Download
| Alert*
oval:org.secpod.oval:def:708401
linux-azure: Linux kernel for Microsoft Azure Cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:508048 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: kernel: net/sched: cls_u32 component reference counter leak if tcf_change_indev fails kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route ke ... oval:org.secpod.oval:def:95009 linux-azure: Linux kernel for Microsoft Azure Cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:2501253 The kernel packages contain the Linux kernel, the core of any Linux operating system. oval:org.secpod.oval:def:95189 This update ships updated CPU microcode for some types of Intel CPUs and provides mitigations for security vulnerabilities. CVE-2022-40982 Daniel Moghimi discovered Gather Data Sampling , a hardware vulnerability which allows unprivileged speculative access to data which was previously stored in vec ... oval:org.secpod.oval:def:95188 CVE-2022-40982 Daniel Moghimi discovered Gather Data Sampling , a hardware vulnerability for Intel CPUs which allows unprivileged speculative access to data which was previously stored in vector registers. This mitigation requires updated CPU microcode provided in the intel-microcode package. For de ... oval:org.secpod.oval:def:89049348 This update for xen fixes the following issues: Update to Xen 4.13.5 bug fix release . * CVE-2023-20569: Fixed x86/AMD Speculative Return Stack Overflow . * CVE-2022-40982: Fixed x86/Intel Gather Data Sampling . * CVE-2023-20593: Fixed x86/AMD Zenbleed . oval:org.secpod.oval:def:89049347 This update for xen fixes the following issues: * CVE-2023-20569: Fixed x86/AMD Speculative Return Stack Overflow . * CVE-2022-40982: Fixed x86/Intel Gather Data Sampling . * CVE-2023-20593: Fixed x86/AMD Zenbleed . oval:org.secpod.oval:def:89049346 This update for xen fixes the following issues: * CVE-2023-20569: Fixed x86/AMD Speculative Return Stack Overflow . * CVE-2022-40982: Fixed x86/Intel Gather Data Sampling . * CVE-2023-20593: Fixed x86/AMD Zenbleed . oval:org.secpod.oval:def:708411 linux-raspi: Linux kernel for Raspberry Pi systems - linux-intel-iotg-5.15: Linux kernel for Intel IoT platforms Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:708400 linux-gcp-5.15: Linux kernel for Google Cloud Platform systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:708407 linux-raspi: Linux kernel for Raspberry Pi systems - linux-raspi-5.4: Linux kernel for Raspberry Pi systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:97746 [CLSA-2023:1693410662] microcode_ctl: Fix of CVE-2022-40982 oval:org.secpod.oval:def:95537 Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. oval:org.secpod.oval:def:1701509 A Gather Data Sampling transient execution side-channel vulnerability was found affecting certain Intel processors. This issue may allow a local attacker using gather instruction to infer stale data from previously used vector registers on the same physical core oval:org.secpod.oval:def:89049306 This update for xen fixes the following issues: * CVE-2023-20569: Fixed side channel attack Inception or RAS Poisoning. * CVE-2022-40982: Fixed transient execution attack called 'Gather Data Sampling'. * CVE-2023-20593: Fixed a ZenBleed issue in 'Zen 2' CPUs that could allow an attacker to potenti ... oval:org.secpod.oval:def:94954 linux-oem-6.1: Linux kernel for OEM systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:3301997 Security update for xen oval:org.secpod.oval:def:206057 Security Fix: kernel: net/sched: sch_qfq component can be exploited if in qfq_change_agg function happens qfq_enqueue overhead kernel: net/sched: cls_fw component can be exploited as result of failure in tcf_change_indev function kernel: net/sched: Use-after-free vulnerabilities in the net/sched c ... oval:org.secpod.oval:def:89049322 This update for xen fixes the following issues: * CVE-2023-20569: Fixed side channel attack Inception or RAS Poisoning. * CVE-2022-40982: Fixed transient execution attack called "Gather Data Sampling". * CVE-2023-20593: Fixed a ZenBleed issue in "Zen 2" CPUs that could allow an attacker to potenti ... oval:org.secpod.oval:def:1507145 [5.4.17-2136.325.5.el8uek] - perf symbols: Symbol lookup with kcore can fail if multiple segments match stext [Orabug: 35905508] - char: misc: Increase the maximum number of dynamic misc devices to 1048448 [Orabug: 35905508] - perf/arm-cmn: Fix invalid pointer when access dtc object sharing the sa ... oval:org.secpod.oval:def:1507146 [5.4.17-2136.325.5.el7uek] - perf symbols: Symbol lookup with kcore can fail if multiple segments match stext [Orabug: 35905508] - char: misc: Increase the maximum number of dynamic misc devices to 1048448 [Orabug: 35905508] - perf/arm-cmn: Fix invalid pointer when access dtc object sharing the sa ... oval:org.secpod.oval:def:708399 linux-oracle: Linux kernel for Oracle Cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:708394 linux-intel-iotg: Linux kernel for Intel IoT platforms - linux-gkeop-5.15: Linux kernel for Google Container Engine systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:708396 linux-gkeop: Linux kernel for Google Container Engine systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:708391 linux-gcp: Linux kernel for Google Cloud Platform systems - linux-starfive: Linux kernel for StarFive processors Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:89049256 This update for ucode-intel fixes the following issues: * Updated to Intel CPU Microcode 20230808 release. * CVE-2022-40982: Fixed a potential security vulnerability in some Intel, Processors which may allow information disclosure. * CVE-2023-23908: Fixed a potential security vulnerability in some ... oval:org.secpod.oval:def:708387 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle Cloud systems - linux-xilinx-zynqmp: Linux kernel for Xilinx ZynqMP pro ... oval:org.secpod.oval:def:708384 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gke: Linux kernel for Google Container Engine systems - linux-gkeop: Linux kernel for Google Container Engine systems - linux-ibm: Linux kernel for IB ... oval:org.secpod.oval:def:708383 linux-oem-6.1: Linux kernel for OEM systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:708385 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-ibm: Linux kernel for IBM cloud systems - linux-kvm: Linux kernel for cloud environments - linux-lowlatency: Linux low latency kernel - linux-raspi: Li ... oval:org.secpod.oval:def:96368 linux-intel-iotg: Linux kernel for Intel IoT platforms - linux-gkeop-5.15: Linux kernel for Google Container Engine systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:96365 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-ibm: Linux kernel for IBM cloud systems - linux-kvm: Linux kernel for cloud environments - linux-lowlatency: Linux low latency kernel - linux-raspi: Li ... oval:org.secpod.oval:def:95286 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: net/sched: sch_qfq component can be exploited if in qfq_change_agg function happens qfq_enqueue overhead (CVE-2023-3611) * kernel: net/sched: cls_fw component can be exploited as result ... oval:org.secpod.oval:def:96374 linux-raspi: Linux kernel for Raspberry Pi systems - linux-intel-iotg-5.15: Linux kernel for Intel IoT platforms Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:708355 intel-microcode: Processor microcode for Intel CPUs Several security issues were fixed in Intel Microcode. oval:org.secpod.oval:def:1507164 [3.10.0-1160.105.1.0.1.el7.OL7] - debug: lock down kgdb [Orabug: 34270798] {CVE-2022-21499} [3.10.0-1160.105.1.el7.OL7] - Update Oracle Linux certificates - Oracle Linux RHCK Module Signing Key was compiled into kernel - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 = ... oval:org.secpod.oval:def:612611 This update ships updated CPU microcode for some types of Intel CPUs and provides mitigations for security vulnerabilities. CVE-2022-40982 Daniel Moghimi discovered Gather Data Sampling , a hardware vulnerability which allows unprivileged speculative access to data which was previously stored in vec ... oval:org.secpod.oval:def:96364 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gke: Linux kernel for Google Container Engine systems - linux-gkeop: Linux kernel for Google Container Engine systems - linux-ibm: Linux kernel for IB ... oval:org.secpod.oval:def:612610 CVE-2022-40982 Daniel Moghimi discovered Gather Data Sampling , a hardware vulnerability for Intel CPUs which allows unprivileged speculative access to data which was previously stored in vector registers. This mitigation requires updated CPU microcode provided in the intel-microcode package. For de ... oval:org.secpod.oval:def:95004 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle Cloud systems - linux-xilinx-zynqmp: Linux kernel for Xilinx ZynqMP pro ... oval:org.secpod.oval:def:95008 linux-gcp-5.15: Linux kernel for Google Cloud Platform systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:95007 linux-gkeop: Linux kernel for Google Container Engine systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:1506952 [4:20230214-2.0.3] - update 06-55-04 to 0x2007006 - update 06-55-06 to 0x4003604 - update 06-55-07 to 0x5003604 - update 06-6a-06 to 0xd0003a5 - Resolves for Oracle hardware: {CVE-2022-40982} [Orabug: 35692741] oval:org.secpod.oval:def:95011 linux-raspi: Linux kernel for Raspberry Pi systems - linux-raspi-5.4: Linux kernel for Raspberry Pi systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:1506959 [4:20220809-2.20230214.1.0.3] - update 06-55-04 to 0x2007006 - update 06-55-06 to 0x4003604 - update 06-55-07 to 0x5003604 - update 06-6a-06 to 0xd0003a5 - Resolves for Oracle hardware: {CVE-2022-40982} [Orabug: 35692740] oval:org.secpod.oval:def:1506953 [2:2.1-73.15.0.6] - also rebuild initramfs for kernel-ueknano [Orabug: 35698043] [2:2.1-73.15.0.5] - update 06-55-04 to 0x2007006 - update 06-55-06 to 0x4003604 - update 06-55-07 to 0x5003604 - update 06-6a-06 to 0xd0003a5 - Resolves for Oracle hardware: {CVE-2022-40982} [Orabug: 35692745] [2:2.1-73 ... oval:org.secpod.oval:def:93255 intel-microcode: Processor microcode for Intel CPUs Several security issues were fixed in Intel Microcode. oval:org.secpod.oval:def:89049295 This update for ucode-intel fixes the following issues: * Updated to Intel CPU Microcode 20230808 release. * CVE-2022-40982: Fixed a potential security vulnerability in some Intel, Processors which may allow information disclosure. * CVE-2023-23908: Fixed a potential security vulnerability in some ... oval:org.secpod.oval:def:89049291 This update for ucode-intel fixes the following issues: * Updated to Intel CPU Microcode 20230808 release. * CVE-2022-40982: Fixed a potential security vulnerability in some Intel, Processors which may allow information disclosure. * CVE-2023-23908: Fixed a potential security vulnerability in some ... oval:org.secpod.oval:def:89049296 This update for ucode-intel fixes the following issues: * Updated to Intel CPU Microcode 20230808 release. * CVE-2022-40982: Fixed a potential security vulnerability in some Intel, Processors which may allow information disclosure. * CVE-2023-23908: Fixed a potential security vulnerability in some ... oval:org.secpod.oval:def:19500322 A Gather Data Sampling transient execution side-channel vulnerability was found affecting certain Intel processors. This issue may allow a local attacker using gather instruction to infer stale data from previously used vector registers on the same physical core oval:org.secpod.oval:def:1506982 [5.4.17-2136.323.8.el8uek] - vhost-scsi: Fix alignment handling with windows [Orabug: 35769318] - Revert vhost/scsi: support non zerocopy iovecs [Orabug: 35769318] [5.4.17-2136.323.7.el8uek] - x86: change default to spec_store_bypass_disable=prctl spectre_v2_user=prctl [Orabug: 35725160] - KVM: S ... oval:org.secpod.oval:def:1506983 [5.4.17-2136.323.8.el8] - vhost-scsi: Fix alignment handling with windows [Orabug: 35769318] - Revert vhost/scsi: support non zerocopy iovecs [Orabug: 35769318] [5.4.17-2136.323.7.el8] - x86: change default to spec_store_bypass_disable=prctl spectre_v2_user=prctl [Orabug: 35725160] - KVM: SVM: Ad ... oval:org.secpod.oval:def:1506985 [5.4.17-2136.323.8.el7uek] - vhost-scsi: Fix alignment handling with windows [Orabug: 35769318] - Revert vhost/scsi: support non zerocopy iovecs [Orabug: 35769318] [5.4.17-2136.323.7.el7uek] - x86: change default to spec_store_bypass_disable=prctl spectre_v2_user=prctl [Orabug: 35725160] - KVM: S ... oval:org.secpod.oval:def:1506986 [5.4.17-2136.323.8.el7] - vhost-scsi: Fix alignment handling with windows [Orabug: 35769318] - Revert vhost/scsi: support non zerocopy iovecs [Orabug: 35769318] [5.4.17-2136.323.7.el7] - x86: change default to spec_store_bypass_disable=prctl spectre_v2_user=prctl [Orabug: 35725160] - KVM: SVM: Ad ... oval:org.secpod.oval:def:1506995 gcc [11.3.1-4.3.0.4] - CVE-2023-4039 GCC mitigation. Orabug 35751837. - CVE-2022-40982 Intel Downfall mitigation. Orabug 35751842. Add two patches originally from GCC upstream releases/gcc-11 branch. gcc11-downfall-disable-gather-in-vec.patch gcc11-downfall-support-mno-gather.patch Reviewed-by: Jose ... oval:org.secpod.oval:def:1507000 gcc [8.5.0-18.0.5] - CVE-2023-4039 GCC mitigation. Orabug 35751743. Includes removal of aarch64-preserve-args.patch. - CVE-2022-40982 Intel Downfall mitigation. Orabug 35751810. Add two patches originally from GCC upstream releases/gcc-11 branch. with major adjustment. gcc11-downfall-disable-gather- ... oval:org.secpod.oval:def:126059 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:126026 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:126027 The microcode_ctl utility is a companion to the microcode driver written by Tigran Aivazian tigranaivazian.fsnet.co.uk. The microcode update is volatile and needs to be uploaded on each system boot i.e. it doesn't reflash your cpu permanently, reboot and it reverts back to the old microcode. oval:org.secpod.oval:def:126022 The microcode_ctl utility is a companion to the microcode driver written by Tigran Aivazian tigranaivazian.fsnet.co.uk. The microcode update is volatile and needs to be uploaded on each system boot i.e. it doesn't reflash your cpu permanently, reboot and it reverts back to the old microcode. oval:org.secpod.oval:def:95300 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): kernel: tun: avoid double free in tun_free_netdev (CVE-2022-4744) kernel: net/sched: multiple vulnerabilities (CVE-2023-3609, CVE-2023-3611, CVE-2023-4128, CVE-2023-4206, CVE-2023-4207, CVE-2023- ... oval:org.secpod.oval:def:1701573 A Gather Data Sampling transient execution side-channel vulnerability was found affecting certain Intel processors. This issue may allow a local attacker using gather instruction to infer stale data from previously used vector registers on the same physical core. A division-by-zero error on some A ... oval:org.secpod.oval:def:708461 linux-bluefield: Linux kernel for NVIDIA BlueField platforms Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:708425 linux-ibm: Linux kernel for IBM cloud systems - linux-ibm-5.4: Linux kernel for IBM cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:708398 linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-azure-fde: Linux kernel for Microsoft Azure CVM cloud systems - linux-azure-5.15: Linux kernel for Microsoft Azure cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:96370 linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-azure-fde: Linux kernel for Microsoft Azure CVM cloud systems - linux-azure-5.15: Linux kernel for Microsoft Azure cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:95017 linux-ibm: Linux kernel for IBM cloud systems - linux-ibm-5.4: Linux kernel for IBM cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:95025 linux-bluefield: Linux kernel for NVIDIA BlueField platforms Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:89049339 The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2022-40982: Fixed transient execution attack called "Gather Data Sampling" . * CVE-2023-0459: Fixed information leak in __uaccess_begin_nospec . * CVE-2023-2056 ... oval:org.secpod.oval:def:89049337 The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2022-40982: Fixed transient execution attack called "Gather Data Sampling" . * CVE-2023-0459: Fixed information leak in __uaccess_begin_nospec . * CVE-2023-2056 ... oval:org.secpod.oval:def:89049336 The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2022-40982: Fixed transient execution attack called "Gather Data Sampling" . * CVE-2023-0459: Fixed information leak in __uaccess_begin_nospec . * CVE-2023-2056 ... oval:org.secpod.oval:def:3302065 Security update for the Linux Kernel oval:org.secpod.oval:def:3302002 Security update for the Linux Kernel oval:org.secpod.oval:def:89049309 The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2022-40982: Fixed transient execution attack called 'Gather Data Sampling' . * CVE-2023-0459: Fixed information leak in __uaccess_begin_nospec . * CVE-2023-2056 ... oval:org.secpod.oval:def:89049311 The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2022-40982: Fixed transient execution attack called 'Gather Data Sampling' . * CVE-2023-0459: Fixed information leak in __uaccess_begin_nospec . * CVE-2023-2056 ... oval:org.secpod.oval:def:89049268 The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2018-20784: Fixed a denial of service by mishandled leaf cfs_rq in kernel/sched/fair.c . * CVE-2018-3639: Fixed Speculative Store Bypass aka 'Memory Disambigua ... oval:org.secpod.oval:def:89049266 The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2022-40982: A transient execution attack called 'Gather Data Sampling' affecting is mitigated, together with respective Intel CPU Microcode updates . * CVE-2023 ... oval:org.secpod.oval:def:89049280 The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-3609: Fixed reference counter leak leading to overflow in net/sched . * CVE-2023-3611: Fixed an out-of-bounds write in net/sched sch_qfq. * CVE-2023- ... oval:org.secpod.oval:def:89049271 The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-3268: Fixed an out of bounds memory access flaw in relay_file_read_start_pos in the relayfs . * CVE-2023-3776: Fixed improper refcount update in cls_fw lea ... oval:org.secpod.oval:def:3302303 Security update for the Linux Kernel oval:org.secpod.oval:def:3301831 Security update for the Linux Kernel oval:org.secpod.oval:def:1507165 [5.4.17-2136.325.5.el7] - perf symbols: Symbol lookup with kcore can fail if multiple segments match stext [Orabug: 35905508] - char: misc: Increase the maximum number of dynamic misc devices to 1048448 [Orabug: 35905508] - perf/arm-cmn: Fix invalid pointer when access dtc object sharing the same ... |