Download
| Alert*
oval:org.secpod.oval:def:506178
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: userspace applications can misuse the KVM API to cause a write of 16 bytes at an offset up to 32 GB from vcpu-run * kernel: nitro_enclaves stale file descriptors on failed usercopy For mor ... oval:org.secpod.oval:def:63333 python3-perf is installed oval:org.secpod.oval:def:73631 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: userspace applications can misuse the KVM API to cause a write of 16 bytes at an offset up to 32 GB from vcpu-run * kernel: nitro_enclaves stale file descriptors on failed usercopy For mor ... oval:org.secpod.oval:def:1504942 [4.18.0-305.3.1.el8_4.OL8] - Update Oracle Linux certificates - Disable signing for aarch64 - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 less than or equal 15-11.0 ... oval:org.secpod.oval:def:1503165 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:69579 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: Local buffer overflow in ctnetlink_parse_tuple_filter in net/netfilter/nf_conntrack_netlink.c For more details about the security issue, including the impact, a CVSS score, acknowledgments, ... oval:org.secpod.oval:def:67994 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: net: bluetooth: heap buffer overflow when processing extended advertising report events * kernel: Red Hat only CVE-2020-12351 regression * kernel: Red Hat only CVE-2020-12352 regression F ... oval:org.secpod.oval:def:507258 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * posix cpu timer use-after-free may lead to local privilege escalation * Unprivileged users may use PTRACE_SEIZE to set PTRACE_O_SUSPEND_SECCOMP option For more details about the security issue, in ... oval:org.secpod.oval:def:1507002 - [5.14.0-284.30.0.1.el9_2.OL9] - x86/tsx: Add a feature bit for TSX control MSR support {CVE-2023-1637} - x86/speculation: Restore speculation related MSRs {CVE-2023-1637} - x86/pm: Save the MSR validity status at context setup {CVE-2023-1637} - x86/pm: Fix false positive kmemleak report in msr_bui ... oval:org.secpod.oval:def:73715 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: use-after-free in net/bluetooth/hci_event.c when destroying an hci_chan * kernel: security bypass in certs/blacklist.c and certs/system_keyring.c For more details about the security issue, ... oval:org.secpod.oval:def:1506351 [4.18.0-425.10.1.el8.OL8] - Update Oracle Linux certificates - Disable signing for aarch64 - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 15.3-1.0.3 - Remove upstrea ... oval:org.secpod.oval:def:507880 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: ipvlan: out-of-bounds write caused by unclear skb-cb * kernel: cls_flower: out-of-bounds write in fl_set_geneve_opt * kernel: KVM: x86/mmu: race condition in direct_page_fault * kernel: s ... oval:org.secpod.oval:def:507542 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: mm/mremap.c use-after-free vulnerability * kernel: nfsd buffer overflow by RPC message over TCP with garbage data * kernel: an out-of-bounds vulnerability in i2c-ismt driver For more deta ... oval:org.secpod.oval:def:507907 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: use-after-free in l2cap_connect and l2cap_le_connect_req in net/bluetooth/l2cap_core.c * kernel: tcindex: use-after-free vulnerability in traffic control index filter allows privilege escal ... oval:org.secpod.oval:def:507595 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: stack overflow in do_proc_dointvec and proc_skip_spaces * ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF * kernel: FUSE filesystem low-privileged user privileges escala ... oval:org.secpod.oval:def:507550 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: use-after-free caused by l2cap_reassemble_sdu in net/bluetooth/l2cap_core.c * kernel: stack overflow in do_proc_dointvec and proc_skip_spaces * kernel: use-after-free in __nfs42_ssc_open i ... oval:org.secpod.oval:def:1506390 [5.14.0-162.12.1.el9_1.OL9] - Update Oracle Linux certificates - Disable signing for aarch64 - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 15.3-1.0.5] - Remove nmap ... oval:org.secpod.oval:def:507364 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * off-path attacker may inject data or terminate victim"s TCP session. oval:org.secpod.oval:def:507241 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A use-after-free in cls_route filter implementation may lead to privilege escalation * Information leak in scsi_ioctl * A kernel-info-leak issue in pfkey_register * RetBleed Arbitrary Speculative ... oval:org.secpod.oval:def:1506440 [4.18.0-425.13.1.el8_7.OL8] - Update Oracle Linux certificates - Disable signing for aarch64 - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list oval:org.secpod.oval:def:507697 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * use-after-free in l2cap_connect and l2cap_le_connect_req in net/bluetooth/l2cap_core.c * net/ulp: use-after-free in listening ULP sockets * cpu: AMD CPUs may transiently execute beyond uncondition ... oval:org.secpod.oval:def:507498 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: watch queue race condition can lead to privilege escalation * kernel: memory corruption in AX88179_178A based USB ethernet device. * kernel: i915: Incorrect GPU TLB flush can lead to rando ... oval:org.secpod.oval:def:507734 The kernel packages contain the Linux kernel, the core of any Linux operating system. The following packages have been upgraded to a later upstream version: kernel . Security Fix: * use-after-free caused by l2cap_reassemble_sdu in net/bluetooth/l2cap_core.c * net/ulp: use-after-free in listening U ... oval:org.secpod.oval:def:1506453 - [5.14.0-162.18.1.el9_1.OL9] - Update Oracle Linux certificates - Disable signing for aarch64 - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64] - Remove nmap referenc ... oval:org.secpod.oval:def:507148 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * Incomplete cleanup of multi-core shared buffers * Incomplete cleanup of microarchitectural fill buffers * Incomplete cleanup in specific special register write operations For more details abou ... oval:org.secpod.oval:def:507586 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: tun: avoid double free in tun_free_netdev * ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF * kernel: net: CPU soft lockup in TC mirred egress-to-ingress action For mor ... oval:org.secpod.oval:def:1506024 [5.14.0-70.26.1.0.1.el9_0.OL9] - lockdown: also lock down previous kgdb use oval:org.secpod.oval:def:1505818 [4.18.0-372.16.1.0.1.el8_6.OL8] - Update Oracle Linux certificates - Disable signing for aarch64 - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 less than or equal 15 ... oval:org.secpod.oval:def:1505588 [4.18.0-348.23.1.el8_5.OL8] - Update Oracle Linux certificates - Disable signing for aarch64 - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 lt;= 15-11.0.5.el8 [4.18. ... oval:org.secpod.oval:def:507164 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: heap overflow in nft_set_elem_init * kernel: vulnerability of buffer overflow in nft_set_desc_concat_parse For more details about the security issue, including the impact, a CVSS score, ac ... oval:org.secpod.oval:def:1505998 [4.18.0-372.26.1.0.1.el8_6.OL8] - Update Oracle Linux certificates - Disable signing for aarch64 - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 15-11.0.5 debug: lock ... oval:org.secpod.oval:def:78275 The kernel packages contain the Linux kernel, the core of any Linux operating system. The following packages have been upgraded to a later upstream version: kernel . Security Fix: * kernel: improper initialization of the flags member of the new pipe_buffer * kernel: Use After Free in unix_gc which ... oval:org.secpod.oval:def:506337 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: powerpc: KVM guest OS users can cause host OS memory corruption * kernel: slab-out-of-bounds access in xdr_set_page_base in net/sunrpc/xdr.c For more details about the security issue, incl ... oval:org.secpod.oval:def:1504642 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:66560 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: use-after-free in sound/core/timer.c * kernel: kernel: DAX hugepages not considered during mremap * kernel: Rogue cross-process SSBD shutdown. Linux scheduler logical bug allows an attacke ... oval:org.secpod.oval:def:503831 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: lockdown: bypass through ACPI write via efivar_ssdt * kernel: lockdown: bypass through ACPI write via acpi_configfs For more details about the security issue, including the impact, a CVSS ... oval:org.secpod.oval:def:66551 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * Kernel: NetLabel: null pointer dereference while receiving CIPSO packet with null category may cause kernel panic * Kernel: s390: page table upgrade in secondary address mode may lead to privilege ... oval:org.secpod.oval:def:1503068 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:67952 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: use after free in the video driver leads to local privilege escalation * kernel: use-after-free in drivers/bluetooth/hci_ldisc.c * kernel: out-of-bounds access in function hclge_tm_schd_mo ... oval:org.secpod.oval:def:95300 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): kernel: tun: avoid double free in tun_free_netdev (CVE-2022-4744) kernel: net/sched: multiple vulnerabilities (CVE-2023-3609, CVE-2023-3611, CVE-2023-4128, CVE-2023-4206, CVE-2023-4207, CVE-2023- ... oval:org.secpod.oval:def:1505933 [5.14.0-70.22.1.0.1.el9_0.OL9] [lockdown: also lock down previous kgdb use [Orabug: 34290418] {CVE-2022-21499} [5.14.0-70.22.1.el9_0.OL9] [Update Oracle Linux certificates [Disable signing for aarch64 [Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list [Orabug: 295392 ... oval:org.secpod.oval:def:507272 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * off-path attacker may inject data or terminate victim"s TCP session. oval:org.secpod.oval:def:1507366 [4.18.0-513.18.0.2.el8_9] - net/sched: sch_hfsc: Ensure inner classes have fsc curve {CVE-2023-4623} - net/sched: sch_hfsc: upgrade "rt" to "sc" when it becomes a inner curve {CVE-2023-4623} - x86/sev: Check for user-space IOIO pointing to kernel space {CVE-2023-46813} - x86/sev: Check IOBM for IOIO ... oval:org.secpod.oval:def:506292 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: race condition in net/can/bcm.c leads to local privilege escalation * kernel: Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks * kernel: out-of-bounds write in xt_comp ... oval:org.secpod.oval:def:1505055 [4.18.0-305.12.1.el8_4.OL8] - Update Oracle Linux certificates - Disable signing for aarch64 - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 15-11.0.5.el8 [4.18.0-305 ... oval:org.secpod.oval:def:509315 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: kernel: Marvin vulnerability side-channel leakage in the RSA decryption operation CVE-2024-25743 hw: amd: Instruction raise #VC exception at exit Bug Fix: ffdhe* algortihms introduced in 0a2e5b90902 ... oval:org.secpod.oval:def:1507227 [5.14.0-362.13.1.el9_3.OL9] - x86/retpoline: Document some thunk handling aspects {CVE-2023-20569} - objtool: Fix return thunk patching in retpolines {CVE-2023-20569} - x86/srso: Remove unnecessary semicolon {CVE-2023-20569} - x86/calldepth: Rename __x86_return_skl to call_depth_return_thunk {CV ... oval:org.secpod.oval:def:1507573 [4.18.0-553.5.1.el8_10.OL8] - Update Oracle Linux certificates - Disable signing for aarch64 - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 15.3-1.0.3 - Remove upst ... oval:org.secpod.oval:def:1507574 - [5.14.0-427.20.1.el9_4.OL9] - Disable UKI signing [Orabug: 36571828] - Update Oracle Linux certificates - Disable signing for aarch64 - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim- ... oval:org.secpod.oval:def:1507394 [5.14.0-362.24.1.el9_3.OL9] - Update Oracle Linux certificates - Disable signing for aarch64 - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 = 15.3-1.0.5] - Remove nm ... oval:org.secpod.oval:def:509091 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: kernel: net/sched: sch_hfsc UAF kernel: use-after-free in sch_qfq network scheduler kernel: inactive elements in nft_pipapo_walk kernel: IGB driver inadequate buffer size for frames larger than MTU ... oval:org.secpod.oval:def:1507377 [4.18.0-513.18.1.el8_9.OL8] - Update Oracle Linux certificates - Disable signing for aarch64 - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 = 15.3-1.0.3 - Remove ups ... oval:org.secpod.oval:def:509299 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: kernel: GSM multiplexing race condition leads to privilege escalation kernel: multiple use-after-free vulnerabilities kernel: Bluetooth BR/EDR PIN Pairing procedure is vulnerable to an impersonation ... oval:org.secpod.oval:def:509094 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: kernel: tun: bugs for oversize packet when napi frags enabled in tun_napi_alloc_frags kernel: use after free in unix_stream_sendpage kernel: net/sched: sch_hfsc UAF kernel: use after free in nvmet_ ... oval:org.secpod.oval:def:1507181 [4.18.0-513.9.1.el8_9.OL8] - media: dvb-core: Fix use-after-free due to race at dvb_register_device {CVE-2022-45884} - cifs: Fix UAF in cifs_demultiplex_thread {CVE-2023-1192} - nvmet-tcp: Fix a possible UAF in queue intialization setup {CVE-2023-5178} - net: tun: fix bugs for oversize packet whe ... oval:org.secpod.oval:def:1507380 [5.14.0-362.18.1.el9_3.OL9] - Update Oracle Linux certificates - Disable signing for aarch64 - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 = 15.3-1.0.5.el9 - Remove ... |