Download
| Alert*
oval:org.secpod.oval:def:1700925
A flaw was found in unrestricted eBPF usage by the BPF_BTF_LOAD, leading to a possible out-of-bounds memory write in the Linux kernel's BPF subsystem due to the way a user loads BTF. This flaw allows a local user to crash or escalate their privileges on the system. A flaw was found in the Linux kern ... oval:org.secpod.oval:def:1701419 A denial of service issue was found in the Linux kernel;rsquo;s smb2_ioctl_query_info function in the fs/cifs/smb2ops.c Common Internet File System due to an incorrect return from the memdup_user function. This flaw allows a local, privileged attacker to crash the system. When the KVM updates the ... oval:org.secpod.oval:def:89046402 The SUSE Linux Enterprise 15 SP2 kernel was updated. The following security bugs were fixed: - CVE-2022-0168: Fixed a NULL pointer dereference in smb2_ioctl_query_info. - CVE-2022-1966: Fixed an use-after-free bug in the netfilter subsystem. This flaw allowed a local attacker with user access to ca ... oval:org.secpod.oval:def:507364 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * off-path attacker may inject data or terminate victim"s TCP session. oval:org.secpod.oval:def:707139 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle Cloud sys ... oval:org.secpod.oval:def:1701423 An issue was discovered in fs/io_uring.c in the Linux kernel through 5.11.8. It allows attackers to cause a denial of service because exit may be waiting to park a SQPOLL thread, but concurrently that SQPOLL thread is waiting for a signal to start, aka CID-3ebba796fa25. A flaw was found in unrestri ... oval:org.secpod.oval:def:1505559 [5.4.17-2136.305.5.5.el8uek] - KVM: x86/mmu: do compare-and-exchange of gPTE via the user address [Orabug: 34034594] {CVE-2022-1158} oval:org.secpod.oval:def:1505558 [5.4.17-2136.305.5.5.el8] - KVM: x86/mmu: do compare-and-exchange of gPTE via the user address [Orabug: 34034594] {CVE-2022-1158} oval:org.secpod.oval:def:1505557 [5.4.17-2136.305.5.5.el7uek] - KVM: x86/mmu: do compare-and-exchange of gPTE via the user address [Orabug: 34034594] {CVE-2022-1158} oval:org.secpod.oval:def:1505556 [5.4.17-2136.305.5.5.el7] - KVM: x86/mmu: do compare-and-exchange of gPTE via the user address [Orabug: 34034594] {CVE-2022-1158} oval:org.secpod.oval:def:707144 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-azure-fde: Linux kernel for Microsoft Azure cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gke: Linux kernel for Go ... oval:org.secpod.oval:def:86470 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle Cloud sys ... oval:org.secpod.oval:def:707143 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gke: Linux kernel for Google Container Engine systems - linux-ibm: Linux kernel for IBM c ... oval:org.secpod.oval:def:94892 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gke: Linux kernel for Google Container Engine systems - linux-ibm: Linux kernel for IBM c ... oval:org.secpod.oval:def:1505561 [5.4.17-2136.306.1.3.el8] - KVM: x86/mmu: do compare-and-exchange of gPTE via the user address [Orabug: 34053807] {CVE-2022-1158} [5.4.17-2136.306.1.2.el8] - Revert rds/ib: recover rds connection from stuck rx path [Orabug: 34045203] [5.4.17-2136.306.1.1.el8] - netfilter: nf_tables: initialize reg ... oval:org.secpod.oval:def:1505566 [5.4.17-2136.306.1.3.el8uek] - KVM: x86/mmu: do compare-and-exchange of gPTE via the user address [Orabug: 34053807] {CVE-2022-1158} [5.4.17-2136.306.1.2.el8uek] - Revert rds/ib: recover rds connection from stuck rx path [Orabug: 34045203] [5.4.17-2136.306.1.1.el8uek] - netfilter: nf_tables: initi ... oval:org.secpod.oval:def:1505565 [5.4.17-2136.306.1.3.el7uek] - KVM: x86/mmu: do compare-and-exchange of gPTE via the user address [Orabug: 34053807] {CVE-2022-1158} [5.4.17-2136.306.1.2.el7uek] - Revert rds/ib: recover rds connection from stuck rx path [Orabug: 34045203] [5.4.17-2136.306.1.1.el7uek] - netfilter: nf_tables: initi ... oval:org.secpod.oval:def:607379 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2021-4197 Eric Biederman reported that incorrect permission checks in the cgroup process migration implementation can allow a local attacker to escala ... oval:org.secpod.oval:def:86469 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-azure-fde: Linux kernel for Microsoft Azure cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gke: Linux kernel for Go ... oval:org.secpod.oval:def:1505567 [5.4.17-2136.306.1.3] - KVM: x86/mmu: do compare-and-exchange of gPTE via the user address [Orabug: 34053807] {CVE-2022-1158} [5.4.17-2136.306.1.2] - Revert "rds/ib: recover rds connection from stuck rx path" [Orabug: 34045203] [5.4.17-2136.306.1.1] - netfilter: nf_tables: initialize registers in ... oval:org.secpod.oval:def:706514 linux-oem-5.14: Linux kernel for OEM systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:88525 linux-oem-5.14: Linux kernel for OEM systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:86388 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2021-4197 Eric Biederman reported that incorrect permission checks in the cgroup process migration implementation can allow a local attacker to escala ... oval:org.secpod.oval:def:3301171 SUSE Security Update: Security update for the Linux Kernel oval:org.secpod.oval:def:89047557 The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-29156: Fixed a double free related to rtrs_clt_dev_release . - CVE-2022-28893: Ensuring that sockets are in the intended state inside the SUNRPC subsystem ... oval:org.secpod.oval:def:1505609 [5.4.17-2136.307.3.1.el8uek] - Revert rds/ib: recover rds connection from stuck tx path [Orabug: 34124233] - Revert rds/ib: reap tx completions during connection shutdown [Orabug: 34124233] - Revert rds/ib: handle posted ACK during connection shutdown [Orabug: 34124233] [5.4.17-2136.307.3.el8uek] ... oval:org.secpod.oval:def:19500119 2023-05-11: CVE-2023-2019 was added to this advisory.A flaw was found in the Linux kernel's netdevsim device driver, within the scheduling of events. This issue results from the improper management of a reference count. This may allow an attacker to create a denial of service condition on the system ... oval:org.secpod.oval:def:1505610 [5.4.17-2136.307.3.1.el7uek] - Revert rds/ib: recover rds connection from stuck tx path [Orabug: 34124233] - Revert rds/ib: reap tx completions during connection shutdown [Orabug: 34124233] - Revert rds/ib: handle posted ACK during connection shutdown [Orabug: 34124233] [5.4.17-2136.307.3.el7uek] ... oval:org.secpod.oval:def:1505612 [5.4.17-2136.307.3.1.el7] - Revert rds/ib: recover rds connection from stuck tx path [Orabug: 34124233] [5.4.17-2136.307.3.el7] - kvm: debugfs: fix memory leak in kvm_create_vm_debugfs [Orabug: 33099019] - KVM: debugfs: Reuse binary stats descriptors [Orabug: 33099019] - KVM: selftests: Add selft ... oval:org.secpod.oval:def:1505611 [5.4.17-2136.307.3.1.el8] - Revert rds/ib: recover rds connection from stuck tx path [Orabug: 34124233] [5.4.17-2136.307.3.el8] - kvm: debugfs: fix memory leak in kvm_create_vm_debugfs [Orabug: 33099019] - KVM: debugfs: Reuse binary stats descriptors [Orabug: 33099019] - KVM: selftests: Add selft ... oval:org.secpod.oval:def:507272 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * off-path attacker may inject data or terminate victim"s TCP session. oval:org.secpod.oval:def:1507165 [5.4.17-2136.325.5.el7] - perf symbols: Symbol lookup with kcore can fail if multiple segments match stext [Orabug: 35905508] - char: misc: Increase the maximum number of dynamic misc devices to 1048448 [Orabug: 35905508] - perf/arm-cmn: Fix invalid pointer when access dtc object sharing the same ... |