Download
| Alert*
|
oval:org.secpod.oval:def:24042
The host is installed with linux kernel through 2.6.32-504.12.2.el6 on Red Hat Enterprise Linux 6 and through 3.10.0-229.1.2.el7 on Red Hat Enterprise Linux 7 and is prone to a denial of service vulnerability. A flaw is present in the application, where a regular user could remove xattr permissions ... oval:org.secpod.oval:def:114286 The kernel meta package oval:org.secpod.oval:def:203528 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel handled GS segment register base switching when recovering from a #SS fault on an erroneous return to user space. A local, unprivileged user could use this flaw to es ... oval:org.secpod.oval:def:203526 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel handled GS segment register base switching when recovering from a #SS fault on an erroneous return to user space. A local, unprivileged user could use this flaw to es ... oval:org.secpod.oval:def:1500871 Updated kernel packages that fix one security issue are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the C ... oval:org.secpod.oval:def:1500816 Updated kernel packages that fix one security issue are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the C ... oval:org.secpod.oval:def:1500824 Updated kernel packages that fix one security issue are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the C ... oval:org.secpod.oval:def:502160 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel handled GS segment register base switching when recovering from a #SS fault on an erroneous return to user space. A local, unprivileged user could use this flaw to es ... oval:org.secpod.oval:def:501476 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel handled GS segment register base switching when recovering from a #SS fault on an erroneous return to user space. A local, unprivileged user could use this flaw to es ... oval:org.secpod.oval:def:501479 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel handled GS segment register base switching when recovering from a #SS fault on an erroneous return to user space. A local, unprivileged user could use this flaw to es ... oval:org.secpod.oval:def:114291 This package contains the Corosync Cluster Engine Executive, several default APIs and libraries, default configuration files, and an init script. oval:org.secpod.oval:def:1502030 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:116105 The kernel meta package oval:org.secpod.oval:def:115071 The kernel meta package oval:org.secpod.oval:def:21818 The host is installed with Linux kernel through 3.17 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a combination of a write action and an F_SETFL fcntl operation for the O_DIRECT flag. Successful exploitation allows local user ... oval:org.secpod.oval:def:203571 The kernel packages contain the Linux kernel, the core of any Linux operating system. * It was found that the Linux kernel"s Infiniband subsystem did not properly sanitize input parameters while registering memory regions from user space via the verbs API. A local user with access to a /dev/infiniba ... oval:org.secpod.oval:def:26793 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the kernel"s implementation of the Berkeley Packet Filter . A local attacker could craft BPF code to crash the system by creating a situation in which the JIT compiler would fail to correctly ... oval:org.secpod.oval:def:501655 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the kernel"s implementation of the Berkeley Packet Filter . A local attacker could craft BPF code to crash the system by creating a situation in which the JIT compiler would fail to correctly ... oval:org.secpod.oval:def:501536 The kernel packages contain the Linux kernel, the core of any Linux operating system. * It was found that the Linux kernel"s Infiniband subsystem did not properly sanitize input parameters while registering memory regions from user space via the verbs API. A local user with access to a /dev/infiniba ... oval:org.secpod.oval:def:1500908 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel"s splice system call validated its parameters. On certain file systems, a local, unprivileged user could use this flaw to write past the maximum file size, and thus cr ... oval:org.secpod.oval:def:203729 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the kernel"s implementation of the Berkeley Packet Filter . A local attacker could craft BPF code to crash the system by creating a situation in which the JIT compiler would fail to correctly ... oval:org.secpod.oval:def:1500928 The kvm_iommu_map_pages function in virt/kvm/iommu.c in the Linux kernel through 3.17.2 miscalculates the number of pages during the handling of a mapping failure, which allows guest OS users to cause a denial of service (host OS page unpinning) or possibly have unspecified other impact by leveragin ... oval:org.secpod.oval:def:24747 The host is installed with kernel on RHEL 7 and is prone to an unprivileged module load vulnerability. A flaw is present in the application, which fails to properly handle request_module() call. Successful exploitation could allow attackers to load any installed module. oval:org.secpod.oval:def:24743 The host is installed with kernel in RHEL 7 and is prone to an unprivileged module load vulnerability. A flaw is present in the application, which fails to properly handle request_module() call. Successful exploitation could allow attackers to load any installed module. oval:org.secpod.oval:def:21815 The host is installed with Linux kernel through 3.17.2 and is prone to a denial of service vulnerability. A flaw is present in the application, which miscalculates the number of pages during the handling of a mapping failure. Successful exploitation allows guest OS users to cause a denial of service ... oval:org.secpod.oval:def:1501204 A buffer overflow flaw was found in the way the Linux kernel's virtio-net subsystem handled certain fraglists when the GRO (Generic Receive Offload) functionality was enabled in a bridged network configuration. An attacker on the local network could potentially use this flaw to crash the system, or, ... oval:org.secpod.oval:def:24035 The host is installed with linux kernel before 3.18.5 and is prone to a denial of service vulnerability. A flaw is present in the application, when the guest OS lacks SYSENTER MSR initialization. Successful exploitation allows guest OS users to gain guest OS privileges or cause a denial of service ( ... oval:org.secpod.oval:def:1501031 The kernel package contains the Linux kernel , the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. oval:org.secpod.oval:def:203641 The kernel packages contain the Linux kernel, the core of any Linux operating system. * It was found that the Linux kernel"s implementation of vectored pipe read and write functionality did not take into account the I/O vectors that were already processed when retrying after a failed atomic access o ... oval:org.secpod.oval:def:203756 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel"s VFS subsystem handled file system locks. A local, unprivileged user could use this flaw to trigger a deadlock in the kernel, causing a denial of service on the syste ... oval:org.secpod.oval:def:501674 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel"s VFS subsystem handled file system locks. A local, unprivileged user could use this flaw to trigger a deadlock in the kernel, causing a denial of service on the syste ... oval:org.secpod.oval:def:108204 The kernel meta package oval:org.secpod.oval:def:23615 The host is installed with Linux kernel through 3.17.2 and is prone to a denial of service vulnerability. A flaw is present in the application, which does not properly maintain the semantics of rename_lock. Successful exploitation allows local users to cause a denial of service (deadlock and system ... oval:org.secpod.oval:def:501576 The kernel packages contain the Linux kernel, the core of any Linux operating system. * It was found that the Linux kernel"s implementation of vectored pipe read and write functionality did not take into account the I/O vectors that were already processed when retrying after a failed atomic access o ... oval:org.secpod.oval:def:108292 The kernel meta package oval:org.secpod.oval:def:108372 The kernel meta package oval:org.secpod.oval:def:108335 The kernel meta package oval:org.secpod.oval:def:1600168 arch/x86/kernel/entry_32.S in the Linux kernel through 3.15.1 on 32-bit x86 platforms, when syscall auditing is enabled and the sep CPU feature flag is set, allows local users to cause a denial of service via an invalid syscall number, as demonstrated by number 1000. Array index error in the aio_re ... oval:org.secpod.oval:def:1600152 fs/namespace.c in the Linux kernel through 3.16.1 does not properly restrict clearing MNT_NODEV, MNT_NOSUID, and MNT_NOEXEC and changing MNT_ATIME_MASK during a remount of a bind mount, which allows local users to gain privileges, interfere with backups and auditing on systems that had atime enabled ... oval:org.secpod.oval:def:1600061 The sctp_process_param function in net/sctp/sm_make_chunk.c in the SCTP implementation in the Linux kernel before 3.17.4, when ASCONF is used, allows remote attackers to cause a denial of service via a malformed INIT chunk. The pivot_root implementation in fs/namespace.c in the Linux kernel through ... oval:org.secpod.oval:def:1500897 Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are ... oval:org.secpod.oval:def:1500900 Updated kernel packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are avai ... oval:org.secpod.oval:def:203556 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel"s SCTP implementation validated INIT chunks when performing Address Configuration Change . A remote attacker could use this flaw to crash the system by sending a speci ... oval:org.secpod.oval:def:203554 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel"s SCTP implementation validated INIT chunks when performing Address Configuration Change . A remote attacker could use this flaw to crash the system by sending a speci ... oval:org.secpod.oval:def:501495 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel"s SCTP implementation validated INIT chunks when performing Address Configuration Change . A remote attacker could use this flaw to crash the system by sending a speci ... oval:org.secpod.oval:def:501494 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel"s SCTP implementation validated INIT chunks when performing Address Configuration Change . A remote attacker could use this flaw to crash the system by sending a speci ... oval:org.secpod.oval:def:501329 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel"s futex subsystem handled the requeuing of certain Priority Inheritance futexes. A local, unprivileged user could use this flaw to escalate their privileges on the sy ... oval:org.secpod.oval:def:116339 The kernel meta package oval:org.secpod.oval:def:502287 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * Kernel: KVM: error in exception handling leads to wrong debug stack value * Kernel: error in exception handling leads to DoS * Kernel: ipsec: xfrm: use-after-free leading to potential privilege es ... oval:org.secpod.oval:def:1700044 A weakness was found in the Linux kernel#039;s implementation of random seed data. Programs, early in the boot sequence, could use the data allocated for the seed before it was sufficiently generated. A flaw was found in the way the Linux kernel handled exceptions delivered after a stack switch oper ... oval:org.secpod.oval:def:1502207 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:204822 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * Kernel: KVM: error in exception handling leads to wrong debug stack value * Kernel: error in exception handling leads to DoS * Kernel: ipsec: xfrm: use-after-free leading to potential privilege es ... oval:org.secpod.oval:def:1600892 A weakness was found in the Linux kernel#039;s implementation of random seed data. Programs, early in the boot sequence, could use the data allocated for the seed before it was sufficiently generated. A flaw was found in the way the Linux kernel handled exceptions delivered after a stack switch oper ... oval:org.secpod.oval:def:205370 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A buffer overflow flaw was found in the way Linux kernel"s vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able ... oval:org.secpod.oval:def:705180 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-raspi2: Linux kernel for Raspberry Pi 2 - ... oval:org.secpod.oval:def:1502678 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502679 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502683 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:604541 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2019-14821 Matt Delco reported a race condition in KVM"s coalesced MMIO facility, which could lead to out-of-bounds access in the kernel. A local atta ... oval:org.secpod.oval:def:117106 The kernel meta package oval:org.secpod.oval:def:117103 Kernel-headers includes the C header files that specify the interface between the Linux kernel and userspace libraries and programs. The header files define structures and constants that are needed for building most standard programs and are also needed for rebuilding the glibc package. oval:org.secpod.oval:def:116106 The kernel meta package oval:org.secpod.oval:def:106970 The kernel package contains the Linux kernel , the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. oval:org.secpod.oval:def:1601000 A flaw was found in the Linux kernel's implementation of logical link control and adaptation protocol , part of the Bluetooth stack in the l2cap_parse_conf_rsp and l2cap_parse_conf_req functions. An attacker with physical access within the range of standard Bluetooth transmission can create a s ... oval:org.secpod.oval:def:1601007 A flaw was found in the Linux kernel#039;s freescale hypervisor manager implementation. A parameter passed via to an ioctl was incorrectly validated and used in size calculations for the page size calculation. An attacker can use this flaw to crash the system or corrupt memory or, possibly, create o ... oval:org.secpod.oval:def:1601006 A flaw was found in the Linux kernel's implementation of RDS over TCP. A system that has the rds_tcp kernel module loaded could possibly cause a use after free in which an attacker who is able to manipulate socket state while a network namespace is being torn down. This can lead to possible m ... oval:org.secpod.oval:def:116560 The kernel meta package oval:org.secpod.oval:def:116505 The kernel meta package oval:org.secpod.oval:def:116618 The kernel meta package oval:org.secpod.oval:def:106830 The kernel package contains the Linux kernel , the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. oval:org.secpod.oval:def:115667 The kernel meta package oval:org.secpod.oval:def:1700170 A flaw was found in the Linux kernel#039;s implementation of RDS over TCP. A system that has the rds_tcp kernel module loaded could possibly cause a use after free in which an attacker who is able to manipulate socket state while a network namespace is being torn down. This can lead to possible me ... oval:org.secpod.oval:def:1700175 A flaw was found in the Linux kernels freescale hypervisor manager implementation. A parameter passed via to an ioctl was incorrectly validated and used in size calculations for the page size calculation. An attacker can use this flaw to crash the system or corrupt memory or, possibly, create other ... oval:org.secpod.oval:def:1700166 A flaw was found in the Linux kernel#039;s implementation of logical link control and adaptation protocol , part of the Bluetooth stack in the l2cap_parse_conf_rsp and l2cap_parse_conf_req functions. An attacker with physical access within the range of standard Bluetooth transmission can create a sp ... oval:org.secpod.oval:def:116609 The kernel meta package oval:org.secpod.oval:def:116606 The kernel meta package oval:org.secpod.oval:def:1501040 The kernel packages contain the Linux kernel, the core of any Linux operating system. * It was found that the Linux kernel"s implementation of vectored pipe read and write functionality did not take into account the I/O vectors that were already processed when retrying after a failed atomic access o ... oval:org.secpod.oval:def:1700130 The USB subsystem mishandles size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c.A flaw was found where an attacker may be able to have an uncontrolled read to kernel-memory from within a vm guest. A race condition between connect an ... oval:org.secpod.oval:def:1700012 Stack-based out-of-bounds read via vmcall instructionLinux kernel compiled with the KVM virtualization support is vulnerable to an out-of-bounds read access issue. It could occur when emulating vmcall instructions invoked by a guest. A guest user/process could use this flaw to disclose kernel memor ... oval:org.secpod.oval:def:109128 The kernel meta package oval:org.secpod.oval:def:109262 The kernel meta package oval:org.secpod.oval:def:1600844 Kernel address information leak in drivers/acpi/sbshc.c:acpi_smbus_hc_add function potentially allowing KASLR bypassThe acpi_smbus_hc_add function in drivers/acpi/sbshc.c in the Linux kernel, through 4.14.15, allows local users to obtain sensitive address information by reading dmesg data from an SB ... oval:org.secpod.oval:def:203648 The kernel packages contain the Linux kernel, the core of any Linux operating system. * It was found that the Linux kernel"s implementation of vectored pipe read and write functionality did not take into account the I/O vectors that were already processed when retrying after a failed atomic access o ... oval:org.secpod.oval:def:108483 The kernel package contains the Linux kernel , the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. oval:org.secpod.oval:def:109211 The kernel meta package oval:org.secpod.oval:def:108491 The kernel meta package oval:org.secpod.oval:def:109462 The kernel meta package oval:org.secpod.oval:def:108569 The kernel meta package oval:org.secpod.oval:def:109409 The kernel meta package oval:org.secpod.oval:def:204741 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions . There are three primary variants of the issue which differ in th ... oval:org.secpod.oval:def:108525 The kernel meta package oval:org.secpod.oval:def:106468 The kernel package contains the Linux kernel , the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. oval:org.secpod.oval:def:108880 The kernel package contains the Linux kernel , the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. oval:org.secpod.oval:def:106466 The kernel package contains the Linux kernel , the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. oval:org.secpod.oval:def:108760 The kernel package contains the Linux kernel , the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. oval:org.secpod.oval:def:108752 The kernel meta package oval:org.secpod.oval:def:106579 The kernel package contains the Linux kernel , the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. oval:org.secpod.oval:def:108666 The kernel package contains the Linux kernel , the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. oval:org.secpod.oval:def:106417 The kernel package contains the Linux kernel , the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. oval:org.secpod.oval:def:501583 The kernel packages contain the Linux kernel, the core of any Linux operating system. * It was found that the Linux kernel"s implementation of vectored pipe read and write functionality did not take into account the I/O vectors that were already processed when retrying after a failed atomic access o ... oval:org.secpod.oval:def:108851 The kernel meta package oval:org.secpod.oval:def:115212 The kernel meta package oval:org.secpod.oval:def:114358 The kernel meta package oval:org.secpod.oval:def:114599 The kernel meta package oval:org.secpod.oval:def:114569 The kernel meta package oval:org.secpod.oval:def:115537 The kernel meta package oval:org.secpod.oval:def:114328 The kernel meta package oval:org.secpod.oval:def:114687 The kernel meta package oval:org.secpod.oval:def:114572 The kernel meta package oval:org.secpod.oval:def:114881 The kernel meta package oval:org.secpod.oval:def:114632 The kernel meta package oval:org.secpod.oval:def:114788 The kernel meta package oval:org.secpod.oval:def:114549 The kernel meta package oval:org.secpod.oval:def:114545 The kernel meta package oval:org.secpod.oval:def:114783 The kernel meta package oval:org.secpod.oval:def:114653 The kernel meta package oval:org.secpod.oval:def:1502258 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:114725 The kernel meta package oval:org.secpod.oval:def:114734 The kernel meta package oval:org.secpod.oval:def:114971 The kernel meta package oval:org.secpod.oval:def:204852 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions . It relies on the presence of a precisely-defi ... oval:org.secpod.oval:def:114915 The kernel meta package oval:org.secpod.oval:def:204845 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load Store instructions . It relies on the presence of a precisely-defined in ... oval:org.secpod.oval:def:1502270 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502292 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:204866 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * Modern operating systems implement virtualization of physical memory to efficiently use available system resources and provide inter-domain protection through access control and isolation. The L1TF ... oval:org.secpod.oval:def:502332 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load Store instructions . It relies on the presence of a precisely-defined in ... oval:org.secpod.oval:def:115165 The kernel meta package oval:org.secpod.oval:def:502347 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * Modern operating systems implement virtualization of physical memory to efficiently use available system resources and provide inter-domain protection through access control and isolation. The L1TF ... oval:org.secpod.oval:def:115019 The kernel meta package oval:org.secpod.oval:def:114282 The kernel meta package oval:org.secpod.oval:def:115129 The kernel meta package oval:org.secpod.oval:def:115247 The kernel meta package oval:org.secpod.oval:def:502317 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load Store instructions . It relies on the presence of a precisely-defined i ... oval:org.secpod.oval:def:113692 The kernel meta package oval:org.secpod.oval:def:1600821 A flaw was found in the patches used to fix the #039;dirtycow#039; vulnerability . An attacker, able to run local code, can exploit a race condition in transparent huge pages to modify usually read-only huge pages. Linux kernel Virtualization Module for the Intel processor family is vulnerable to ... oval:org.secpod.oval:def:113706 The kernel meta package oval:org.secpod.oval:def:113700 The kernel meta package oval:org.secpod.oval:def:1600794 stack buffer overflow in the native Bluetooth stackA stack buffer overflow flaw was found in the way the Bluetooth subsystem of the Linux kernel processed pending L2CAP configuration responses from a client. On systems with the stack protection feature enabled in the kernel , an unauthenticated atta ... oval:org.secpod.oval:def:502226 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions . There are three primary variants of the issue which differ in th ... oval:org.secpod.oval:def:113157 The kernel meta package oval:org.secpod.oval:def:113586 The kernel meta package oval:org.secpod.oval:def:113583 The kernel meta package oval:org.secpod.oval:def:113375 The kernel meta package oval:org.secpod.oval:def:113369 The kernel meta package oval:org.secpod.oval:def:113249 The kernel meta package oval:org.secpod.oval:def:113691 The kernel meta package oval:org.secpod.oval:def:113447 The kernel meta package oval:org.secpod.oval:def:113449 The kernel meta package oval:org.secpod.oval:def:1502011 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:108097 The kernel package contains the Linux kernel , the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. oval:org.secpod.oval:def:113710 The kernel meta package oval:org.secpod.oval:def:1502061 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502026 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:108321 The kernel package contains the Linux kernel , the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. oval:org.secpod.oval:def:1502029 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502042 Several security issues were fixed in Linux kernel, python-perf and perf. oval:org.secpod.oval:def:1502043 Several security issues were fixed in Linux kernel, python-perf and perf. oval:org.secpod.oval:def:502088 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * An use-after-free flaw was found in the Linux kernel which enables a race condition in the L2TPv3 IP Encapsulation feature. A local user could use this flaw to escalate their privileges or crash the ... oval:org.secpod.oval:def:501824 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * It was found that reporting emulation failures to user space could lead to either a local or a L2-L1 denial of service. In the case of a local denial of service, an attacker must have access to th ... oval:org.secpod.oval:def:1501470 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service, information leak or data loss. CVE-2013-4312 Tetsuo Handa discovered that users can use pipes queued on local sockets to allocate an unfair share of kernel memory, leading to ... oval:org.secpod.oval:def:204616 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * An use-after-free flaw was found in the Linux kernel which enables a race condition in the L2TPv3 IP Encapsulation feature. A local user could use this flaw to escalate their privileges or crash the ... oval:org.secpod.oval:def:1501955 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501956 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1600040 The sctp_sf_do_5_1D_ce function in net/sctp/sm_statefuns.c in the Linux kernel through 3.13.6 does not validate certain auth_enable and auth_capable fields before making an sctp_sf_authenticate call, which allows remote attackers to cause a denial of service via an SCTP handshake with a modified IN ... oval:org.secpod.oval:def:107833 The kernel package contains the Linux kernel , the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. oval:org.secpod.oval:def:106503 The kernel package contains the Linux kernel , the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. oval:org.secpod.oval:def:106980 The kernel package contains the Linux kernel , the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. oval:org.secpod.oval:def:106971 The kernel package contains the Linux kernel , the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. oval:org.secpod.oval:def:1600039 The media_device_enum_entities function in drivers/media/media-device.c in the Linux kernel before 3.14.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory by leveraging /dev/media0 read access for a MEDIA_IOC_ENUM_ENTITIES ioct ... oval:org.secpod.oval:def:204288 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A NULL pointer dereference flaw was found in the way the Linux kernel"s Stream Control Transmission Protocol implementation handled simultaneous connections between the same hosts. A remote attacker could use th ... oval:org.secpod.oval:def:21820 The host is installed with Linux kernel through 3.17.2 and is prone to a denial of service vulnerability. A flaw is present in the application, which does not properly handle the writing of a non-canonical address to a model-specific register. Successful exploitation allows guest OS users to cause a ... oval:org.secpod.oval:def:21821 The host is installed with Linux kernel through 3.13.6 and is prone to an use-after-free vulnerability. A flaw is present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows attackers to obtain sensitive information from kernel memory. oval:org.secpod.oval:def:204270 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel"s file system implementation handled rename operations in which the source was inside and the destination was outside of a bind mount. A privileged user inside a conta ... oval:org.secpod.oval:def:106407 The kernel package contains the Linux kernel , the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. oval:org.secpod.oval:def:1500582 Updated kernel packages that fix three security issues and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratin ... oval:org.secpod.oval:def:1600051 The ip6_route_add function in net/ipv6/route.c in the Linux kernel through 3.13.6 does not properly count the addition of routes, which allows remote attackers to cause a denial of service via a flood of ICMPv6 Router Advertisement packets.drivers/vhost/net.c in the Linux kernel before 3.13.10, whe ... oval:org.secpod.oval:def:204263 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel"s XFS file system handled replacing of remote attributes under certain conditions. A local user with access to XFS file system mount could potentially use this flaw to ... oval:org.secpod.oval:def:1500597 Updated kernel packages that fix three security issues and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratin ... oval:org.secpod.oval:def:1500636 Updated kernel packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are available f ... oval:org.secpod.oval:def:106823 The kernel package contains the Linux kernel , the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. oval:org.secpod.oval:def:107916 The kernel package contains the Linux kernel , the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. oval:org.secpod.oval:def:1500640 It was found that the Linux kernel's ptrace subsystem allowed a traced process' instruction pointer to be set to a non-canonical memory address without forcing the non-sysret code path when returning to user space. A local, unprivileged user could use this flaw to crash the system or, potentially, e ... oval:org.secpod.oval:def:1600196 The pn_recvmsg function in net/phonet/datagram.c in the Linux kernel before 3.12.4 updates a certain length value before ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel stack memory via a recvfrom, recvmmsg, or ... oval:org.secpod.oval:def:1500409 Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ra ... oval:org.secpod.oval:def:501294 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel"s netfilter connection tracking implementation for Datagram Congestion Control Protocol packets used the skb_header_pointer function. A remote attacker could use this ... oval:org.secpod.oval:def:1500656 The rds_iw_laddr_check function in net/rds/iw.c in the Linux kernel through 3.14 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a bind system call for an RDS socket on a system that lacks RDS transports. oval:org.secpod.oval:def:1500779 Updated kernel packages that fix multiple security issues, address several hundred bugs, and add numerous enhancements are now available as part of the ongoing support and maintenance of Red Hat Enterprise Linux version 6. This is the sixth regular update. Red Hat Product Security has rated this upd ... oval:org.secpod.oval:def:107813 The kernel package contains the Linux kernel , the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. oval:org.secpod.oval:def:107937 The kernel package contains the Linux kernel , the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. oval:org.secpod.oval:def:1500662 Updated kernel packages that fix multiple security issues, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which giv ... oval:org.secpod.oval:def:106832 The kernel package contains the Linux kernel , the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. oval:org.secpod.oval:def:1500794 Updated kernel packages that fix several security issues and bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are availabl ... oval:org.secpod.oval:def:203365 The kernel packages contain the Linux kernel, the core of any Linux operating system. * It was found that the Linux kernel"s ptrace subsystem allowed a traced process" instruction pointer to be set to a non-canonical memory address without forcing the non-sysret code path when returning to user spac ... oval:org.secpod.oval:def:203363 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A NULL pointer dereference flaw was found in the rds_iw_laddr_check function in the Linux kernel"s implementation of Reliable Datagram Sockets . A local, unprivileged user could use this flaw to crash the system. ... oval:org.secpod.oval:def:1501253 The flaws were found in the way the Linux kernel's file system implementation handled rename operations in which the source was inside and the destination was outside of a bind mount. A privileged user inside a container could use this flaw to escape the bind mount and, potentially, escalate their p ... oval:org.secpod.oval:def:203488 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A race condition flaw was found in the way the Linux kernel"s KVM subsystem handled PIT emulation. A guest user who has access to the PIT I/O ports could use this flaw to crash the host. * A memory corruption f ... oval:org.secpod.oval:def:203474 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security fixes: * A race condition flaw was found in the way the Linux kernel"s KVM subsystem handled PIT emulation. A guest user who has access to the PIT I/O ports could use this flaw to crash the host. * A NUL ... oval:org.secpod.oval:def:106929 The kernel package contains the Linux kernel , the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. oval:org.secpod.oval:def:203341 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel"s floppy driver handled user space provided data in certain error code paths while processing FDRAWCMD IOCTL commands. A local user with write access to /dev/fdX could ... oval:org.secpod.oval:def:203227 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the get_rx_bufs function in the vhost_net implementation in the Linux kernel handled error conditions reported by the vhost_get_vq_desc function. A privileged guest user could use this ... oval:org.secpod.oval:def:203345 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel"s futex subsystem handled the requeuing of certain Priority Inheritance futexes. A local, unprivileged user could use this flaw to escalate their privileges on the sy ... oval:org.secpod.oval:def:21803 The host is installed with Linux kernel before 3.14.6 and is prone to a information disclosure vulnerability. A flaw is present in the application, which does not initialize a certain data structure. Successful exploitation allows local users to obtain sensitive information from kernel memory. oval:org.secpod.oval:def:107079 The kernel package contains the Linux kernel , the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. oval:org.secpod.oval:def:204242 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way Linux kernel"s Transparent Huge Pages implementation handled non-huge page migration. A local, unprivileged user could use this flaw to crash the kernel by migrating transparent hugep ... oval:org.secpod.oval:def:108274 The kernel package contains the Linux kernel , the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. oval:org.secpod.oval:def:108395 The kernel package contains the Linux kernel , the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. oval:org.secpod.oval:def:107188 The kernel package contains the Linux kernel , the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. oval:org.secpod.oval:def:203380 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A use-after-free flaw was found in the way the ping_init_sock function of the Linux kernel handled the group_info reference counter. A local, unprivileged user could use this flaw to crash the system or, potentia ... oval:org.secpod.oval:def:203383 The kernel packages contain the Linux kernel, the core of any Linux operating system. * It was found that Linux kernel"s ptrace subsystem did not properly sanitize the address-space-control bits when the program-status word was being set. On IBM S/390 systems, a local, unprivileged user could use t ... oval:org.secpod.oval:def:107096 The kernel package contains the Linux kernel , the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. oval:org.secpod.oval:def:203372 The kernel packages contain the Linux kernel, the core of any Linux operating system. * It was found that the Linux kernel"s ptrace subsystem allowed a traced process" instruction pointer to be set to a non-canonical memory address without forcing the non-sysret code path when returning to user spac ... oval:org.secpod.oval:def:203495 The kernel packages contain the Linux kernel, the core of any Linux operating system. * It was found that the permission checks performed by the Linux kernel when a netlink message was received were not sufficient. A local, unprivileged user could potentially bypass these restrictions by passing a n ... oval:org.secpod.oval:def:203521 * A flaw was found in the way the Linux kernel handled GS segment register base switching when recovering from a #SS fault on an erroneous return to user space. A local, unprivileged user could use this flaw to escalate their privileges on the system. * A flaw was found in the way the Linux kernel ... oval:org.secpod.oval:def:107154 The kernel package contains the Linux kernel , the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. oval:org.secpod.oval:def:107034 The kernel package contains the Linux kernel , the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. oval:org.secpod.oval:def:107266 The kernel package contains the Linux kernel , the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. oval:org.secpod.oval:def:108027 The kernel package contains the Linux kernel , the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. oval:org.secpod.oval:def:203505 * A flaw was found in the way the Linux kernel"s SCTP implementation handled malformed or duplicate Address Configuration Change Chunks . A remote attacker could use either of these flaws to crash the system. * A flaw was found in the way the Linux kernel"s SCTP implementation handled the associati ... oval:org.secpod.oval:def:501310 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A race condition flaw, leading to heap-based buffer overflows, was found in the way the Linux kernel"s N_TTY line discipline implementation handled concurrent processing of echo output and TTY write operations o ... oval:org.secpod.oval:def:501432 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A NULL pointer dereference flaw was found in the way the Linux kernel"s Stream Control Transmission Protocol implementation handled simultaneous connections between the same hosts. A remote attacker could use th ... oval:org.secpod.oval:def:501318 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel"s floppy driver handled user space provided data in certain error code paths while processing FDRAWCMD IOCTL commands. A local user with write access to /dev/fdX could ... oval:org.secpod.oval:def:501439 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security fixes: * A race condition flaw was found in the way the Linux kernel"s KVM subsystem handled PIT emulation. A guest user who has access to the PIT I/O ports could use this flaw to crash the host. * A NULL ... oval:org.secpod.oval:def:203617 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way seunshare, a utility for running executables under a different security context, used the capng_lock functionality of the libcap-ng library. The subsequent invocation of suid root bina ... oval:org.secpod.oval:def:107479 The kernel package contains the Linux kernel , the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. oval:org.secpod.oval:def:203321 The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Linux kernel"s netfilter connection tracking implementation for Datagram Congestion Control Protocol packets used the skb_header_pointer function. A remote attacker could use this fl ... oval:org.secpod.oval:def:107101 The kernel package contains the Linux kernel , the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. oval:org.secpod.oval:def:501622 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way Linux kernel"s Transparent Huge Pages implementation handled non-huge page migration. A local, unprivileged user could use this flaw to crash the kernel by migrating transparent hugep ... oval:org.secpod.oval:def:107133 The kernel package contains the Linux kernel , the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. oval:org.secpod.oval:def:107366 The kernel package contains the Linux kernel , the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. oval:org.secpod.oval:def:107008 The kernel package contains the Linux kernel , the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. oval:org.secpod.oval:def:501512 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel"s XFS file system handled replacing of remote attributes under certain conditions. A local user with access to XFS file system mount could potentially use this flaw to ... oval:org.secpod.oval:def:203419 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel"s futex subsystem handled reference counting when requeuing futexes during futex_wait. A local, unprivileged user could use this flaw to zero out the reference counter ... oval:org.secpod.oval:def:1500839 Updated kernel packages that fix one security issue and three bugs are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is availa ... oval:org.secpod.oval:def:106581 The kernel package contains the Linux kernel , the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. oval:org.secpod.oval:def:1500601 Updated kernel packages that fix three security issues and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratin ... oval:org.secpod.oval:def:1500724 Updated kernel packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is avai ... oval:org.secpod.oval:def:107303 The kernel package contains the Linux kernel , the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. oval:org.secpod.oval:def:107666 The kernel package contains the Linux kernel , the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. oval:org.secpod.oval:def:1500605 Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ra ... oval:org.secpod.oval:def:1500852 Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are ... oval:org.secpod.oval:def:1500859 Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are ... oval:org.secpod.oval:def:107337 The kernel package contains the Linux kernel , the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. oval:org.secpod.oval:def:501381 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel"s futex subsystem handled reference counting when requeuing futexes during futex_wait. A local, unprivileged user could use this flaw to zero out the reference counter ... oval:org.secpod.oval:def:107201 The kernel package contains the Linux kernel , the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. oval:org.secpod.oval:def:107325 The kernel package contains the Linux kernel , the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. oval:org.secpod.oval:def:1500869 Updated kernel packages that fix one security issue and three bugs are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is availa ... oval:org.secpod.oval:def:106478 The kernel package contains the Linux kernel , the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. oval:org.secpod.oval:def:1500632 Updated kernel packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, ... oval:org.secpod.oval:def:1500995 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way seunshare, a utility for running executables under a different security context, used the capng_lock functionality of the libcap-ng library. The subsequent invocation of suid root bina ... oval:org.secpod.oval:def:1600123 The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the "LECHO & !OPOST" case, which allows local users to cause a denial of service or gain privileges by triggering a race condition involving read and write operations wit ... oval:org.secpod.oval:def:501561 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way seunshare, a utility for running executables under a different security context, used the capng_lock functionality of the libcap-ng library. The subsequent invocation of suid root bina ... oval:org.secpod.oval:def:501328 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel"s futex subsystem handled the requeuing of certain Priority Inheritance futexes. A local, unprivileged user could use this flaw to escalate their privileges on the sy ... oval:org.secpod.oval:def:107870 The kernel package contains the Linux kernel , the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. oval:org.secpod.oval:def:107861 The kernel package contains the Linux kernel , the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. oval:org.secpod.oval:def:501452 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A race condition flaw was found in the way the Linux kernel"s KVM subsystem handled PIT emulation. A guest user who has access to the PIT I/O ports could use this flaw to crash the host. * A memory corruption f ... oval:org.secpod.oval:def:501694 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel"s file system implementation handled rename operations in which the source was inside and the destination was outside of a bind mount. A privileged user inside a conta ... oval:org.secpod.oval:def:501212 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the get_rx_bufs function in the vhost_net implementation in the Linux kernel handled error conditions reported by the vhost_get_vq_desc function. A privileged guest user could use this ... oval:org.secpod.oval:def:501458 The kernel packages contain the Linux kernel, the core of any Linux operating system. * It was found that the permission checks performed by the Linux kernel when a netlink message was received were not sufficient. A local, unprivileged user could potentially bypass these restrictions by passing a n ... oval:org.secpod.oval:def:501341 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A NULL pointer dereference flaw was found in the rds_iw_laddr_check function in the Linux kernel"s implementation of Reliable Datagram Sockets . A local, unprivileged user could use this flaw to crash the system. ... oval:org.secpod.oval:def:501464 * A flaw was found in the way the Linux kernel"s SCTP implementation handled malformed or duplicate Address Configuration Change Chunks . A remote attacker could use either of these flaws to crash the system. * A flaw was found in the way the Linux kernel"s SCTP implementation handled the associati ... oval:org.secpod.oval:def:501342 The kernel packages contain the Linux kernel, the core of any Linux operating system. * It was found that the Linux kernel"s ptrace subsystem allowed a traced process" instruction pointer to be set to a non-canonical memory address without forcing the non-sysret code path when returning to user spac ... oval:org.secpod.oval:def:501344 The kernel packages contain the Linux kernel, the core of any Linux operating system. * It was found that the Linux kernel"s ptrace subsystem allowed a traced process" instruction pointer to be set to a non-canonical memory address without forcing the non-sysret code path when returning to user spac ... oval:org.secpod.oval:def:501349 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A use-after-free flaw was found in the way the ping_init_sock function of the Linux kernel handled the group_info reference counter. A local, unprivileged user could use this flaw to crash the system or, potentia ... oval:org.secpod.oval:def:1500822 Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are ... oval:org.secpod.oval:def:1500947 The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the "LECHO & !OPOST" case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition inv ... oval:org.secpod.oval:def:1500706 Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are ... oval:org.secpod.oval:def:107408 The kernel package contains the Linux kernel , the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. oval:org.secpod.oval:def:501354 The kernel packages contain the Linux kernel, the core of any Linux operating system. * It was found that Linux kernel"s ptrace subsystem did not properly sanitize the address-space-control bits when the program-status word was being set. On IBM S/390 systems, a local, unprivileged user could use t ... oval:org.secpod.oval:def:501475 * A flaw was found in the way the Linux kernel handled GS segment register base switching when recovering from a #SS fault on an erroneous return to user space. A local, unprivileged user could use this flaw to escalate their privileges on the system. * A flaw was found in the way the Linux kernel ... oval:org.secpod.oval:def:502267 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * hw: cpu: speculative execution permission faults handling * kernel: Buffer overflow in firewire driver via crafted incoming packets * kernel: Use-after-free vulnerability in DCCP socket * Kernel: ... oval:org.secpod.oval:def:502286 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * hw: cpu: speculative execution permission faults handling * Kernel: error in exception handling leads to DoS * kernel: nfsd: Incorrect handling of long RPC replies * kernel: Use-after-free vulner ... oval:org.secpod.oval:def:204798 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * hw: cpu: speculative execution permission faults handling * Kernel: error in exception handling leads to DoS * kernel: nfsd: Incorrect handling of long RPC replies * kernel: Use-after-free vulner ... oval:org.secpod.oval:def:1502206 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502175 The advisory is missing the security advisory description. For more information please visit the reference link |
