Download
| Alert*
oval:org.secpod.oval:def:1701101
A memory overflow vulnerability was found in the Linux kernel's ipc functionality of the memcg subsystem, in the way a user calls the semget function multiple times, creating semaphores. This flaw allows a local user to starve the resources, causing a denial of service. The highest threat from this ... oval:org.secpod.oval:def:1701093 A memory overflow vulnerability was found in the Linux kernel's ipc functionality of the memcg subsystem, in the way a user calls the semget function multiple times, creating semaphores. This flaw allows a local user to starve the resources, causing a denial of service. The highest threat from this ... oval:org.secpod.oval:def:706187 linux-oem-5.10: Linux kernel for OEM systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:2500747 The kernel packages contain the Linux kernel, the core of any Linux operating system. oval:org.secpod.oval:def:706183 linux-oem-5.13: Linux kernel for OEM systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:506895 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: fget: check that the fd still exists after getting a ref to it * kernel: avoid cyclic entity chains due to malformed USB descriptors * kernel: speculation on incompletely validated data on ... oval:org.secpod.oval:def:1505650 [4.18.0-372.9.1.OL8] - Update Oracle Linux certificates - Disable signing for aarch64 - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 [4.18.0-372.9.1] - scsi: qedi: F ... oval:org.secpod.oval:def:76586 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems - linux-dell300x: Linux kernel for Dell 300x platforms - linux-gcp-4.15: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for clo ... oval:org.secpod.oval:def:76585 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle Cloud sys ... oval:org.secpod.oval:def:75991 linux-oem-5.10: Linux kernel for OEM systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:4500964 The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix: * kernel: fget: check that the fd still exists after getting a ref to it * kernel: avoid cyclic entity chains due to malformed USB descriptors ... oval:org.secpod.oval:def:89045643 The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-9517: Fixed possible memory corruption due to a use after free in pppol2tp_connect . - CVE-2019-3874: Fixed possible denial of service attack via SCT ... oval:org.secpod.oval:def:89047127 The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-3640: Fixed a Use-After-Free vulnerability in function sco_sock_sendmsg in the bluetooth stack . - CVE-2021-3653: Missing validation of the `int_ctl` VMCB ... oval:org.secpod.oval:def:89049468 The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-3759: Unaccounted ipc objects in Linux kernel could have lead to breaking memcg limits and DoS attacks . - CVE-2021-38160: Data corruption or loss could be ... oval:org.secpod.oval:def:89045681 The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-9517: Fixed possible memory corruption due to a use after free in pppol2tp_connect . - CVE-2019-3874: Fixed possible denial of service attack via SCTP sock ... oval:org.secpod.oval:def:706207 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gke: Linux kernel for Google Container Engine systems - linux-gkeop: Linux kernel for Goo ... oval:org.secpod.oval:def:706206 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle Cloud sys ... oval:org.secpod.oval:def:706208 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems - linux-dell300x: Linux kernel for Dell 300x platforms - linux-gcp-4.15: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for clo ... oval:org.secpod.oval:def:89047094 The SUSE Linux Enterprise 15 SP3 kernel was updated. The following security bugs were fixed: - CVE-2020-3702: Fixed a bug which could be triggered with specifically timed and handcrafted traffic and cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a conseque ... oval:org.secpod.oval:def:706212 linux-bluefield: Linux kernel for NVIDIA BlueField platforms - linux-oracle: Linux kernel for Oracle Cloud systems - linux-gke-5.4: Linux kernel for Google Container Engine systems - linux-oracle-5.4: Linux kernel for Oracle Cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:4501055 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: fget: check that the fd still exists after getting a ref to it * kernel: avoid cyclic entity chains due to malformed USB descriptors * kernel: speculation on incompletely validated data on ... oval:org.secpod.oval:def:76588 linux-bluefield: Linux kernel for NVIDIA BlueField platforms - linux-oracle: Linux kernel for Oracle Cloud systems - linux-gke-5.4: Linux kernel for Google Container Engine systems - linux-oracle-5.4: Linux kernel for Oracle Cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:75993 linux-oem-5.13: Linux kernel for OEM systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:76587 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gke: Linux kernel for Google Container Engine systems - linux-gkeop: Linux kernel for Goo ... oval:org.secpod.oval:def:76583 linux-azure-5.8: Linux kernel for Microsoft Azure cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:89045829 The SUSE Linux Enterprise 15 SP1 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - Unprivileged BPF has been disabled by default to reduce attack surface as too many security issues have happened in the past You can reenable via systemctl se ... oval:org.secpod.oval:def:89045869 The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - Unprivileged BPF has been disabled by default to reduce attack surface as too many security issues have happened in the past You can reenable via systemctl setting ... oval:org.secpod.oval:def:706193 linux-azure-5.8: Linux kernel for Microsoft Azure cloud systems Several security issues were fixed in the Linux kernel. |