Download
| Alert*
oval:org.secpod.oval:def:4501481
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: ipvlan: out-of-bounds write caused by unclear skb- oval:org.secpod.oval:def:19500342 An issue was discovered in the Linux kernel before 6.2. The ntfs3 subsystem does not properly check for correctness during disk reads, leading to an out-of-bounds read in ntfs_set_ea in fs/ntfs3/xattr.c. An issue in "Zen 2" CPUs, under specific microarchitectural circumstances, may allow an attacker ... oval:org.secpod.oval:def:89049309 The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2022-40982: Fixed transient execution attack called 'Gather Data Sampling' . * CVE-2023-0459: Fixed information leak in __uaccess_begin_nospec . * CVE-2023-2056 ... oval:org.secpod.oval:def:89049306 This update for xen fixes the following issues: * CVE-2023-20569: Fixed side channel attack Inception or RAS Poisoning. * CVE-2022-40982: Fixed transient execution attack called 'Gather Data Sampling'. * CVE-2023-20593: Fixed a ZenBleed issue in 'Zen 2' CPUs that could allow an attacker to potenti ... oval:org.secpod.oval:def:1507113 [20230516-999.27.git6c9e0ed5.el9] - Update firmware for qat_4xxx devices [20230516-999.26.git6c9e0ed5.el9] - Run dracut -f in %posttrans instead of %post - Drop latest AMD microcode commits to family 19 file to include Milan microcode but not Genoa [20230516-999.27.git6c9e0ed5.el9] - Add missing ... oval:org.secpod.oval:def:89049268 The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2018-20784: Fixed a denial of service by mishandled leaf cfs_rq in kernel/sched/fair.c . * CVE-2018-3639: Fixed Speculative Store Bypass aka 'Memory Disambigua ... oval:org.secpod.oval:def:2501185 The kernel packages contain the Linux kernel, the core of any Linux operating system. oval:org.secpod.oval:def:2501186 The linux-firmware packages contain all of the firmware files that are required by various devices to operate. oval:org.secpod.oval:def:3301406 Security update for the Linux Kernel oval:org.secpod.oval:def:708317 amd64-microcode: Processor microcode firmware for AMD CPUs AMD processors may allow an attacker to expose sensitive information due to a vector register speculative execution vulnerability. oval:org.secpod.oval:def:94954 linux-oem-6.1: Linux kernel for OEM systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:708437 linux-oem-6.0: Linux kernel for OEM systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:95009 linux-azure: Linux kernel for Microsoft Azure Cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:708399 linux-oracle: Linux kernel for Oracle Cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:708398 linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-azure-fde: Linux kernel for Microsoft Azure CVM cloud systems - linux-azure-5.15: Linux kernel for Microsoft Azure cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:94958 linux-oem-6.0: Linux kernel for OEM systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:95004 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle Cloud systems - linux-xilinx-zynqmp: Linux kernel for Xilinx ZynqMP pro ... oval:org.secpod.oval:def:708394 linux-intel-iotg: Linux kernel for Intel IoT platforms - linux-gkeop-5.15: Linux kernel for Google Container Engine systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:708396 linux-gkeop: Linux kernel for Google Container Engine systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:708391 linux-gcp: Linux kernel for Google Cloud Platform systems - linux-starfive: Linux kernel for StarFive processors Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:95008 linux-gcp-5.15: Linux kernel for Google Cloud Platform systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:95007 linux-gkeop: Linux kernel for Google Container Engine systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:1701533 An issue in "Zen 2" CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information. An out-of-bounds write vulnerability in the Linux kernel's net/sched: sch_qfq component can be exploited to achieve local privilege escalation.The qfq_change_ ... oval:org.secpod.oval:def:95011 linux-raspi: Linux kernel for Raspberry Pi systems - linux-raspi-5.4: Linux kernel for Raspberry Pi systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:95371 Tavis Ormandy discovered that under specific microarchitectural circumstances, a vector register in AMD 'Zen 2' CPUs may not be written to 0 correctly. This flaw allows an attacker to leak sensitive information across concurrent processes, hyper threads and virtualized guests. For details please ref ... oval:org.secpod.oval:def:1701530 An issue was discovered in the Linux kernel before 6.2. The ntfs3 subsystem does not properly check for correctness during disk reads, leading to an out-of-bounds read in ntfs_set_ea in fs/ntfs3/xattr.c. An issue in "Zen 2" CPUs, under specific microarchitectural circumstances, may allow an attacker ... oval:org.secpod.oval:def:3302065 Security update for the Linux Kernel oval:org.secpod.oval:def:708425 linux-ibm: Linux kernel for IBM cloud systems - linux-ibm-5.4: Linux kernel for IBM cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:89049280 The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-3609: Fixed reference counter leak leading to overflow in net/sched . * CVE-2023-3611: Fixed an out-of-bounds write in net/sched sch_qfq. * CVE-2023- ... oval:org.secpod.oval:def:3301997 Security update for xen oval:org.secpod.oval:def:708387 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle Cloud systems - linux-xilinx-zynqmp: Linux kernel for Xilinx ZynqMP pro ... oval:org.secpod.oval:def:708384 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gke: Linux kernel for Google Container Engine systems - linux-gkeop: Linux kernel for Google Container Engine systems - linux-ibm: Linux kernel for IB ... oval:org.secpod.oval:def:708383 linux-oem-6.1: Linux kernel for OEM systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:95178 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2023-3390 A use-after-free flaw in the netfilter subsystem caused by incorrect error path handling may result in denial of service or privilege escala ... oval:org.secpod.oval:def:708385 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-ibm: Linux kernel for IBM cloud systems - linux-kvm: Linux kernel for cloud environments - linux-lowlatency: Linux low latency kernel - linux-raspi: Li ... oval:org.secpod.oval:def:206050 Security Fix: hw amd: Return Address Predictor vulnerability leading to information disclosure hw: amd: Cross-Process Information Leak For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the ... oval:org.secpod.oval:def:611390 Tavis Ormandy discovered that under specific microarchitectural circumstances, a vector register in AMD 'Zen 2' CPUs may not be written to 0 correctly. This flaw allows an attacker to leak sensitive information across concurrent processes, hyper threads and virtualized guests. For details please ref ... oval:org.secpod.oval:def:507926 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: cls_flower: out-of-bounds write in fl_set_geneve_opt * hw: amd: Cross-Process Information Leak For more details about the security issue, including the impact, a CVSS score, acknowledgment ... oval:org.secpod.oval:def:126059 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:89049169 This update for kernel-firmware fixes the following issues: * CVE-2023-20593: Fixed AMD ucode for ZenBleed vulnerability . ## Special Instructions and Notes: * Please reboot the system after installing this update. oval:org.secpod.oval:def:89049168 This update for kernel-firmware fixes the following issues: Updated to version 20230724 : * CVE-2023-20593: Fixed AMD ucode for ZenBleed vulnerability . Bugfixes: * Fix qcom ASoC tglp WHENCE entry * Group all Conexant V4L devices together * Makefile, copy-firmware: support xz/zstd compressed firmwar ... oval:org.secpod.oval:def:89049322 This update for xen fixes the following issues: * CVE-2023-20569: Fixed side channel attack Inception or RAS Poisoning. * CVE-2022-40982: Fixed transient execution attack called "Gather Data Sampling". * CVE-2023-20593: Fixed a ZenBleed issue in "Zen 2" CPUs that could allow an attacker to potenti ... oval:org.secpod.oval:def:89049151 This update for kernel-firmware fixes the following issues: * CVE-2023-20593: Fixed AMD ucode for ZenBleed vulnerability . ## Special Instructions and Notes: * Please reboot the system after installing this update. oval:org.secpod.oval:def:89049271 The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-3268: Fixed an out of bounds memory access flaw in relay_file_read_start_pos in the relayfs . * CVE-2023-3776: Fixed improper refcount update in cls_fw lea ... oval:org.secpod.oval:def:2600320 The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. oval:org.secpod.oval:def:2600322 The kernel packages contain the Linux kernel, the core of any Linux operating system. oval:org.secpod.oval:def:708411 linux-raspi: Linux kernel for Raspberry Pi systems - linux-intel-iotg-5.15: Linux kernel for Intel IoT platforms Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:19500333 An issue in "Zen 2" CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information oval:org.secpod.oval:def:1506973 [3.10.0-1160.99.1.0.1.el7.OL7] - debug: lock down kgdb [Orabug: 34270798] {CVE-2022-21499} [3.10.0-1160.99.1.el7.OL7] - Update Oracle Linux certificates - Oracle Linux RHCK Module Signing Key was compiled into kernel - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 < ... oval:org.secpod.oval:def:1701511 An issue in "Zen 2" CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information oval:org.secpod.oval:def:89049159 This update for kernel-firmware fixes the following issues: * CVE-2023-20593: Fixed AMD ucode for ZenBleed vulnerability . ## Special Instructions and Notes: * Please reboot the system after installing this update. oval:org.secpod.oval:def:89049158 This update for kernel-firmware fixes the following issues: * CVE-2023-20593: Fixed AMD ucode for ZenBleed vulnerability . ## Special Instructions and Notes: * Please reboot the system after installing this update. oval:org.secpod.oval:def:89049311 The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2022-40982: Fixed transient execution attack called 'Gather Data Sampling' . * CVE-2023-0459: Fixed information leak in __uaccess_begin_nospec . * CVE-2023-2056 ... oval:org.secpod.oval:def:3301736 Security update for the Linux Kernel oval:org.secpod.oval:def:89051664 This update for spectre-meltdown-checker fixes the following issues: * updated to 0.46 This release mainly focuses on the detection of the new Zenbleed vulnerability, among few other changes that were in line waiting for a release: * feat: detect the vulnerability and mitigation of Zenbleed * feat ... oval:org.secpod.oval:def:708401 linux-azure: Linux kernel for Microsoft Azure Cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:708400 linux-gcp-5.15: Linux kernel for Google Cloud Platform systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:96368 linux-intel-iotg: Linux kernel for Intel IoT platforms - linux-gkeop-5.15: Linux kernel for Google Container Engine systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:96365 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-ibm: Linux kernel for IBM cloud systems - linux-kvm: Linux kernel for cloud environments - linux-lowlatency: Linux low latency kernel - linux-raspi: Li ... oval:org.secpod.oval:def:508198 The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Security Fix: hw amd: Return Address Predictor vulnerability leading to information disclosure hw: amd: Cross-Process Information Leak For more details about the security issue, including ... oval:org.secpod.oval:def:507945 The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Security Fix: * hw: amd: Cross-Process Information Leak For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer ... oval:org.secpod.oval:def:96370 linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-azure-fde: Linux kernel for Microsoft Azure CVM cloud systems - linux-azure-5.15: Linux kernel for Microsoft Azure cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:507949 The kernel packages contain the Linux kernel, the core of any Linux operating system. The following packages have been upgraded to a later upstream version: kernel . Security Fix: * kernel: UAF in nftables when nft_set_lookup_global triggered after handling named and anonymous sets in batch requests ... oval:org.secpod.oval:def:611254 Tavis Ormandy discovered that under specific microarchitectural circumstances, a vector register in 'Zen 2' CPUs may not be written to 0 correctly. This flaw allows an attacker to leak register contents across concurrent processes, hyper threads and virtualized guests. For details please refer to ht ... oval:org.secpod.oval:def:96374 linux-raspi: Linux kernel for Raspberry Pi systems - linux-intel-iotg-5.15: Linux kernel for Intel IoT platforms Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:1507036 [5.14.0-284.30.1.el9_2] - x86/microcode/intel: Expose collect_cpu_info_early for IFS - x86/cpu: Load microcode during restore_processor_state - x86/microcode: Rip out the OLD_INTERFACE - x86/microcode: Default-disable late loading - x86/microcode: Taint and warn on late loading - x86/microcode: Remo ... oval:org.secpod.oval:def:89049348 This update for xen fixes the following issues: Update to Xen 4.13.5 bug fix release . * CVE-2023-20569: Fixed x86/AMD Speculative Return Stack Overflow . * CVE-2022-40982: Fixed x86/Intel Gather Data Sampling . * CVE-2023-20593: Fixed x86/AMD Zenbleed . oval:org.secpod.oval:def:89049347 This update for xen fixes the following issues: * CVE-2023-20569: Fixed x86/AMD Speculative Return Stack Overflow . * CVE-2022-40982: Fixed x86/Intel Gather Data Sampling . * CVE-2023-20593: Fixed x86/AMD Zenbleed . oval:org.secpod.oval:def:89049346 This update for xen fixes the following issues: * CVE-2023-20569: Fixed x86/AMD Speculative Return Stack Overflow . * CVE-2022-40982: Fixed x86/Intel Gather Data Sampling . * CVE-2023-20593: Fixed x86/AMD Zenbleed . oval:org.secpod.oval:def:708407 linux-raspi: Linux kernel for Raspberry Pi systems - linux-raspi-5.4: Linux kernel for Raspberry Pi systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:1506907 [20230516-999.22.git6c9e0ed5.el8] - remove amd-ucode/README - Resolves Zenbleed {CVE-2023-20593} oval:org.secpod.oval:def:1506909 [20230516-999.20.git6c9e0ed5.el9] - cd72938cb480 linux-firmware: Update AMD fam17h cpu microcode - 92624e57af69 linux-firmware: Update AMD cpu microcode [20230516-999.19.git6c9e0ed5.el9] - Rebase to upstream - Revert removal of old iwlwifi firmwares oval:org.secpod.oval:def:1507041 [4.18.0-477.27.1.el8_8.OL8] - x86/microcode/intel: Expose collect_cpu_info_early for IFS - x86/cpu: Load microcode during restore_processor_state - x86/microcode: Deprecate MICROCODE_OLD_INTERFACE - x86/microcode: Rip out the OLD_INTERFACE - x86/microcode: Default-disable late loading - x86/microcod ... oval:org.secpod.oval:def:97742 [CLSA-2023:1692108914] microcode_ctl: Fix of CVE-2023-20593 oval:org.secpod.oval:def:95176 Tavis Ormandy discovered that under specific microarchitectural circumstances, a vector register in 'Zen 2' CPUs may not be written to 0 correctly. This flaw allows an attacker to leak register contents across concurrent processes, hyper threads and virtualized guests. For details please refer to ht ... oval:org.secpod.oval:def:611388 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2023-3390 A use-after-free flaw in the netfilter subsystem caused by incorrect error path handling may result in denial of service or privilege escala ... oval:org.secpod.oval:def:89049338 The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-2985: Fixed an use-after-free vulnerability in hfsplus_put_super in fs/hfsplus/super.c that could allow a local user to cause a denial of service . * CVE-2 ... oval:org.secpod.oval:def:89049216 This update for kernel-firmware fixes the following issues: * CVE-2023-20593: Fixed AMD ucode for ZenBleed vulnerability . ## Special Instructions and Notes: * Please reboot the system after installing this update. oval:org.secpod.oval:def:89049336 The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2022-40982: Fixed transient execution attack called "Gather Data Sampling" . * CVE-2023-0459: Fixed information leak in __uaccess_begin_nospec . * CVE-2023-2056 ... oval:org.secpod.oval:def:3302303 Security update for the Linux Kernel oval:org.secpod.oval:def:89049333 The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-2985: Fixed an use-after-free vulnerability in hfsplus_put_super in fs/hfsplus/super.c that could allow a local user to cause a denial of service . * CVE-2 ... oval:org.secpod.oval:def:2600339 The linux-firmware packages contain all of the firmware files that are required by various devices to operate. oval:org.secpod.oval:def:126045 Spectre Meltdown vulnerability/mitigation checker for Linux. oval:org.secpod.oval:def:708461 linux-bluefield: Linux kernel for NVIDIA BlueField platforms Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:507962 The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Security Fix: * hw: amd: Cross-Process Information Leak For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer ... oval:org.secpod.oval:def:95017 linux-ibm: Linux kernel for IBM cloud systems - linux-ibm-5.4: Linux kernel for IBM cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:507965 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: ipvlan: out-of-bounds write caused by unclear skb-gt;cb * kernel: UAF in nftables when nft_set_lookup_global triggered after handling named and anonymous sets in batch requests * kernel: n ... oval:org.secpod.oval:def:1506926 [20230516-999.23.git6c9e0ed5.el9] - Firmware files need to be uncompressed for early kernel load to work - Resolves Zenbleed {CVE-2023-20593} [20230516-999.22.git6c9e0ed5.el9] - Move the README removal, it needs to happen during build - Resolves Zenbleed {CVE-2023-20593} [20230516-999.21.git6c9e0 ... oval:org.secpod.oval:def:1506923 [20230516-999.20.git6c9e0ed5.el8] - cd72938cb480 linux-firmware: Update AMD fam17h cpu microcode - 92624e57af69 linux-firmware: Update AMD cpu microcode [20230516-999.19.git6c9e0ed5.el8] - Rebase to upstream - Revert removal of old iwlwifi firmwares oval:org.secpod.oval:def:5800199 The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix: * kernel: UAF in nftables when nft_set_lookup_global triggered after handling named and anonymous sets in batch requests * kernel: netfilter: ... oval:org.secpod.oval:def:95025 linux-bluefield: Linux kernel for NVIDIA BlueField platforms Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:93241 amd64-microcode: Processor microcode firmware for AMD CPUs AMD processors may allow an attacker to expose sensitive information due to a vector register speculative execution vulnerability. oval:org.secpod.oval:def:1507227 [5.14.0-362.13.1.el9_3.OL9] - x86/retpoline: Document some thunk handling aspects {CVE-2023-20569} - objtool: Fix return thunk patching in retpolines {CVE-2023-20569} - x86/srso: Remove unnecessary semicolon {CVE-2023-20569} - x86/calldepth: Rename __x86_return_skl to call_depth_return_thunk {CV ... oval:org.secpod.oval:def:96364 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gke: Linux kernel for Google Container Engine systems - linux-gkeop: Linux kernel for Google Container Engine systems - linux-ibm: Linux kernel for IB ... oval:org.secpod.oval:def:1506937 [20230516-999.22.git6c9e0ed5.el7] - remove amd-ucode/README - Resolves Zenbleed {CVE-2023-20593} oval:org.secpod.oval:def:89051667 This update for spectre-meltdown-checker fixes the following issues: * updated to 0.46 This release mainly focuses on the detection of the new Zenbleed vulnerability, among few other changes that were in line waiting for a release: * feat: detect the vulnerability and mitigation of Zenbleed * feat ... oval:org.secpod.oval:def:1506898 [20230516-999.20.git6c9e0ed5.el7] - cd72938cb480 linux-firmware: Update AMD fam17h cpu microcode - 92624e57af69 linux-firmware: Update AMD cpu microcode oval:org.secpod.oval:def:125971 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor |