Download
| Alert*
oval:org.secpod.oval:def:708844
linux: Linux kernel - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-azure-fde: Linux kernel for Microsoft Azure CVM cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gke: Linux kernel for Google Container Engine systems - linux-gkeop: Linux ker ... oval:org.secpod.oval:def:708845 linux-laptop: Linux kernel for Lenovo X13s ARM laptops Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:509164 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: kernel: vmwgfx: NULL pointer dereference in vmw_cmd_dx_define_query kernel: Out of boundary write in perf_read_group as result of overflow a perf_event"s read_size kernel: GSM multiplexing race cond ... oval:org.secpod.oval:def:89051460 The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2024-1086: Fixed a use-after-free vulnerability inside the nf_tables component that could have been exploited to achieve local privilege escalation . * CVE-20 ... oval:org.secpod.oval:def:1702150 A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.The nft_verdict_init function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow function can cause a double free vulnerabi ... oval:org.secpod.oval:def:708843 linux-aws: Linux kernel for Amazon Web Services systems - linux-aws-5.15: Linux kernel for Amazon Web Services systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:99038 A flaw was found in the Netfilter subsystem in the Linux kernel. This issue occurs in the nft_verdict_init() function, allowing positive values as a drop error within the hook verdict, therefore, the nf_hook_slow() function can cause a double-free vulnerability when NF_DROP is issued with a drop err ... oval:org.secpod.oval:def:99556 linux: Linux kernel - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-azure-fde: Linux kernel for Microsoft Azure CVM cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gke: Linux kernel for Google Container Engine systems - linux-gkeop: Linux ker ... oval:org.secpod.oval:def:99039 A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_verdict_init() function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow() function can cause a double free vuln ... oval:org.secpod.oval:def:99555 linux-aws: Linux kernel for Amazon Web Services systems - linux-aws-5.15: Linux kernel for Amazon Web Services systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:99557 linux-raspi: Linux kernel for Raspberry Pi systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:206075 Security Fix: kernel: use-after-free in l2cap_connect and l2cap_le_connect_req in net/bluetooth/l2cap_core.c kernel: use-after-free in sch_qfq network scheduler kernel: IGB driver inadequate buffer size for frames larger than MTU kernel: fbcon: out-of-sync arrays in fbcon_mode_deleted due to wro ... oval:org.secpod.oval:def:99563 linux-aws: Linux kernel for Amazon Web Services systems - linux-aws-6.5: Linux kernel for Amazon Web Services systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:1507433 [5.4.17-2136.329.3.2.el7] - netfilter: nf_tables: reject QUEUE/DROP verdict parameters [Orabug: 36465920] {CVE-2024-1086} oval:org.secpod.oval:def:99562 linux-oracle: Linux kernel for Oracle Cloud systems - linux-oracle-5.15: Linux kernel for Oracle Cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:1507434 [5.15.0-204.147.6.3.el8uek] - netfilter: nf_tables: reject QUEUE/DROP verdict parameters [Orabug: 36464807] {CVE-2024-1086} oval:org.secpod.oval:def:19500614 In rds_recv_track_latency in net/rds/af_rds.c in the Linux kernel through 6.7.1, there is an off-by-one error for an RDS_MSG_RX_DGRAM_TRACE_MAX comparison, resulting in out-of-bounds access oval:org.secpod.oval:def:1507435 [5.4.17-2136.329.3.2.el8uek] - netfilter: nf_tables: reject QUEUE/DROP verdict parameters [Orabug: 36465920] {CVE-2024-1086} oval:org.secpod.oval:def:99564 linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-azure-5.4: Linux kernel for Microsoft Azure cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:1507436 [4.18.0-513.18.1.0.1.el8_9.OL8] - netfilter: nf_tables: reject QUEUE/DROP verdict parameters [Orabug: 36461932] {CVE-2024-1086} [4.18.0-513.18.1.el8_9.OL8] - Update Oracle Linux certificates - Disable signing for aarch64 - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys l ... oval:org.secpod.oval:def:1507396 [3.10.0-1160.114.2.0.1.el7.OL7] - debug: lock down kgdb [Orabug: 34270798] {CVE-2022-21499} [3.10.0-1160.114.2.el7.OL7] - Update Oracle Linux certificates - Oracle Linux RHCK Module Signing Key was compiled into kernel - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 = ... oval:org.secpod.oval:def:1507430 [5.4.17-2136.329.3.2.el8] - netfilter: nf_tables: reject QUEUE/DROP verdict parameters [Orabug: 36465920] {CVE-2024-1086} oval:org.secpod.oval:def:1507431 [4.14.35-2047.534.3.1.el7uek] - netfilter: nf_tables: reject QUEUE/DROP verdict parameters [Orabug: 36251145] {CVE-2024-1086} oval:org.secpod.oval:def:3302399 Security update for the Linux Kernel oval:org.secpod.oval:def:1702152 A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.The nft_verdict_init function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow function can cause a double free vulnerabi ... oval:org.secpod.oval:def:708846 linux-raspi: Linux kernel for Raspberry Pi systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:1507517 [4.14.35-2047.536.5.el7uek] - mmc: core: Fix switch on gp3 partition - Revert Revert md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d - mm/memory-failure: fix an incorrect use of tail pages - Revert x86/mm/ident_map: Use gbpages only where full GB page should be mapped. - sched/fair: More accur ... oval:org.secpod.oval:def:1702154 A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.The nft_verdict_init function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow function can cause a double free vulnerabi ... oval:org.secpod.oval:def:4501553 The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix: * kernel: vmwgfx: NULL pointer dereference in vmw_cmd_dx_define_query * kernel: Out of boundary write in perf_read_group as result of overflow ... oval:org.secpod.oval:def:509138 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: kernel: use-after-free in l2cap_connect and l2cap_le_connect_req in net/bluetooth/l2cap_core.c kernel: use-after-free in sch_qfq network scheduler kernel: IGB driver inadequate buffer size for fram ... oval:org.secpod.oval:def:1601888 A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.The nft_verdict_init function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow function can cause a double free vulnerabi ... oval:org.secpod.oval:def:509299 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: kernel: GSM multiplexing race condition leads to privilege escalation kernel: multiple use-after-free vulnerabilities kernel: Bluetooth BR/EDR PIN Pairing procedure is vulnerable to an impersonation ... oval:org.secpod.oval:def:99569 linux-azure-6.5: Linux kernel for Microsoft Azure cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:4501552 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: vmwgfx: NULL pointer dereference in vmw_cmd_dx_define_query * kernel: Out of boundary write in perf_read_group as result of overflow a perf_event"s read_size * kernel: GSM multiplexing rac ... oval:org.secpod.oval:def:99570 linux-intel-iotg: Linux kernel for Intel IoT platforms - linux-intel-iotg-5.15: Linux kernel for Intel IoT platforms Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:1507442 - [5.14.0-362.24.1.0.1.el9_3.OL9] - netfilter: nf_tables: reject QUEUE/DROP verdict parameters [Orabug: 36461940 ] {CVE-2024-1086} - [5.14.0-362.24.1.el9_3.OL9] - Update Oracle Linux certificates - Disable signing for aarch64 - Oracle Linux RHCK Module Signing Key was added to the kernel trusted k ... oval:org.secpod.oval:def:89051800 The SUSE Linux Enterprise 15 SP3 LTSS kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2024-1086: Fixed a use-after-free vulnerability inside the nf_tables component that could have been exploited to achieve local privilege escalation . * CVE-202 ... oval:org.secpod.oval:def:708839 linux: Linux kernel - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-lowlatency: Linux low latency kernel - linux-oracle: Linux kernel for Oracle Cloud systems - linux-raspi: Linux kernel for Raspberry Pi systems - lin ... oval:org.secpod.oval:def:708837 linux: Linux kernel - linux-bluefield: Linux kernel for NVIDIA BlueField platforms - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gkeop: Linux kernel for Google Container Engine systems - linux-ibm: Linux kernel for IBM cloud systems - linux-iot: Linux kernel for IoT platforms ... oval:org.secpod.oval:def:89051804 The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2024-1085: Fixed nf_tables use-after-free vulnerability in the nft_setelem_catchall_deactivate function . * CVE-2024-1086: Fixed a use-after-free vulnerability insi ... oval:org.secpod.oval:def:1507449 [5.4.17-2136.330.7.1.el7] - KVM: x86: Add BHI_NO [Orabug: 36384803] {CVE-2024-2201} - x86/bhi: Mitigate KVM by default [Orabug: 36384803] {CVE-2024-2201} - x86/bhi: Add BHI mitigation knob [Orabug: 36384803] {CVE-2024-2201} - x86/bhi: Enumerate Branch History Injection bug [Orabug: 36384803] {C ... oval:org.secpod.oval:def:708838 linux-aws: Linux kernel for Amazon Web Services systems - linux-raspi: Linux kernel for Raspberry Pi systems - linux-xilinx-zynqmp: Linux kernel for Xilinx ZynqMP processors - linux-aws-5.4: Linux kernel for Amazon Web Services systems - linux-gcp-5.4: Linux kernel for Google Cloud Platform syste ... oval:org.secpod.oval:def:89051802 The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2024-1085: Fixed nf_tables use-after-free vulnerability in the nft_setelem_catchall_deactivate function . * CVE-2024-1086: Fixed a use-after-free vulnerability insi ... oval:org.secpod.oval:def:708862 linux-intel-iotg: Linux kernel for Intel IoT platforms - linux-intel-iotg-5.15: Linux kernel for Intel IoT platforms Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:708861 linux-azure-6.5: Linux kernel for Microsoft Azure cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:1507455 [4.14.35-2047.535.2.1.el7uek] - netfilter: nf_tables: reject QUEUE/DROP verdict parameters [Orabug: 36467681] {CVE-2024-1086} [4.14.35-2047.535.2.el7uek] - Fix null ptr in rds_tcp_recv_path [Orabug: 33499812] - LTS version: v4.14.338 - crypto: scompress - initialize per-CPU variables on each CPU ... oval:org.secpod.oval:def:1507451 [5.4.17-2136.330.7.1.el7uek] - KVM: x86: Add BHI_NO [Orabug: 36384803] {CVE-2024-2201} - x86/bhi: Mitigate KVM by default [Orabug: 36384803] {CVE-2024-2201} - x86/bhi: Add BHI mitigation knob [Orabug: 36384803] {CVE-2024-2201} - x86/bhi: Enumerate Branch History Injection bug [Orabug: 36384803] ... oval:org.secpod.oval:def:2501369 The kernel packages contain the Linux kernel, the core of any Linux operating system. oval:org.secpod.oval:def:1507453 [5.4.17-2136.330.7.1.el8uek] - KVM: x86: Add BHI_NO [Orabug: 36384803] {CVE-2024-2201} - x86/bhi: Mitigate KVM by default [Orabug: 36384803] {CVE-2024-2201} - x86/bhi: Add BHI mitigation knob [Orabug: 36384803] {CVE-2024-2201} - x86/bhi: Enumerate Branch History Injection bug [Orabug: 36384803] ... oval:org.secpod.oval:def:1507454 [5.4.17-2136.330.7.1.el8] - KVM: x86: Add BHI_NO [Orabug: 36384803] {CVE-2024-2201} - x86/bhi: Mitigate KVM by default [Orabug: 36384803] {CVE-2024-2201} - x86/bhi: Add BHI mitigation knob [Orabug: 36384803] {CVE-2024-2201} - x86/bhi: Enumerate Branch History Injection bug [Orabug: 36384803] {C ... oval:org.secpod.oval:def:127104 Kernel-headers includes the C header files that specify the interface between the Linux kernel and userspace libraries and programs. The header files define structures and constants that are needed for building most standard programs and are also needed for rebuilding the glibc package. oval:org.secpod.oval:def:127106 The kernel meta package oval:org.secpod.oval:def:3302374 Security update for the Linux Kernel oval:org.secpod.oval:def:1702131 A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.The nft_verdict_init function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow function can cause a double free vulnerabi ... oval:org.secpod.oval:def:89051473 The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2024-1086: Fixed a use-after-free vulnerability inside the nf_tables component that could have been exploited to achieve local privilege escalation . * CVE-2024-034 ... oval:org.secpod.oval:def:708855 linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-azure-5.4: Linux kernel for Microsoft Azure cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:89051471 The SUSE Linux Enterprise 15 SP2 LTSS kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2024-1086: Fixed a use-after-free vulnerability inside the nf_tables component that could have been exploited to achieve local privilege escalation . * CVE-202 ... oval:org.secpod.oval:def:708853 linux-oracle: Linux kernel for Oracle Cloud systems - linux-oracle-5.15: Linux kernel for Oracle Cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:708854 linux-aws: Linux kernel for Amazon Web Services systems - linux-aws-6.5: Linux kernel for Amazon Web Services systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:99549 linux: Linux kernel - linux-bluefield: Linux kernel for NVIDIA BlueField platforms - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gkeop: Linux kernel for Google Container Engine systems - linux-ibm: Linux kernel for IBM cloud systems - linux-iot: Linux kernel for IoT platforms ... oval:org.secpod.oval:def:1507460 [4.18.0-513.24.1.el8_9.OL8] - Update Oracle Linux certificates - Disable signing for aarch64 - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 = 15.3-1.0.3 - Remove ups ... oval:org.secpod.oval:def:99551 linux: Linux kernel - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-lowlatency: Linux low latency kernel - linux-oracle: Linux kernel for Oracle Cloud systems - linux-raspi: Linux kernel for Raspberry Pi systems - lin ... oval:org.secpod.oval:def:99550 linux-aws: Linux kernel for Amazon Web Services systems - linux-raspi: Linux kernel for Raspberry Pi systems - linux-xilinx-zynqmp: Linux kernel for Xilinx ZynqMP processors - linux-aws-5.4: Linux kernel for Amazon Web Services systems - linux-gcp-5.4: Linux kernel for Google Cloud Platform syste ... oval:org.secpod.oval:def:1507427 [4.1.12-124.84.2.el7uek] - netfilter: nf_tables: reject QUEUE/DROP verdict parameters [Orabug: 36251327] {CVE-2024-1086} [4.1.12-124.84.1.el7uek] - mm: avoid conflict between MADV_DOEXEC and upstream advice values [Orabug: 36334311] - kobject: Fix slab-out-of-bounds in fill_kobj_path [Orabug: 359 ... oval:org.secpod.oval:def:1507428 [5.15.0-204.147.6.3.el9uek] - netfilter: nf_tables: reject QUEUE/DROP verdict parameters [Orabug: 36464807] {CVE-2024-1086} oval:org.secpod.oval:def:1507429 [5.4.17-2136.329.3.2.el7uek] - netfilter: nf_tables: reject QUEUE/DROP verdict parameters [Orabug: 36465920] {CVE-2024-1086} oval:org.secpod.oval:def:1507609 [4.1.12-124.84.2] - netfilter: nf_tables: reject QUEUE/DROP verdict parameters [Orabug: 36251327] {CVE-2024-1086} [4.1.12-124.84.1] - mm: avoid conflict between MADV_DOEXEC and upstream advice values [Orabug: 36334311] - kobject: Fix slab-out-of-bounds in fill_kobj_path [Orabug: 35924076] {CVE-20 ... oval:org.secpod.oval:def:99539 linux-oem-6.1: Linux kernel for OEM systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:708819 linux-oem-6.1: Linux kernel for OEM systems Several security issues were fixed in the Linux kernel. |