Download
| Alert*
oval:org.secpod.oval:def:89045817
The SUSE Linux Enterprise 12 SP2 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - Unprivileged BPF has been disabled by default to reduce attack surface as too many security issues have happened in the past You can reenable via systemctl se ... oval:org.secpod.oval:def:89050794 The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2019-12819: The function __mdiobus_register called put_device, which triggered a fixed_mdio_bus_init use-after-free. This would cause a denial of service. - CV ... oval:org.secpod.oval:def:89002298 This update for webkit2gtk3 fixes the following issues: Update to version 2.18.5: + Disable SharedArrayBuffers from Web API. + Reduce the precision of quot;highquot; resolution time to 1ms. + bsc#1075419 - Security fixes: includes improvements to mitigate the effects of Spectre and Meltdown . Update ... oval:org.secpod.oval:def:89003387 The SUSE Linux Enterprise 12 SP4 kernel for Azure was updated to receive various security and bugfixes. oval:org.secpod.oval:def:1100524 The remote host is missing a patch containing a security fix, which affects the following packages: bos.mp64. For more information please visit vendor advisory link. oval:org.secpod.oval:def:53315 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2017-5715 Multiple researchers have discovered a vulnerability in various processors supporting speculative execution, enabling an attacker controllin ... oval:org.secpod.oval:def:43520 The host is missing an important security update ADV180002 oval:org.secpod.oval:def:52011 linux-hwe: Linux hardware enablement kernel Details:This update provides the corresponding updates for the Linux Hardware Enablement kernel for Linux Mint 18.x LTS. USNS 3541-2 and 3523-2 provided mitigations for Spectre and Meltdown for the i386, amd64, and ppc64el architectures for Linux Mint 1 ... oval:org.secpod.oval:def:89043855 This update for xen fixes several issues. This feature was added: - Added support for qemu monitor command These security issues were fixed: - CVE-2018-3639: Prevent attackers with local user access from extracting information via a side-channel analysis, aka Speculative Store Bypass , Variant 4 . - ... oval:org.secpod.oval:def:1800708 CVE-2017-5753 Versions affected: WebKitGTK+ before 2.18.5.Impact: Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker via a side-channel analysis. This variant of the Spectre vulnerability triggers the spe ... oval:org.secpod.oval:def:51533 It was discovered that a new class of side channel attacks impact most processors, including processors from Intel, AMD, and ARM. The attack allows malicious userspace processes to read kernel memory and malicious code in guests to read hypervisor memory. To address the issue, updates to the Linux M ... oval:org.secpod.oval:def:89043690 This update for xen fixes several issues. These security issues were fixed: - CVE-2017-5753, CVE-2017-5715, CVE-2017-5754: Prevent information leaks via side effects of speculative execution, aka Spectre and Meltdown attacks - CVE-2017-15595: x86 PV guest OS users were able to cause a DoS or p ... oval:org.secpod.oval:def:51971 webkit2gtk: Web content engine library for GTK+ WebKitGTK+ could be made to expose sensitive information. oval:org.secpod.oval:def:51976 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-euclid: Linux kernel for Intel Euclid systems Details: Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. T ... oval:org.secpod.oval:def:51977 linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-hwe: Linux hardware enablement kernel - linux-oem: Linux kernel for OEM processors Details: This update provides the corresponding updates for the Linux Hardware Enableme ... oval:org.secpod.oval:def:89043867 This update for xen fixes several issues. This feature was added: - Added support for qemu monitor command These security issues were fixed: - CVE-2018-3639: Prevent attackers with local user access from extracting information via a side-channel analysis, aka Speculative Store Bypass , Variant 4 . - ... oval:org.secpod.oval:def:51983 linux-kvm: Linux kernel for cloud environments Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:704010 linux-hwe: Linux hardware enablement kernel Details: USN-3597-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.10. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 17.10 for Ubuntu 16.04 LTS. USNS 3541-2 and 3523-2 provided mitigations fo ... oval:org.secpod.oval:def:704011 linux: Linux kernel - linux-raspi2: Linux kernel for Raspberry Pi 2 Details: USNS 3541-1 and 3523-1 provided mitigations for Spectre and Meltdown for the i386, amd64, and ppc64el architectures in Ubuntu 17.10. This update provides the corresponding mitigations for the arm64 architecture. Original a ... oval:org.secpod.oval:def:113883 WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3. oval:org.secpod.oval:def:89045581 This update for spectre-meltdown-checker fixes the following issues: spectre-meltdown-checker was updated to version 0.44 - feat: add support for SRBDS related vulnerabilities - feat: add zstd kernel decompression - enh: arm: add experimental support for binary arm images - enh: rsb filling: no lo ... oval:org.secpod.oval:def:52911 linux-aws: Linux kernel for Amazon Web Services systems - linux-lts-xenial: Linux hardware enablement kernel from Xenial for Trusty Details: USN-3540-1 addressed vulnerabilities in the Linux kernel for Linux Mint 18.x LTS. This update provides the corresponding updates for the Linux Hardware Enable ... oval:org.secpod.oval:def:52910 linux: Linux kernel Several security issues were addressed in the Linux kernel. oval:org.secpod.oval:def:89045571 This update for spectre-meltdown-checker fixes the following issues: spectre-meltdown-checker was updated to version 0.44 - feat: add support for SRBDS related vulnerabilities - feat: add zstd kernel decompression - enh: arm: add experimental support for binary arm images - enh: rsb filling: no lo ... oval:org.secpod.oval:def:1502094 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502095 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:113913 WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3. oval:org.secpod.oval:def:1504440 [15:3.0.0-1.el7] - net: ignore packet size greater than INT_MAX [Orabug: 28763782] {CVE-2018-17963} - pcnet: fix possible buffer overflow [Orabug: 28763774] {CVE-2018-17962} - rtl8139: fix possible out of bound access [Orabug: 28763765] {CVE-2018-17958} - ne2000: fix possible out of bound access ... oval:org.secpod.oval:def:204762 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * hw: cpu: speculative execution branch target injection * hw: cpu: speculative execution bounds-check bypass * hw: cpu: speculative execution permission faults handling For more details about t ... oval:org.secpod.oval:def:89043590 This update for xen fixes several issues. This new feature was included: - add script and sysv service to watch for vcpu online/offline events in a HVM domU These security issues were fixed: - CVE-2017-5753, CVE-2017-5715, CVE-2017-5754: Prevent information leaks via side effects of speculative exec ... oval:org.secpod.oval:def:204741 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions . There are three primary variants of the issue which differ in th ... oval:org.secpod.oval:def:603384 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2017-5715 Multiple researchers have discovered a vulnerability in various processors supporting speculative execution, enabling an attacker controllin ... oval:org.secpod.oval:def:2100114 Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. oval:org.secpod.oval:def:43396 An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization). There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Variant ... oval:org.secpod.oval:def:89002259 The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes. This update adds mitigations for various side channel attacks against modern CPUs that could disclose content of otherwise unreadable memory . - CVE-2017-5753 / quot;Spec#197;#167;reAttackquot;: Local attac ... oval:org.secpod.oval:def:89002246 The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-3639: Information leaks using quot;Memory Disambiguationquot; feature in modern CPUs were mitigated, aka quot;Spectre Variant 4quot; . A new boot commandli ... oval:org.secpod.oval:def:1504291 [1:1.2-5.el7] - Update spec file to remove "modprobe kvm-intel" and remove --enable-kvm arg to ovmf_vars_generator so qemu will not require kvm kernel module. - Update spec file to modprobe kvm_intel module prior to running qemu to enroll default keys. - Enroll Oracle cert/key for OL secureboot su ... oval:org.secpod.oval:def:89002248 This update for xen fixes the following issues: Update to Xen 4.7.5 bug fix only release Security issues fixed: - CVE-2018-7540: Fixed DoS via non-preemptable L3/L4 pagetable freeing - CVE-2018-7541: A grant table v2 -gt; v1 transition may crash Xen - CVE-2017-5753,CVE-2017-5715,CVE-2017-5754 F ... oval:org.secpod.oval:def:89002227 The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes. This update adds mitigations for various side channel attacks against modern CPUs that could disclose content of otherwise unreadable memory . - CVE-2017-5753: Local attackers on systems with modern CPUs fe ... oval:org.secpod.oval:def:703963 linux: Linux kernel Details: Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel m ... oval:org.secpod.oval:def:703962 linux-aws: Linux kernel for Amazon Web Services systems - linux-lts-xenial: Linux hardware enablement kernel from Xenial for Trusty Details: USN-3540-1 addressed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablemen ... oval:org.secpod.oval:def:703969 linux-kvm: Linux kernel for cloud environments Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:703959 linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-hwe: Linux hardware enablement kernel - linux-oem: Linux kernel for OEM processors Details: USN-3541-1 addressed vulnerabilities in the Linux kernel for Ubuntu 17.10. Thi ... oval:org.secpod.oval:def:703958 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-euclid: Linux kernel for Intel Euclid systems Details: Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. T ... oval:org.secpod.oval:def:703956 linux: Linux kernel Several security issues were addressed in the Linux kernel. oval:org.secpod.oval:def:703940 nvidia-graphics-drivers-384: NVIDIA binary X.Org driver The system could be made to expose sensitive information. oval:org.secpod.oval:def:703947 webkit2gtk: Web content engine library for GTK+ WebKitGTK+ could be made to expose sensitive information. oval:org.secpod.oval:def:43416 The host is installed with Apple Safari before 11.0.2 or Mozilla Firefox before 57.0.4 and is prone to a speculative execution bounds-check bypass vulnerability. A flaw is present in the applications, which fails to properly handle targeted cache side-channel attacks. Successful exploitation could a ... oval:org.secpod.oval:def:43415 It was discovered that a new class of side channel attacks impact most processors, including processors from Intel, AMD, and ARM. The attack allows malicious userspace processes to read kernel memory and malicious code in guests to read hypervisor memory. To address the issue, updates to the Ubuntu ... oval:org.secpod.oval:def:703933 firefox: Mozilla Open Source web browser Firefox could be made to expose sensitive information. oval:org.secpod.oval:def:43422 The host is missing a critical security update 4056568 oval:org.secpod.oval:def:43429 The host is missing a critical security update 4056888 oval:org.secpod.oval:def:43428 The host is missing an important security update 4056897 oval:org.secpod.oval:def:43427 The host is missing a critical security update 4056890 oval:org.secpod.oval:def:43426 The host is missing a critical security update 4056891 oval:org.secpod.oval:def:55650 Two vulnerabilities were discovered in Libvirt, a virtualisation abstraction library, allowing an API client with read-only permissions to execute arbitrary commands via the virConnectGetDomainCapabilities API, or read or execute arbitrary files via the virDomainSaveImageGetXMLDesc API. Additionally ... oval:org.secpod.oval:def:43432 The host is missing an important security update 4056898 oval:org.secpod.oval:def:1800826 CVE-2017-5753, CVE-2017-5715, CVE-2017-5754, XSA-254: Information leak via side effects of speculative execution Reference:¶ oval:org.secpod.oval:def:89043925 The SUSE Linux Enterprise 12 SP3 kernel was updated to receive various security and bugfixes. This update is only provided as a fix update for IBM Z platform. - CVE-2017-5753 / Spectre Attack : IBM Z fixes were included but not enabled in the previous update. This update enables those fixes. - CVE- ... oval:org.secpod.oval:def:1502104 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502105 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502120 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502126 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502127 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:89043524 This update for xen fixes several issues. These security issues were fixed: - CVE-2018-3639: Prevent attackers with local user access from extracting information via a side-channel analysis, aka Speculative Store Bypass , Variant 4 . - CVE-2017-5753,CVE-2017-5715,CVE-2017-5754: Improved Spectre v2 m ... oval:org.secpod.oval:def:1504737 [15:3.0.0-1.el7] - net: ignore packet size greater than INT_MAX [Orabug: 28763782] {CVE-2018-17963} - pcnet: fix possible buffer overflow [Orabug: 28763774] {CVE-2018-17962} - rtl8139: fix possible out of bound access [Orabug: 28763765] {CVE-2018-17958} - ne2000: fix possible out of bound access ... oval:org.secpod.oval:def:60360 The remote host is missing a patch containing a security fix, which affects the following packages: bos.mp64. For more information please visit vendor advisory link. oval:org.secpod.oval:def:89043778 This update for xen fixes several issues. These security issues were fixed: - CVE-2017-5753, CVE-2017-5715, CVE-2017-5754: Prevent information leaks via side effects of speculative execution, aka Spectre and Meltdown attacks - CVE-2017-15595: x86 PV guest OS users were able to cause a DoS or p ... oval:org.secpod.oval:def:60359 The remote host is missing a patch containing a security fix, which affects the following packages: bos.mp64 and bos.mp. For more information please visit vendor advisory link. oval:org.secpod.oval:def:51963 firefox: Mozilla Open Source web browser Firefox could be made to expose sensitive information. oval:org.secpod.oval:def:51967 nvidia-graphics-drivers-384: NVIDIA binary X.Org driver The system could be made to expose sensitive information. oval:org.secpod.oval:def:1800270 CVE-2017-17566, XSA-248: x86 PV guests may gain access to internally used pages Reference CVE-2017-17563, XSA-249: broken x86 shadow mode refcount overflow check Reference CVE-2017-17564, XSA-250: improper x86 shadow mode refcount error handling Reference CVE-2017-17565, XSA-251: improper bug check ... oval:org.secpod.oval:def:89043499 The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes. This update is only provided as a fix update for IBM Z platform. - CVE-2017-5753 / Spectre Attack : IBM Z fixes were included but not enabled in the previous update. This update enables those fixes. - CVE- ... oval:org.secpod.oval:def:89047231 This update for spectre-meltdown-checker fixes the following issues: spectre-meltdown-checker was updated to version 0.44 - feat: add support for SRBDS related vulnerabilities - feat: add zstd kernel decompression - enh: arm: add experimental support for binary arm images - enh: rsb filling: no lo ... oval:org.secpod.oval:def:89002312 The SUSE Linux Enterprise 12 SP3 kernel was updated to receive various security and bugfixes. This update adds mitigations for various side channel attacks against modern CPUs that could disclose content of otherwise unreadable memory . - CVE-2017-5753 / quot;SpectreAttackquot;: Local attackers on s ... oval:org.secpod.oval:def:1000733 The remote host is missing a patch 150401-63 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:1000734 The remote host is missing a patch 150400-63 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:1800236 CVE-2017-17566, XSA-248: x86 PV guests may gain access to internally used pages Reference: CVE-2017-17563, XSA-249: broken x86 shadow mode refcount overflow check Reference: CVE-2017-17564, XSA-250: improper x86 shadow mode refcount error handling Reference: CVE-2017-17565, XSA-251: improper bug che ... oval:org.secpod.oval:def:43434 The host is missing a critical security update accoding to Apple advisory, APPLE-SA-2018-1-8-2. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle targeted cache side-channel attacks. Successful exploitation could allow at ... oval:org.secpod.oval:def:43433 The host is missing a critical security update accoding to Apple advisory, APPLE-SA-2018-1-8-3. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle targeted cache side-channel attacks. Successful exploitation could allow at ... oval:org.secpod.oval:def:89003467 The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-20669: Missing access control checks in ioctl of gpu/drm/i915 driver were fixed which might have lead to information leaks. oval:org.secpod.oval:def:53259 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2017-5715 Multiple researchers have discovered a vulnerability in various processors supporting speculative execution, enabling an attacker controllin ... oval:org.secpod.oval:def:1800444 CVE-2017-17566, XSA-248: x86 PV guests may gain access to internally used pages Reference: CVE-2017-17563, XSA-249: broken x86 shadow mode refcount overflow check Reference: CVE-2017-17564, XSA-250: improper x86 shadow mode refcount error handling Reference: CVE-2017-17565, XSA-251: improper bug che ... oval:org.secpod.oval:def:89049634 The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. The following new feature was added: - NVDIMM memory error notification The following security bugs were fixed: - CVE-2018-13406: An integer overflow in the uvesafb_setcmap function could have result in local ... oval:org.secpod.oval:def:89048908 The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-1611: Fixed an use-after-free flaw in btrfs_search_slot . * CVE-2023-1838: Fixed an use-after-free flaw in virtio network subcomponent. This flaw could all ... oval:org.secpod.oval:def:89048698 The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2017-5753: Fixed spectre V1 vulnerability on netlink . * CVE-2017-5753: Fixed spectre vulnerability in prlimit . * CVE-2021-3923: Fixed stack information leak v ... oval:org.secpod.oval:def:89048697 The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2017-5753: Fixed spectre V1 vulnerability on netlink . * CVE-2017-5753: Fixed spectre vulnerability in prlimit . * CVE-2021-3923: Fixed stack information ... oval:org.secpod.oval:def:89048719 The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2017-5753: Fixed spectre V1 vulnerability on netlink . * CVE-2017-5753: Fixed spectre vulnerability in prlimit . * CVE-2021-3923: Fixed stack information leak v ... oval:org.secpod.oval:def:89048902 The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2017-5753: Fixed spectre V1 vulnerability on netlink . * CVE-2017-5753: Fixed spectre vulnerability in prlimit . * CVE-2021-3923: Fixed stack information leak v ... oval:org.secpod.oval:def:89048696 The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2017-5753: Fixed spectre V1 vulnerability on netlink . * CVE-2017-5753: Fixed spectre vulnerability in prlimit . * CVE-2021-3923: Fixed stack information leak v ... oval:org.secpod.oval:def:603383 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2015-9016 Ming Lei reported a race condition in the multiqueue block layer . On a system with a driver using blk-mq , a local user might be able to us ... oval:org.secpod.oval:def:1600844 Kernel address information leak in drivers/acpi/sbshc.c:acpi_smbus_hc_add function potentially allowing KASLR bypassThe acpi_smbus_hc_add function in drivers/acpi/sbshc.c in the Linux kernel, through 4.14.15, allows local users to obtain sensitive address information by reading dmesg data from an SB ... oval:org.secpod.oval:def:1700012 Stack-based out-of-bounds read via vmcall instructionLinux kernel compiled with the KVM virtualization support is vulnerable to an out-of-bounds read access issue. It could occur when emulating vmcall instructions invoked by a guest. A guest user/process could use this flaw to disclose kernel memor ... oval:org.secpod.oval:def:89048863 The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-2483: Fixed a use after free bug in emac_remove due caused by a race condition . * CVE-2023-2124: Fixed an out of bound access in the XFS subsystem that co ... oval:org.secpod.oval:def:89049089 The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2017-5753: Fixed spectre vulnerability in prlimit . * CVE-2022-3566: Fixed race condition in the TCP Handler . * CVE-2022-45884: Fixed a use-after-free in dvbde ... oval:org.secpod.oval:def:89048955 The SUSE Linux Enterprise 11 SP4 LTSS EXTREME CORE kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-2162: Fixed an use-after-free flaw in iscsi_sw_tcp_session_create . * CVE-2023-32269: Fixed a use-after-free in af_netrom.c, related to t ... oval:org.secpod.oval:def:43375 An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization). There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Variant ... |