Download
| Alert*
oval:org.secpod.oval:def:95192
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2022-4269 William Zhao discovered that a flaw in the Traffic Control subsystem when using a specific networking configuration , may allow a local unp ... oval:org.secpod.oval:def:612616 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2022-4269 William Zhao discovered that a flaw in the Traffic Control subsystem when using a specific networking configuration , may allow a local unp ... oval:org.secpod.oval:def:3301737 Security update for xen oval:org.secpod.oval:def:708443 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-ibm: Linux kernel for IBM cloud systems - linux-kvm: Linux kernel for cloud environments - ... oval:org.secpod.oval:def:708442 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gkeop: Linux kernel for Google Container Engine systems - linux-ibm: Linux kernel for IBM ... oval:org.secpod.oval:def:1507073 [5.4.17-2136.324.5.3.el8] - Revert quot;jbd2: Fix wrongly judgement for buffer head removing while doing checkpointquot; [Orabug: 35896102] [5.4.17-2136.324.5.2.el8] - fix breakage in do_rmdir [Orabug: 35885837] [5.4.17-2136.324.5.1.el8] - x86: KVM: SVM: always update the x2avic msr interception ... oval:org.secpod.oval:def:1507070 [5.4.17-2136.324.5.2.el8uek] - fix breakage in do_rmdir [Orabug: 35885837] [5.4.17-2136.324.5.1.el8uek] - x86: KVM: SVM: always update the x2avic msr interception [Orabug: 35857366] {CVE-2023-5090} [5.4.17-2136.324.5.el8uek] - netfilter: nfnetlink_osf: avoid OOB read - dlm: fix plock lookup when ... oval:org.secpod.oval:def:96403 linux-intel-iotg: Linux kernel for Intel IoT platforms - linux-oracle: Linux kernel for Oracle Cloud systems - linux-intel-iotg-5.15: Linux kernel for Intel IoT platforms - linux-oracle-5.15: Linux kernel for Oracle Cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:1507071 [5.4.17-2136.324.5.3.el7] - Revert quot;jbd2: Fix wrongly judgement for buffer head removing while doing checkpointquot; [Orabug: 35896102] [5.4.17-2136.324.5.2.el7] - fix breakage in do_rmdir [Orabug: 35885837] [5.4.17-2136.324.5.1.el7] - x86: KVM: SVM: always update the x2avic msr interception ... oval:org.secpod.oval:def:3302071 Security update for the Linux Kernel oval:org.secpod.oval:def:89049389 The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-2007: Fixed a flaw in the DPT I2O Controller driver that could allow an attacker to escalate privileges and execute arbitrary code in the context of the ke ... oval:org.secpod.oval:def:1701585 A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality oval:org.secpod.oval:def:126199 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:89049578 This update for xen fixes the following issues: * CVE-2023-20588: Fixed AMD CPU transitional execution leak via division by zero . * CVE-2023-34322: Fixed top-level shadow reference dropped too early for 64-bit PV guests . ## Special Instructions and Notes: * Please reboot the system after install ... oval:org.secpod.oval:def:1701574 A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality oval:org.secpod.oval:def:89049573 This update for xen fixes the following issues: * CVE-2023-20588: Fixed AMD CPU transitional execution leak via division by zero . * CVE-2023-34322: Fixed top-level shadow reference dropped too early for 64-bit PV guests . ## Special Instructions and Notes: * Please reboot the system after install ... oval:org.secpod.oval:def:89051121 This update for xen fixes the following issues: * CVE-2023-20588: AMD CPU transitional execution leak via division by zero . * CVE-2023-34322: top-level shadow reference dropped too early for 64-bit PV guests . * CVE-2023-34325: Multiple vulnerabilities in libfsimage disk handling . * CVE-2023-34 ... oval:org.secpod.oval:def:89051120 This update for xen fixes the following issues: * CVE-2023-20588: AMD CPU transitional execution leak via division by zero . * CVE-2023-34322: top-level shadow reference dropped too early for 64-bit PV guests . * CVE-2023-34325: Multiple vulnerabilities in libfsimage disk handling . * CVE-2023-34 ... oval:org.secpod.oval:def:1601791 A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality oval:org.secpod.oval:def:708467 linux-raspi: Linux kernel for Raspberry Pi systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:94960 linux-oem-6.1: Linux kernel for OEM systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:708460 linux-bluefield: Linux kernel for NVIDIA BlueField platforms - linux-raspi: Linux kernel for Raspberry Pi systems - linux-raspi-5.4: Linux kernel for Raspberry Pi systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:97879 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2023-1206 It was discovered that the networking stack permits attackers to force hash collisions in the IPv6 connection lookup table, which may result ... oval:org.secpod.oval:def:3301917 Security update for xen oval:org.secpod.oval:def:94961 linux-raspi: Linux kernel for Raspberry Pi systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:96393 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-azure-fde: Linux kernel for Microsoft Azure CVM cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gke: Linux kernel fo ... oval:org.secpod.oval:def:96390 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-ibm: Linux kernel for IBM cloud systems - linux-kvm: Linux kernel for cloud environments - ... oval:org.secpod.oval:def:95020 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gkeop: Linux kernel for Google Container Engine systems - linux-ibm: Linux kernel for IBM ... oval:org.secpod.oval:def:1507057 [5.15.0-106.131.4.el9uek] - jbd2: check "jh-gt;b_transaction" before removing it from checkpoint - jbd2: fix checkpoint cleanup performance regression - scsi: qla2xxx: Fix TMF leak through - scsi: qla2xxx: Fix command flush during TMF - scsi: qla2xxx: Limit TMF to 8 per function - Revert quot;d ... oval:org.secpod.oval:def:1507058 [5.15.0-106.131.4.el8uek] - jbd2: check "jh-gt;b_transaction" before removing it from checkpoint - jbd2: fix checkpoint cleanup performance regression - scsi: qla2xxx: Fix TMF leak through - scsi: qla2xxx: Fix command flush during TMF - scsi: qla2xxx: Limit TMF to 8 per function - Revert quot;d ... oval:org.secpod.oval:def:89050942 The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-1077: Fixed a type confusion in pick_next_rt_entity that could cause memory corruption . * CVE-2023-4623: Fixed a use-after-free issue in the HFSC network ... oval:org.secpod.oval:def:89049392 The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2022-36402: Fixed an integer overflow vulnerability in vmwgfx driver in that allowed a local attacker with a user account on the system to gain privilege, causi ... oval:org.secpod.oval:def:97408 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2023-1206 It was discovered that the networking stack permits attackers to force hash collisions in the IPv6 connection lookup table, which may result ... oval:org.secpod.oval:def:95024 linux-bluefield: Linux kernel for NVIDIA BlueField platforms - linux-raspi: Linux kernel for Raspberry Pi systems - linux-raspi-5.4: Linux kernel for Raspberry Pi systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:708496 linux-intel-iotg: Linux kernel for Intel IoT platforms - linux-oracle: Linux kernel for Oracle Cloud systems - linux-intel-iotg-5.15: Linux kernel for Intel IoT platforms - linux-oracle-5.15: Linux kernel for Oracle Cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:708452 linux-oem-6.1: Linux kernel for OEM systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:1507065 [5.4.17-2136.324.5.3.el7uek] - Revert quot;jbd2: Fix wrongly judgement for buffer head removing while doing checkpointquot; [Orabug: 35896102] [5.4.17-2136.324.5.2.el7uek] - fix breakage in do_rmdir [Orabug: 35885837] [5.4.17-2136.324.5.1.el7uek] - x86: KVM: SVM: always update the x2avic msr inter ... oval:org.secpod.oval:def:708451 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-azure-fde: Linux kernel for Microsoft Azure CVM cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gke: Linux kernel fo ... oval:org.secpod.oval:def:1507227 [5.14.0-362.13.1.el9_3.OL9] - x86/retpoline: Document some thunk handling aspects {CVE-2023-20569} - objtool: Fix return thunk patching in retpolines {CVE-2023-20569} - x86/srso: Remove unnecessary semicolon {CVE-2023-20569} - x86/calldepth: Rename __x86_return_skl to call_depth_return_thunk {CV ... oval:org.secpod.oval:def:95791 AMD: CVE-2023-20588 AMD Speculative Leaks Security Notice. The vulnerability assigned to this CVE is in certain processor models offered by AMD. The mitigation for this vulnerability requires a Windows update. This CVE is being documented in the Security Update Guide to announce that the latest buil ... oval:org.secpod.oval:def:1507145 [5.4.17-2136.325.5.el8uek] - perf symbols: Symbol lookup with kcore can fail if multiple segments match stext [Orabug: 35905508] - char: misc: Increase the maximum number of dynamic misc devices to 1048448 [Orabug: 35905508] - perf/arm-cmn: Fix invalid pointer when access dtc object sharing the sa ... oval:org.secpod.oval:def:1507146 [5.4.17-2136.325.5.el7uek] - perf symbols: Symbol lookup with kcore can fail if multiple segments match stext [Orabug: 35905508] - char: misc: Increase the maximum number of dynamic misc devices to 1048448 [Orabug: 35905508] - perf/arm-cmn: Fix invalid pointer when access dtc object sharing the sa ... oval:org.secpod.oval:def:126300 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:95835 The host is missing a critical security update for KB5033383 oval:org.secpod.oval:def:95832 The host is missing a critical security update for KB5033375 oval:org.secpod.oval:def:95830 The host is missing a critical security update for KB5033372 oval:org.secpod.oval:def:95829 The host is missing a critical security update for KB5033371 oval:org.secpod.oval:def:95828 The host is missing a critical security update for KB5033369 oval:org.secpod.oval:def:95827 The host is missing a critical security update for KB5033118 oval:org.secpod.oval:def:95837 The host is missing a critical security update for KB5033422 oval:org.secpod.oval:def:95836 The host is missing a critical security update for KB5033420 oval:org.secpod.oval:def:95834 The host is missing a critical security update for KB5033379 oval:org.secpod.oval:def:95839 The host is missing a critical security update for KB5033427 oval:org.secpod.oval:def:95838 The host is missing a critical security update for KB5033424 oval:org.secpod.oval:def:95831 The host is missing a critical security update for KB5033373 oval:org.secpod.oval:def:95840 The host is missing a critical security update for KB5033429 oval:org.secpod.oval:def:95841 The host is missing a critical security update for KB5033433 oval:org.secpod.oval:def:19500387 A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality. A buffer overrun vulnerability was found in the netback driver in Xen due to an unusual split packet. This flaw allows an unprivileged guest to cause a denial of service of ... oval:org.secpod.oval:def:1701575 A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality. A use-after-free vulnerability was found in the Linux kernel's netfilter subsystem in net/netfilter/nf_tables_api.c.Mishandled error handling with NFT_MSG_NEWRULE makes it po ... oval:org.secpod.oval:def:1701573 A Gather Data Sampling transient execution side-channel vulnerability was found affecting certain Intel processors. This issue may allow a local attacker using gather instruction to infer stale data from previously used vector registers on the same physical core. A division-by-zero error on some A ... oval:org.secpod.oval:def:708564 linux-nvidia-6.2: Linux kernel for NVIDIA systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:94971 linux-nvidia-6.2: Linux kernel for NVIDIA systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:3302074 Security update for the Linux Kernel oval:org.secpod.oval:def:3301981 Security update for the Linux Kernel oval:org.secpod.oval:def:3302314 Security update for the Linux Kernel oval:org.secpod.oval:def:89049388 The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2022-36402: Fixed an integer overflow vulnerability in vmwgfx driver in that allowed a local attacker with a user account on the system to gain privilege, ... oval:org.secpod.oval:def:3301781 Security update for the Linux Kernel oval:org.secpod.oval:def:3301725 Security update for the Linux Kernel oval:org.secpod.oval:def:3302261 Security update for the Linux Kernel oval:org.secpod.oval:def:89051080 The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-37453: Fixed oversight in SuperSpeed initialization . * CVE-2023-4569: Fixed information leak in nft_set_catchall_flush in net/netfilter/nf_tables_api.c . ... oval:org.secpod.oval:def:89051081 The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security and bugfixes. NOTE: This update was retracted due to severe USB problems. The following security bugs were fixed: * CVE-2023-37453: Fixed oversight in SuperSpeed initialization . * CVE-2023-4569: Fixed information leak i ... oval:org.secpod.oval:def:3302096 Security update for the Linux Kernel oval:org.secpod.oval:def:3301720 Security update for the Linux Kernel oval:org.secpod.oval:def:89051078 The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-2007: Fixed a flaw in the DPT I2O Controller driver that could allow an attacker to escalate privileges and execute arbitrary code in the context of the ke ... oval:org.secpod.oval:def:89051073 The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2022-38457: Fixed a use-after-free vulnerability in vmwgfx driver that allowed a local attacker to cause a denial of service . * CVE-2022-40133: Fixed a use-aft ... oval:org.secpod.oval:def:89051074 The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security and bugfixes. NOTE: This update was retracted due to severe USB regressions. The following security bugs were fixed: * CVE-2022-38457: Fixed a use-after-free vulnerability in vmwgfx driver that allowed a local attacker t ... oval:org.secpod.oval:def:89051072 The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2022-38457: Fixed a use-after-free vulnerability in vmwgfx driver that allowed a local attacker to cause a denial of service . * CVE-2022-40133: Fixed a use-aft ... oval:org.secpod.oval:def:3302285 Security update for the Linux Kernel oval:org.secpod.oval:def:89050977 The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2022-36402: Fixed an integer overflow vulnerability in vmwgfx driver in that allowed a local attacker with a user account on the system to gain privilege, causi ... oval:org.secpod.oval:def:89049396 The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2022-36402: Fixed an integer overflow vulnerability in vmwgfx driver in that allowed a local attacker with a user account on the system to gain privilege, causi ... oval:org.secpod.oval:def:1507165 [5.4.17-2136.325.5.el7] - perf symbols: Symbol lookup with kcore can fail if multiple segments match stext [Orabug: 35905508] - char: misc: Increase the maximum number of dynamic misc devices to 1048448 [Orabug: 35905508] - perf/arm-cmn: Fix invalid pointer when access dtc object sharing the same ... |