Download
| Alert*
|
oval:org.secpod.oval:def:19500387
A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality. A buffer overrun vulnerability was found in the netback driver in Xen due to an unusual split packet. This flaw allows an unprivileged guest to cause a denial of service of ... oval:org.secpod.oval:def:1701819 A flaw was found in the Linux kernel's IP framework for transforming packets . This issue may allow a malicious user with CAP_NET_ADMIN privileges to directly dereference a NULL pointer in xfrm_update_ae_params, leading to a possible kernel crash and denial of service. A use-after-free vulnerability ... oval:org.secpod.oval:def:1601809 A flaw was found in the Linux kernel's IP framework for transforming packets . This issue may allow a malicious user with CAP_NET_ADMIN privileges to directly dereference a NULL pointer in xfrm_update_ae_params, leading to a possible kernel crash and denial of service. A use-after-free vulnerability ... oval:org.secpod.oval:def:1507314 [4.14.35-2047.533.3.el7uek] - net: rfkill: gpio: set GPIO direction - sched/fair: Fix tg-gt;load when offlining a CPU [Orabug: 36185208] - IB/cm: Cancel mad on the DREQ event when the state is MRA_REP_RCVD [Orabug: 36143229] - sched/rt: pick_next_rt_entity: check list_entry [Orabug: 35181559] {C ... oval:org.secpod.oval:def:3302074 Security update for the Linux Kernel oval:org.secpod.oval:def:1701901 A use-after-free vulnerability in the Linux kernel's net/sched: cls_fw component can be exploited to achieve local privilege escalation.When fw_change is called on an existing filter, the whole tcf_result struct is always copied into the new instance of the filter. This causes a problem when updatin ... oval:org.secpod.oval:def:3301981 Security update for the Linux Kernel oval:org.secpod.oval:def:3301725 Security update for the Linux Kernel oval:org.secpod.oval:def:508048 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: kernel: net/sched: cls_u32 component reference counter leak if tcf_change_indev fails kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route ke ... oval:org.secpod.oval:def:1701897 A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.When nf_tables_delrule is flushing table rules, it is not checked whether the chain is bound and the chain's owner rule can also release the objects in certain c ... oval:org.secpod.oval:def:1701899 A use-after-free vulnerability in the Linux kernel's net/sched: cls_fw component can be exploited to achieve local privilege escalation.When fw_change is called on an existing filter, the whole tcf_result struct is always copied into the new instance of the filter. This causes a problem when updatin ... oval:org.secpod.oval:def:1701890 A use-after-free vulnerability in the Linux kernel's net/sched: cls_fw component can be exploited to achieve local privilege escalation.When fw_change is called on an existing filter, the whole tcf_result struct is always copied into the new instance of the filter. This causes a problem when updatin ... oval:org.secpod.oval:def:1701575 A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality. A use-after-free vulnerability was found in the Linux kernel's netfilter subsystem in net/netfilter/nf_tables_api.c.Mishandled error handling with NFT_MSG_NEWRULE makes it po ... oval:org.secpod.oval:def:1701573 A Gather Data Sampling transient execution side-channel vulnerability was found affecting certain Intel processors. This issue may allow a local attacker using gather instruction to infer stale data from previously used vector registers on the same physical core. A division-by-zero error on some A ... oval:org.secpod.oval:def:89051080 The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-37453: Fixed oversight in SuperSpeed initialization . * CVE-2023-4569: Fixed information leak in nft_set_catchall_flush in net/netfilter/nf_tables_api.c . ... oval:org.secpod.oval:def:89051081 The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security and bugfixes. NOTE: This update was retracted due to severe USB problems. The following security bugs were fixed: * CVE-2023-37453: Fixed oversight in SuperSpeed initialization . * CVE-2023-4569: Fixed information leak i ... oval:org.secpod.oval:def:97879 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2023-1206 It was discovered that the networking stack permits attackers to force hash collisions in the IPv6 connection lookup table, which may result ... oval:org.secpod.oval:def:3302096 Security update for the Linux Kernel oval:org.secpod.oval:def:3301720 Security update for the Linux Kernel oval:org.secpod.oval:def:89051078 The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-2007: Fixed a flaw in the DPT I2O Controller driver that could allow an attacker to escalate privileges and execute arbitrary code in the context of the ke ... oval:org.secpod.oval:def:97408 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2023-1206 It was discovered that the networking stack permits attackers to force hash collisions in the IPv6 connection lookup table, which may result ... oval:org.secpod.oval:def:1507183 [4.1.12-124.81.2.el7uek] - rebuild bumping release [4.1.12-124.81.1.el7uek] - netfilter: xt_sctp: validate the flag_info count [Orabug: 35923500] {CVE-2023-39193} - USB: ene_usb6250: Allocate enough memory for full object [Orabug: 35924058] {CVE-2023-45862} - netfilter: xt_u32: validate user space ... oval:org.secpod.oval:def:89051073 The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2022-38457: Fixed a use-after-free vulnerability in vmwgfx driver that allowed a local attacker to cause a denial of service . * CVE-2022-40133: Fixed a use-aft ... oval:org.secpod.oval:def:89051074 The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security and bugfixes. NOTE: This update was retracted due to severe USB regressions. The following security bugs were fixed: * CVE-2022-38457: Fixed a use-after-free vulnerability in vmwgfx driver that allowed a local attacker t ... oval:org.secpod.oval:def:1701907 A use-after-free vulnerability in the Linux kernel's net/sched: cls_route component can be exploited to achieve local privilege escalation.When route4_change is called on an existing filter, the whole tcf_result struct is always copied into the new instance of the filter. This causes a problem when ... oval:org.secpod.oval:def:89051072 The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2022-38457: Fixed a use-after-free vulnerability in vmwgfx driver that allowed a local attacker to cause a denial of service . * CVE-2022-40133: Fixed a use-aft ... oval:org.secpod.oval:def:1507425 [4.1.12-124.81.2] - rebuild bumping release [4.1.12-124.81.1] - netfilter: xt_sctp: validate the flag_info count [Orabug: 35923500] {CVE-2023-39193} - USB: ene_usb6250: Allocate enough memory for full object [Orabug: 35924058] {CVE-2023-45862} - netfilter: xt_u32: validate user space input [Orabu ... oval:org.secpod.oval:def:1601777 A buffer overrun vulnerability was found in the netback driver in Xen due to an unusual split packet. This flaw allows an unprivileged guest to cause a denial of service of the host by sending network packets to the backend, causing the backend to crash. A use-after-free flaw was found in net/sched ... oval:org.secpod.oval:def:96403 linux-intel-iotg: Linux kernel for Intel IoT platforms - linux-oracle: Linux kernel for Oracle Cloud systems - linux-intel-iotg-5.15: Linux kernel for Intel IoT platforms - linux-oracle-5.15: Linux kernel for Oracle Cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:1701820 A use-after-free vulnerability in the Linux kernel's net/sched: cls_route component can be exploited to achieve local privilege escalation.When route4_change is called on an existing filter, the whole tcf_result struct is always copied into the new instance of the filter. This causes a problem when ... oval:org.secpod.oval:def:95286 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: net/sched: sch_qfq component can be exploited if in qfq_change_agg function happens qfq_enqueue overhead (CVE-2023-3611) * kernel: net/sched: cls_fw component can be exploited as result ... oval:org.secpod.oval:def:94955 linux-oem-6.1: Linux kernel for OEM systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:1507164 [3.10.0-1160.105.1.0.1.el7.OL7] - debug: lock down kgdb [Orabug: 34270798] {CVE-2022-21499} [3.10.0-1160.105.1.el7.OL7] - Update Oracle Linux certificates - Oracle Linux RHCK Module Signing Key was compiled into kernel - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 = ... oval:org.secpod.oval:def:1701536 A buffer overrun vulnerability was found in the netback driver in Xen due to an unusual split packet. This flaw allows an unprivileged guest to cause a denial of service of the host by sending network packets to the backend, causing the backend to crash. A use-after-free flaw was found in net/sched ... oval:org.secpod.oval:def:126004 The kernel meta package oval:org.secpod.oval:def:126007 The kernel meta package oval:org.secpod.oval:def:206057 Security Fix: kernel: net/sched: sch_qfq component can be exploited if in qfq_change_agg function happens qfq_enqueue overhead kernel: net/sched: cls_fw component can be exploited as result of failure in tcf_change_indev function kernel: net/sched: Use-after-free vulnerabilities in the net/sched c ... oval:org.secpod.oval:def:1601799 A use-after-free vulnerability was found in the Linux kernel's netfilter subsystem in net/netfilter/nf_tables_api.c.Mishandled error handling with NFT_MSG_NEWRULE makes it possible to use a dangling pointer in the same transaction causing a use-after-free vulnerability. This flaw allows a local atta ... oval:org.secpod.oval:def:94961 linux-raspi: Linux kernel for Raspberry Pi systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:96393 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-azure-fde: Linux kernel for Microsoft Azure CVM cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gke: Linux kernel fo ... oval:org.secpod.oval:def:96390 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-ibm: Linux kernel for IBM cloud systems - linux-kvm: Linux kernel for cloud environments - ... oval:org.secpod.oval:def:95020 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gkeop: Linux kernel for Google Container Engine systems - linux-ibm: Linux kernel for IBM ... oval:org.secpod.oval:def:1701563 A flaw in the Linux Kernel found in the GFS2 file system. On corrupted gfs2 file systems the evict code can try to reference the journal descriptor structure, jdesc, after it has been freed and set to NULL. It can lead to null pointer dereference when gfs2_trans_begin being called and then fail ingf ... oval:org.secpod.oval:def:94971 linux-nvidia-6.2: Linux kernel for NVIDIA systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:95024 linux-bluefield: Linux kernel for NVIDIA BlueField platforms - linux-raspi: Linux kernel for Raspberry Pi systems - linux-raspi-5.4: Linux kernel for Raspberry Pi systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:95302 This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Security Fix(es): kernel: net/sched: sch_qfq component can be exploited if in qfq_change_agg function happens qfq_enqueue overhead (CVE-2023-3611) kernel: net/sched ... oval:org.secpod.oval:def:1701833 A use-after-free vulnerability in the Linux kernel's net/sched: cls_route component can be exploited to achieve local privilege escalation.When route4_change is called on an existing filter, the whole tcf_result struct is always copied into the new instance of the filter. This causes a problem when ... oval:org.secpod.oval:def:3302071 Security update for the Linux Kernel oval:org.secpod.oval:def:89049389 The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-2007: Fixed a flaw in the DPT I2O Controller driver that could allow an attacker to escalate privileges and execute arbitrary code in the context of the ke ... oval:org.secpod.oval:def:89049388 The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2022-36402: Fixed an integer overflow vulnerability in vmwgfx driver in that allowed a local attacker with a user account on the system to gain privilege, ... oval:org.secpod.oval:def:3301781 Security update for the Linux Kernel oval:org.secpod.oval:def:94958 linux-oem-6.0: Linux kernel for OEM systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:2501253 The kernel packages contain the Linux kernel, the core of any Linux operating system. oval:org.secpod.oval:def:89049392 The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2022-36402: Fixed an integer overflow vulnerability in vmwgfx driver in that allowed a local attacker with a user account on the system to gain privilege, causi ... oval:org.secpod.oval:def:95300 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): kernel: tun: avoid double free in tun_free_netdev (CVE-2022-4744) kernel: net/sched: multiple vulnerabilities (CVE-2023-3609, CVE-2023-3611, CVE-2023-4128, CVE-2023-4206, CVE-2023-4207, CVE-2023- ... oval:org.secpod.oval:def:95192 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2022-4269 William Zhao discovered that a flaw in the Traffic Control subsystem when using a specific networking configuration , may allow a local unp ... oval:org.secpod.oval:def:89050977 The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2022-36402: Fixed an integer overflow vulnerability in vmwgfx driver in that allowed a local attacker with a user account on the system to gain privilege, causi ... oval:org.secpod.oval:def:612616 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2022-4269 William Zhao discovered that a flaw in the Traffic Control subsystem when using a specific networking configuration , may allow a local unp ... oval:org.secpod.oval:def:89049396 The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2022-36402: Fixed an integer overflow vulnerability in vmwgfx driver in that allowed a local attacker with a user account on the system to gain privilege, causi ... oval:org.secpod.oval:def:708405 linux-oem-6.1: Linux kernel for OEM systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:708437 linux-oem-6.0: Linux kernel for OEM systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:708442 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gkeop: Linux kernel for Google Container Engine systems - linux-ibm: Linux kernel for IBM ... oval:org.secpod.oval:def:708443 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-ibm: Linux kernel for IBM cloud systems - linux-kvm: Linux kernel for cloud environments - ... oval:org.secpod.oval:def:708451 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-azure-fde: Linux kernel for Microsoft Azure CVM cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gke: Linux kernel fo ... oval:org.secpod.oval:def:708460 linux-bluefield: Linux kernel for NVIDIA BlueField platforms - linux-raspi: Linux kernel for Raspberry Pi systems - linux-raspi-5.4: Linux kernel for Raspberry Pi systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:708467 linux-raspi: Linux kernel for Raspberry Pi systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:708496 linux-intel-iotg: Linux kernel for Intel IoT platforms - linux-oracle: Linux kernel for Oracle Cloud systems - linux-intel-iotg-5.15: Linux kernel for Intel IoT platforms - linux-oracle-5.15: Linux kernel for Oracle Cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:708564 linux-nvidia-6.2: Linux kernel for NVIDIA systems Several security issues were fixed in the Linux kernel. |
