Download
| Alert*
oval:org.secpod.oval:def:2003617
In the Linux kernel before 5.2.10, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/class/cdc-acm.c driver, aka CID-c52873e5a1ef. oval:org.secpod.oval:def:89003259 The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. oval:org.secpod.oval:def:89000107 The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-11494: An issue was discovered in slc_bump in drivers/net/can/slcan.c, which allowed attackers to read uninitialized can_frame data, potentially containing ... oval:org.secpod.oval:def:1503081 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1503076 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:89000615 kernel package information. oval:org.secpod.oval:def:1503126 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1503129 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:205657 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: use-after-free in sound/core/timer.c * kernel: out of bounds write in function i2c_smbus_xfer_emulated in drivers/i2c/i2c-core-smbus.c * kernel: race condition in smp_task_timedout and smp ... oval:org.secpod.oval:def:504339 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: use-after-free in sound/core/timer.c * kernel: out of bounds write in function i2c_smbus_xfer_emulated in drivers/i2c/i2c-core-smbus.c * kernel: race condition in smp_task_timedout and smp ... oval:org.secpod.oval:def:1504006 [3.10.0-1160.OL7] - Oracle Linux certificates - Oracle Linux RHCK Module Signing Key was compiled into kernel - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 [3.10.0-1160] - [kernel] modsign: Add nomokvarconfig kernel parameter [1867857] - [firmware] modsign: Add su ... oval:org.secpod.oval:def:89003400 The SUSE Linux Enterprise 12 SP 3 LTSS kernel was updated to receive various security and bugfixes. oval:org.secpod.oval:def:89000558 kernel package information. oval:org.secpod.oval:def:89043701 The SUSE Linux Enterprise 12 SP4 kernel-azure was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2019-19051: There was a memory leak in the i2400m_op_rfkill_sw_toggle function in drivers/net/wimax/i2400m/op-rfkill.c in the Linux kernel allowed attacke ... oval:org.secpod.oval:def:89050863 The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2019-19767: Fixed ext4_expand_extra_isize mishandles, as demonstrated by use-after-free errors in __ext4_expand_extra_isize and ext4_xattr_set_entry, related to fs/ ... oval:org.secpod.oval:def:89050801 The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2019-19531: There was a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/yurex.c driver . - CVE-2019-19543: There was a u ... oval:org.secpod.oval:def:89050936 The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2019-19767: Fixed ext4_expand_extra_isize mishandles, as demonstrated by use-after-free errors in __ext4_expand_extra_isize and ext4_xattr_set_entry, related to fs/ ... oval:org.secpod.oval:def:89000511 The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-10942: In get_raw_socket in drivers/vhost/net.c lacks validation of an sk_family field, which might allow attackers to trigger kernel stack corruption via ... |