Download
| Alert*
oval:org.secpod.oval:def:19500173
A flaw was found in the Linux kernel Traffic Control subsystem. Using a specific networking configuration a local unprivileged user could trigger a CPU soft lockup when the transport protocol in use does a retransmission, resulting in a denial of service condition. A NULL pointer dereference has ... oval:org.secpod.oval:def:1701274 A flaw was found in the Linux kernel Traffic Control subsystem. Using a specific networking configuration a local unprivileged user could trigger a CPU soft lockup when the transport protocol in use does a retransmission, resulting in a denial of service condition. RESERVEDNOTE: https://www.open ... oval:org.secpod.oval:def:1701300 An out-of-bounds memory access flaw was found in the Linux kernel's XFS file system in how a user restores an XFS image after failure . This flaw allows a local user to crash or potentially escalate their privileges on the system. cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 ... oval:org.secpod.oval:def:89049086 The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-2156: Fixed a flaw in the networking subsystem within the handling of the RPL protocol . * CVE-2023-1637: Fixed vulnerability that could lead to unauthoriz ... oval:org.secpod.oval:def:89048993 The SUSE Linux Enterprise 15 SP2 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-1637: Fixed vulnerability that could lead to unauthorized access to CPU memory after resuming CPU from suspend-to-RAM . * CVE-2022-3566: Fixed race co ... oval:org.secpod.oval:def:708369 linux-xilinx-zynqmp: Linux kernel for Xilinx ZynqMP processors - linux-hwe-5.4: Linux hardware enablement kernel Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:708388 linux-bluefield: Linux kernel for NVIDIA BlueField platforms - linux-ibm: Linux kernel for IBM cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:708382 linux-gke: Linux kernel for Google Container Engine systems - linux-ibm-5.4: Linux kernel for IBM cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:1506883 [4.18.0-477.21.1.el8_8.OL8] - Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM {CVE-2022-42896} - net/sched: tcindex: update imperfect hash filters respecting rcu {CVE-2023-1281} - net/sched: tcindex: search key must be 16 bits {CVE-2023-1281} - net/sched: Retire tcindex classi ... oval:org.secpod.oval:def:1701284 A double-free flaw was found in the Linux kernel and rsquo;s TUN/TAP device driver functionality in how a user registers the device when the register_netdevice function fails . This flaw allows a local user to crash or potentially escalate their privileges on the system. A use-after-free flaw was fo ... oval:org.secpod.oval:def:507907 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: use-after-free in l2cap_connect and l2cap_le_connect_req in net/bluetooth/l2cap_core.c * kernel: tcindex: use-after-free vulnerability in traffic control index filter allows privilege escal ... oval:org.secpod.oval:def:2501160 The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. oval:org.secpod.oval:def:89049089 The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2017-5753: Fixed spectre vulnerability in prlimit . * CVE-2022-3566: Fixed race condition in the TCP Handler . * CVE-2022-45884: Fixed a use-after-free in dvbde ... oval:org.secpod.oval:def:94999 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gkeop: Linux kernel for Google Container Engine systems - linux-iot: Linux kernel for IoT platforms - linux-kvm: Linux kernel for cloud environments - ... oval:org.secpod.oval:def:4501493 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: use-after-free in l2cap_connect and l2cap_le_connect_req in net/bluetooth/l2cap_core.c * kernel: tcindex: use-after-free vulnerability in traffic control index filter allows privilege escal ... oval:org.secpod.oval:def:95003 linux-gke: Linux kernel for Google Container Engine systems - linux-ibm-5.4: Linux kernel for IBM cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:95002 linux-xilinx-zynqmp: Linux kernel for Xilinx ZynqMP processors - linux-hwe-5.4: Linux hardware enablement kernel Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:708353 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gkeop: Linux kernel for Google Container Engine systems - linux-iot: Linux kernel for IoT platforms - linux-kvm: Linux kernel for cloud environments - ... oval:org.secpod.oval:def:4501495 The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix: * kernel: use-after-free in l2cap_connect and l2cap_le_connect_req in net/bluetooth/l2cap_core.c * kernel: tcindex: use-after-free vulnerabili ... oval:org.secpod.oval:def:95005 linux-bluefield: Linux kernel for NVIDIA BlueField platforms - linux-ibm: Linux kernel for IBM cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:2501159 The kernel packages contain the Linux kernel, the core of any Linux operating system. oval:org.secpod.oval:def:2600281 The kernel packages contain the Linux kernel, the core of any Linux operating system. oval:org.secpod.oval:def:2600282 The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. oval:org.secpod.oval:def:507812 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: use-after-free vulnerability in the perf_group_detach function of the Linux Kernel Performance Events * kernel: netfilter: use-after-free in nf_tables when processing batch requests can lea ... oval:org.secpod.oval:def:1506831 - [5.14.0-284.18.1_2] - cifs: fix wrong unlock before return from cifs_tree_connect - docs: Remove the unnecessary unicode character - perf vendor events intel: Refresh ivytown metrics and events - perf vendor events: Update Intel ivytown - perf vendor events intel: Refresh jaketown metrics and even ... oval:org.secpod.oval:def:708367 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-ibm: Linux kernel for IBM cloud systems - linux-intel-iotg: Linux kernel for Intel IoT platforms - linux-kvm: Linux kernel for cloud environments - linu ... oval:org.secpod.oval:def:95012 linux-azure-fde-5.15: Linux kernel for Microsoft Azure CVM cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:708381 linux-gke: Linux kernel for Google Container Engine systems - linux-gkeop: Linux kernel for Google Container Engine systems - linux-gcp-5.15: Linux kernel for Google Cloud Platform systems - linux-gke-5.15: Linux kernel for Google Container Engine systems - linux-gkeop-5.15: Linux kernel for Goo ... oval:org.secpod.oval:def:708408 linux-azure-fde-5.15: Linux kernel for Microsoft Azure CVM cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:96360 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-ibm: Linux kernel for IBM cloud systems - linux-intel-iotg: Linux kernel for Intel IoT platforms - linux-kvm: Linux kernel for cloud environments - linu ... oval:org.secpod.oval:def:96363 linux-gke: Linux kernel for Google Container Engine systems - linux-gkeop: Linux kernel for Google Container Engine systems - linux-gcp-5.15: Linux kernel for Google Cloud Platform systems - linux-gke-5.15: Linux kernel for Google Container Engine systems - linux-gkeop-5.15: Linux kernel for Goo ... oval:org.secpod.oval:def:89048954 The SUSE Linux Enterprise 12 SP5 AZURE kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-2269: Fixed a denial-of-service problem due to a possible recursive locking scenario, resulting in a deadlock in table_clear in drivers/md/dm- ioctl. ... oval:org.secpod.oval:def:89048966 The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-1077: Fixed a type confusion in pick_next_rt_entity, that could cause memory corruption . * CVE-2022-3566: Fixed race condition in the TCP Handler . * CVE- ... oval:org.secpod.oval:def:89048962 The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-2269: Fixed a denial-of-service problem due to a possible recursive locking scenario, resulting in a deadlock in table_clear in drivers/md/dm- ioctl.c . * ... oval:org.secpod.oval:def:89048960 The SUSE Linux Enterprise 12 SP4 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2022-3566: Fixed race condition in the TCP Handler . * CVE-2022-45886: Fixed a .disconnect versus dvb_device_open race condition in dvb_net.c that lead to ... oval:org.secpod.oval:def:708401 linux-azure: Linux kernel for Microsoft Azure Cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:96370 linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-azure-fde: Linux kernel for Microsoft Azure CVM cloud systems - linux-azure-5.15: Linux kernel for Microsoft Azure cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:95009 linux-azure: Linux kernel for Microsoft Azure Cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:708398 linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-azure-fde: Linux kernel for Microsoft Azure CVM cloud systems - linux-azure-5.15: Linux kernel for Microsoft Azure cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:708252 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-lowlatency: Linux low latency kernel - linux-raspi: Linux kernel for Raspberry Pi systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:708261 linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-ibm: Linux kernel for IBM cloud systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle Cloud systems Several security issues were ... oval:org.secpod.oval:def:1701267 RESERVEDNOTE: https://www.openwall.com/lists/oss-security/2022/12/14/3NOTE: https://lore.kernel.org/all/1670885411-10060-1-git-send-email-dai.ngo@oracle.com/ do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6.2.6 lacks a lock_sock call, leading to a race condition |