Download
| Alert*
oval:org.secpod.oval:def:3300868
SUSE Security Update: Security update for xen oval:org.secpod.oval:def:2500825 The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. oval:org.secpod.oval:def:507241 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A use-after-free in cls_route filter implementation may lead to privilege escalation * Information leak in scsi_ioctl * A kernel-info-leak issue in pfkey_register * RetBleed Arbitrary Speculative ... oval:org.secpod.oval:def:4501165 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A use-after-free in cls_route filter implementation may lead to privilege escalation * Information leak in scsi_ioctl * A kernel-info-leak issue in pfkey_register * RetBleed Arbitrary Speculative ... oval:org.secpod.oval:def:89046829 This update for xen fixes the following issues: - CVE-2022-26363, CVE-2022-26364: Fixed insufficient care with non-coherent mappings . - CVE-2022-21123, CVE-2022-21125, CVE-2022-21166: Fixed MMIO stale data vulnerabilities on x86 . - CVE-2022-26362: Fixed a race condition in typeref acquisition . ... oval:org.secpod.oval:def:507249 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * a use-after-free in cls_route filter implementation may lead to privilege escalation * RetBleed Arbitrary Speculative Code Execution with Return Instructions * Branch Type Confusion * Intel: Pos ... oval:org.secpod.oval:def:89047467 This update for xen fixes the following issues: - CVE-2022-26363, CVE-2022-26364: Fixed insufficient care with non-coherent mappings . - CVE-2022-21123, CVE-2022-21125, CVE-2022-21166: Fixed MMIO stale data vulnerabilities on x86 . - CVE-2022-26362: Fixed a race condition in typeref acquisition . ... oval:org.secpod.oval:def:89046830 This update for xen fixes the following issues: - CVE-2022-26363, CVE-2022-26364: Fixed insufficient care with non-coherent mappings . - CVE-2022-21123, CVE-2022-21125, CVE-2022-21166: Fixed MMIO stale data vulnerabilities on x86 . - CVE-2022-26362: Fixed a race condition in typeref acquisition . ... oval:org.secpod.oval:def:123186 The kernel meta package oval:org.secpod.oval:def:123184 The kernel meta package oval:org.secpod.oval:def:4501030 The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix: * kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation * kernel: information leak in scsi_ioctl * Ker ... oval:org.secpod.oval:def:2500835 The kernel packages contain the Linux kernel, the core of any Linux operating system. oval:org.secpod.oval:def:89047807 This update for xen fixes the following issues: - CVE-2022-26363, CVE-2022-26364: Fixed insufficient care with non-coherent mappings . - CVE-2022-21123, CVE-2022-21125, CVE-2022-21166: Fixed MMIO stale data vulnerabilities on x86 . - CVE-2022-26362: Fixed a race condition in typeref acquisition . ... oval:org.secpod.oval:def:89046818 This update for xen fixes the following issues: - CVE-2022-26363, CVE-2022-26364: Fixed insufficient care with non-coherent mappings . - CVE-2022-21123, CVE-2022-21125, CVE-2022-21166: Fixed MMIO stale data vulnerabilities on x86 . - CVE-2022-26362: Fixed a race condition in typeref acquisition . ... oval:org.secpod.oval:def:89046825 This update for xen fixes the following issues: - CVE-2022-26363, CVE-2022-26364: Fixed insufficient care with non-coherent mappings . - CVE-2022-21123, CVE-2022-21125, CVE-2022-21166: Fixed MMIO stale data vulnerabilities on x86 . - CVE-2022-26362: Fixed a race condition in typeref acquisition . ... oval:org.secpod.oval:def:89046822 This update for xen fixes the following issues: - CVE-2022-21123, CVE-2022-21125, CVE-2022-21166: Fixed MMIO stale data vulnerabilities on x86 . - CVE-2022-33745: Fixed insufficient TLB flush for x86 PV guests in shadow mode . - CVE-2022-23816, CVE-2022-23825, CVE-2022-29900: Fixed RETBLEED vulner ... oval:org.secpod.oval:def:89046821 This update for xen fixes the following issues: - CVE-2022-26363, CVE-2022-26364: Fixed insufficient care with non-coherent mappings . - CVE-2022-21123, CVE-2022-21125, CVE-2022-21166: Fixed MMIO stale data vulnerabilities on x86 . - CVE-2022-26362: Fixed a race condition in typeref acquisition . ... oval:org.secpod.oval:def:608722 Multiple vulnerabilities have been discovered in the Xen hypervisor, which could result in privilege escalation. In addition this updates provides mitigations for the Retbleed speculative execution attack and the MMIO stale data vulnerabilities. For additional information please refer to the followi ... oval:org.secpod.oval:def:2108309 Oracle Solaris 11 - ( CVE-2022-23825 ) oval:org.secpod.oval:def:124087 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:123554 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:85950 Multiple vulnerabilities have been discovered in the Xen hypervisor, which could result in privilege escalation. In addition this updates provides mitigations for the Retbleed speculative execution attack and the MMIO stale data vulnerabilities. For additional information please refer to the followi ... oval:org.secpod.oval:def:81946 The host is missing a critical security update for KB5015827 oval:org.secpod.oval:def:1700996 A bug in the IMA subsystem was discovered which would incorrectly allow kexec to be used when kernel lockdown was enabled A flaw was found in hw. Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions ... oval:org.secpod.oval:def:1700997 A flaw was found in hw. Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions. A flaw was found in hw. Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type, ... oval:org.secpod.oval:def:507364 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * off-path attacker may inject data or terminate victim"s TCP session. oval:org.secpod.oval:def:2600093 The kernel packages contain the Linux kernel, the core of any Linux operating system. oval:org.secpod.oval:def:1506245 [5.14.0-162.6.1_1.OL9] - Update Oracle Linux certificates - Disable signing for aarch64 - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 - Remove nmap references from ... oval:org.secpod.oval:def:1506105 [4.18.0-372.32.1.0.1.el8_6.OL8] - Update Oracle Linux certificates - Disable signing for aarch64 - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] oval:org.secpod.oval:def:2600061 The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. oval:org.secpod.oval:def:1506131 [3.10.0-1160.80.1.0.1.el7.OL7] - debug: lock down kgdb [Orabug: 34270798] {CVE-2022-21499} [3.10.0-1160.80.1.el7.OL7] - Update Oracle Linux certificates - Oracle Linux RHCK Module Signing Key was compiled into kernel - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 15- ... oval:org.secpod.oval:def:81888 Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type potentially leading to information disclosure. oval:org.secpod.oval:def:19500119 2023-05-11: CVE-2023-2019 was added to this advisory.A flaw was found in the Linux kernel's netdevsim device driver, within the scheduling of events. This issue results from the improper management of a reference count. This may allow an attacker to create a denial of service condition on the system ... |