Download
| Alert*
oval:org.secpod.oval:def:1601698
An out-of-bounds memory access flaw was found in the Linux kernel's XFS file system in how a user restores an XFS image after failure . This flaw allows a local user to crash or potentially escalate their privileges on the system. cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 ... oval:org.secpod.oval:def:1701143 In the Linux kernel before 6.1.6, a NULL pointer dereference bug in the traffic control subsystem allows an unprivileged user to trigger a denial of service via a crafted traffic control configuration that is set up with "tc qdisc" and "tc class" commands. This affects qdisc_graft in net/sched/sch_ ... oval:org.secpod.oval:def:1701153 In the Linux kernel before 6.1.6, a NULL pointer dereference bug in the traffic control subsystem allows an unprivileged user to trigger a denial of service via a crafted traffic control configuration that is set up with "tc qdisc" and "tc class" commands. This affects qdisc_graft in net/sched/sch_ ... oval:org.secpod.oval:def:1701300 An out-of-bounds memory access flaw was found in the Linux kernel's XFS file system in how a user restores an XFS image after failure . This flaw allows a local user to crash or potentially escalate their privileges on the system. cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 ... oval:org.secpod.oval:def:708168 linux-gcp: Linux kernel for Google Cloud Platform systems - linux-hwe-5.19: Linux hardware enablement kernel Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:708164 linux-ibm: Linux kernel for IBM cloud systems - linux-oracle: Linux kernel for Oracle Cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:708076 linux-intel-iotg: Linux kernel for Intel IoT platforms Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:96333 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-kvm: Linux kernel for cloud environments - linux-lowlatency: Linux low latency kernel - linux-raspi: Linux kernel for Raspberry Pi systems - linux-azur ... oval:org.secpod.oval:def:96339 linux-gcp: Linux kernel for Google Cloud Platform systems - linux-hwe-5.19: Linux hardware enablement kernel Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:1506477 [5.15.0-8.91.4.1.el8uek] - uek-rpm: Add opbmc to core rpm [Orabug: 35157130] [5.15.0-8.91.4.el8uek] - selftests/vm: remove ARRAY_SIZE define from individual tests oval:org.secpod.oval:def:1506478 [5.15.0-8.91.4.1.el9uek] - uek-rpm: Add opbmc to core rpm [Orabug: 35157130] [5.15.0-8.91.4.el9uek] - selftests/vm: remove ARRAY_SIZE define from individual tests oval:org.secpod.oval:def:94919 linux-oem-6.1: Linux kernel for OEM systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:1506714 [4.1.12-124.75.3] - net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg [Orabug: 35354791] {CVE-2023-2248} [4.1.12-124.75.2] - prlimit: do_prlimit needs to have a speculation check [Orabug: 35354303] {CVE-2023-0458} - kernel/sys.c: fix potential Spectre v1 issue [Orabug: 35354303] ... oval:org.secpod.oval:def:94927 linux-intel-iotg: Linux kernel for Intel IoT platforms Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:708148 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-kvm: Linux kernel for cloud environments - linux-lowlatency: Linux low latency kernel - linux-raspi: Linux kernel for Raspberry Pi systems - linux-azur ... oval:org.secpod.oval:def:708057 linux-gke: Linux kernel for Google Container Engine systems - linux-ibm: Linux kernel for IBM cloud systems - linux-kvm: Linux kernel for cloud environments - linux-gke-5.15: Linux kernel for Google Container Engine systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:1701192 A flaw was found in the Linux kernel's Layer 2 Tunneling Protocol . A missing lock when clearing sk_user_data can lead to a race condition and NULL pointer dereference. A local user could use this flaw to potentially crash the system causing a denial of service. In the Linux kernel before 6.1.6, a N ... oval:org.secpod.oval:def:708054 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-azure-fde: Linux kernel for Microsoft Azure CVM cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gkeop: Linux kernel ... oval:org.secpod.oval:def:91460 linux-gke: Linux kernel for Google Container Engine systems - linux-ibm: Linux kernel for IBM cloud systems - linux-kvm: Linux kernel for cloud environments - linux-gke-5.15: Linux kernel for Google Container Engine systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:91741 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-azure-fde: Linux kernel for Microsoft Azure CVM cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gkeop: Linux kernel ... oval:org.secpod.oval:def:89048173 The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2023-0266: Fixed a use-after-free bug led by a missing lock in ALSA. - CVE-2022-47929: Fixed a NULL pointer dereference bug in the traffic control subsystem wh ... oval:org.secpod.oval:def:3300129 SUSE Security Update: Security update for the Linux Kernel oval:org.secpod.oval:def:3302427 Security update for the Linux Kernel oval:org.secpod.oval:def:1506784 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:89048698 The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2017-5753: Fixed spectre V1 vulnerability on netlink . * CVE-2017-5753: Fixed spectre vulnerability in prlimit . * CVE-2021-3923: Fixed stack information leak v ... oval:org.secpod.oval:def:89048697 The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2017-5753: Fixed spectre V1 vulnerability on netlink . * CVE-2017-5753: Fixed spectre vulnerability in prlimit . * CVE-2021-3923: Fixed stack information ... oval:org.secpod.oval:def:707999 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gke: Linux kernel for Google Container Engine systems - linux-gkeop: Linux kernel for Goo ... oval:org.secpod.oval:def:89048719 The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2017-5753: Fixed spectre V1 vulnerability on netlink . * CVE-2017-5753: Fixed spectre vulnerability in prlimit . * CVE-2021-3923: Fixed stack information leak v ... oval:org.secpod.oval:def:708074 linux-bluefield: Linux kernel for NVIDIA BlueField platforms Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:3300289 SUSE Security Update: Security update for the Linux Kernel oval:org.secpod.oval:def:89048285 The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2023-23455: Fixed a denial of service inside atm_tc_enqueue in net/sched/sch_atm.c because of type confusion . - CVE-2023-23454: Fixed denial or service in cbq ... oval:org.secpod.oval:def:2501099 The kernel packages contain the Linux kernel, the core of any Linux operating system. oval:org.secpod.oval:def:96307 linux-ibm: Linux kernel for IBM cloud systems - linux-ibm-5.4: Linux kernel for IBM cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:3302447 Security update for the Linux-RT Kernel oval:org.secpod.oval:def:708026 linux-ibm: Linux kernel for IBM cloud systems - linux-ibm-5.4: Linux kernel for IBM cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:708020 linux-raspi-5.4: Linux kernel for Raspberry Pi systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:96306 linux-raspi-5.4: Linux kernel for Raspberry Pi systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:96305 linux-gcp-5.4: Linux kernel for Google Cloud Platform systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:1506487 [5.4.17-2136.317.5.3.el7] - udf: Fix file corruption when appending just after end of preallocated extent [Orabug: 35192150] - selftests/ftrace: Fix bash specific == operator oval:org.secpod.oval:def:1506488 [5.4.17-2136.317.5.3.el8] - udf: Fix file corruption when appending just after end of preallocated extent [Orabug: 35192150] - selftests/ftrace: Fix bash specific == operator oval:org.secpod.oval:def:89048955 The SUSE Linux Enterprise 11 SP4 LTSS EXTREME CORE kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-2162: Fixed an use-after-free flaw in iscsi_sw_tcp_session_create . * CVE-2023-32269: Fixed a use-after-free in af_netrom.c, related to t ... oval:org.secpod.oval:def:1506484 [5.4.17-2136.317.5.3.el7uek] - udf: Fix file corruption when appending just after end of preallocated extent [Orabug: 35192150] - selftests/ftrace: Fix bash specific == operator [Orabug: 35192150] - net: Fix unwanted sign extension in netdev_stats_to_stats64 oval:org.secpod.oval:def:1506486 [5.4.17-2136.317.5.3.el8uek] - udf: Fix file corruption when appending just after end of preallocated extent [Orabug: 35192150] - selftests/ftrace: Fix bash specific == operator [Orabug: 35192150] - net: Fix unwanted sign extension in netdev_stats_to_stats64 oval:org.secpod.oval:def:89048551 The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-23454: Fixed denial or service in cbq_classify in net/sched/sch_cbq.c . * CVE-2023-0590: Fixed race condition in qdisc_graft . * CVE-2023-0266: Fixed ... oval:org.secpod.oval:def:89049089 The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2017-5753: Fixed spectre vulnerability in prlimit . * CVE-2022-3566: Fixed race condition in the TCP Handler . * CVE-2022-45884: Fixed a use-after-free in dvbde ... oval:org.secpod.oval:def:89048275 The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-9517: Fixed possible memory corruption due to a use after free in pppol2tp_connect . - CVE-2022-3564: Fixed use-after-free in l2cap_core.c of the Bluetooth ... oval:org.secpod.oval:def:89325 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2022-2873 Zheyu Ma discovered that an out-of-bounds memory access flaw in the Intel iSMT SMBus 2.0 host controller driver may result in denial of serv ... oval:org.secpod.oval:def:94976 linux-bluefield: Linux kernel for NVIDIA BlueField platforms Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:89048182 The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-4662: Fixed a recursive locking violation in usb-storage that can cause the kernel to deadlock. - CVE-2022-3564: Fixed a bug which could lead to use after ... oval:org.secpod.oval:def:89486 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gke: Linux kernel for Google Container Engine systems - linux-gkeop: Linux kernel for Goo ... oval:org.secpod.oval:def:708013 linux-gcp-5.4: Linux kernel for Google Cloud Platform systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:708012 linux-raspi: Linux kernel for Raspberry Pi systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:94974 linux-raspi: Linux kernel for Raspberry Pi systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:2501079 The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. oval:org.secpod.oval:def:507734 The kernel packages contain the Linux kernel, the core of any Linux operating system. The following packages have been upgraded to a later upstream version: kernel . Security Fix: * use-after-free caused by l2cap_reassemble_sdu in net/bluetooth/l2cap_core.c * net/ulp: use-after-free in listening U ... oval:org.secpod.oval:def:610356 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2022-2873 Zheyu Ma discovered that an out-of-bounds memory access flaw in the Intel iSMT SMBus 2.0 host controller driver may result in denial of serv ... oval:org.secpod.oval:def:89048863 The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-2483: Fixed a use after free bug in emac_remove due caused by a race condition . * CVE-2023-2124: Fixed an out of bound access in the XFS subsystem that co ... oval:org.secpod.oval:def:3300300 SUSE Security Update: Security update for the Linux Kernel oval:org.secpod.oval:def:89048266 The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-47929: Fixed NULL pointer dereference bug in the traffic control subsystem . - CVE-2023-23454: Fixed denial or service in cbq_classify in net/sched/sch_cbq ... oval:org.secpod.oval:def:89048265 The SUSE Linux Enterprise 15 SP1 kernel was updated receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-3107: Fixed missing check of return value of kvmalloc_array . - CVE-2022-3108: Fixed missing check of return value of kmemdup . - CVE-2022-3564: Fixed use-aft ... oval:org.secpod.oval:def:89048262 The SUSE Linux Enterprise 15 SP2 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2023-23455: Fixed a denial of service inside atm_tc_enqueue in net/sched/sch_atm.c because of type confusion . - CVE-2023-23454: Fixed denial or service i ... oval:org.secpod.oval:def:89051082 The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-1206: Fixed a hash collision flaw in the IPv6 connection lookup table. A user located in the local network or with a high bandwidth connection can increase ... oval:org.secpod.oval:def:89050938 The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2023-4389: Fixed a reference counting issue in the Btrfs filesystem that could be exploited in order to leak internal kernel information or crash the system . * CVE ... oval:org.secpod.oval:def:707995 linux-oem-6.1: Linux kernel for OEM systems Several security issues were fixed in the Linux kernel. |