Download
| Alert*
oval:org.secpod.oval:def:707951
linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:707672 linux: Linux kernel - linux-lowlatency: Linux low latency kernel - linux-hwe-5.15: Linux hardware enablement kernel - linux-lowlatency-hwe-5.15: Linux low latency kernel Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:707950 linux-dell300x: Linux kernel for Dell 300x platforms Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:707670 linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gke: Linux kernel for Google Container Engine systems - linux-ibm: Linux kernel for IBM cloud systems - linux-k ... oval:org.secpod.oval:def:4501165 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A use-after-free in cls_route filter implementation may lead to privilege escalation * Information leak in scsi_ioctl * A kernel-info-leak issue in pfkey_register * RetBleed Arbitrary Speculative ... oval:org.secpod.oval:def:2600093 The kernel packages contain the Linux kernel, the core of any Linux operating system. oval:org.secpod.oval:def:609245 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2022-2585 A use-after-free flaw in the implementation of POSIX CPU timers may result in denial of service or in local privilege escalation. CVE-2022-2 ... oval:org.secpod.oval:def:1506105 [4.18.0-372.32.1.0.1.el8_6.OL8] - Update Oracle Linux certificates - Disable signing for aarch64 - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] oval:org.secpod.oval:def:89046876 The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-36557: Fixed a race condition between the VT_DISALLOCATE ioctl and closing/opening of ttys could lead to a use-after-free . - CVE-2020-36558: Fixed a race ... oval:org.secpod.oval:def:1505934 [5.4.17-2136.310.7.el7uek] - net_sched: cls_route: remove from list when handle is 0 [Orabug: 34480880] {CVE-2022-2588} - x86/spec_ctrl: limit IBRS_FW to retpoline only [Orabug: 34450896] - x86/bugs: display dynamic retbleed state [Orabug: 34450896] - x86/bugs: remove incorrect __init/__ro_after_ ... oval:org.secpod.oval:def:89046794 The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-29900, CVE-2022-29901: Fixed the RETBLEED attack, a new Spectre like Branch Target Buffer attack, that can leak arbitrary kernel information . - CVE-2022-1 ... oval:org.secpod.oval:def:1505935 [5.4.17-2136.310.7.el7] - net_sched: cls_route: remove from list when handle is 0 [Orabug: 34480880] {CVE-2022-2588} - x86/spec_ctrl: limit IBRS_FW to retpoline only [Orabug: 34450896] - x86/bugs: display dynamic retbleed state [Orabug: 34450896] - x86/bugs: remove incorrect __init/__ro_after_ini ... oval:org.secpod.oval:def:1505814 - 5.15.0-0.30.20.el8 - floppy: use a statically allocated error counter [Orabug: 34218638] {CVE-2022-1652} - x86: Disable RET on kexec [Orabug: 34335631] {CVE-2022-23816} {CVE-2022-29901} - x86/bugs: do not enable IBPB-on-entry when IBPB is not supported [Orabug: 34335631] {CVE-2022-23816} {CVE-2 ... oval:org.secpod.oval:def:1505936 [5.4.17-2136.310.7.el8uek] - net_sched: cls_route: remove from list when handle is 0 [Orabug: 34480880] {CVE-2022-2588} - x86/spec_ctrl: limit IBRS_FW to retpoline only [Orabug: 34450896] - x86/bugs: display dynamic retbleed state [Orabug: 34450896] - x86/bugs: remove incorrect __init/__ro_after_ ... oval:org.secpod.oval:def:1505937 [5.4.17-2136.310.7.el8] - net_sched: cls_route: remove from list when handle is 0 [Orabug: 34480880] {CVE-2022-2588} - x86/spec_ctrl: limit IBRS_FW to retpoline only [Orabug: 34450896] - x86/bugs: display dynamic retbleed state [Orabug: 34450896] - x86/bugs: remove incorrect __init/__ro_after_ini ... oval:org.secpod.oval:def:89046790 The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-29900, CVE-2022-29901: Fixed the RETBLEED attack, a new Spectre like Branch Target Buffer attack, that can leak arbitrary kernel information . - CVE-2022-1 ... oval:org.secpod.oval:def:89046791 The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-29900, CVE-2022-29901: Fixed the RETBLEED attack, a new Spectre like Branch Target Buffer attack, that can leak arbitrary kernel information . - CVE-2022-1679: ... oval:org.secpod.oval:def:1505855 [5.15.0-0.30.20.el9uek] - floppy: use a statically allocated error counter [Orabug: 34218638] {CVE-2022-1652} - x86: Disable RET on kexec [Orabug: 34335631] {CVE-2022-29901} {CVE-2022-23816} - x86/bugs: do not enable IBPB-on-entry when IBPB is not supported [Orabug: 34335631] {CVE-2022-29901} {CV ... oval:org.secpod.oval:def:4501030 The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix: * kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation * kernel: information leak in scsi_ioctl * Ker ... oval:org.secpod.oval:def:707943 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-gcp-4.15: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle Cloud systems - linux-raspi2: Linux kernel for Raspberry Pi system ... oval:org.secpod.oval:def:88573 linux: Linux kernel - linux-lowlatency: Linux low latency kernel - linux-hwe-5.15: Linux hardware enablement kernel - linux-lowlatency-hwe-5.15: Linux low latency kernel Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:707667 linux-intel-iotg: Linux kernel for Intel IoT platforms Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:88574 linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gke: Linux kernel for Google Container Engine systems - linux-ibm: Linux kernel for IBM cloud systems - linux-k ... oval:org.secpod.oval:def:2500835 The kernel packages contain the Linux kernel, the core of any Linux operating system. oval:org.secpod.oval:def:2600061 The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. oval:org.secpod.oval:def:89046787 The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-29900, CVE-2022-29901: Fixed the RETBLEED attack, a new Spectre like Branch Target Buffer attack, that can leak arbitrary kernel information . - CVE-2022-1 ... oval:org.secpod.oval:def:707828 linux-gcp-5.4: Linux kernel for Google Cloud Platform systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:707949 linux-snapdragon: Linux kernel for Qualcomm Snapdragon processors Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:1701051 A flaw was found in hw. Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions. A use-after-free flaw was found in the Linux kernel's Unix socket Garbage Collection and io_uring. This flaw allows a lo ... oval:org.secpod.oval:def:89046782 The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-29900, CVE-2022-29901: Fixed the RETBLEED attack, a new Spectre like Branch Target Buffer attack, that can leak arbitrary kernel information . - CVE-2022-1 ... oval:org.secpod.oval:def:89046780 The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-29900, CVE-2022-29901: Fixed the RETBLEED attack, a new Spectre like Branch Target Buffer attack, that can leak arbitrary kernel information . - CVE-2022-1 ... oval:org.secpod.oval:def:89453 linux-snapdragon: Linux kernel for Qualcomm Snapdragon processors Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:89454 linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:2500825 The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. oval:org.secpod.oval:def:3301117 SUSE Security Update: Security update for the Linux Kernel oval:org.secpod.oval:def:89452 linux-dell300x: Linux kernel for Dell 300x platforms Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:507241 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A use-after-free in cls_route filter implementation may lead to privilege escalation * Information leak in scsi_ioctl * A kernel-info-leak issue in pfkey_register * RetBleed Arbitrary Speculative ... oval:org.secpod.oval:def:1506245 [5.14.0-162.6.1_1.OL9] - Update Oracle Linux certificates - Disable signing for aarch64 - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 - Remove nmap references from ... oval:org.secpod.oval:def:1700996 A bug in the IMA subsystem was discovered which would incorrectly allow kexec to be used when kernel lockdown was enabled A flaw was found in hw. Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions ... oval:org.secpod.oval:def:1701004 A use-after-free flaw was found in the Linux kernel's Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages. This flaw allows a local user to crash or potentially escalate their privileges on the system. A flaw was found in t ... oval:org.secpod.oval:def:507249 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * a use-after-free in cls_route filter implementation may lead to privilege escalation * RetBleed Arbitrary Speculative Code Execution with Return Instructions * Branch Type Confusion * Intel: Pos ... oval:org.secpod.oval:def:89046775 The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-29900, CVE-2022-29901: Fixed the RETBLEED attack, a new Spectre like Branch Target Buffer attack, that can leak arbitrary kernel information . - CVE-2022-1 ... oval:org.secpod.oval:def:1700997 A flaw was found in hw. Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions. A flaw was found in hw. Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type, ... oval:org.secpod.oval:def:123186 The kernel meta package oval:org.secpod.oval:def:89047345 The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-29900, CVE-2022-29901: Fixed the RETBLEED attack, a new Spectre like Branch Target Buffer attack, that can leak arbitrary kernel information . - CVE-2022-3 ... oval:org.secpod.oval:def:1505837 [5.15.0-0.30.20] - floppy: use a statically allocated error counter [Orabug: 34218638] {CVE-2022-1652} - x86: Disable RET on kexec [Orabug: 34335631] {CVE-2022-29901} {CVE-2022-23816} - x86/bugs: do not enable IBPB-on-entry when IBPB is not supported [Orabug: 34335631] {CVE-2022-29901} {CVE-2022- ... oval:org.secpod.oval:def:123184 The kernel meta package oval:org.secpod.oval:def:3301120 SUSE Security Update: Security update for the Linux Kernel oval:org.secpod.oval:def:89449 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-gcp-4.15: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle Cloud systems - linux-raspi2: Linux kernel for Raspberry Pi system ... oval:org.secpod.oval:def:707815 linux-azure-fde: Linux kernel for Microsoft Azure CVM cloud systems - linux-gke: Linux kernel for Google Container Engine systems - linux-gkeop: Linux kernel for Google Container Engine systems - linux-raspi-5.4: Linux kernel for Raspberry Pi systems Several security issues were fixed in the Linux ... oval:org.secpod.oval:def:94896 linux-intel-iotg: Linux kernel for Intel IoT platforms Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:89046800 The SUSE Linux Enterprise 12 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-29900, CVE-2022-29901: Fixed the RETBLEED attack, a new Spectre like Branch Target Buffer attack, that can leak arbitrary kernel information . - CVE-2022-1 ... oval:org.secpod.oval:def:1506131 [3.10.0-1160.80.1.0.1.el7.OL7] - debug: lock down kgdb [Orabug: 34270798] {CVE-2022-21499} [3.10.0-1160.80.1.el7.OL7] - Update Oracle Linux certificates - Oracle Linux RHCK Module Signing Key was compiled into kernel - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 15- ... oval:org.secpod.oval:def:86525 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-bluefield: Linux kernel for NVIDIA BlueField platforms - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-ibm: Linux kernel for IBM c ... oval:org.secpod.oval:def:86527 linux-gcp-5.4: Linux kernel for Google Cloud Platform systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:86526 linux-azure-fde: Linux kernel for Microsoft Azure CVM cloud systems - linux-gke: Linux kernel for Google Container Engine systems - linux-gkeop: Linux kernel for Google Container Engine systems - linux-raspi-5.4: Linux kernel for Raspberry Pi systems Several security issues were fixed in the Linux ... oval:org.secpod.oval:def:89047574 The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-29900, CVE-2022-29901: Fixed the RETBLEED attack, a new Spectre like Branch Target Buffer attack, that can leak arbitrary kernel information . - CVE-2022-3 ... oval:org.secpod.oval:def:707807 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-bluefield: Linux kernel for NVIDIA BlueField platforms - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-ibm: Linux kernel for IBM c ... oval:org.secpod.oval:def:3300664 SUSE Security Update: Security update for the Linux Kernel oval:org.secpod.oval:def:85951 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2022-2585 A use-after-free flaw in the implementation of POSIX CPU timers may result in denial of service or in local privilege escalation. CVE-2022-2 ... oval:org.secpod.oval:def:507364 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * off-path attacker may inject data or terminate victim"s TCP session. oval:org.secpod.oval:def:1507314 [4.14.35-2047.533.3.el7uek] - net: rfkill: gpio: set GPIO direction - sched/fair: Fix tg-gt;load when offlining a CPU [Orabug: 36185208] - IB/cm: Cancel mad on the DREQ event when the state is MRA_REP_RCVD [Orabug: 36143229] - sched/rt: pick_next_rt_entity: check list_entry [Orabug: 35181559] {C ... oval:org.secpod.oval:def:1507165 [5.4.17-2136.325.5.el7] - perf symbols: Symbol lookup with kcore can fail if multiple segments match stext [Orabug: 35905508] - char: misc: Increase the maximum number of dynamic misc devices to 1048448 [Orabug: 35905508] - perf/arm-cmn: Fix invalid pointer when access dtc object sharing the same ... oval:org.secpod.oval:def:89048074 The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-4378: Fixed stack overflow in __do_proc_dointvec . - CVE-2022-3635: Fixed a use-after-free in the tst_timer of the file drivers/atm/idt77252.c . - CVE-2022 ... oval:org.secpod.oval:def:3300745 SUSE Security Update: Security update for the Linux Kernel oval:org.secpod.oval:def:1506487 [5.4.17-2136.317.5.3.el7] - udf: Fix file corruption when appending just after end of preallocated extent [Orabug: 35192150] - selftests/ftrace: Fix bash specific == operator oval:org.secpod.oval:def:1506488 [5.4.17-2136.317.5.3.el8] - udf: Fix file corruption when appending just after end of preallocated extent [Orabug: 35192150] - selftests/ftrace: Fix bash specific == operator oval:org.secpod.oval:def:1506484 [5.4.17-2136.317.5.3.el7uek] - udf: Fix file corruption when appending just after end of preallocated extent [Orabug: 35192150] - selftests/ftrace: Fix bash specific == operator [Orabug: 35192150] - net: Fix unwanted sign extension in netdev_stats_to_stats64 oval:org.secpod.oval:def:1506486 [5.4.17-2136.317.5.3.el8uek] - udf: Fix file corruption when appending just after end of preallocated extent [Orabug: 35192150] - selftests/ftrace: Fix bash specific == operator [Orabug: 35192150] - net: Fix unwanted sign extension in netdev_stats_to_stats64 oval:org.secpod.oval:def:3300524 SUSE Security Update: Security update for the Linux Kernel oval:org.secpod.oval:def:1507312 [5.4.17-2136.328.3.el7uek] - IB/cm: Cancel mad on the DREQ event when the state is MRA_REP_RCVD [Orabug: 36143228] - KSPLICE: make sure the stack is zeroed. [Orabug: 36154654] - sched/fair: Fix tg-gt;load when offlining a CPU [Orabug: 36185207] - i2c: core: Fix atomic xfer check for non-preempt c ... oval:org.secpod.oval:def:1507313 [5.4.17-2136.328.3.el8] - IB/cm: Cancel mad on the DREQ event when the state is MRA_REP_RCVD [Orabug: 36143228] - KSPLICE: make sure the stack is zeroed. [Orabug: 36154654] - sched/fair: Fix tg-gt;load when offlining a CPU [Orabug: 36185207] - i2c: core: Fix atomic xfer check for non-preempt conf ... oval:org.secpod.oval:def:1507315 [5.4.17-2136.328.3.el7] - IB/cm: Cancel mad on the DREQ event when the state is MRA_REP_RCVD [Orabug: 36143228] - KSPLICE: make sure the stack is zeroed. [Orabug: 36154654] - sched/fair: Fix tg-gt;load when offlining a CPU [Orabug: 36185207] - i2c: core: Fix atomic xfer check for non-preempt conf ... oval:org.secpod.oval:def:1507316 [5.4.17-2136.328.3.el8uek] - IB/cm: Cancel mad on the DREQ event when the state is MRA_REP_RCVD [Orabug: 36143228] - KSPLICE: make sure the stack is zeroed. [Orabug: 36154654] - sched/fair: Fix tg-gt;load when offlining a CPU [Orabug: 36185207] - i2c: core: Fix atomic xfer check for non-preempt c ... oval:org.secpod.oval:def:3301204 SUSE Security Update: Security update for the Linux Kernel oval:org.secpod.oval:def:89047716 The SUSE Linux Enterprise 15 SP4 kernel was updated. The following security bugs were fixed: - CVE-2022-29900, CVE-2022-29901: Fixed the RETBLEED attack, a new Spectre like Branch Target Buffer attack, that can leak arbitrary kernel information . - CVE-2022-34918: Fixed a buffer overflow with nft_se ... oval:org.secpod.oval:def:19500119 2023-05-11: CVE-2023-2019 was added to this advisory.A flaw was found in the Linux kernel's netdevsim device driver, within the scheduling of events. This issue results from the improper management of a reference count. This may allow an attacker to create a denial of service condition on the system ... oval:org.secpod.oval:def:89048277 The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-13695: Fixed fix acpi operand cache leak in nseval.c . - CVE-2018-7755: Fixed bypass of kernel security protections such as KASLR using fd_locked_ioctl fun ... |