Download
| Alert*
|
oval:org.secpod.oval:def:89002808
The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-28374: Fixed a LIO security issue . - CVE-2020-36158: Fixed a potential remote code execution in the Marvell mwifiex driver. oval:org.secpod.oval:def:89044053 This update for the Linux Kernel 4.4.121-92_149 fixes several issues. The following security issues were fixed: - CVE-2020-27786: Fixed a potential user after free which could have led to memory corruption or privilege escalation . - CVE-2020-28374: Fixed insufficient identifier checking in the LIO ... oval:org.secpod.oval:def:89002761 The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-3348: Fixed a use-after-free in nbd_add_socket that could be triggered by local attackers via an I/O request . - CVE-2021-3347: A use-after-free was disco ... oval:org.secpod.oval:def:505972 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: Local buffer overflow in ctnetlink_parse_tuple_filter in net/netfilter/nf_conntrack_netlink.c * kernel: SCSI target write to any block on ILO backstore * kernel: locking issue in drivers/ ... oval:org.secpod.oval:def:1504775 [3.10.0-1160.21.1.el7.OL7] - Oracle Linux certificates - Oracle Linux RHCK Module Signing Key was compiled into kernel - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 = 15-2.0.3.el7 [3.10.0-1160.21.1.el7] - [pinctrl] devicetree: Avoid taking direct reference to device ... oval:org.secpod.oval:def:205845 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: Local buffer overflow in ctnetlink_parse_tuple_filter in net/netfilter/nf_conntrack_netlink.c * kernel: SCSI target write to any block on ILO backstore * kernel: locking issue in drivers/ ... oval:org.secpod.oval:def:1504982 [5.4.17-2102.202.5.el7] - sctp: delay auto_asconf init until binding the first addr [Orabug: 32907967] {CVE-2021-23133} - dm ioctl: fix out of bounds array access when no devices [Orabug: 32860491] {CVE-2021-31916} - uek-rpm: update kABI lists for the new symbols [Orabug: 32883836] - md/raid1: pr ... oval:org.secpod.oval:def:1504981 [5.4.17-2102.202.5.el8] - sctp: delay auto_asconf init until binding the first addr [Orabug: 32907967] {CVE-2021-23133} - dm ioctl: fix out of bounds array access when no devices [Orabug: 32860491] {CVE-2021-31916} - uek-rpm: update kABI lists for the new symbols [Orabug: 32883836] - md/raid1: pr ... oval:org.secpod.oval:def:1504987 [5.4.17-2102.202.5.el7uek] - sctp: delay auto_asconf init until binding the first addr [Orabug: 32907967] {CVE-2021-23133} {CVE-2021-23133} - dm ioctl: fix out of bounds array access when no devices [Orabug: 32860491] {CVE-2021-31916} - uek-rpm: update kABI lists for the new symbols [Orabug: 3288 ... oval:org.secpod.oval:def:1504985 [5.4.17-2102.202.5.el8uek] - sctp: delay auto_asconf init until binding the first addr [Orabug: 32907967] {CVE-2021-23133} {CVE-2021-23133} - dm ioctl: fix out of bounds array access when no devices [Orabug: 32860491] {CVE-2021-31916} - uek-rpm: update kABI lists for the new symbols [Orabug: 3288 ... oval:org.secpod.oval:def:89049431 The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-28374: Fixed a Linux SCSI target issue . - CVE-2020-36158: Fixed a potential remote code execution in the Marvell mwifiex driver . - CVE-2020-27825: Fixed ... oval:org.secpod.oval:def:705852 linux: Linux kernel - linux-hwe-5.8: Linux hardware enablement kernel - linux-hwe-5.4: Linux hardware enablement kernel - linux-hwe: Linux hardware enablement kernel - linux-lts-xenial: Linux hardware enablement kernel from Xenial for Trusty The system could allow unintended access to data in som ... oval:org.secpod.oval:def:506013 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: use after free in eventpoll.c may lead to escalation of privilege * kernel: SCSI target write to any block on ILO backstore * kernel: Use after free via PI futex state * kernel: race con ... oval:org.secpod.oval:def:70375 linux-gke-5.0: Linux kernel for Google Container Engine systems - linux-gke-5.3: Linux kernel for Google Container Engine systems - linux-hwe: Linux hardware enablement kernel - linux-raspi2-5.3: Linux kernel for Raspberry Pi systems - linux: Linux kernel The system could allow unintended access ... oval:org.secpod.oval:def:505964 This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Security Fix: * kernel: SCSI target write to any block on ILO backstore * kernel: locking issue in drivers/tty/tty_jobctrl.c can lead to an use-after-free For mo ... oval:org.secpod.oval:def:119299 Kernel-headers includes the C header files that specify the interface between the Linux kernel and userspace libraries and programs. The header files define structures and constants that are needed for building most standard programs and are also needed for rebuilding the glibc package. oval:org.secpod.oval:def:119296 The kernel meta package oval:org.secpod.oval:def:119295 The kernel meta package oval:org.secpod.oval:def:119294 Kernel-headers includes the C header files that specify the interface between the Linux kernel and userspace libraries and programs. The header files define structures and constants that are needed for building most standard programs and are also needed for rebuilding the glibc package. oval:org.secpod.oval:def:89049466 This update for tcmu-runner fixes the following issues: - CVE-2020-28374: Fixed a LIO security issue . oval:org.secpod.oval:def:89049464 The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-28374: Fixed a Linux SCSI target issue . - CVE-2020-36158: Fixed a potential remote code execution in the Marvell mwifiex driver . - CVE-2020-27825: Fixed ... oval:org.secpod.oval:def:89044052 This update for the Linux Kernel 4.4.121-92_138 fixes several issues. The following security issues were fixed: - CVE-2021-3347: Fixed a use-after-free in the PI futexes during fault handling, allowing local users to execute code in the kernel . - CVE-2020-27786: Fixed a potential user after free wh ... oval:org.secpod.oval:def:89002768 The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-3347: A use-after-free was discovered in the PI futexes during fault handling, allowing local users to execute code in the kernel. oval:org.secpod.oval:def:70361 linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle Cloud systems - linux-raspi: Linux kernel for Raspberry Pi systems - linux-gcp: Linux kerne ... oval:org.secpod.oval:def:71254 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: use after free in eventpoll.c may lead to escalation of privilege * kernel: SCSI target write to any block on ILO backstore * kernel: Use after free via PI futex state * kernel: race con ... oval:org.secpod.oval:def:119364 A daemon that handles the complexity of the LIO kernel targets userspace passthrough interface . It presents a C plugin API for extension modules that handle SCSI requests in ways not possible or suitable to be handled by LIOs in-kernel backstores. oval:org.secpod.oval:def:1504730 [4.14.35-2025.404.1.2.el7] - Revert "rds: Deregister all FRWR mr with free_mr" [Orabug: 32426280] oval:org.secpod.oval:def:1504613 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:69861 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2020-27815 A flaw was reported in the JFS filesystem code allowing a local attacker with the ability to set extended attributes to cause a denial of s ... oval:org.secpod.oval:def:2500324 The kernel packages contain the Linux kernel, the core of any Linux operating system. oval:org.secpod.oval:def:1504731 [4.14.35-2025.404.1.1.el7] - target: fix XCOPY NAA identifier lookup [Orabug: 32248040] {CVE-2020-28374} [4.14.35-2025.404.1.el7] - xenbus/xenbus_backend: Disallow pending watch messages [Orabug: 32253412] {CVE-2020-29568} - xen/xenbus: Count pending messages for each watch [Orabug: 32253412] {CV ... oval:org.secpod.oval:def:705888 linux-gke-5.0: Linux kernel for Google Container Engine systems - linux-gke-5.3: Linux kernel for Google Container Engine systems - linux-hwe: Linux hardware enablement kernel - linux-raspi2-5.3: Linux kernel for Raspberry Pi systems - linux: Linux kernel The system could allow unintended access ... oval:org.secpod.oval:def:1504735 [4.14.35-2025.405.3.el7] - Revert "rds: Deregister all FRWR mr with free_mr" [Orabug: 32426280] [4.14.35-2025.405.2.el7] - nfs: Fix security label length not being reset [Orabug: 32350995] [4.14.35-2025.405.1.el7] - net/rds: Fix gfp_t parameter [Orabug: 32372162] - uek-rpm: update kABI lists for ... oval:org.secpod.oval:def:1504819 [4.18.0-240.22.1.el8_3.OL8] - Update Oracle Linux certificates - Disable signing for aarch64 - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 less than or equal 15-11. ... oval:org.secpod.oval:def:705873 linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle Cloud systems - linux-raspi: Linux kernel for Raspberry Pi systems - linux-gcp: Linux kerne ... oval:org.secpod.oval:def:70359 linux-aws: Linux kernel for Amazon Web Services systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle Cloud systems - linux-raspi2: Linux kernel for Raspberry Pi systems - linux-snapdragon: Linux kernel for Qualcomm Snapdragon processors Several security ... oval:org.secpod.oval:def:705871 linux-aws: Linux kernel for Amazon Web Services systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle Cloud systems - linux-raspi2: Linux kernel for Raspberry Pi systems - linux-snapdragon: Linux kernel for Qualcomm Snapdragon processors Several security ... oval:org.secpod.oval:def:70356 linux-kvm: Linux kernel for cloud environments - linux-raspi2: Linux kernel for Raspberry Pi systems - linux-snapdragon: Linux kernel for Qualcomm Snapdragon processors - linux-aws: Linux kernel for Amazon Web Services systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:1700597 A flaw was found in the Linux kernel"s implementation of the Linux SCSI target host, where an authenticated attacker could write to any block on the exported SCSI device backing store. This flaw allows an authenticated attacker to send LIO block requests to the Linux system to overwrite data on the ... oval:org.secpod.oval:def:1504587 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1504624 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1504623 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1504589 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1504588 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1700596 A flaw was found in the Linux kernel"s implementation of the Linux SCSI target host, where an authenticated attacker could write to any block on the exported SCSI device backing store. This flaw allows an authenticated attacker to send LIO block requests to the Linux system to overwrite data on the ... oval:org.secpod.oval:def:1504627 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1700595 A flaw was found in the Linux kernel"s implementation of the Linux SCSI target host, where an authenticated attacker could write to any block on the exported SCSI device backing store. This flaw allows an authenticated attacker to send LIO block requests to the Linux system to overwrite data on the ... oval:org.secpod.oval:def:1504625 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:605419 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2020-27815 A flaw was reported in the JFS filesystem code allowing a local attacker with the ability to set extended attributes to cause a denial of s ... oval:org.secpod.oval:def:1504629 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1504590 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:70342 linux: Linux kernel - linux-hwe-5.8: Linux hardware enablement kernel - linux-hwe-5.4: Linux hardware enablement kernel - linux-hwe: Linux hardware enablement kernel - linux-lts-xenial: Linux hardware enablement kernel from Xenial for Trusty The system could allow unintended access to data in som ... oval:org.secpod.oval:def:1700587 A flaw was found in the Linux kernel"s implementation of the Linux SCSI target host, where an authenticated attacker could write to any block on the exported SCSI device backing store. This flaw allows an authenticated attacker to send LIO block requests to the Linux system to overwrite data on the ... oval:org.secpod.oval:def:1504592 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1504591 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:89044066 The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-26930: Fixed an improper error handling in blkback"s grant mapping . - CVE-2021-26931: Fixed an issue where Linux kernel was treating grant mapping errors ... oval:org.secpod.oval:def:1504599 [5.4.17-2036.102.0.2uek] - xen-blkback: set ring- oval:org.secpod.oval:def:89044060 The SUSE Linux Enterprise 12 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-26930: Fixed an improper error handling in blkback"s grant mapping . - CVE-2021-26931: Fixed an issue where Linux kernel was treating grant mapping errors ... oval:org.secpod.oval:def:705868 linux-kvm: Linux kernel for cloud environments - linux-raspi2: Linux kernel for Raspberry Pi systems - linux-snapdragon: Linux kernel for Qualcomm Snapdragon processors - linux-aws: Linux kernel for Amazon Web Services systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:89002847 The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-3348: Fixed a use-after-free in nbd_add_socket that could be triggered by local attackers via an I/O request at a certain point during device setup. oval:org.secpod.oval:def:1700819 A flaw was found in the JFS filesystem code. This flaw allows a local attacker with the ability to set extended attributes to panic the system, causing memory corruption or escalating privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availabil ... oval:org.secpod.oval:def:1507165 [5.4.17-2136.325.5.el7] - perf symbols: Symbol lookup with kcore can fail if multiple segments match stext [Orabug: 35905508] - char: misc: Increase the maximum number of dynamic misc devices to 1048448 [Orabug: 35905508] - perf/arm-cmn: Fix invalid pointer when access dtc object sharing the same ... oval:org.secpod.oval:def:1601416 A use-after-free flaw was found in kernel/trace/ring_buffer.c in Linux kernel . There was a race problem in trace_open and resize of cpu buffer running parallely on different cpus, may cause a denial of service problem . This flaw could even allow a local attacker with special user privilege to a ke ... oval:org.secpod.oval:def:1700561 A use-after-free flaw was found in kernel/trace/ring_buffer.c in Linux kernel . There was a race problem in trace_open and resize of cpu buffer running parallely on different cpus, may cause a denial of service problem . This flaw could even allow a local attacker with special user privilege to a ke ... oval:org.secpod.oval:def:70396 linux-oem-5.10: Linux kernel for OEM systems The system could allow unintended access to data in some environments. oval:org.secpod.oval:def:705911 linux-oem-5.10: Linux kernel for OEM systems The system could allow unintended access to data in some environments. |
