Download
| Alert*
oval:org.secpod.oval:def:89045985
The SUSE Linux Enterprise 12 SP3 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-25020: Fixed an overflow in the BPF subsystem due to a mishandling of a long jump over an instruction sequence where inner instructions require substa ... oval:org.secpod.oval:def:1505613 [4.14.35-2047.513.2.el7uek] - Revert rds/ib: recover rds connection from stuck tx path [Orabug: 34124234] - Revert rds/ib: reap tx completions during connection shutdown [Orabug: 34124234] - Revert rds/ib: handle posted ACK during connection shutdown [Orabug: 34124234] [4.14.35-2047.513.1.el7uek] ... oval:org.secpod.oval:def:89045980 The SUSE Linux Enterprise 15 SP2 LTSS kernel was updated receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-0435: Fixed remote stack overflow in net/tipc module that validate domain record count on input . - CVE-2021-45095: Fixed refcount leak in pep_sock_accep ... oval:org.secpod.oval:def:86633 linux-intel-5.13: Linux kernel for Intel IOTG Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:1505580 [4.14.35-2047.512.6.el7uek] - Revert rds/ib: recover rds connection from stuck rx path [Orabug: 34039271] - uek-rpm: update kABI lists for new symbols [Orabug: 33993774] [4.14.35-2047.512.5.el7uek] - netfilter: nf_tables: initialize registers in nft_do_chain [Orabug: 34012925] {CVE-2022-1016} - r ... oval:org.secpod.oval:def:1505582 [4.1.12-124.61.2] - exec, elf: ignore invalid note data [Orabug: 34023956] [4.1.12-124.61.1] - drm/i915: Flush TLBs before releasing backing store [Orabug: 33835812] {CVE-2022-0330} - drm/i915: Reduce locking in execlist command submission [Orabug: 33835812] {CVE-2022-0330} - ipv4: make exception ... oval:org.secpod.oval:def:506787 This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Security Fix: * kernel: Use After Free in unix_gc which could result in a local privilege escalation * kernel: local privilege escalation by exploiting the fsconfi ... oval:org.secpod.oval:def:4500897 The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix: * kernel: improper initialization of the "flags" member of the new pipe_buffer * kernel: Use After Free in unix_gc which could result in a loc ... oval:org.secpod.oval:def:89047478 The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-0435: Fixed remote stack overflow in net/tipc module that validate domain record count on input . - CVE-2022-0330: Fixed flush TLBs before releasing backin ... oval:org.secpod.oval:def:506704 This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Security Fix: * kernel: use after free in eventpoll.c may lead to escalation of privilege * kernel: Use After Free in unix_gc which could result in a local privile ... oval:org.secpod.oval:def:1505628 [4.14.35-2047.512.6.el7] - Revert "rds/ib: recover rds connection from stuck rx path" [Orabug: 34039271] - uek-rpm: update kABI lists for new symbols [Orabug: 33993774] oval:org.secpod.oval:def:506715 The kernel packages contain the Linux kernel, the core of any Linux operating system. The following packages have been upgraded to a later upstream version: kernel . Security Fix: * kernel: improper initialization of the flags member of the new pipe_buffer * kernel: Use After Free in unix_gc which ... oval:org.secpod.oval:def:89046294 This update for the Linux Kernel 4.4.180-94_150 fixes one issue. The following security issue was fixed: - CVE-2022-0330: A random memory access flaw was found in the Linux kernel"s GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. This flaw allowed a local us ... oval:org.secpod.oval:def:89045993 The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-0435: Fixed remote stack overflow in net/tipc module that validate domain record count on input . - CVE-2021-3564: Fixed double-free memory corruptio ... oval:org.secpod.oval:def:79871 linux-hwe-5.13: Linux hardware enablement kernel Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:79873 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems - linux-dell300x: Linux kernel for Dell 300x platforms - linux-gcp-4.15: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for clo ... oval:org.secpod.oval:def:1505496 [4.18.0-348.20.1.el8_5.OL8] - Update Oracle Linux certificates - Disable signing for aarch64 - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 lt;= 15-11.0.5.el8 [4.18. ... oval:org.secpod.oval:def:88339 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2021-43976 Zekun Shen and Brendan Dolan-Gavitt discovered a flaw in the mwifiex_usb_recv function of the Marvell WiFi-Ex USB Driver. An attacker able ... oval:org.secpod.oval:def:121541 The kernel meta package oval:org.secpod.oval:def:3300914 SUSE Security Update: Security update for the Linux Kernel oval:org.secpod.oval:def:4501029 The kernel packages contain the Linux kernel, the core of any Linux operating system. The following packages have been upgraded to a later upstream version: kernel . Security Fix: * kernel: improper initialization of the "flags" member of the new pipe_buffer * kernel: Use After Free in unix_gc whi ... oval:org.secpod.oval:def:89046067 The SUSE Linux Enterprise 12 SP2 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-25020: Fixed an overflow in the BPF subsystem due to a mishandling of a long jump over an instruction sequence where inner instructions require substa ... oval:org.secpod.oval:def:2500564 The kernel packages contain the Linux kernel, the core of any Linux operating system. oval:org.secpod.oval:def:706324 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle Cloud systems - linux-raspi: Linux kernel for Raspberry Pi systems Seve ... oval:org.secpod.oval:def:706323 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems - linux-dell300x: Linux kernel for Dell 300x platforms - linux-gcp-4.15: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for clo ... oval:org.secpod.oval:def:1505555 [4.1.12-124.61.2.el7uek] - exec, elf: ignore invalid note data [Orabug: 34023956] [4.1.12-124.61.1.el7uek] - drm/i915: Flush TLBs before releasing backing store [Orabug: 33835812] {CVE-2022-0330} - drm/i915: Reduce locking in execlist command submission [Orabug: 33835812] {CVE-2022-0330} - ipv4: ... oval:org.secpod.oval:def:606113 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2021-43976 Zekun Shen and Brendan Dolan-Gavitt discovered a flaw in the mwifiex_usb_recv function of the Marvell WiFi-Ex USB Driver. An attacker able ... oval:org.secpod.oval:def:89045962 The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-0435: Fixed remote stack overflow in net/tipc module that validate domain record count on input . - CVE-2021-3564: Fixed double-free memory corruption in t ... oval:org.secpod.oval:def:78275 The kernel packages contain the Linux kernel, the core of any Linux operating system. The following packages have been upgraded to a later upstream version: kernel . Security Fix: * kernel: improper initialization of the flags member of the new pipe_buffer * kernel: Use After Free in unix_gc which ... oval:org.secpod.oval:def:706391 linux-intel-5.13: Linux kernel for Intel IOTG Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:121538 The kernel meta package oval:org.secpod.oval:def:706317 linux-hwe-5.13: Linux hardware enablement kernel Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:205942 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: use after free in eventpoll.c may lead to escalation of privilege * kernel: Use After Free in unix_gc which could result in a local privilege escalation * kernel: xfs: raw block device dat ... oval:org.secpod.oval:def:506703 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: use after free in eventpoll.c may lead to escalation of privilege * kernel: Use After Free in unix_gc which could result in a local privilege escalation * kernel: xfs: raw block device dat ... oval:org.secpod.oval:def:1505511 [5.4.17-2136.305.5.3.el7] - bpf: fix out-of-tree module build oval:org.secpod.oval:def:1505514 [5.4.17-2136.305.5.3.el8] - bpf: fix out-of-tree module build oval:org.secpod.oval:def:1505512 [5.4.17-2136.305.5.3.el7uek] - bpf: fix out-of-tree module build oval:org.secpod.oval:def:1505516 [5.4.17-2136.305.5.3.el8uek] - bpf: fix out-of-tree module build oval:org.secpod.oval:def:1505547 [3.10.0-1160.59.1.OL7] - Update Oracle Linux certificates - Oracle Linux RHCK Module Signing Key was compiled into kernel - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 - Update oracle value to match new certificate [3.10.0-1160.59.1] - Revert "Merge: Fix tasks stu ... oval:org.secpod.oval:def:89045989 The SUSE Linux Enterprise 15 SP1 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-0435: Fixed remote stack overflow in net/tipc module that validate domain record count on input . - CVE-2022-0330: Fixed flush TLBs before releasing b ... oval:org.secpod.oval:def:3300454 SUSE Security Update: Security update for the Linux Kernel oval:org.secpod.oval:def:79852 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2020-29374 Jann Horn of Google reported a flaw in Linux"s virtual memory management. A parent and child process initially share all their memory, but ... oval:org.secpod.oval:def:89045995 The SUSE Linux Enterprise 12 SP4 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-0435: Fixed remote stack overflow in net/tipc module that validate domain record count on input . - CVE-2022-0330: Fixed flush TLBs before releasing b ... oval:org.secpod.oval:def:89045991 The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-0435: Fixed remote stack overflow in net/tipc module that validate domain record count on input . - CVE-2021-3564: Fixed double-free memory corruption in the L ... oval:org.secpod.oval:def:79870 linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-azure-fde: Linux kernel for Microsoft Azure cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gkeop: Linux kernel for Google Container Engin ... oval:org.secpod.oval:def:79872 linux-gke: Linux kernel for Google Container Engine systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:79869 linux: Linux kernel Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:1507165 [5.4.17-2136.325.5.el7] - perf symbols: Symbol lookup with kcore can fail if multiple segments match stext [Orabug: 35905508] - char: misc: Increase the maximum number of dynamic misc devices to 1048448 [Orabug: 35905508] - perf/arm-cmn: Fix invalid pointer when access dtc object sharing the same ... oval:org.secpod.oval:def:706322 linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-azure-fde: Linux kernel for Microsoft Azure cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gkeop: Linux kernel for Google Container Engin ... oval:org.secpod.oval:def:606192 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2020-29374 Jann Horn of Google reported a flaw in Linux"s virtual memory management. A parent and child process initially share all their memory, but ... oval:org.secpod.oval:def:706316 linux: Linux kernel Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:706319 linux-gke: Linux kernel for Google Container Engine systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:1601520 Amazon Linux has been made aware of a potential Branch Target Injection issue . This is a known cross-domain transient execution attack where a third party may seek to cause a disclosure gadget to be speculatively executed after an indirect branch prediction. Generally, actors who attempt transient ... oval:org.secpod.oval:def:1700867 Amazon Linux has been made aware of a potential Branch Target Injection issue . This is a known cross-domain transient execution attack where a third party may seek to cause a disclosure gadget to be speculatively executed after an indirect branch prediction. Generally, actors who attempt transient ... oval:org.secpod.oval:def:1700843 A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. This flaw allows a local user to crash the system or escalate their privileges on the system. The cgroup release_agent is called with call_usermodehel ... oval:org.secpod.oval:def:1700844 A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. This flaw allows a local user to crash the system or escalate their privileges on the system. The cgroup release_agent is called with call_usermodehel ... |