Download
| Alert*
oval:org.secpod.oval:def:1700578
A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_io.c and drivers/tty/tty_jobctrl.c may allow a read-after-free attack against TIOCGSID, aka CID-c8bcd9c5be24. A locking vulnerability was found in the tty subsystem of the Linux kern ... oval:org.secpod.oval:def:119204 The kernel meta package oval:org.secpod.oval:def:119201 The kernel meta package oval:org.secpod.oval:def:1700590 A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_io.c and drivers/tty/tty_jobctrl.c may allow a read-after-free attack against TIOCGSID, aka CID-c8bcd9c5be24. A locking vulnerability was found in the tty subsystem of the Linux kern ... oval:org.secpod.oval:def:1700588 A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_io.c and drivers/tty/tty_jobctrl.c may allow a read-after-free attack against TIOCGSID, aka CID-c8bcd9c5be24. A locking vulnerability was found in the tty subsystem of the Linux kern ... oval:org.secpod.oval:def:1700584 A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_io.c and drivers/tty/tty_jobctrl.c may allow a read-after-free attack against TIOCGSID, aka CID-c8bcd9c5be24. A locking vulnerability was found in the tty subsystem of the Linux kern ... oval:org.secpod.oval:def:70403 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems - linux-dell300x: Linux kernel for Dell 300x platforms - linux-gcp-4.15: Linux kernel for Google Cloud Platform systems - linux-gke-4.15: Linux kernel fo ... oval:org.secpod.oval:def:70400 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-kvm: Linux kernel for cloud environments - linux-raspi2: Linux kernel for Raspberry Pi systems - linux-snapdragon: Linux kernel for Qualcomm Snapdragon processors - linux-lts-xenial: Linux hardware enablement ker ... oval:org.secpod.oval:def:705918 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems - linux-dell300x: Linux kernel for Dell 300x platforms - linux-gcp-4.15: Linux kernel for Google Cloud Platform systems - linux-gke-4.15: Linux kernel fo ... oval:org.secpod.oval:def:705915 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-kvm: Linux kernel for cloud environments - linux-raspi2: Linux kernel for Raspberry Pi systems - linux-snapdragon: Linux kernel for Qualcomm Snapdragon processors - linux-lts-xenial: Linux hardware enablement ker ... oval:org.secpod.oval:def:89002775 The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-20669: Fixed an improper check i915_gem_execbuffer2_ioctl in drivers/gpu/drm/i915/i915_gem_execbuffer.c. oval:org.secpod.oval:def:89002777 The SUSE Linux Enterprise 12 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-3347: A use-after-free was discovered in the PI futexes during fault handling, allowing local users to execute code in the kernel . oval:org.secpod.oval:def:89002808 The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-28374: Fixed a LIO security issue . - CVE-2020-36158: Fixed a potential remote code execution in the Marvell mwifiex driver. oval:org.secpod.oval:def:89002761 The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-3348: Fixed a use-after-free in nbd_add_socket that could be triggered by local attackers via an I/O request . - CVE-2021-3347: A use-after-free was disco ... oval:org.secpod.oval:def:505972 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: Local buffer overflow in ctnetlink_parse_tuple_filter in net/netfilter/nf_conntrack_netlink.c * kernel: SCSI target write to any block on ILO backstore * kernel: locking issue in drivers/ ... oval:org.secpod.oval:def:1504775 [3.10.0-1160.21.1.el7.OL7] - Oracle Linux certificates - Oracle Linux RHCK Module Signing Key was compiled into kernel - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 = 15-2.0.3.el7 [3.10.0-1160.21.1.el7] - [pinctrl] devicetree: Avoid taking direct reference to device ... oval:org.secpod.oval:def:205845 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: Local buffer overflow in ctnetlink_parse_tuple_filter in net/netfilter/nf_conntrack_netlink.c * kernel: SCSI target write to any block on ILO backstore * kernel: locking issue in drivers/ ... oval:org.secpod.oval:def:506839 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: locking issue in drivers/tty/tty_jobctrl.c can lead to an use-after-free * kernel: out-of-bounds read in libiscsi module * kernel: heap buffer overflow in the iSCSI subsystem * kernel: in ... oval:org.secpod.oval:def:1504868 [2.6.32-754.35.1.0.3.OL6] - Fixes for RHSA-2021:1288 [Orabug: 32809880] oval:org.secpod.oval:def:89002784 The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-3347: A use-after-free was discovered in the PI futexes during fault handling, allowing local users to execute code in the kernel . - CVE-2020-0465: Fixed ... oval:org.secpod.oval:def:89049431 The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-28374: Fixed a Linux SCSI target issue . - CVE-2020-36158: Fixed a potential remote code execution in the Marvell mwifiex driver . - CVE-2020-27825: Fixed ... oval:org.secpod.oval:def:1601414 In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in __mutex_lock in kernel/locking/mutex.c. This is related to mutex_can_spin_on_owner in kernel/locking/mutex.c, __btrfs_qgroup_free_me ... oval:org.secpod.oval:def:505964 This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Security Fix: * kernel: SCSI target write to any block on ILO backstore * kernel: locking issue in drivers/tty/tty_jobctrl.c can lead to an use-after-free For mo ... oval:org.secpod.oval:def:1504642 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:89049464 The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-28374: Fixed a Linux SCSI target issue . - CVE-2020-36158: Fixed a potential remote code execution in the Marvell mwifiex driver . - CVE-2020-27825: Fixed ... oval:org.secpod.oval:def:69861 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2020-27815 A flaw was reported in the JFS filesystem code allowing a local attacker with the ability to set extended attributes to cause a denial of s ... oval:org.secpod.oval:def:69967 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: locking issue in drivers/tty/tty_jobctrl.c can lead to an use-after-free * kernel: performance counters race condition use-after-free * kernel: ICMP rate limiting can be used for DNS poiso ... oval:org.secpod.oval:def:70398 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gkeop: Linux kernel for Google Container Engine systems - linux-kvm: Linux kernel for clo ... oval:org.secpod.oval:def:70399 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle Cloud sys ... oval:org.secpod.oval:def:505906 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: locking issue in drivers/tty/tty_jobctrl.c can lead to an use-after-free * kernel: performance counters race condition use-after-free * kernel: ICMP rate limiting can be used for DNS poiso ... oval:org.secpod.oval:def:705913 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gkeop: Linux kernel for Google Container Engine systems - linux-kvm: Linux kernel for clo ... oval:org.secpod.oval:def:705914 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle Cloud sys ... oval:org.secpod.oval:def:605419 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2020-27815 A flaw was reported in the JFS filesystem code allowing a local attacker with the ability to set extended attributes to cause a denial of s ... oval:org.secpod.oval:def:1700819 A flaw was found in the JFS filesystem code. This flaw allows a local attacker with the ability to set extended attributes to panic the system, causing memory corruption or escalating privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availabil ... oval:org.secpod.oval:def:89002788 This update for the Linux Kernel 4.4.180-94_121 fixes several issues. The following security issues were fixed: - CVE-2020-36158: Fixed a potential remote code execution in the Marvell mwifiex driver . - CVE-2020-0465: Fixed multiple missing bounds checks in hid-multitouch.c that could have led to l ... oval:org.secpod.oval:def:1700542 In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in __mutex_lock in kernel/locking/mutex.c. This is related to mutex_can_spin_on_owner in kernel/locking/mutex.c, __btrfs_qgroup_free_me ... oval:org.secpod.oval:def:2500301 The kernel packages contain the Linux kernel, the core of any Linux operating system. oval:org.secpod.oval:def:70401 linux-oem-5.6: Linux kernel for OEM systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:89002847 The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-3348: Fixed a use-after-free in nbd_add_socket that could be triggered by local attackers via an I/O request at a certain point during device setup. oval:org.secpod.oval:def:705916 linux-oem-5.6: Linux kernel for OEM systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:97549 [CLSA-2021:1632261812] Fixed CVEs in kernel: CVE-2020-29661, CVE-2020-25211, CVE-2019-19532, CVE-2020-25656 oval:org.secpod.oval:def:97550 [CLSA-2021:1632261839] Fix of CVE: CVE-2020-29661, CVE-2019-19532, CVE-2020-25656, CVE-2020-25211 oval:org.secpod.oval:def:89002831 The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-3347: A use-after-free was discovered in the PI futexes during fault handling, allowing local users to execute code in the kernel . - CVE-2020-29569: Fixed ... |