Download
| Alert*
oval:org.secpod.oval:def:507949
The kernel packages contain the Linux kernel, the core of any Linux operating system. The following packages have been upgraded to a later upstream version: kernel . Security Fix: * kernel: UAF in nftables when nft_set_lookup_global triggered after handling named and anonymous sets in batch requests ... oval:org.secpod.oval:def:5800199 The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix: * kernel: UAF in nftables when nft_set_lookup_global triggered after handling named and anonymous sets in batch requests * kernel: netfilter: ... oval:org.secpod.oval:def:2600320 The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. oval:org.secpod.oval:def:2600322 The kernel packages contain the Linux kernel, the core of any Linux operating system. oval:org.secpod.oval:def:1507002 - [5.14.0-284.30.0.1.el9_2.OL9] - x86/tsx: Add a feature bit for TSX control MSR support {CVE-2023-1637} - x86/speculation: Restore speculation related MSRs {CVE-2023-1637} - x86/pm: Save the MSR validity status at context setup {CVE-2023-1637} - x86/pm: Fix false positive kmemleak report in msr_bui ... oval:org.secpod.oval:def:507943 This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Security Fix: * kernel: UAF in nftables when nft_set_lookup_global triggered after handling named and anonymous sets in batch requests * kernel: netfilter: nf_tabl ... oval:org.secpod.oval:def:3302250 Security update for the Linux Kernel RT oval:org.secpod.oval:def:1701897 A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.When nf_tables_delrule is flushing table rules, it is not checked whether the chain is bound and the chain's owner rule can also release the objects in certain c ... oval:org.secpod.oval:def:3302302 Security update for the Linux Kernel RT oval:org.secpod.oval:def:95192 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2022-4269 William Zhao discovered that a flaw in the Traffic Control subsystem when using a specific networking configuration , may allow a local unp ... oval:org.secpod.oval:def:612616 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2022-4269 William Zhao discovered that a flaw in the Traffic Control subsystem when using a specific networking configuration , may allow a local unp ... oval:org.secpod.oval:def:97879 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2023-1206 It was discovered that the networking stack permits attackers to force hash collisions in the IPv6 connection lookup table, which may result ... oval:org.secpod.oval:def:97408 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2023-1206 It was discovered that the networking stack permits attackers to force hash collisions in the IPv6 connection lookup table, which may result ... oval:org.secpod.oval:def:19500387 A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality. A buffer overrun vulnerability was found in the netback driver in Xen due to an unusual split packet. This flaw allows an unprivileged guest to cause a denial of service of ... oval:org.secpod.oval:def:1701575 A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality. A use-after-free vulnerability was found in the Linux kernel's netfilter subsystem in net/netfilter/nf_tables_api.c.Mishandled error handling with NFT_MSG_NEWRULE makes it po ... oval:org.secpod.oval:def:1701573 A Gather Data Sampling transient execution side-channel vulnerability was found affecting certain Intel processors. This issue may allow a local attacker using gather instruction to infer stale data from previously used vector registers on the same physical core. A division-by-zero error on some A ... oval:org.secpod.oval:def:89051080 The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-37453: Fixed oversight in SuperSpeed initialization . * CVE-2023-4569: Fixed information leak in nft_set_catchall_flush in net/netfilter/nf_tables_api.c . ... oval:org.secpod.oval:def:89051081 The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security and bugfixes. NOTE: This update was retracted due to severe USB problems. The following security bugs were fixed: * CVE-2023-37453: Fixed oversight in SuperSpeed initialization . * CVE-2023-4569: Fixed information leak i ... oval:org.secpod.oval:def:3302074 Security update for the Linux Kernel oval:org.secpod.oval:def:3302096 Security update for the Linux Kernel oval:org.secpod.oval:def:3301981 Security update for the Linux Kernel oval:org.secpod.oval:def:3302314 Security update for the Linux Kernel oval:org.secpod.oval:def:3301720 Security update for the Linux Kernel oval:org.secpod.oval:def:3301781 Security update for the Linux Kernel oval:org.secpod.oval:def:3301725 Security update for the Linux Kernel oval:org.secpod.oval:def:89051078 The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-2007: Fixed a flaw in the DPT I2O Controller driver that could allow an attacker to escalate privileges and execute arbitrary code in the context of the ke ... oval:org.secpod.oval:def:89051073 The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2022-38457: Fixed a use-after-free vulnerability in vmwgfx driver that allowed a local attacker to cause a denial of service . * CVE-2022-40133: Fixed a use-aft ... oval:org.secpod.oval:def:89051074 The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security and bugfixes. NOTE: This update was retracted due to severe USB regressions. The following security bugs were fixed: * CVE-2022-38457: Fixed a use-after-free vulnerability in vmwgfx driver that allowed a local attacker t ... oval:org.secpod.oval:def:89051072 The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2022-38457: Fixed a use-after-free vulnerability in vmwgfx driver that allowed a local attacker to cause a denial of service . * CVE-2022-40133: Fixed a use-aft ... oval:org.secpod.oval:def:3302261 Security update for the Linux Kernel oval:org.secpod.oval:def:3302285 Security update for the Linux Kernel oval:org.secpod.oval:def:89050977 The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2022-36402: Fixed an integer overflow vulnerability in vmwgfx driver in that allowed a local attacker with a user account on the system to gain privilege, causi ... |