Download
| Alert*
oval:org.secpod.oval:def:1505470
- 5.4.17-2136.304.4.4.el8 - arm64: Use the clearbhb instruction in mitigations [Orabug: 33921646] - arm64: add ID_AA64ISAR2_EL1 sys register [Orabug: 33921646] - KVM: arm64: Allow SMCCC_ARCH_WORKAROUND_3 to be discovered and migrated [Orabug: 33921646] - arm64: Mitigate spectre style branch histo ... oval:org.secpod.oval:def:1505474 [5.4.17-2136.304.4.4.el7uek] - arm64: Use the clearbhb instruction in mitigations [Orabug: 33921646] - arm64: add ID_AA64ISAR2_EL1 sys register [Orabug: 33921646] - KVM: arm64: Allow SMCCC_ARCH_WORKAROUND_3 to be discovered and migrated [Orabug: 33921646] - arm64: Mitigate spectre style branch hi ... oval:org.secpod.oval:def:1505473 [5.4.17-2136.304.4.4.el8uek] - arm64: Use the clearbhb instruction in mitigations [Orabug: 33921646] - arm64: add ID_AA64ISAR2_EL1 sys register [Orabug: 33921646] - KVM: arm64: Allow SMCCC_ARCH_WORKAROUND_3 to be discovered and migrated [Orabug: 33921646] - arm64: Mitigate spectre style branch hi ... oval:org.secpod.oval:def:1505472 - 5.4.17-2136.304.4.4.el7 - arm64: Use the clearbhb instruction in mitigations [Orabug: 33921646] - arm64: add ID_AA64ISAR2_EL1 sys register [Orabug: 33921646] - KVM: arm64: Allow SMCCC_ARCH_WORKAROUND_3 to be discovered and migrated [Orabug: 33921646] - arm64: Mitigate spectre style branch histo ... oval:org.secpod.oval:def:89046878 The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-26341: Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage . - CVE-2021-33655: Fixed o ... oval:org.secpod.oval:def:1505471 [4.14.35-2047.511.5.4.el7uek] - x86/speculation: Add knob for eibrs_retpoline_enabled [Orabug: 33922122] {CVE-2021-26341} - x86/speculation: Extend our code to properly support eibrs+lfence and eibrs+retpoline [Orabug: 33922122] {CVE-2021-26341} - x86/speculation: Update link to AMD speculation wh ... oval:org.secpod.oval:def:1505529 - 4.14.35-2047.511.5.4.el7 - x86/speculation: Add knob for eibrs_retpoline_enabled [Orabug: 33922122] {CVE-2021-26341} - x86/speculation: Extend our code to properly support eibrs+lfence and eibrs+retpoline [Orabug: 33922122] {CVE-2021-26341} - x86/speculation: Update link to AMD speculation white ... oval:org.secpod.oval:def:1700863 Amazon Linux has been made aware of a potential Branch Target Injection issue . This is a known cross-domain transient execution attack where a third party may seek to cause a disclosure gadget to be speculatively executed after an indirect branch prediction. Generally, actors who attempt transient ... oval:org.secpod.oval:def:2600199 The kernel packages contain the Linux kernel, the core of any Linux operating system. oval:org.secpod.oval:def:3301117 SUSE Security Update: Security update for the Linux Kernel oval:org.secpod.oval:def:3300524 SUSE Security Update: Security update for the Linux Kernel oval:org.secpod.oval:def:1506784 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:89046876 The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-36557: Fixed a race condition between the VT_DISALLOCATE ioctl and closing/opening of ttys could lead to a use-after-free . - CVE-2020-36558: Fixed a race ... oval:org.secpod.oval:def:89046794 The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-29900, CVE-2022-29901: Fixed the RETBLEED attack, a new Spectre like Branch Target Buffer attack, that can leak arbitrary kernel information . - CVE-2022-1 ... oval:org.secpod.oval:def:89047345 The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-29900, CVE-2022-29901: Fixed the RETBLEED attack, a new Spectre like Branch Target Buffer attack, that can leak arbitrary kernel information . - CVE-2022-3 ... oval:org.secpod.oval:def:89048277 The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-13695: Fixed fix acpi operand cache leak in nseval.c . - CVE-2018-7755: Fixed bypass of kernel security protections such as KASLR using fd_locked_ioctl fun ... oval:org.secpod.oval:def:89046790 The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-29900, CVE-2022-29901: Fixed the RETBLEED attack, a new Spectre like Branch Target Buffer attack, that can leak arbitrary kernel information . - CVE-2022-1 ... oval:org.secpod.oval:def:89046791 The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-29900, CVE-2022-29901: Fixed the RETBLEED attack, a new Spectre like Branch Target Buffer attack, that can leak arbitrary kernel information . - CVE-2022-1679: ... oval:org.secpod.oval:def:3301120 SUSE Security Update: Security update for the Linux Kernel oval:org.secpod.oval:def:3301204 SUSE Security Update: Security update for the Linux Kernel oval:org.secpod.oval:def:2600221 The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. oval:org.secpod.oval:def:507697 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * use-after-free in l2cap_connect and l2cap_le_connect_req in net/bluetooth/l2cap_core.c * net/ulp: use-after-free in listening ULP sockets * cpu: AMD CPUs may transiently execute beyond uncondition ... oval:org.secpod.oval:def:89047716 The SUSE Linux Enterprise 15 SP4 kernel was updated. The following security bugs were fixed: - CVE-2022-29900, CVE-2022-29901: Fixed the RETBLEED attack, a new Spectre like Branch Target Buffer attack, that can leak arbitrary kernel information . - CVE-2022-34918: Fixed a buffer overflow with nft_se ... oval:org.secpod.oval:def:2501079 The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. oval:org.secpod.oval:def:507734 The kernel packages contain the Linux kernel, the core of any Linux operating system. The following packages have been upgraded to a later upstream version: kernel . Security Fix: * use-after-free caused by l2cap_reassemble_sdu in net/bluetooth/l2cap_core.c * net/ulp: use-after-free in listening U ... oval:org.secpod.oval:def:89046800 The SUSE Linux Enterprise 12 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-29900, CVE-2022-29901: Fixed the RETBLEED attack, a new Spectre like Branch Target Buffer attack, that can leak arbitrary kernel information . - CVE-2022-1 ... oval:org.secpod.oval:def:89046787 The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-29900, CVE-2022-29901: Fixed the RETBLEED attack, a new Spectre like Branch Target Buffer attack, that can leak arbitrary kernel information . - CVE-2022-1 ... oval:org.secpod.oval:def:1506672 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:89047574 The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-29900, CVE-2022-29901: Fixed the RETBLEED attack, a new Spectre like Branch Target Buffer attack, that can leak arbitrary kernel information . - CVE-2022-3 ... oval:org.secpod.oval:def:3300664 SUSE Security Update: Security update for the Linux Kernel oval:org.secpod.oval:def:89046780 The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-29900, CVE-2022-29901: Fixed the RETBLEED attack, a new Spectre like Branch Target Buffer attack, that can leak arbitrary kernel information . - CVE-2022-1 ... oval:org.secpod.oval:def:2501099 The kernel packages contain the Linux kernel, the core of any Linux operating system. oval:org.secpod.oval:def:1505561 [5.4.17-2136.306.1.3.el8] - KVM: x86/mmu: do compare-and-exchange of gPTE via the user address [Orabug: 34053807] {CVE-2022-1158} [5.4.17-2136.306.1.2.el8] - Revert rds/ib: recover rds connection from stuck rx path [Orabug: 34045203] [5.4.17-2136.306.1.1.el8] - netfilter: nf_tables: initialize reg ... oval:org.secpod.oval:def:1505566 [5.4.17-2136.306.1.3.el8uek] - KVM: x86/mmu: do compare-and-exchange of gPTE via the user address [Orabug: 34053807] {CVE-2022-1158} [5.4.17-2136.306.1.2.el8uek] - Revert rds/ib: recover rds connection from stuck rx path [Orabug: 34045203] [5.4.17-2136.306.1.1.el8uek] - netfilter: nf_tables: initi ... oval:org.secpod.oval:def:89046865 The SUSE Linux Enterprise 15 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-36557: Fixed race condition between the VT_DISALLOCATE ioctl and closing/opening of ttys that could lead to a use-after-free . - CVE-2020-36558: Fixed rac ... oval:org.secpod.oval:def:1505565 [5.4.17-2136.306.1.3.el7uek] - KVM: x86/mmu: do compare-and-exchange of gPTE via the user address [Orabug: 34053807] {CVE-2022-1158} [5.4.17-2136.306.1.2.el7uek] - Revert rds/ib: recover rds connection from stuck rx path [Orabug: 34045203] [5.4.17-2136.306.1.1.el7uek] - netfilter: nf_tables: initi ... oval:org.secpod.oval:def:1505567 [5.4.17-2136.306.1.3] - KVM: x86/mmu: do compare-and-exchange of gPTE via the user address [Orabug: 34053807] {CVE-2022-1158} [5.4.17-2136.306.1.2] - Revert "rds/ib: recover rds connection from stuck rx path" [Orabug: 34045203] [5.4.17-2136.306.1.1] - netfilter: nf_tables: initialize registers in ... oval:org.secpod.oval:def:1505511 [5.4.17-2136.305.5.3.el7] - bpf: fix out-of-tree module build oval:org.secpod.oval:def:1505514 [5.4.17-2136.305.5.3.el8] - bpf: fix out-of-tree module build oval:org.secpod.oval:def:1601520 Amazon Linux has been made aware of a potential Branch Target Injection issue . This is a known cross-domain transient execution attack where a third party may seek to cause a disclosure gadget to be speculatively executed after an indirect branch prediction. Generally, actors who attempt transient ... oval:org.secpod.oval:def:1700867 Amazon Linux has been made aware of a potential Branch Target Injection issue . This is a known cross-domain transient execution attack where a third party may seek to cause a disclosure gadget to be speculatively executed after an indirect branch prediction. Generally, actors who attempt transient ... oval:org.secpod.oval:def:19500119 2023-05-11: CVE-2023-2019 was added to this advisory.A flaw was found in the Linux kernel's netdevsim device driver, within the scheduling of events. This issue results from the improper management of a reference count. This may allow an attacker to create a denial of service condition on the system ... oval:org.secpod.oval:def:1700859 Amazon Linux has been made aware of a potential Branch Target Injection issue . This is a known cross-domain transient execution attack where a third party may seek to cause a disclosure gadget to be speculatively executed after an indirect branch prediction. Generally, actors who attempt transient ... |