Download
| Alert*
|
oval:org.secpod.oval:def:3300868
SUSE Security Update: Security update for xen oval:org.secpod.oval:def:2500825 The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. oval:org.secpod.oval:def:507241 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A use-after-free in cls_route filter implementation may lead to privilege escalation * Information leak in scsi_ioctl * A kernel-info-leak issue in pfkey_register * RetBleed Arbitrary Speculative ... oval:org.secpod.oval:def:4501165 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A use-after-free in cls_route filter implementation may lead to privilege escalation * Information leak in scsi_ioctl * A kernel-info-leak issue in pfkey_register * RetBleed Arbitrary Speculative ... oval:org.secpod.oval:def:89046829 This update for xen fixes the following issues: - CVE-2022-26363, CVE-2022-26364: Fixed insufficient care with non-coherent mappings . - CVE-2022-21123, CVE-2022-21125, CVE-2022-21166: Fixed MMIO stale data vulnerabilities on x86 . - CVE-2022-26362: Fixed a race condition in typeref acquisition . ... oval:org.secpod.oval:def:507249 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * a use-after-free in cls_route filter implementation may lead to privilege escalation * RetBleed Arbitrary Speculative Code Execution with Return Instructions * Branch Type Confusion * Intel: Pos ... oval:org.secpod.oval:def:89047467 This update for xen fixes the following issues: - CVE-2022-26363, CVE-2022-26364: Fixed insufficient care with non-coherent mappings . - CVE-2022-21123, CVE-2022-21125, CVE-2022-21166: Fixed MMIO stale data vulnerabilities on x86 . - CVE-2022-26362: Fixed a race condition in typeref acquisition . ... oval:org.secpod.oval:def:89046830 This update for xen fixes the following issues: - CVE-2022-26363, CVE-2022-26364: Fixed insufficient care with non-coherent mappings . - CVE-2022-21123, CVE-2022-21125, CVE-2022-21166: Fixed MMIO stale data vulnerabilities on x86 . - CVE-2022-26362: Fixed a race condition in typeref acquisition . ... oval:org.secpod.oval:def:123186 The kernel meta package oval:org.secpod.oval:def:1505934 [5.4.17-2136.310.7.el7uek] - net_sched: cls_route: remove from list when handle is 0 [Orabug: 34480880] {CVE-2022-2588} - x86/spec_ctrl: limit IBRS_FW to retpoline only [Orabug: 34450896] - x86/bugs: display dynamic retbleed state [Orabug: 34450896] - x86/bugs: remove incorrect __init/__ro_after_ ... oval:org.secpod.oval:def:1505935 [5.4.17-2136.310.7.el7] - net_sched: cls_route: remove from list when handle is 0 [Orabug: 34480880] {CVE-2022-2588} - x86/spec_ctrl: limit IBRS_FW to retpoline only [Orabug: 34450896] - x86/bugs: display dynamic retbleed state [Orabug: 34450896] - x86/bugs: remove incorrect __init/__ro_after_ini ... oval:org.secpod.oval:def:1505814 - 5.15.0-0.30.20.el8 - floppy: use a statically allocated error counter [Orabug: 34218638] {CVE-2022-1652} - x86: Disable RET on kexec [Orabug: 34335631] {CVE-2022-23816} {CVE-2022-29901} - x86/bugs: do not enable IBPB-on-entry when IBPB is not supported [Orabug: 34335631] {CVE-2022-23816} {CVE-2 ... oval:org.secpod.oval:def:123184 The kernel meta package oval:org.secpod.oval:def:1505936 [5.4.17-2136.310.7.el8uek] - net_sched: cls_route: remove from list when handle is 0 [Orabug: 34480880] {CVE-2022-2588} - x86/spec_ctrl: limit IBRS_FW to retpoline only [Orabug: 34450896] - x86/bugs: display dynamic retbleed state [Orabug: 34450896] - x86/bugs: remove incorrect __init/__ro_after_ ... oval:org.secpod.oval:def:1505837 [5.15.0-0.30.20] - floppy: use a statically allocated error counter [Orabug: 34218638] {CVE-2022-1652} - x86: Disable RET on kexec [Orabug: 34335631] {CVE-2022-29901} {CVE-2022-23816} - x86/bugs: do not enable IBPB-on-entry when IBPB is not supported [Orabug: 34335631] {CVE-2022-29901} {CVE-2022- ... oval:org.secpod.oval:def:1505937 [5.4.17-2136.310.7.el8] - net_sched: cls_route: remove from list when handle is 0 [Orabug: 34480880] {CVE-2022-2588} - x86/spec_ctrl: limit IBRS_FW to retpoline only [Orabug: 34450896] - x86/bugs: display dynamic retbleed state [Orabug: 34450896] - x86/bugs: remove incorrect __init/__ro_after_ini ... oval:org.secpod.oval:def:1505855 [5.15.0-0.30.20.el9uek] - floppy: use a statically allocated error counter [Orabug: 34218638] {CVE-2022-1652} - x86: Disable RET on kexec [Orabug: 34335631] {CVE-2022-29901} {CVE-2022-23816} - x86/bugs: do not enable IBPB-on-entry when IBPB is not supported [Orabug: 34335631] {CVE-2022-29901} {CV ... oval:org.secpod.oval:def:4501030 The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix: * kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation * kernel: information leak in scsi_ioctl * Ker ... oval:org.secpod.oval:def:2500835 The kernel packages contain the Linux kernel, the core of any Linux operating system. oval:org.secpod.oval:def:89047807 This update for xen fixes the following issues: - CVE-2022-26363, CVE-2022-26364: Fixed insufficient care with non-coherent mappings . - CVE-2022-21123, CVE-2022-21125, CVE-2022-21166: Fixed MMIO stale data vulnerabilities on x86 . - CVE-2022-26362: Fixed a race condition in typeref acquisition . ... oval:org.secpod.oval:def:89046818 This update for xen fixes the following issues: - CVE-2022-26363, CVE-2022-26364: Fixed insufficient care with non-coherent mappings . - CVE-2022-21123, CVE-2022-21125, CVE-2022-21166: Fixed MMIO stale data vulnerabilities on x86 . - CVE-2022-26362: Fixed a race condition in typeref acquisition . ... oval:org.secpod.oval:def:89046825 This update for xen fixes the following issues: - CVE-2022-26363, CVE-2022-26364: Fixed insufficient care with non-coherent mappings . - CVE-2022-21123, CVE-2022-21125, CVE-2022-21166: Fixed MMIO stale data vulnerabilities on x86 . - CVE-2022-26362: Fixed a race condition in typeref acquisition . ... oval:org.secpod.oval:def:89046822 This update for xen fixes the following issues: - CVE-2022-21123, CVE-2022-21125, CVE-2022-21166: Fixed MMIO stale data vulnerabilities on x86 . - CVE-2022-33745: Fixed insufficient TLB flush for x86 PV guests in shadow mode . - CVE-2022-23816, CVE-2022-23825, CVE-2022-29900: Fixed RETBLEED vulner ... oval:org.secpod.oval:def:89046821 This update for xen fixes the following issues: - CVE-2022-26363, CVE-2022-26364: Fixed insufficient care with non-coherent mappings . - CVE-2022-21123, CVE-2022-21125, CVE-2022-21166: Fixed MMIO stale data vulnerabilities on x86 . - CVE-2022-26362: Fixed a race condition in typeref acquisition . ... oval:org.secpod.oval:def:608722 Multiple vulnerabilities have been discovered in the Xen hypervisor, which could result in privilege escalation. In addition this updates provides mitigations for the Retbleed speculative execution attack and the MMIO stale data vulnerabilities. For additional information please refer to the followi ... oval:org.secpod.oval:def:124087 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:123554 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:85950 Multiple vulnerabilities have been discovered in the Xen hypervisor, which could result in privilege escalation. In addition this updates provides mitigations for the Retbleed speculative execution attack and the MMIO stale data vulnerabilities. For additional information please refer to the followi ... oval:org.secpod.oval:def:81946 The host is missing a critical security update for KB5015827 oval:org.secpod.oval:def:1506487 [5.4.17-2136.317.5.3.el7] - udf: Fix file corruption when appending just after end of preallocated extent [Orabug: 35192150] - selftests/ftrace: Fix bash specific == operator oval:org.secpod.oval:def:1506488 [5.4.17-2136.317.5.3.el8] - udf: Fix file corruption when appending just after end of preallocated extent [Orabug: 35192150] - selftests/ftrace: Fix bash specific == operator oval:org.secpod.oval:def:1506484 [5.4.17-2136.317.5.3.el7uek] - udf: Fix file corruption when appending just after end of preallocated extent [Orabug: 35192150] - selftests/ftrace: Fix bash specific == operator [Orabug: 35192150] - net: Fix unwanted sign extension in netdev_stats_to_stats64 oval:org.secpod.oval:def:1506486 [5.4.17-2136.317.5.3.el8uek] - udf: Fix file corruption when appending just after end of preallocated extent [Orabug: 35192150] - selftests/ftrace: Fix bash specific == operator [Orabug: 35192150] - net: Fix unwanted sign extension in netdev_stats_to_stats64 oval:org.secpod.oval:def:81889 Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type potentially leading to information disclosure. oval:org.secpod.oval:def:1700996 A bug in the IMA subsystem was discovered which would incorrectly allow kexec to be used when kernel lockdown was enabled A flaw was found in hw. Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions ... oval:org.secpod.oval:def:1700997 A flaw was found in hw. Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions. A flaw was found in hw. Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type, ... oval:org.secpod.oval:def:1507165 [5.4.17-2136.325.5.el7] - perf symbols: Symbol lookup with kcore can fail if multiple segments match stext [Orabug: 35905508] - char: misc: Increase the maximum number of dynamic misc devices to 1048448 [Orabug: 35905508] - perf/arm-cmn: Fix invalid pointer when access dtc object sharing the same ... oval:org.secpod.oval:def:507364 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * off-path attacker may inject data or terminate victim"s TCP session. oval:org.secpod.oval:def:2600093 The kernel packages contain the Linux kernel, the core of any Linux operating system. oval:org.secpod.oval:def:1506245 [5.14.0-162.6.1_1.OL9] - Update Oracle Linux certificates - Disable signing for aarch64 - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 - Remove nmap references from ... oval:org.secpod.oval:def:1506105 [4.18.0-372.32.1.0.1.el8_6.OL8] - Update Oracle Linux certificates - Disable signing for aarch64 - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] oval:org.secpod.oval:def:2600061 The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. oval:org.secpod.oval:def:1506131 [3.10.0-1160.80.1.0.1.el7.OL7] - debug: lock down kgdb [Orabug: 34270798] {CVE-2022-21499} [3.10.0-1160.80.1.el7.OL7] - Update Oracle Linux certificates - Oracle Linux RHCK Module Signing Key was compiled into kernel - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 15- ... oval:org.secpod.oval:def:19500119 2023-05-11: CVE-2023-2019 was added to this advisory.A flaw was found in the Linux kernel's netdevsim device driver, within the scheduling of events. This issue results from the improper management of a reference count. This may allow an attacker to create a denial of service condition on the system ... oval:org.secpod.oval:def:1701051 A flaw was found in hw. Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions. A use-after-free flaw was found in the Linux kernel's Unix socket Garbage Collection and io_uring. This flaw allows a lo ... |
