Download
| Alert*
oval:org.secpod.oval:def:4501465
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: tls: race condition in do_tls_getsockopt may lead to use-after-free or NULL pointer dereference For more details about the security issue, including the impact, a CVSS score, acknowledgment ... oval:org.secpod.oval:def:4501467 The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix: * kernel: tls: race condition in do_tls_getsockopt may lead to use-after-free or NULL pointer dereference For more details about the security ... oval:org.secpod.oval:def:89048966 The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-1077: Fixed a type confusion in pick_next_rt_entity, that could cause memory corruption . * CVE-2022-3566: Fixed race condition in the TCP Handler . * CVE- ... oval:org.secpod.oval:def:89048962 The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-2269: Fixed a denial-of-service problem due to a possible recursive locking scenario, resulting in a deadlock in table_clear in drivers/md/dm- ioctl.c . * ... oval:org.secpod.oval:def:89048954 The SUSE Linux Enterprise 12 SP5 AZURE kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-2269: Fixed a denial-of-service problem due to a possible recursive locking scenario, resulting in a deadlock in table_clear in drivers/md/dm- ioctl. ... oval:org.secpod.oval:def:1701268 kernel: Type confusion in pick_next_rt_entity, which can result in memory corruption. do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6.2.6 lacks a lock_sock call, leading to a race condition oval:org.secpod.oval:def:1701384 An out-of-bounds memory access flaw was found in the Linux kernel's XFS file system in how a user restores an XFS image after failure . This flaw allows a local user to crash or potentially escalate their privileges on the system. do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6 ... oval:org.secpod.oval:def:1701388 An out-of-bounds memory access flaw was found in the Linux kernel's XFS file system in how a user restores an XFS image after failure . This flaw allows a local user to crash or potentially escalate their privileges on the system. do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6 ... oval:org.secpod.oval:def:19500192 A use-after-free flaw was found in btrfs_search_slot in fs/btrfs/ctree.c in btrfs in the Linux Kernel. This flaw allows an attacker to crash the system and possibly cause a kernel information lea do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6.2.6 lacks a lock_sock call, leadin ... oval:org.secpod.oval:def:19500194 kernel: Type confusion in pick_next_rt_entity, which can result in memory corruption. A use-after-free flaw was found in btrfs_search_slot in fs/btrfs/ctree.c in btrfs in the Linux Kernel. This flaw allows an attacker to crash the system and possibly cause a kernel information lea do_tls_getsockopt ... oval:org.secpod.oval:def:1701273 kernel: Type confusion in pick_next_rt_entity, which can result in memory corruption. do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6.2.6 lacks a lock_sock call, leading to a race condition oval:org.secpod.oval:def:1701271 kernel: Type confusion in pick_next_rt_entity, which can result in memory corruption. do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6.2.6 lacks a lock_sock call, leading to a race condition oval:org.secpod.oval:def:708369 linux-xilinx-zynqmp: Linux kernel for Xilinx ZynqMP processors - linux-hwe-5.4: Linux hardware enablement kernel Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:708401 linux-azure: Linux kernel for Microsoft Azure Cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:94999 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gkeop: Linux kernel for Google Container Engine systems - linux-iot: Linux kernel for IoT platforms - linux-kvm: Linux kernel for cloud environments - ... oval:org.secpod.oval:def:95009 linux-azure: Linux kernel for Microsoft Azure Cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:95003 linux-gke: Linux kernel for Google Container Engine systems - linux-ibm-5.4: Linux kernel for IBM cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:708353 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gkeop: Linux kernel for Google Container Engine systems - linux-iot: Linux kernel for IoT platforms - linux-kvm: Linux kernel for cloud environments - ... oval:org.secpod.oval:def:95002 linux-xilinx-zynqmp: Linux kernel for Xilinx ZynqMP processors - linux-hwe-5.4: Linux hardware enablement kernel Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:95005 linux-bluefield: Linux kernel for NVIDIA BlueField platforms - linux-ibm: Linux kernel for IBM cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:708388 linux-bluefield: Linux kernel for NVIDIA BlueField platforms - linux-ibm: Linux kernel for IBM cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:89048908 The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-1611: Fixed an use-after-free flaw in btrfs_search_slot . * CVE-2023-1838: Fixed an use-after-free flaw in virtio network subcomponent. This flaw could all ... oval:org.secpod.oval:def:708382 linux-gke: Linux kernel for Google Container Engine systems - linux-ibm-5.4: Linux kernel for IBM cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:89048696 The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2017-5753: Fixed spectre V1 vulnerability on netlink . * CVE-2017-5753: Fixed spectre vulnerability in prlimit . * CVE-2021-3923: Fixed stack information leak v ... oval:org.secpod.oval:def:89048902 The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2017-5753: Fixed spectre V1 vulnerability on netlink . * CVE-2017-5753: Fixed spectre vulnerability in prlimit . * CVE-2021-3923: Fixed stack information leak v ... oval:org.secpod.oval:def:1601729 A use-after-free flaw was found in nf_tables cross-table in the net/netfilter/nf_tables_api.c function in the Linux kernel. This flaw allows a local, privileged attacker to cause a use-after-free problem at the time of table deletion, possibly leading to local privilege escalation. A heap buffer ove ... oval:org.secpod.oval:def:1701403 A use-after-free flaw was found in nf_tables cross-table in the net/netfilter/nf_tables_api.c function in the Linux kernel. This flaw allows a local, privileged attacker to cause a use-after-free problem at the time of table deletion, possibly leading to local privilege escalation. A heap buffer ove ... oval:org.secpod.oval:def:1701274 A flaw was found in the Linux kernel Traffic Control subsystem. Using a specific networking configuration a local unprivileged user could trigger a CPU soft lockup when the transport protocol in use does a retransmission, resulting in a denial of service condition. RESERVEDNOTE: https://www.open ... oval:org.secpod.oval:def:1701284 A double-free flaw was found in the Linux kernel and rsquo;s TUN/TAP device driver functionality in how a user registers the device when the register_netdevice function fails . This flaw allows a local user to crash or potentially escalate their privileges on the system. A use-after-free flaw was fo ... oval:org.secpod.oval:def:708092 linux-oem-6.1: Linux kernel for OEM systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:94928 linux-oem-6.1: Linux kernel for OEM systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:708261 linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-ibm: Linux kernel for IBM cloud systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle Cloud systems Several security issues were ... oval:org.secpod.oval:def:708252 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-lowlatency: Linux low latency kernel - linux-raspi: Linux kernel for Raspberry Pi systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:708367 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-ibm: Linux kernel for IBM cloud systems - linux-intel-iotg: Linux kernel for Intel IoT platforms - linux-kvm: Linux kernel for cloud environments - linu ... oval:org.secpod.oval:def:507824 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: tls: race condition in do_tls_getsockopt may lead to use-after-free or NULL pointer dereference For more details about the security issue, including the impact, a CVSS score, acknowledgment ... oval:org.secpod.oval:def:96370 linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-azure-fde: Linux kernel for Microsoft Azure CVM cloud systems - linux-azure-5.15: Linux kernel for Microsoft Azure cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:1701269 do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6.2.6 lacks a lock_sock call, leading to a race condition oval:org.secpod.oval:def:1701382 do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6.2.6 lacks a lock_sock call, leading to a race condition oval:org.secpod.oval:def:1701267 RESERVEDNOTE: https://www.openwall.com/lists/oss-security/2022/12/14/3NOTE: https://lore.kernel.org/all/1670885411-10060-1-git-send-email-dai.ngo@oracle.com/ do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6.2.6 lacks a lock_sock call, leading to a race condition oval:org.secpod.oval:def:2501141 The kernel packages contain the Linux kernel, the core of any Linux operating system. oval:org.secpod.oval:def:2501142 The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. oval:org.secpod.oval:def:708408 linux-azure-fde-5.15: Linux kernel for Microsoft Azure CVM cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:708437 linux-oem-6.0: Linux kernel for OEM systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:708398 linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-azure-fde: Linux kernel for Microsoft Azure CVM cloud systems - linux-azure-5.15: Linux kernel for Microsoft Azure cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:94958 linux-oem-6.0: Linux kernel for OEM systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:1506831 - [5.14.0-284.18.1_2] - cifs: fix wrong unlock before return from cifs_tree_connect - docs: Remove the unnecessary unicode character - perf vendor events intel: Refresh ivytown metrics and events - perf vendor events: Update Intel ivytown - perf vendor events intel: Refresh jaketown metrics and even ... oval:org.secpod.oval:def:95012 linux-azure-fde-5.15: Linux kernel for Microsoft Azure CVM cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:19500169 do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6.2.6 lacks a lock_sock call, leading to a race condition oval:org.secpod.oval:def:708381 linux-gke: Linux kernel for Google Container Engine systems - linux-gkeop: Linux kernel for Google Container Engine systems - linux-gcp-5.15: Linux kernel for Google Cloud Platform systems - linux-gke-5.15: Linux kernel for Google Container Engine systems - linux-gkeop-5.15: Linux kernel for Goo ... oval:org.secpod.oval:def:1506805 [4.18.0-477.15.1_8.OL8] - net: tls: fix possible race condition between do_tls_getsockopt_conf and do_tls_setsockopt_conf {CVE-2023-28466} oval:org.secpod.oval:def:2600281 The kernel packages contain the Linux kernel, the core of any Linux operating system. oval:org.secpod.oval:def:2600282 The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. oval:org.secpod.oval:def:96360 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-ibm: Linux kernel for IBM cloud systems - linux-intel-iotg: Linux kernel for Intel IoT platforms - linux-kvm: Linux kernel for cloud environments - linu ... oval:org.secpod.oval:def:507812 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: use-after-free vulnerability in the perf_group_detach function of the Linux Kernel Performance Events * kernel: netfilter: use-after-free in nf_tables when processing batch requests can lea ... oval:org.secpod.oval:def:96363 linux-gke: Linux kernel for Google Container Engine systems - linux-gkeop: Linux kernel for Google Container Engine systems - linux-gcp-5.15: Linux kernel for Google Cloud Platform systems - linux-gke-5.15: Linux kernel for Google Container Engine systems - linux-gkeop-5.15: Linux kernel for Goo ... oval:org.secpod.oval:def:1701395 do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6.2.6 lacks a lock_sock call, leading to a race condition oval:org.secpod.oval:def:1701392 do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6.2.6 lacks a lock_sock call, leading to a race condition oval:org.secpod.oval:def:1701397 do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6.2.6 lacks a lock_sock call, leading to a race condition |