Download
| Alert*
|
oval:org.secpod.oval:def:24042
The host is installed with linux kernel through 2.6.32-504.12.2.el6 on Red Hat Enterprise Linux 6 and through 3.10.0-229.1.2.el7 on Red Hat Enterprise Linux 7 and is prone to a denial of service vulnerability. A flaw is present in the application, where a regular user could remove xattr permissions ... oval:org.secpod.oval:def:114286 The kernel meta package oval:org.secpod.oval:def:114291 This package contains the Corosync Cluster Engine Executive, several default APIs and libraries, default configuration files, and an init script. oval:org.secpod.oval:def:1502030 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:116105 The kernel meta package oval:org.secpod.oval:def:115071 The kernel meta package oval:org.secpod.oval:def:204822 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * Kernel: KVM: error in exception handling leads to wrong debug stack value * Kernel: error in exception handling leads to DoS * Kernel: ipsec: xfrm: use-after-free leading to potential privilege es ... oval:org.secpod.oval:def:502287 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * Kernel: KVM: error in exception handling leads to wrong debug stack value * Kernel: error in exception handling leads to DoS * Kernel: ipsec: xfrm: use-after-free leading to potential privilege es ... oval:org.secpod.oval:def:1502207 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:205370 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A buffer overflow flaw was found in the way Linux kernel"s vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able ... oval:org.secpod.oval:def:604541 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2019-14821 Matt Delco reported a race condition in KVM"s coalesced MMIO facility, which could lead to out-of-bounds access in the kernel. A local atta ... oval:org.secpod.oval:def:705180 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-raspi2: Linux kernel for Raspberry Pi 2 - ... oval:org.secpod.oval:def:117106 The kernel meta package oval:org.secpod.oval:def:117103 Kernel-headers includes the C header files that specify the interface between the Linux kernel and userspace libraries and programs. The header files define structures and constants that are needed for building most standard programs and are also needed for rebuilding the glibc package. oval:org.secpod.oval:def:116106 The kernel meta package oval:org.secpod.oval:def:1502678 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502679 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502683 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:116618 The kernel meta package oval:org.secpod.oval:def:115667 The kernel meta package oval:org.secpod.oval:def:204741 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions . There are three primary variants of the issue which differ in th ... oval:org.secpod.oval:def:116609 The kernel meta package oval:org.secpod.oval:def:116606 The kernel meta package oval:org.secpod.oval:def:115212 The kernel meta package oval:org.secpod.oval:def:204852 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions . It relies on the presence of a precisely-defi ... oval:org.secpod.oval:def:114915 The kernel meta package oval:org.secpod.oval:def:114358 The kernel meta package oval:org.secpod.oval:def:114599 The kernel meta package oval:org.secpod.oval:def:204845 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load Store instructions . It relies on the presence of a precisely-defined in ... oval:org.secpod.oval:def:114569 The kernel meta package oval:org.secpod.oval:def:115537 The kernel meta package oval:org.secpod.oval:def:114328 The kernel meta package oval:org.secpod.oval:def:114687 The kernel meta package oval:org.secpod.oval:def:1502270 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:114572 The kernel meta package oval:org.secpod.oval:def:1502292 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:204866 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * Modern operating systems implement virtualization of physical memory to efficiently use available system resources and provide inter-domain protection through access control and isolation. The L1TF ... oval:org.secpod.oval:def:114881 The kernel meta package oval:org.secpod.oval:def:502332 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load Store instructions . It relies on the presence of a precisely-defined in ... oval:org.secpod.oval:def:114632 The kernel meta package oval:org.secpod.oval:def:115165 The kernel meta package oval:org.secpod.oval:def:502347 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * Modern operating systems implement virtualization of physical memory to efficiently use available system resources and provide inter-domain protection through access control and isolation. The L1TF ... oval:org.secpod.oval:def:114788 The kernel meta package oval:org.secpod.oval:def:114549 The kernel meta package oval:org.secpod.oval:def:114545 The kernel meta package oval:org.secpod.oval:def:114783 The kernel meta package oval:org.secpod.oval:def:114653 The kernel meta package oval:org.secpod.oval:def:1502258 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:115019 The kernel meta package oval:org.secpod.oval:def:114725 The kernel meta package oval:org.secpod.oval:def:114282 The kernel meta package oval:org.secpod.oval:def:115129 The kernel meta package oval:org.secpod.oval:def:115247 The kernel meta package oval:org.secpod.oval:def:502317 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load Store instructions . It relies on the presence of a precisely-defined i ... oval:org.secpod.oval:def:114734 The kernel meta package oval:org.secpod.oval:def:114971 The kernel meta package oval:org.secpod.oval:def:113706 The kernel meta package oval:org.secpod.oval:def:113700 The kernel meta package oval:org.secpod.oval:def:502226 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions . There are three primary variants of the issue which differ in th ... oval:org.secpod.oval:def:113692 The kernel meta package oval:org.secpod.oval:def:113710 The kernel meta package oval:org.secpod.oval:def:113157 The kernel meta package oval:org.secpod.oval:def:1502061 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502026 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502029 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:113586 The kernel meta package oval:org.secpod.oval:def:113583 The kernel meta package oval:org.secpod.oval:def:113375 The kernel meta package oval:org.secpod.oval:def:1502042 Several security issues were fixed in Linux kernel, python-perf and perf. oval:org.secpod.oval:def:1502043 Several security issues were fixed in Linux kernel, python-perf and perf. oval:org.secpod.oval:def:113369 The kernel meta package oval:org.secpod.oval:def:113249 The kernel meta package oval:org.secpod.oval:def:113691 The kernel meta package oval:org.secpod.oval:def:113447 The kernel meta package oval:org.secpod.oval:def:113449 The kernel meta package oval:org.secpod.oval:def:1502011 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:116560 The kernel meta package oval:org.secpod.oval:def:116505 The kernel meta package oval:org.secpod.oval:def:502267 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * hw: cpu: speculative execution permission faults handling * kernel: Buffer overflow in firewire driver via crafted incoming packets * kernel: Use-after-free vulnerability in DCCP socket * Kernel: ... oval:org.secpod.oval:def:502286 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * hw: cpu: speculative execution permission faults handling * Kernel: error in exception handling leads to DoS * kernel: nfsd: Incorrect handling of long RPC replies * kernel: Use-after-free vulner ... oval:org.secpod.oval:def:1502175 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:204798 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * hw: cpu: speculative execution permission faults handling * Kernel: error in exception handling leads to DoS * kernel: nfsd: Incorrect handling of long RPC replies * kernel: Use-after-free vulner ... oval:org.secpod.oval:def:116339 The kernel meta package oval:org.secpod.oval:def:1502206 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1600794 stack buffer overflow in the native Bluetooth stackA stack buffer overflow flaw was found in the way the Bluetooth subsystem of the Linux kernel processed pending L2CAP configuration responses from a client. On systems with the stack protection feature enabled in the kernel , an unauthenticated atta ... oval:org.secpod.oval:def:1600821 A flaw was found in the patches used to fix the #039;dirtycow#039; vulnerability . An attacker, able to run local code, can exploit a race condition in transparent huge pages to modify usually read-only huge pages. Linux kernel Virtualization Module for the Intel processor family is vulnerable to ... oval:org.secpod.oval:def:1600844 Kernel address information leak in drivers/acpi/sbshc.c:acpi_smbus_hc_add function potentially allowing KASLR bypassThe acpi_smbus_hc_add function in drivers/acpi/sbshc.c in the Linux kernel, through 4.14.15, allows local users to obtain sensitive address information by reading dmesg data from an SB ... oval:org.secpod.oval:def:1600892 A weakness was found in the Linux kernel#039;s implementation of random seed data. Programs, early in the boot sequence, could use the data allocated for the seed before it was sufficiently generated. A flaw was found in the way the Linux kernel handled exceptions delivered after a stack switch oper ... oval:org.secpod.oval:def:1601000 A flaw was found in the Linux kernel's implementation of logical link control and adaptation protocol , part of the Bluetooth stack in the l2cap_parse_conf_rsp and l2cap_parse_conf_req functions. An attacker with physical access within the range of standard Bluetooth transmission can create a specia ... oval:org.secpod.oval:def:1601006 A flaw was found in the Linux kernel's implementation of RDS over TCP. A system that has the rds_tcp kernel module loaded could possibly cause a use after free in which an attacker who is able to manipulate socket state while a network namespace is being torn down. This can lead to possible memory ... oval:org.secpod.oval:def:1601007 A flaw was found in the Linux kernel#039;s freescale hypervisor manager implementation. A parameter passed via to an ioctl was incorrectly validated and used in size calculations for the page size calculation. An attacker can use this flaw to crash the system or corrupt memory or, possibly, create o ... oval:org.secpod.oval:def:1700012 Stack-based out-of-bounds read via vmcall instructionLinux kernel compiled with the KVM virtualization support is vulnerable to an out-of-bounds read access issue. It could occur when emulating vmcall instructions invoked by a guest. A guest user/process could use this flaw to disclose kernel memor ... oval:org.secpod.oval:def:1700044 A weakness was found in the Linux kernel#039;s implementation of random seed data. Programs, early in the boot sequence, could use the data allocated for the seed before it was sufficiently generated. A flaw was found in the way the Linux kernel handled exceptions delivered after a stack switch oper ... oval:org.secpod.oval:def:1700130 The USB subsystem mishandles size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c.A flaw was found where an attacker may be able to have an uncontrolled read to kernel-memory from within a vm guest. A race condition between connect an ... oval:org.secpod.oval:def:1700166 A flaw was found in the Linux kernel#039;s implementation of logical link control and adaptation protocol , part of the Bluetooth stack in the l2cap_parse_conf_rsp and l2cap_parse_conf_req functions. An attacker with physical access within the range of standard Bluetooth transmission can create a sp ... oval:org.secpod.oval:def:1700170 A flaw was found in the Linux kernel#039;s implementation of RDS over TCP. A system that has the rds_tcp kernel module loaded could possibly cause a use after free in which an attacker who is able to manipulate socket state while a network namespace is being torn down. This can lead to possible me ... oval:org.secpod.oval:def:1700175 A flaw was found in the Linux kernels freescale hypervisor manager implementation. A parameter passed via to an ioctl was incorrectly validated and used in size calculations for the page size calculation. An attacker can use this flaw to crash the system or corrupt memory or, possibly, create other ... |
