Download
| Alert*
oval:org.secpod.oval:def:706341
linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle Cloud sys ... oval:org.secpod.oval:def:1505490 [4.14.35-2047.511.5.6.el7uek] - lib/iov_iter: initialize quot;flagsquot; in new pipe_buffer [Orabug: 33942242] {CVE-2022-0847} oval:org.secpod.oval:def:1505496 [4.18.0-348.20.1.el8_5.OL8] - Update Oracle Linux certificates - Disable signing for aarch64 - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 lt;= 15-11.0.5.el8 [4.18. ... oval:org.secpod.oval:def:78435 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle Cloud sys ... oval:org.secpod.oval:def:89047529 The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. Transient execution side-channel attacks attacking the Branch History Buffer , named 'Branch Target Injection' and 'Intra-Mode Branch History Injection' are now mitigated. The following security bugs were f ... oval:org.secpod.oval:def:606113 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2021-43976 Zekun Shen and Brendan Dolan-Gavitt discovered a flaw in the mwifiex_usb_recv function of the Marvell WiFi-Ex USB Driver. An attacker able ... oval:org.secpod.oval:def:506715 The kernel packages contain the Linux kernel, the core of any Linux operating system. The following packages have been upgraded to a later upstream version: kernel . Security Fix: * kernel: improper initialization of the flags member of the new pipe_buffer * kernel: Use After Free in unix_gc which ... oval:org.secpod.oval:def:89046159 A flaw was found in the way the flags member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to pages in the page cach ... oval:org.secpod.oval:def:1505613 [4.14.35-2047.513.2.el7uek] - Revert rds/ib: recover rds connection from stuck tx path [Orabug: 34124234] - Revert rds/ib: reap tx completions during connection shutdown [Orabug: 34124234] - Revert rds/ib: handle posted ACK during connection shutdown [Orabug: 34124234] [4.14.35-2047.513.1.el7uek] ... oval:org.secpod.oval:def:88339 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2021-43976 Zekun Shen and Brendan Dolan-Gavitt discovered a flaw in the mwifiex_usb_recv function of the Marvell WiFi-Ex USB Driver. An attacker able ... oval:org.secpod.oval:def:86633 linux-intel-5.13: Linux kernel for Intel IOTG Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:3300611 SUSE Security Update: Security update for the Linux Kernel oval:org.secpod.oval:def:78275 The kernel packages contain the Linux kernel, the core of any Linux operating system. The following packages have been upgraded to a later upstream version: kernel . Security Fix: * kernel: improper initialization of the flags member of the new pipe_buffer * kernel: Use After Free in unix_gc which ... oval:org.secpod.oval:def:1505580 [4.14.35-2047.512.6.el7uek] - Revert rds/ib: recover rds connection from stuck rx path [Orabug: 34039271] - uek-rpm: update kABI lists for new symbols [Orabug: 33993774] [4.14.35-2047.512.5.el7uek] - netfilter: nf_tables: initialize registers in nft_do_chain [Orabug: 34012925] {CVE-2022-1016} - r ... oval:org.secpod.oval:def:706391 linux-intel-5.13: Linux kernel for Intel IOTG Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:78015 A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to pages in the page ca ... oval:org.secpod.oval:def:1505485 [5.4.17-2136.304.4.5.el8uek] - lib/iov_iter: initialize quot;flagsquot; in new pipe_buffer [Orabug: 33942329] {CVE-2022-0847} - bpf: Disallow unprivileged bpf by default [Orabug: 33942374] oval:org.secpod.oval:def:4501029 The kernel packages contain the Linux kernel, the core of any Linux operating system. The following packages have been upgraded to a later upstream version: kernel . Security Fix: * kernel: improper initialization of the "flags" member of the new pipe_buffer * kernel: Use After Free in unix_gc whi ... oval:org.secpod.oval:def:4500897 The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix: * kernel: improper initialization of the "flags" member of the new pipe_buffer * kernel: Use After Free in unix_gc which could result in a loc ... oval:org.secpod.oval:def:1505489 [5.4.17-2136.304.4.5.el7] - lib/iov_iter: initialize quot;flagsquot; in new pipe_buffer [Orabug: 33942329] {CVE-2022-0847} - bpf: Disallow unprivileged bpf by default [Orabug: 33942374] oval:org.secpod.oval:def:1505487 [5.4.17-2136.304.4.5.el7uek] - lib/iov_iter: initialize quot;flagsquot; in new pipe_buffer [Orabug: 33942329] {CVE-2022-0847} - bpf: Disallow unprivileged bpf by default [Orabug: 33942374] oval:org.secpod.oval:def:1505486 [5.4.17-2136.304.4.5.el8] - lib/iov_iter: initialize quot;flagsquot; in new pipe_buffer [Orabug: 33942329] {CVE-2022-0847} - bpf: Disallow unprivileged bpf by default [Orabug: 33942374] oval:org.secpod.oval:def:1505525 [4.14.35-2047.511.5.6.el7] - lib/iov_iter: initialize "flags" in new pipe_buffer [Orabug: 33942242] {CVE-2022-0847} oval:org.secpod.oval:def:2500564 The kernel packages contain the Linux kernel, the core of any Linux operating system. oval:org.secpod.oval:def:1505628 [4.14.35-2047.512.6.el7] - Revert "rds/ib: recover rds connection from stuck rx path" [Orabug: 34039271] - uek-rpm: update kABI lists for new symbols [Orabug: 33993774] oval:org.secpod.oval:def:1505511 [5.4.17-2136.305.5.3.el7] - bpf: fix out-of-tree module build oval:org.secpod.oval:def:1505514 [5.4.17-2136.305.5.3.el8] - bpf: fix out-of-tree module build oval:org.secpod.oval:def:1505512 [5.4.17-2136.305.5.3.el7uek] - bpf: fix out-of-tree module build oval:org.secpod.oval:def:1505516 [5.4.17-2136.305.5.3.el8uek] - bpf: fix out-of-tree module build oval:org.secpod.oval:def:89046035 The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes. Transient execution side-channel attacks attacking the Branch History Buffer , named Branch Target Injection and Intra-Mode Branch History Injection are now mitigated. The following security bugs were fixed ... oval:org.secpod.oval:def:89046005 The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes. Transient execution side-channel attacks attacking the Branch History Buffer , named Branch Target Injection and Intra-Mode Branch History Injection are now mitigated. The following security bugs were fixed ... oval:org.secpod.oval:def:19500119 2023-05-11: CVE-2023-2019 was added to this advisory.A flaw was found in the Linux kernel's netdevsim device driver, within the scheduling of events. This issue results from the improper management of a reference count. This may allow an attacker to create a denial of service condition on the system ... oval:org.secpod.oval:def:1700859 Amazon Linux has been made aware of a potential Branch Target Injection issue . This is a known cross-domain transient execution attack where a third party may seek to cause a disclosure gadget to be speculatively executed after an indirect branch prediction. Generally, actors who attempt transient ... |