Download
| Alert*
oval:org.secpod.oval:def:1505894
[4.1.12-124.65.1.el7uek] - cgroup-v1: Require capabilities to set release_agent [Orabug: 33825689] {CVE-2022-0492} - ocfs2: kill EBUSY from dlmfs_evict_inode [Orabug: 34091904] - ocfs2: dlmfs: fix error handling of user_dlm_destroy_lock [Orabug: 34091904] - ocfs2: dlmfs: don"t clear USER_LOCK_ATT ... oval:org.secpod.oval:def:1505910 [4.1.12-124.65.1] - cgroup-v1: Require capabilities to set release_agent [Orabug: 33825689] {CVE-2022-0492} - ocfs2: kill EBUSY from dlmfs_evict_inode [Orabug: 34091904] - ocfs2: dlmfs: fix error handling of user_dlm_destroy_lock [Orabug: 34091904] - ocfs2: dlmfs: don"t clear USER_LOCK_ATTACHED w ... oval:org.secpod.oval:def:88340 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2020-36310 A flaw was discovered in the KVM implementation for AMD processors, which could lead to an infinite loop. A malicious VM guest could exploi ... oval:org.secpod.oval:def:1505496 [4.18.0-348.20.1.el8_5.OL8] - Update Oracle Linux certificates - Disable signing for aarch64 - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 lt;= 15-11.0.5.el8 [4.18. ... oval:org.secpod.oval:def:89047529 The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. Transient execution side-channel attacks attacking the Branch History Buffer , named 'Branch Target Injection' and 'Intra-Mode Branch History Injection' are now mitigated. The following security bugs were f ... oval:org.secpod.oval:def:1505613 [4.14.35-2047.513.2.el7uek] - Revert rds/ib: recover rds connection from stuck tx path [Orabug: 34124234] - Revert rds/ib: reap tx completions during connection shutdown [Orabug: 34124234] - Revert rds/ib: handle posted ACK during connection shutdown [Orabug: 34124234] [4.14.35-2047.513.1.el7uek] ... oval:org.secpod.oval:def:89046032 The SUSE Linux Enterprise 12 SP3 kernel was updated to receive various security and bugfixes. Transient execution side-channel attacks attacking the Branch History Buffer , named Branch Target Injection and Intra-Mode Branch History Injection are now mitigated. The following security bugs were fixed ... oval:org.secpod.oval:def:86633 linux-intel-5.13: Linux kernel for Intel IOTG Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:1505616 [3.10.0-1160.66.1.el7.OL7] - Update Oracle Linux certificates - Oracle Linux RHCK Module Signing Key was compiled into kernel - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 lt;= 15-2.0.9.el7 - Update oracle value to match new certificate [3.10.0-1160.66.1.el7] - net ... oval:org.secpod.oval:def:1700839 A denial of service flaw for virtual machine guests in the Linux kernel's Xen hypervisor subsystem was found in the way users call some interrupts with high frequency from one of the guests.A local user could use this flaw to starve the resources resulting in a denial of service. A denial of service ... oval:org.secpod.oval:def:1505580 [4.14.35-2047.512.6.el7uek] - Revert rds/ib: recover rds connection from stuck rx path [Orabug: 34039271] - uek-rpm: update kABI lists for new symbols [Orabug: 33993774] [4.14.35-2047.512.5.el7uek] - netfilter: nf_tables: initialize registers in nft_do_chain [Orabug: 34012925] {CVE-2022-1016} - r ... oval:org.secpod.oval:def:506787 This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Security Fix: * kernel: Use After Free in unix_gc which could result in a local privilege escalation * kernel: local privilege escalation by exploiting the fsconfi ... oval:org.secpod.oval:def:4501029 The kernel packages contain the Linux kernel, the core of any Linux operating system. The following packages have been upgraded to a later upstream version: kernel . Security Fix: * kernel: improper initialization of the "flags" member of the new pipe_buffer * kernel: Use After Free in unix_gc whi ... oval:org.secpod.oval:def:4500897 The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix: * kernel: improper initialization of the "flags" member of the new pipe_buffer * kernel: Use After Free in unix_gc which could result in a loc ... oval:org.secpod.oval:def:606124 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2020-36310 A flaw was discovered in the KVM implementation for AMD processors, which could lead to an infinite loop. A malicious VM guest could exploi ... oval:org.secpod.oval:def:506947 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: cgroups v1 release_agent feature may allow privilege escalation For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information ... oval:org.secpod.oval:def:1700844 A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. This flaw allows a local user to crash the system or escalate their privileges on the system. The cgroup release_agent is called with call_usermodehel ... oval:org.secpod.oval:def:506945 This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Security Fix: * kernel: cgroups v1 release_agent feature may allow privilege escalation For more details about the security issue, including the impact, a CVSS sco ... oval:org.secpod.oval:def:1700843 A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. This flaw allows a local user to crash the system or escalate their privileges on the system. The cgroup release_agent is called with call_usermodehel ... oval:org.secpod.oval:def:89046066 The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes. Transient execution side-channel attacks attacking the Branch History Buffer , named Branch Target Injection and Intra-Mode Branch History Injection are now mitigated. The following security bugs were fixed ... oval:org.secpod.oval:def:89046023 The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes. Transient execution side-channel attacks attacking the Branch History Buffer , named Branch Target Injection and Intra-Mode Branch History Injection are now mitigated. The following security bugs were fixed ... oval:org.secpod.oval:def:2500564 The kernel packages contain the Linux kernel, the core of any Linux operating system. oval:org.secpod.oval:def:89046186 This update for the Linux Kernel 4.4.180-94_153 fixes one issue. The following security issue was fixed: - CVE-2022-0492: Fixed a privilege escalation related to cgroups v1 release_agent feature, which allowed bypassing namespace isolation unexpectedly . oval:org.secpod.oval:def:1505628 [4.14.35-2047.512.6.el7] - Revert "rds/ib: recover rds connection from stuck rx path" [Orabug: 34039271] - uek-rpm: update kABI lists for new symbols [Orabug: 33993774] oval:org.secpod.oval:def:1505549 [4.14.35-2047.511.5.2.el7] - cgroup-v1: Require capabilities to set release_agent [Orabug: 33876756] {CVE-2022-0492} - scsi: libiscsi: Hold back_lock when calling iscsi_complete_task [Orabug: 33876755] [4.14.35-2047.511.5.1] - arm64, mm, efi: Account for GICv3 LPI tables in static memblock reserve ... oval:org.secpod.oval:def:706365 linux-bluefield: Linux kernel for NVIDIA BlueField platforms Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:97630 [CLSA-2022:1650986488] Fixed CVEs in kernel: CVE-2021-4155, CVE-2021-0920, CVE-2022-0492, CVE-2020-0466 oval:org.secpod.oval:def:97631 [CLSA-2022:1650986589] Fix of CVE: CVE-2021-0920, CVE-2022-0492, CVE-2020-0466, CVE-2021-4155 oval:org.secpod.oval:def:1601512 A flaw in the processing of received ICMP errors in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypass the source port UDP randomization. The highest threat from this vulnerability is to confid ... oval:org.secpod.oval:def:79888 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gke: Linux kernel for Google Container Engine systems - linux-gkeop: Linux kernel for Google Container Engine systems - linux-ibm: Linux kernel for I ... oval:org.secpod.oval:def:79889 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems - linux-dell300x: Linux kernel for Dell 300x platforms - linux-gcp-4.15: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for clo ... oval:org.secpod.oval:def:506838 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: use after free in eventpoll.c may lead to escalation of privilege * kernel: Use After Free in unix_gc which could result in a local privilege escalation * kernel: xfs: raw block device dat ... oval:org.secpod.oval:def:506715 The kernel packages contain the Linux kernel, the core of any Linux operating system. The following packages have been upgraded to a later upstream version: kernel . Security Fix: * kernel: improper initialization of the flags member of the new pipe_buffer * kernel: Use After Free in unix_gc which ... oval:org.secpod.oval:def:1505431 [5.4.17-2136.302.7.2.3] - cgroup-v1: Require capabilities to set release_agent [Orabug: 33832574] {CVE-2022-0492} oval:org.secpod.oval:def:706356 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gke: Linux kernel for Google Container Engine systems - linux-gkeop: Linux kernel for Google Container Engine systems - linux-ibm: Linux kernel for I ... oval:org.secpod.oval:def:706358 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems - linux-dell300x: Linux kernel for Dell 300x platforms - linux-gcp-4.15: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for clo ... oval:org.secpod.oval:def:3300611 SUSE Security Update: Security update for the Linux Kernel oval:org.secpod.oval:def:78275 The kernel packages contain the Linux kernel, the core of any Linux operating system. The following packages have been upgraded to a later upstream version: kernel . Security Fix: * kernel: improper initialization of the flags member of the new pipe_buffer * kernel: Use After Free in unix_gc which ... oval:org.secpod.oval:def:706391 linux-intel-5.13: Linux kernel for Intel IOTG Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:1506014 [2.6.32-754.35.1.0.6.OL6] [[:digit]o_epoll_ctl: clean the failure exits up a bit {CVE-2020-0466} [Orabug: 34086960] - epoll: Keep a reference on files added to the check list {CVE-2020-0466} [Orabug: 34086960] - fix regression in "epoll: Keep a reference on files added to the check list {CVE-2021 ... oval:org.secpod.oval:def:80423 linux-bluefield: Linux kernel for NVIDIA BlueField platforms Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:1505764 [5.4.17-2136.308.7.el8] - uek-rpm: Update OL7/8 Secureboot certificate and shim versions. oval:org.secpod.oval:def:1505405 [5.4.17-2136.302.7.2.3.el8] - cgroup-v1: Require capabilities to set release_agent [Orabug: 33832574] {CVE-2022-0492} oval:org.secpod.oval:def:1505768 [5.4.17-2136.308.7.el7] - uek-rpm: Update OL7/8 Secureboot certificate and shim versions. oval:org.secpod.oval:def:1505404 [5.4.17-2136.302.7.2.3.el7uek] - cgroup-v1: Require capabilities to set release_agent [Orabug: 33832574] {CVE-2022-0492} oval:org.secpod.oval:def:89046165 This update for the Linux Kernel 4.12.14-122_106 fixes several issues. The following security issues were fixed: - CVE-2022-0487: A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove in drivers/memstick/host/rtsx_usb_ms.c . - CVE-2022-0492: Fixed a privilege escalation related to cgrou ... oval:org.secpod.oval:def:205958 Security Fix: kernel: cgroups v1 release_agent feature may allow privilege escalation For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. Bug Fix: oval:org.secpod.oval:def:1505406 [5.4.17-2136.302.7.2.3.el8uek] - cgroup-v1: Require capabilities to set release_agent [Orabug: 33832574] {CVE-2022-0492} oval:org.secpod.oval:def:1505453 [5.4.17-2136.304.4.1] - Revert rds/ib: Kernel upgrade to rds_ib_conns info displayed by rds-info [Orabug: 33832625] - cgroup-v1: Require capabilities to set release_agent [Orabug: 33832582] {CVE-2022-0492} [5.4.17-2136.304.4] - scsi: libiscsi: Fix iscsi_task use after free [Orabug: 33794250] - sc ... oval:org.secpod.oval:def:1505511 [5.4.17-2136.305.5.3.el7] - bpf: fix out-of-tree module build oval:org.secpod.oval:def:1505514 [5.4.17-2136.305.5.3.el8] - bpf: fix out-of-tree module build oval:org.secpod.oval:def:1505512 [5.4.17-2136.305.5.3.el7uek] - bpf: fix out-of-tree module build oval:org.secpod.oval:def:1505516 [5.4.17-2136.305.5.3.el8uek] - bpf: fix out-of-tree module build oval:org.secpod.oval:def:1505449 [5.4.17-2136.304.4.1] - Revert rds/ib: Kernel upgrade to rds_ib_conns info displayed by rds-info [Orabug: 33832625] - cgroup-v1: Require capabilities to set release_agent [Orabug: 33832582] {CVE-2022-0492} [5.4.17-2136.304.4] - scsi: libiscsi: Fix iscsi_task use after free [Orabug: 33794250] - sc ... oval:org.secpod.oval:def:706389 linux-azure-5.13: Linux kernel for Microsoft Azure cloud systems - linux-oracle-5.13: Linux kernel for Oracle Cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:1507165 [5.4.17-2136.325.5.el7] - perf symbols: Symbol lookup with kcore can fail if multiple segments match stext [Orabug: 35905508] - char: misc: Increase the maximum number of dynamic misc devices to 1048448 [Orabug: 35905508] - perf/arm-cmn: Fix invalid pointer when access dtc object sharing the same ... oval:org.secpod.oval:def:1505466 [4.14.35-2047.511.5.2.el7uek] - cgroup-v1: Require capabilities to set release_agent [Orabug: 33876756] {CVE-2022-0492} - scsi: libiscsi: Hold back_lock when calling iscsi_complete_task [Orabug: 33876755] [4.14.35-2047.511.5.1.el7uek] - arm64, mm, efi: Account for GICv3 LPI tables in static memblo ... oval:org.secpod.oval:def:79852 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2020-29374 Jann Horn of Google reported a flaw in Linux"s virtual memory management. A parent and child process initially share all their memory, but ... oval:org.secpod.oval:def:79887 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-raspi: Linux kernel for Raspberry Pi systems - linux-aws-5.13: Linux kernel for Amazon Web Services sy ... oval:org.secpod.oval:def:606192 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2020-29374 Jann Horn of Google reported a flaw in Linux"s virtual memory management. A parent and child process initially share all their memory, but ... oval:org.secpod.oval:def:706359 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-raspi: Linux kernel for Raspberry Pi systems - linux-aws-5.13: Linux kernel for Amazon Web Services sy ... oval:org.secpod.oval:def:86452 linux-azure-5.13: Linux kernel for Microsoft Azure cloud systems - linux-oracle-5.13: Linux kernel for Oracle Cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:3300887 SUSE Security Update: Security update for the Linux Kernel oval:org.secpod.oval:def:79874 linux-oem-5.14: Linux kernel for OEM systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:89046035 The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes. Transient execution side-channel attacks attacking the Branch History Buffer , named Branch Target Injection and Intra-Mode Branch History Injection are now mitigated. The following security bugs were fixed ... oval:org.secpod.oval:def:89046079 The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. Transient execution side-channel attacks attacking the Branch History Buffer , named Branch Target Injection and Intra-Mode Branch History Injection are now mitigated. The following security bugs were fixed: - ... oval:org.secpod.oval:def:89046022 The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes. Transient execution side-channel attacks attacking the Branch History Buffer , named Branch Target Injection and Intra-Mode Branch History Injection are now mitigated. The following security bugs were fixed ... oval:org.secpod.oval:def:706325 linux-oem-5.14: Linux kernel for OEM systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:89046008 The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes. Transient execution side-channel attacks attacking the Branch History Buffer , named Branch Target Injection and Intra-Mode Branch History Injection are now mitigated. The following security bugs were ... oval:org.secpod.oval:def:89046005 The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes. Transient execution side-channel attacks attacking the Branch History Buffer , named Branch Target Injection and Intra-Mode Branch History Injection are now mitigated. The following security bugs were fixed ... oval:org.secpod.oval:def:89046040 The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. Transient execution side-channel attacks attacking the Branch History Buffer , named Branch Target Injection and Intra-Mode Branch History Injection are now mitigated. The following security bugs were fixed ... oval:org.secpod.oval:def:19500119 2023-05-11: CVE-2023-2019 was added to this advisory.A flaw was found in the Linux kernel's netdevsim device driver, within the scheduling of events. This issue results from the improper management of a reference count. This may allow an attacker to create a denial of service condition on the system ... |