Download
| Alert*
|
oval:org.secpod.oval:def:1507304
[4.1.12-124.82.2.el7uek] - Bluetooth: Reject connection with the device which has same BD_ADDR [Orabug: 35959598] {CVE-2020-26555} - sched/rt: pick_next_rt_entity: check list_entry [Orabug: 35181560] {CVE-2023-1077} - sched/debug: Fix SCHED_WARN_ON to return a value on !CONFIG_SCHED_DEBUG as well ... oval:org.secpod.oval:def:1507426 [4.1.12-124.82.2] - Bluetooth: Reject connection with the device which has same BD_ADDR [Orabug: 35959598] {CVE-2020-26555} - sched/rt: pick_next_rt_entity: check list_entry [Orabug: 35181560] {CVE-2023-1077} - sched/debug: Fix SCHED_WARN_ON to return a value on !CONFIG_SCHED_DEBUG as well [Orabu ... oval:org.secpod.oval:def:1701901 A use-after-free vulnerability in the Linux kernel's net/sched: cls_fw component can be exploited to achieve local privilege escalation.When fw_change is called on an existing filter, the whole tcf_result struct is always copied into the new instance of the filter. This causes a problem when updatin ... oval:org.secpod.oval:def:1701897 A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.When nf_tables_delrule is flushing table rules, it is not checked whether the chain is bound and the chain's owner rule can also release the objects in certain c ... oval:org.secpod.oval:def:1701899 A use-after-free vulnerability in the Linux kernel's net/sched: cls_fw component can be exploited to achieve local privilege escalation.When fw_change is called on an existing filter, the whole tcf_result struct is always copied into the new instance of the filter. This causes a problem when updatin ... oval:org.secpod.oval:def:1701890 A use-after-free vulnerability in the Linux kernel's net/sched: cls_fw component can be exploited to achieve local privilege escalation.When fw_change is called on an existing filter, the whole tcf_result struct is always copied into the new instance of the filter. This causes a problem when updatin ... oval:org.secpod.oval:def:1701894 A use-after-free vulnerability in the Linux kernel's net/sched: sch_hfsc component can be exploited to achieve local privilege escalation.If a class with a link-sharing curve has a parent without a link-sharing curve, then init_vf will call vttree_insert on the parent, but vttree_remove will be sk ... oval:org.secpod.oval:def:509066 This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Security Fix: kernel: net/sched: sch_hfsc UAF kernel: use-after-free in sch_qfq network scheduler kernel: IGB driver inadequate buffer size for frames larger than ... oval:org.secpod.oval:def:1701904 A use-after-free vulnerability in the Linux kernel's net/sched: sch_hfsc component can be exploited to achieve local privilege escalation.If a class with a link-sharing curve has a parent without a link-sharing curve, then init_vf will call vttree_insert on the parent, but vttree_remove will be sk ... oval:org.secpod.oval:def:1701907 A use-after-free vulnerability in the Linux kernel's net/sched: cls_route component can be exploited to achieve local privilege escalation.When route4_change is called on an existing filter, the whole tcf_result struct is always copied into the new instance of the filter. This causes a problem when ... oval:org.secpod.oval:def:509175 This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Security Fix: kernel: use-after-free in sch_qfq network scheduler kernel: IGB driver inadequate buffer size for frames larger than MTU kernel: use-after-free in l ... oval:org.secpod.oval:def:89051082 The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-1206: Fixed a hash collision flaw in the IPv6 connection lookup table. A user located in the local network or with a high bandwidth connection can increase ... oval:org.secpod.oval:def:89050938 The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2023-4389: Fixed a reference counting issue in the Btrfs filesystem that could be exploited in order to leak internal kernel information or crash the system . * CVE ... oval:org.secpod.oval:def:708567 linux-laptop: Linux kernel for Lenovo X13s ARM laptops Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:708569 linux-starfive: Linux kernel for StarFive processors Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:708558 linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-oracle: Linux kernel for Oracle Cloud systems - linux-raspi: Linux kernel for Raspberry Pi systems Several secur ... oval:org.secpod.oval:def:708553 linux: Linux kernel - linux-lowlatency: Linux low latency kernel Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:708581 linux-oem-6.5: Linux kernel for OEM systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:96438 linux-oem-6.5: Linux kernel for OEM systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:1507314 [4.14.35-2047.533.3.el7uek] - net: rfkill: gpio: set GPIO direction - sched/fair: Fix tg-gt;load when offlining a CPU [Orabug: 36185208] - IB/cm: Cancel mad on the DREQ event when the state is MRA_REP_RCVD [Orabug: 36143229] - sched/rt: pick_next_rt_entity: check list_entry [Orabug: 35181559] {C ... oval:org.secpod.oval:def:708562 linux-oem-6.1: Linux kernel for OEM systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:1701819 A flaw was found in the Linux kernel's IP framework for transforming packets . This issue may allow a malicious user with CAP_NET_ADMIN privileges to directly dereference a NULL pointer in xfrm_update_ae_params, leading to a possible kernel crash and denial of service. A use-after-free vulnerability ... oval:org.secpod.oval:def:1701821 A flaw was found in the Linux kernel's IP framework for transforming packets . This issue may allow a malicious user with CAP_NET_ADMIN privileges to directly dereference a NULL pointer in xfrm_update_ae_params, leading to a possible kernel crash and denial of service. The upstream commit describes ... oval:org.secpod.oval:def:1601809 A flaw was found in the Linux kernel's IP framework for transforming packets . This issue may allow a malicious user with CAP_NET_ADMIN privileges to directly dereference a NULL pointer in xfrm_update_ae_params, leading to a possible kernel crash and denial of service. A use-after-free vulnerability ... oval:org.secpod.oval:def:3301742 Security update for the Linux Kernel oval:org.secpod.oval:def:96419 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-lowlatency: Linux low latency kernel - li ... oval:org.secpod.oval:def:96418 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-azure-fde: Linux kernel for Microsoft Azure CVM cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gke: Linux kernel fo ... oval:org.secpod.oval:def:708552 linux-oracle-5.15: Linux kernel for Oracle Cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:708555 linux-iot: Linux kernel for IoT platforms - linux-raspi: Linux kernel for Raspberry Pi systems - linux-raspi-5.4: Linux kernel for Raspberry Pi systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:3301531 Security update for the Linux Kernel oval:org.secpod.oval:def:708546 linux-gcp-5.15: Linux kernel for Google Cloud Platform systems - linux-gkeop-5.15: Linux kernel for Google Container Engine systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:94968 linux-starfive-6.2: Linux kernel for StarFive processors Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:3301715 Security update for the Linux Kernel oval:org.secpod.oval:def:708542 linux-starfive-6.2: Linux kernel for StarFive processors Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:95062 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gkeop: Linux kernel for Google Container Engine systems - linux-ibm: Linux kernel for IBM ... oval:org.secpod.oval:def:95061 linux-bluefield: Linux kernel for NVIDIA BlueField platforms Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:95066 linux-gcp-5.15: Linux kernel for Google Cloud Platform systems - linux-gkeop-5.15: Linux kernel for Google Container Engine systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:89050941 The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-39192: Fixed an out of bounds read in the netfilter . * CVE-2023-39193: Fixed an out of bounds read in the xtables subsystem . * CVE-2023-39194: Fixed an o ... oval:org.secpod.oval:def:89050940 The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-39194: Fixed a flaw in the processing of state filters which could allow a local attackers to disclose sensitive information. * CVE-2023-39193: Fixe ... oval:org.secpod.oval:def:708535 linux-bluefield: Linux kernel for NVIDIA BlueField platforms Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:89051077 The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-4563: Fixed an use-after-free flaw in the nftables sub-component. This vulnerability could allow a local attacker to crash the system or lead to a kernel i ... oval:org.secpod.oval:def:3302319 Security update for the Linux Kernel oval:org.secpod.oval:def:708537 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gkeop: Linux kernel for Google Container Engine systems - linux-ibm: Linux kernel for IBM ... oval:org.secpod.oval:def:708533 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-azure-fde: Linux kernel for Microsoft Azure CVM cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gke: Linux kernel fo ... oval:org.secpod.oval:def:89051079 The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-39194: Fixed a flaw in the processing of state filters which could allow a local attackers to disclose sensitive information. * CVE-2023-39193: Fixed a fl ... oval:org.secpod.oval:def:94970 linux-oem-6.1: Linux kernel for OEM systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:95069 linux-iot: Linux kernel for IoT platforms - linux-raspi: Linux kernel for Raspberry Pi systems - linux-raspi-5.4: Linux kernel for Raspberry Pi systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:95068 linux-oracle-5.15: Linux kernel for Oracle Cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:708538 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-lowlatency: Linux low latency kernel - li ... oval:org.secpod.oval:def:3301672 Security update for the Linux Kernel oval:org.secpod.oval:def:1701809 A use-after-free vulnerability in the Linux kernel's net/sched: sch_hfsc component can be exploited to achieve local privilege escalation.If a class with a link-sharing curve has a parent without a link-sharing curve, then init_vf will call vttree_insert on the parent, but vttree_remove will be sk ... oval:org.secpod.oval:def:19500429 An integer overflow in kmalloc_reserve in the Linux kernel may allow a local user to crash the system, or in some cases obtain code execution in kernel space. A use-after-free vulnerability in the Linux kernel's net/sched: sch_hfsc component can be exploited to achieve local privilege escalation.If ... oval:org.secpod.oval:def:708564 linux-nvidia-6.2: Linux kernel for NVIDIA systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:94966 linux-intel-iotg: Linux kernel for Intel IoT platforms Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:708543 linux-intel-iotg-5.15: Linux kernel for Intel IoT platforms Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:95064 linux-intel-iotg-5.15: Linux kernel for Intel IoT platforms Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:708534 linux-intel-iotg: Linux kernel for Intel IoT platforms Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:509091 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: kernel: net/sched: sch_hfsc UAF kernel: use-after-free in sch_qfq network scheduler kernel: inactive elements in nft_pipapo_walk kernel: IGB driver inadequate buffer size for frames larger than MTU ... oval:org.secpod.oval:def:2501335 The kernel packages contain the Linux kernel, the core of any Linux operating system. oval:org.secpod.oval:def:1507377 [4.18.0-513.18.1.el8_9.OL8] - Update Oracle Linux certificates - Disable signing for aarch64 - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 = 15.3-1.0.3 - Remove ups ... oval:org.secpod.oval:def:1507338 [4.18.0-513.18.0.1.el8_9.OL8] - drivers: net: slip: fix NPD bug in sl_tx_timeout {CVE-2022-41858} - nfp: fix use-after-free in area_cache_get {CVE-2022-3545} - HID: check empty report_list in hid_validate_values {CVE-2023-1073} - Fix double fget in vhost_net_set_backend {CVE-2023-1838} - can: af_can ... oval:org.secpod.oval:def:206075 Security Fix: kernel: use-after-free in l2cap_connect and l2cap_le_connect_req in net/bluetooth/l2cap_core.c kernel: use-after-free in sch_qfq network scheduler kernel: IGB driver inadequate buffer size for frames larger than MTU kernel: fbcon: out-of-sync arrays in fbcon_mode_deleted due to wro ... oval:org.secpod.oval:def:1507396 [3.10.0-1160.114.2.0.1.el7.OL7] - debug: lock down kgdb [Orabug: 34270798] {CVE-2022-21499} [3.10.0-1160.114.2.el7.OL7] - Update Oracle Linux certificates - Oracle Linux RHCK Module Signing Key was compiled into kernel - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 = ... oval:org.secpod.oval:def:3302399 Security update for the Linux Kernel oval:org.secpod.oval:def:509138 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: kernel: use-after-free in l2cap_connect and l2cap_le_connect_req in net/bluetooth/l2cap_core.c kernel: use-after-free in sch_qfq network scheduler kernel: IGB driver inadequate buffer size for fram ... oval:org.secpod.oval:def:89051800 The SUSE Linux Enterprise 15 SP3 LTSS kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2024-1086: Fixed a use-after-free vulnerability inside the nf_tables component that could have been exploited to achieve local privilege escalation . * CVE-202 ... oval:org.secpod.oval:def:89051804 The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2024-1085: Fixed nf_tables use-after-free vulnerability in the nft_setelem_catchall_deactivate function . * CVE-2024-1086: Fixed a use-after-free vulnerability insi ... oval:org.secpod.oval:def:89051802 The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2024-1085: Fixed nf_tables use-after-free vulnerability in the nft_setelem_catchall_deactivate function . * CVE-2024-1086: Fixed a use-after-free vulnerability insi ... oval:org.secpod.oval:def:3302374 Security update for the Linux Kernel oval:org.secpod.oval:def:89051471 The SUSE Linux Enterprise 15 SP2 LTSS kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2024-1086: Fixed a use-after-free vulnerability inside the nf_tables component that could have been exploited to achieve local privilege escalation . * CVE-202 ... oval:org.secpod.oval:def:19500536 An integer overflow in kmalloc_reserve in the Linux kernel may allow a local user to crash the system, or in some cases obtain code execution in kernel space. An issue was discovered in drivers/net/ethernet/intel/igb/igb_main.c in the IGB driver in the Linux kernel before 6.5.3. A buffer size may no ... oval:org.secpod.oval:def:19500512 An integer overflow in kmalloc_reserve in the Linux kernel may allow a local user to crash the system, or in some cases obtain code execution in kernel space. An issue was discovered in drivers/net/ethernet/intel/igb/igb_main.c in the IGB driver in the Linux kernel before 6.5.3. A buffer size may no ... oval:org.secpod.oval:def:1507202 [5.15.0-201.135.6.el9uek] - Revert ncsi: Propagate carrier gain/loss events to the NCSI controller - netfilter: nf_tables: split async and sync catchall in two functions - netfilter: nf_tables: remove catchall element in GC sync path - scsi: mpt3sas: Fix loop logic - Revert md/raid5: Wait for MD ... oval:org.secpod.oval:def:1701811 The upstream commit describes this issue as follows:The missing IP_SET_HASH_WITH_NET0 macro in ip_set_hash_netportnet can lead to the use of wrong `CIDR_POS` for calculating array offsets, which can lead to integer underflow. As a result, it leads to slab out-of-bound access. A use-after-free vulner ... oval:org.secpod.oval:def:1507201 [5.15.0-201.135.6.el8uek] - Revert ncsi: Propagate carrier gain/loss events to the NCSI controller - netfilter: nf_tables: split async and sync catchall in two functions - netfilter: nf_tables: remove catchall element in GC sync path - scsi: mpt3sas: Fix loop logic - Revert md/raid5: Wait for MD ... oval:org.secpod.oval:def:19500528 An integer overflow in kmalloc_reserve in the Linux kernel may allow a local user to crash the system, or in some cases obtain code execution in kernel space. An issue was discovered in drivers/net/ethernet/intel/igb/igb_main.c in the IGB driver in the Linux kernel before 6.5.3. A buffer size may no ... oval:org.secpod.oval:def:94971 linux-nvidia-6.2: Linux kernel for NVIDIA systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:1507608 [2.6.32-754.53.1.OL6] - net/sched: sch_qfq: refactor parsing of netlink parameters [Orabug: 36517546] - net/sched: sch_qfq: account for stab overhead in qfq_enqueue {CVE-2023-3611} [Orabug: 36517546] - net/sched: cls_fw: Fix improper refcount update leads to use-after-free {CVE-2023-3776} [Orabug: 3 ... |
