform systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:89046865 The SUSE Linux Enterprise 15 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-36557: Fixed race condition between the VT_DISALLOCATE ioctl and closing/opening of ttys that could lead to a use-after-free . - CVE-2020-36558: Fixed rac ... oval:org.secpod.oval:def:88605 linux-gcp: Linux kernel for Google Cloud Platform systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:88606 linux-gke-5.15: Linux kernel for Google Container Engine systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:88603 linux-oracle: Linux kernel for Oracle Cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:86505 linux-azure-fde: Linux kernel for Microsoft Azure CVM cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:88604 linux-gcp-5.15: Linux kernel for Google Cloud Platform systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:707747 linux-intel-iotg: Linux kernel for Intel IoT platforms Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:707748 linux-gke: Linux kernel for Google Container Engine systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:707731 linux-raspi-5.4: Linux kernel for Raspberry Pi systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:707690 linux-oem-5.14: Linux kernel for OEM systems The system could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:1701006 An out-of-bounds read flaw was found in the Linux kernel's TeleTYpe subsystem. The issue occurs in how a user triggers a race condition using ioctls TIOCSPTLCK and TIOCGPTPEER and TIOCSTI and TCXONC with leakage of memory in the flush_to_ldisc function. This flaw allows a local user to crash the sys ... oval:org.secpod.oval:def:1700998 An out-of-bounds write flaw was found in the Linux kernel's framebuffer-based console driver functionality in the way a user triggers ioctl FBIOPUT_VSCREENINFO with malicious data. This flaw allows a local user to crash or potentially escalate their privileges on the system. A bug in the IMA subsyst ... oval:org.secpod.oval:def:707736 linux-gkeop: Linux kernel for Google Container Engine systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:707735 linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gke: Linux kernel for Google Container Engine systems - linux-raspi: Linux kernel for Raspberry Pi systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:707738 linux-azure-fde: Linux kernel for Microsoft Azure CVM cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:88597 linux-hwe-5.15: Linux hardware enablement kernel - linux-lowlatency-hwe-5.15: Linux low latency kernel Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:88598 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-kvm: Linux kernel for cloud environments - linux-lowlatency: Linux low latency kernel - linux-aws-5.15: Linux kernel for Amazon Web Services systems - ... oval:org.secpod.oval:def:707723 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-bluefield: Linux kernel for NVIDIA BlueField platforms - linux-gkeop: Linux kernel for Google Container Engine systems - linux-ibm: Linux kernel for I ... oval:org.secpod.oval:def:88595 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems - linux-dell300x: Linux kernel for Dell 300x platforms - linux-gcp-4.15: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for clo ... oval:org.secpod.oval:def:88596 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-bluefield: Linux kernel for NVIDIA BlueField platforms - linux-gkeop: Linux kernel for Google Container Engine systems - linux-ibm: Linux kernel for I ... oval:org.secpod.oval:def:3300899 SUSE Security Update: Security update for the Linux Kernel oval:org.secpod.oval:def:3301229 SUSE Security Update: Security update for the Linux Kernel oval:org.secpod.oval:def:89047414 The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-36516: Fixed TCP session data injection vulnerability via the mixed IPID assignment method . - CVE-2020-36557: Fixed race condition between the VT_DISALLOC ... oval:org.secpod.oval:def:86649 linux-gke: Linux kernel for Google Container Engine systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:89046884 The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-36557: Fixed race condition between the VT_DISALLOCATE ioctl and closing/opening of ttys that could lead to a use-after-free . - CVE-2020-36558: Fixed race ... oval:org.secpod.oval:def:707729 linux-oem-5.17: Linux kernel for OEM systems The system could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:707728 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-kvm: Linux kernel for cloud environments - linux-lowlatency: Linux low latency kernel - linux-aws-5.15: Linux kernel for Amazon Web Services systems - ... oval:org.secpod.oval:def:86647 linux-raspi-5.4: Linux kernel for Raspberry Pi systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:707725 linux-hwe-5.15: Linux hardware enablement kernel - linux-lowlatency-hwe-5.15: Linux low latency kernel Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:707726 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems - linux-dell300x: Linux kernel for Dell 300x platforms - linux-gcp-4.15: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for clo ... oval:org.secpod.oval:def:86643 linux-oem-5.14: Linux kernel for OEM systems The system could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:1506125 [4.1.12-124.68.3.el7uek] - Orabug: 34733462 [4.1.12-124.68.2.el7uek] - ptp: fix the race between the release of ptp_clock and cdev [Orabug: 31350707] {CVE-2020-10690} - ptp: Fix pass zero to ERR_PTR in ptp_clock_register [Orabug: 31350707] - chardev: add helper function to register char devs with ... oval:org.secpod.oval:def:1506135 [4.1.12-124.68.3] - Orabug: 34733462 [4.1.12-124.68.2] - ptp: fix the race between the release of ptp_clock and cdev [Orabug: 31350707] {CVE-2020-10690} - ptp: Fix pass zero to ERR_PTR in ptp_clock_register [Orabug: 31350707] - chardev: add helper function to register char devs with a struct devi ... oval:org.secpod.oval:def:89046868 The SUSE Linux Enterprise 12 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-36946: Fixed an incorrect packet trucation operation which could lead to denial of service . - CVE-2022-20166: Fixed several possible memory safety issues due to u ... oval:org.secpod.oval:def:89046895 The SUSE Linux Enterprise 12 SP3 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-15393: CVE-2020-15393: Fixed a memory leak in usbtest_disconnect . - CVE-2020-36557: Fixed race condition between the VT_DISALLOCATE ioctl and closing ... oval:org.secpod.oval:def:4501084 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * off-path attacker may inject data or terminate victim"s TCP session * race condition in VT_RESIZEX ioctl when vc_cons[i].d is already NULL leading to NULL pointer dereference * use-after-free vuln ... oval:org.secpod.oval:def:2500850 The kernel packages contain the Linux kernel, the core of any Linux operating system. oval:org.secpod.oval:def:507272 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * off-path attacker may inject data or terminate victim"s TCP session. oval:org.secpod.oval:def:4500936 The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix: * off-path attacker may inject data or terminate victim"s TCP session * Race condition in VT_RESIZEX ioctl when vc_cons[i].d is already NULL l ... oval:org.secpod.oval:def:19500119 2023-05-11: CVE-2023-2019 was added to this advisory.A flaw was found in the Linux kernel's netdevsim device driver, within the scheduling of events. This issue results from the improper management of a reference count. This may allow an attacker to create a denial of service condition on the system ... oval:org.secpod.oval:def:1506178 [4.18.0-425.3.1.OL8] - Update Oracle Linux certificates - Disable signing for aarch64 - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 - Remove upstream reference duri ... oval:org.secpod.oval:def:2500862 The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. |