Download
| Alert*
oval:org.secpod.oval:def:3302349
Security update for the Linux Kernel RT oval:org.secpod.oval:def:1701544 A flaw was found in the Linux kernel's networking subsystem within the RPL protocol's handling. This issue results from the improper handling of user-supplied data, which can lead to an assertion failure. This flaw allows an unauthenticated, remote attacker to create a denial of service condition on ... oval:org.secpod.oval:def:19500443 A flaw was found in the Linux kernel's networking subsystem within the RPL protocol's handling. This issue results from the improper handling of user-supplied data, which can lead to an assertion failure. This flaw allows an unauthenticated, remote attacker to create a denial of service condition on ... oval:org.secpod.oval:def:19500444 A flaw was found in the Linux kernel's networking subsystem within the RPL protocol's handling. This issue results from the improper handling of user-supplied data, which can lead to an assertion failure. This flaw allows an unauthenticated, remote attacker to create a denial of service condition on ... oval:org.secpod.oval:def:1701560 A flaw was found in the Linux kernel's networking subsystem within the RPL protocol's handling. This issue results from the improper handling of user-supplied data, which can lead to an assertion failure. This flaw allows an unauthenticated, remote attacker to create a denial of service condition on ... oval:org.secpod.oval:def:1701562 A flaw was found in the Linux kernel's networking subsystem within the RPL protocol's handling. This issue results from the improper handling of user-supplied data, which can lead to an assertion failure. This flaw allows an unauthenticated, remote attacker to create a denial of service condition on ... oval:org.secpod.oval:def:19500454 A flaw was found in the Linux kernel's networking subsystem within the RPL protocol's handling. This issue results from the improper handling of user-supplied data, which can lead to an assertion failure. This flaw allows an unauthenticated, remote attacker to create a denial of service condition on ... oval:org.secpod.oval:def:19500453 A flaw was found in the Linux kernel's networking subsystem within the RPL protocol's handling. This issue results from the improper handling of user-supplied data, which can lead to an assertion failure. This flaw allows an unauthenticated, remote attacker to create a denial of service condition on ... oval:org.secpod.oval:def:1701557 A flaw was found in the Linux kernel's networking subsystem within the RPL protocol's handling. This issue results from the improper handling of user-supplied data, which can lead to an assertion failure. This flaw allows an unauthenticated, remote attacker to create a denial of service condition on ... oval:org.secpod.oval:def:1701554 A flaw was found in the Linux kernel's networking subsystem within the RPL protocol's handling. This issue results from the improper handling of user-supplied data, which can lead to an assertion failure. This flaw allows an unauthenticated, remote attacker to create a denial of service condition on ... oval:org.secpod.oval:def:3302247 Security update for the Linux Kernel oval:org.secpod.oval:def:507878 This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Security Fix: * kernel: ipvlan: out-of-bounds write caused by unclear skb-cb * kernel: cls_flower: out-of-bounds write in fl_set_geneve_opt For more details about ... oval:org.secpod.oval:def:507966 This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Security Fix: * kernel: ipvlan: out-of-bounds write caused by unclear skb-gt;cb * kernel: UAF in nftables when nft_set_lookup_global triggered after handling named ... oval:org.secpod.oval:def:708326 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-ibm: Linux kernel for IBM cloud systems - linux-kvm: Linux kernel for cloud environments - ... oval:org.secpod.oval:def:708328 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gke: Linux kernel for Google Container Engine systems - linux-gkeop: Linux kernel for Goo ... oval:org.secpod.oval:def:708327 linux-intel-iotg-5.15: Linux kernel for Intel IoT platforms Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:708322 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-azure-fde: Linux kernel for Microsoft Azure CVM cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gke: Linux kernel fo ... oval:org.secpod.oval:def:1701543 A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited to achieve local privilege escalation.The out-of-bounds write is caused by missing skb- greater than cb initialization in the ipvlan network driver. The vulnerability is reachable if CONFIG_IPVLAN is ... oval:org.secpod.oval:def:1701541 A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited to achieve local privilege escalation.The out-of-bounds write is caused by missing skb- greater than cb initialization in the ipvlan network driver. The vulnerability is reachable if CONFIG_IPVLAN is ... oval:org.secpod.oval:def:94996 linux-iot: Linux kernel for IoT platforms Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:94994 linux-intel-iotg-5.15: Linux kernel for Intel IoT platforms Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:94995 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gke: Linux kernel for Google Container Engine systems - linux-gkeop: Linux kernel for Goo ... oval:org.secpod.oval:def:708333 linux-iot: Linux kernel for IoT platforms Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:96359 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-azure-fde: Linux kernel for Microsoft Azure CVM cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gke: Linux kernel fo ... oval:org.secpod.oval:def:1701559 A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited to achieve local privilege escalation.The out-of-bounds write is caused by missing skb- greater than cb initialization in the ipvlan network driver. The vulnerability is reachable if CONFIG_IPVLAN is ... oval:org.secpod.oval:def:94951 linux-aws-5.19: Linux kernel for Amazon Web Services systems - linux-gcp-5.19: Linux kernel for Google Cloud Platform systems - linux-hwe-5.19: Linux hardware enablement kernel Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:89049332 The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-1829: Fixed a use-after-free vulnerability in the control index filter . * CVE-2023-3389: Fixed a use-after-free vulnerability in the io_uring subsystem . ... oval:org.secpod.oval:def:708332 linux-aws-5.19: Linux kernel for Amazon Web Services systems - linux-gcp-5.19: Linux kernel for Google Cloud Platform systems - linux-hwe-5.19: Linux hardware enablement kernel Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:3301909 Security update for the Linux Kernel oval:org.secpod.oval:def:1507030 [4.18.0-477.27.0.1.el8_8.OL8] - bluetooth: Perform careful capability checks in hci_sock_ioctl {CVE-2023-2002} - ipvlan:Fix out-of-bounds caused by unclear skbcb {CVE-2023-3090} - net/sched: cls_fw: Fix improper refcount update leads to use-after-free {CVE-2023-3776} - netfilter: nft_set_pipapo: fix ... oval:org.secpod.oval:def:89049102 The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-3090: Fixed a heap out-of-bounds write in the ipvlan network driver . * CVE-2023-3111: Fixed a use-after-free vulnerability in prepare_to_relocate in fs/bt ... oval:org.secpod.oval:def:89049343 The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-1077: Fixed a type confusion in pick_next_rt_entity, that could cause memory corruption . * CVE-2023-1249: Fixed a use-after-free flaw in the core dump sub ... oval:org.secpod.oval:def:89049097 The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-3090: Fixed a heap out-of-bounds write in the ipvlan network driver . * CVE-2023-3358: Fixed a NULL pointer dereference flaw in the Integrated Sensor Hub ... oval:org.secpod.oval:def:89049098 The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-1079: Fixed a use-after-free problem that could have been triggered in asus_kbd_backlight_set when plugging/disconnecting a malicious USB device . * CVE-20 ... oval:org.secpod.oval:def:89049088 The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-1077: Fixed a type confusion in pick_next_rt_entity, that could cause memory corruption . * CVE-2023-1079: Fixed a use-after-free problem that could ... oval:org.secpod.oval:def:5800185 The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix: * kernel: ipvlan: out-of-bounds write caused by unclear skb- oval:org.secpod.oval:def:2600305 The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. oval:org.secpod.oval:def:1506832 [5.14.0-284.25.1.0.1_2] - Fix KVM: x86/mmu: Fix race condition in direct_page_fault [Orabug: 35673032] {CVE-2022-45869} [5.14.0-284.25.1_2] - KVM: x86/mmu: Fix race condition in direct_page_fault - prlimit: do_prlimit needs to have a speculation check {CVE-2023-0458} - x86/speculation: Allow enablin ... oval:org.secpod.oval:def:1506835 [4.1.12-124.77.2] - media: dm1105: Fix use after free bug in dm1105_remove due to race condition [Orabug: 35514108] {CVE-2023-35824} - media: dvb-core: Fix kernel WARNING for blocking operation in wait_event* [Orabug: 35477742] {CVE-2023-31084} - media: dvb_frontend: fix locking issues at dvb_fron ... oval:org.secpod.oval:def:507880 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: ipvlan: out-of-bounds write caused by unclear skb-cb * kernel: cls_flower: out-of-bounds write in fl_set_geneve_opt * kernel: KVM: x86/mmu: race condition in direct_page_fault * kernel: s ... oval:org.secpod.oval:def:2600306 The kernel packages contain the Linux kernel, the core of any Linux operating system. oval:org.secpod.oval:def:1506965 [4.1.12-124.77.2.el7uek] - media: dm1105: Fix use after free bug in dm1105_remove due to race condition [Orabug: 35514108] {CVE-2023-35824} - media: dvb-core: Fix kernel WARNING for blocking operation in wait_event* [Orabug: 35477742] {CVE-2023-31084} - media: dvb_frontend: fix locking issues at d ... oval:org.secpod.oval:def:89049089 The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2017-5753: Fixed spectre vulnerability in prlimit . * CVE-2022-3566: Fixed race condition in the TCP Handler . * CVE-2022-45884: Fixed a use-after-free in dvbde ... oval:org.secpod.oval:def:94946 linux-oem-6.1: Linux kernel for OEM systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:95367 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2023-2124 Kyle Zeng, Akshay Ajayan and Fish Wang discovered that missing metadata validation may result in denial of service or potential privilege es ... oval:org.secpod.oval:def:708304 linux-oem-6.1: Linux kernel for OEM systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:1701403 A use-after-free flaw was found in nf_tables cross-table in the net/netfilter/nf_tables_api.c function in the Linux kernel. This flaw allows a local, privileged attacker to cause a use-after-free problem at the time of table deletion, possibly leading to local privilege escalation. A heap buffer ove ... oval:org.secpod.oval:def:610715 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2023-2124 Kyle Zeng, Akshay Ajayan and Fish Wang discovered that missing metadata validation may result in denial of service or potential privilege es ... oval:org.secpod.oval:def:3302286 Security update for the Linux Kernel oval:org.secpod.oval:def:1701387 In the Linux kernel through 6.2.7, fs/ntfs3/inode.c has an invalid kfree because it does not validate MFT flags before replaying logs. A flaw was found in the Linux kernel's networking subsystem within the RPL protocol's handling. This issue results from the improper handling of user-supplied data, ... oval:org.secpod.oval:def:1701390 A flaw was found in the Linux kernel Traffic Control subsystem. Using a specific networking configuration a local unprivileged user could trigger a CPU soft lockup when the transport protocol in use does a retransmission, resulting in a denial of service condition. A flaw was found in the Linux ... oval:org.secpod.oval:def:19500258 A flaw was found in the Linux kernel's networking subsystem within the RPL protocol's handling. This issue results from the improper handling of user-supplied data, which can lead to an assertion failure. This flaw allows an unauthenticated, remote attacker to create a denial of service condition on ... oval:org.secpod.oval:def:1701393 A flaw was found in the x86 KVM subsystem in kvm_steal_time_set_preempted in arch/x86/kvm/x86.c in the Linux kernel. Unprivileged guest users can compromise the guest kernel because TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED situations. A denial of service problem was found, d ... oval:org.secpod.oval:def:3302348 Security update for the Linux Kernel RT oval:org.secpod.oval:def:89049344 The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2022-36280: Fixed out-of-bounds memory access vulnerability found in vmwgfx driver . * CVE-2022-38096: Fixed NULL-ptr deref in vmw_cmd_dx_define_query . * CVE-2 ... oval:org.secpod.oval:def:3302275 Security update for the Linux Kernel oval:org.secpod.oval:def:3302253 Security update for the Linux Kernel oval:org.secpod.oval:def:3302316 Security update for the Linux Kernel oval:org.secpod.oval:def:95192 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2022-4269 William Zhao discovered that a flaw in the Traffic Control subsystem when using a specific networking configuration , may allow a local unp ... oval:org.secpod.oval:def:612616 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2022-4269 William Zhao discovered that a flaw in the Traffic Control subsystem when using a specific networking configuration , may allow a local unp ... oval:org.secpod.oval:def:4501481 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: ipvlan: out-of-bounds write caused by unclear skb- oval:org.secpod.oval:def:2501185 The kernel packages contain the Linux kernel, the core of any Linux operating system. oval:org.secpod.oval:def:708437 linux-oem-6.0: Linux kernel for OEM systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:94958 linux-oem-6.0: Linux kernel for OEM systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:3302303 Security update for the Linux Kernel oval:org.secpod.oval:def:507965 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: ipvlan: out-of-bounds write caused by unclear skb-gt;cb * kernel: UAF in nftables when nft_set_lookup_global triggered after handling named and anonymous sets in batch requests * kernel: n ... |