Download
| Alert*
oval:org.secpod.oval:def:1503616
The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1503912 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1503680 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:33757 kernel-uek 4.x is installed oval:org.secpod.oval:def:1502089 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502088 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502195 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502196 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502197 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502106 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502107 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1500413 kernel-uek is installed oval:org.secpod.oval:def:1503281 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1503443 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1503402 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1503411 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1503183 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1503536 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1503278 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1503593 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1503432 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1503718 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1503733 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1503732 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1503740 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1503905 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1500167 An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 5. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ... oval:org.secpod.oval:def:1500048 An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderatesecurity impact. A Common Vulnerability Scoring System base score, which gives a detailed severity ... oval:org.secpod.oval:def:1500168 An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 6. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link inthe References section. The kernel-uek is main comp ... oval:org.secpod.oval:def:1500057 An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderatesecurity impact. A Common Vulnerability Scoring System base score, which gives a detailed severity ... oval:org.secpod.oval:def:1500120 An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderatesecurity impact. A Common Vulnerability Scoring System base score, which gives a detailed severity ... oval:org.secpod.oval:def:1500123 An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderatesecurity impact. A Common Vulnerability Scoring System base score, which gives a detailed severity ... oval:org.secpod.oval:def:1500122 An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderatesecurity impact. A Common Vulnerability Scoring System base score, which gives a detailed severity ... oval:org.secpod.oval:def:1500124 An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderatesecurity impact. A Common Vulnerability Scoring System base score, which gives a detailed severity ... oval:org.secpod.oval:def:1500014 An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderatesecurity impact. A Common Vulnerability Scoring System base score, which gives a detailed severity ... oval:org.secpod.oval:def:1500094 An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderatesecurity impact. A Common Vulnerability Scoring System base score, which gives a detailed severity ... oval:org.secpod.oval:def:1503842 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1500295 An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 6. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ... oval:org.secpod.oval:def:1500261 An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 5. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ... oval:org.secpod.oval:def:1500264 An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 6. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ... oval:org.secpod.oval:def:1500270 An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 6. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ... oval:org.secpod.oval:def:1500272 An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 5. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ... oval:org.secpod.oval:def:1501675 Several vulnerabilities have been discovered in Linux Kernel oval:org.secpod.oval:def:1501679 Several vulnerabilities have been discovered in Linux Kernel oval:org.secpod.oval:def:1501680 Several vulnerabilities have been discovered in Linux Kernel and dtrace-modules oval:org.secpod.oval:def:1501681 Several vulnerabilities have been discovered in Linux Kernel and dtrace-modules oval:org.secpod.oval:def:1500999 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1503923 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501251 Race condition in the IPC object implementation in the Linux kernel allows local users to gain privileges by triggering an ipc_addid call that leads to uid and gid comparisons against uninitialized data, related to msg.c, shm.c, and util.c. oval:org.secpod.oval:def:1501257 Race condition in the IPC object implementation in the Linux kernel allows local users to gain privileges by triggering an ipc_addid call that leads to uid and gid comparisons against uninitialized data, related to msg.c, shm.c, and util.c. oval:org.secpod.oval:def:1501140 The get_bitmap_file function in drivers/md/md.c in the Linux kernel does not initialize a certain bitmap data structure, which allows local users to obtain sensitive information from kernel memory via a GET_BITMAP_FILE ioctl call. oval:org.secpod.oval:def:1502019 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1503879 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1503756 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1503889 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501595 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:1501593 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:1501598 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:1501597 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:1501123 The get_bitmap_file function in drivers/md/md.c in the Linux kernel does not initialize a certain bitmap data structure, which allows local users to obtain sensitive information from kernel memory via a GET_BITMAP_FILE ioctl call. oval:org.secpod.oval:def:1503664 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501825 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501836 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1500996 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way seunshare, a utility for running executables under a different security context, used the capng_lock functionality of the libcap-ng library. The subsequent invocation of suid root bina ... oval:org.secpod.oval:def:1500997 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way seunshare, a utility for running executables under a different security context, used the capng_lock functionality of the libcap-ng library. The subsequent invocation of suid root bina ... oval:org.secpod.oval:def:1501144 The get_bitmap_file function in drivers/md/md.c in the Linux kernel does not initialize a certain bitmap data structure, which allows local users to obtain sensitive information from kernel memory via a GET_BITMAP_FILE ioctl call. oval:org.secpod.oval:def:1501117 The get_bitmap_file function in drivers/md/md.c in the Linux kernel does not initialize a certain bitmap data structure, which allows local users to obtain sensitive information from kernel memory via a GET_BITMAP_FILE ioctl call. oval:org.secpod.oval:def:1501126 The get_bitmap_file function in drivers/md/md.c in the Linux kernel does not initialize a certain bitmap data structure, which allows local users to obtain sensitive information from kernel memory via a GET_BITMAP_FILE ioctl call. oval:org.secpod.oval:def:1501124 The get_bitmap_file function in drivers/md/md.c in the Linux kernel does not initialize a certain bitmap data structure, which allows local users to obtain sensitive information from kernel memory via a GET_BITMAP_FILE ioctl call. oval:org.secpod.oval:def:1501422 Kernel update : x86/iopl/64: properly context-switch IOPL on Xen PV (Andy Lutomirski) and fs/hugetlbfs/inode.c: fix bugs in hugetlb_vmtruncate_list() (Mike Kravetz) oval:org.secpod.oval:def:1501421 Kernel update : x86/iopl/64: properly context-switch IOPL on Xen PV (Andy Lutomirski) and fs/hugetlbfs/inode.c: fix bugs in hugetlb_vmtruncate_list() (Mike Kravetz) oval:org.secpod.oval:def:1501528 Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:1501533 Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:1501536 Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:1501535 Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:1503954 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501539 Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:1501542 Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:1501727 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501609 A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-only memory mappings. An unprivileged local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on th ... oval:org.secpod.oval:def:1501730 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501614 A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-only memory mappings. An unprivileged local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on th ... oval:org.secpod.oval:def:1501611 A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-only memory mappings. An unprivileged local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on th ... oval:org.secpod.oval:def:1501612 A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-only memory mappings. An unprivileged local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on th ... oval:org.secpod.oval:def:1501500 The InfiniBand (aka IB) stack in the Linux kernel incorrectly relies on the write system call, which allows local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface. oval:org.secpod.oval:def:1501621 The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel allows local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling. oval:org.secpod.oval:def:1501501 The InfiniBand (aka IB) stack in the Linux kernel incorrectly relies on the write system call, which allows local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface. oval:org.secpod.oval:def:1501626 The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel allows local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling. oval:org.secpod.oval:def:1501757 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501760 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501495 The InfiniBand (aka IB) stack in the Linux kernel incorrectly relies on the write system call, which allows local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface. oval:org.secpod.oval:def:1501497 The InfiniBand (aka IB) stack in the Linux kernel incorrectly relies on the write system call, which allows local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface. oval:org.secpod.oval:def:1501576 Oracle Linux : Several security issues were fixed in the kernel. oval:org.secpod.oval:def:1501697 Linux Kernel : sctp: validate chunk len before actually using it oval:org.secpod.oval:def:1501577 Oracle Linux : Several security issues were fixed in the kernel. oval:org.secpod.oval:def:1501699 Linux Kernel : sctp: validate chunk len before actually using it oval:org.secpod.oval:def:1501578 Oracle Linux : Several security issues were fixed in the kernel. oval:org.secpod.oval:def:1501580 Oracle Linux : Several security issues were fixed in the kernel. oval:org.secpod.oval:def:1501602 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:1501603 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:1501862 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501865 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501928 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501916 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501921 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502471 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502472 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502313 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502312 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502285 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1500561 An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 6. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ... oval:org.secpod.oval:def:1500578 An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 5. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ... oval:org.secpod.oval:def:1501999 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502034 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502032 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1503859 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1503345 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1503386 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501892 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501207 The virtnet_probe function in drivers/net/virtio_net.c in the Linux kernel attempts to support a FRAGLIST feature without proper memory allocation, which allows guest OS users to cause a denial of service (buffer overflow and memory corruption) via a crafted sequence of fragmented packets. oval:org.secpod.oval:def:1501205 The virtnet_probe function in drivers/net/virtio_net.c in the Linux kernel attempts to support a FRAGLIST feature without proper memory allocation, which allows guest OS users to cause a denial of service (buffer overflow and memory corruption) via a crafted sequence of fragmented packets. oval:org.secpod.oval:def:1501877 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501878 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501875 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501879 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501889 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502112 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502113 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501208 The virtnet_probe function in drivers/net/virtio_net.c in the Linux kernel attempts to support a FRAGLIST feature without proper memory allocation, which allows guest OS users to cause a denial of service (buffer overflow and memory corruption) via a crafted sequence of fragmented packets. oval:org.secpod.oval:def:1501210 The virtnet_probe function in drivers/net/virtio_net.c in the Linux kernel attempts to support a FRAGLIST feature without proper memory allocation, which allows guest OS users to cause a denial of service (buffer overflow and memory corruption) via a crafted sequence of fragmented packets. oval:org.secpod.oval:def:1501211 The virtnet_probe function in drivers/net/virtio_net.c in the Linux kernel attempts to support a FRAGLIST feature without proper memory allocation, which allows guest OS users to cause a denial of service (buffer overflow and memory corruption) via a crafted sequence of fragmented packets. oval:org.secpod.oval:def:1501695 The mpi_powm function in lib/mpi/mpi-pow.c in the Linux kernel does not ensure that memory is allocated for limb data, which allows local users to cause a denial of service (stack memory corruption and panic) via an add_key system call for an RSA key with a zero exponent. The sctp_sf_ootb function i ... oval:org.secpod.oval:def:1501696 The mpi_powm function in lib/mpi/mpi-pow.c in the Linux kernel does not ensure that memory is allocated for limb data, which allows local users to cause a denial of service (stack memory corruption and panic) via an add_key system call for an RSA key with a zero exponent. The sctp_sf_ootb function i ... oval:org.secpod.oval:def:1501215 The virtnet_probe function in drivers/net/virtio_net.c in the Linux kernel attempts to support a FRAGLIST feature without proper memory allocation, which allows guest OS users to cause a denial of service (buffer overflow and memory corruption) via a crafted sequence of fragmented packets. oval:org.secpod.oval:def:1501938 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501940 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1505813 [4.14.35-2047.515.3.el7uek] - uek-rpm: Enable Pensando EMMC reset controller [Orabug: 34325721] - mfd: pensando_elbasr: Add Pensando Elba System Resource Chip [Orabug: 34325721] - dsc-drivers: update drivers for 1.15.9-C-65 [Orabug: 34325721] [4.14.35-2047.515.2.el7uek] - net/rds: Delayed DR_SOCK ... oval:org.secpod.oval:def:1502102 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502103 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502063 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502059 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501301 It was found that the Linux kernel's keys subsystem did not correctly garbage collect uninstantiated keyrings. A local attacker could use this flaw to crash the system or, potentially, escalate their privileges on the system. oval:org.secpod.oval:def:1501303 The key_gc_unused_keys function in security/keys/gc.c in the Linux kernel allows local users to cause a denial of service (OOPS) via crafted keyctl commands. oval:org.secpod.oval:def:1501307 Race condition in the IPC object implementation in the Linux kernel allows local users to gain privileges by triggering an ipc_addid call that leads to uid and gid comparisons against uninitialized data, related to msg.c, shm.c, and util.c. oval:org.secpod.oval:def:1501133 The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kernel provide inappropriate -EAGAIN return values, which allows remote attackers to cause a denial of service (EPOLLET epoll application read outage) via an incorrect checksum in a UDP packet. oval:org.secpod.oval:def:1501138 The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kernel provide inappropriate -EAGAIN return values, which allows remote attackers to cause a denial of service (EPOLLET epoll application read outage) via an incorrect checksum in a UDP packet. oval:org.secpod.oval:def:1501143 The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kernel provide inappropriate -EAGAIN return values, which allows remote attackers to cause a denial of service (EPOLLET epoll application read outage) via an incorrect checksum in a UDP packet. oval:org.secpod.oval:def:1501267 The KVM subsystem in the Linux kernel allow guest OS users to cause a denial of service (host OS panic or hang) by triggering many #AC (aka Alignment Check) exceptions, related to svm.c and vmx.c. oval:org.secpod.oval:def:1501150 The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kernel provide inappropriate -EAGAIN return values, which allows remote attackers to cause a denial of service (EPOLLET epoll application read outage) via an incorrect checksum in a UDP packet. oval:org.secpod.oval:def:1501272 The KVM subsystem in the Linux kernel allow guest OS users to cause a denial of service (host OS panic or hang) by triggering many #AC (aka Alignment Check) exceptions, related to svm.c and vmx.c. oval:org.secpod.oval:def:1501164 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the kernel"s implementation of the Berkeley Packet Filter . A local attacker could craft BPF code to crash the system by creating a situation in which the JIT compiler would fail to correctly ... oval:org.secpod.oval:def:1501217 The get_bitmap_file function in drivers/md/md.c in the Linux kernel does not initialize a certain bitmap data structure, which allows local users to obtain sensitive information from kernel memory via a GET_BITMAP_FILE ioctl call. oval:org.secpod.oval:def:1501219 The get_bitmap_file function in drivers/md/md.c in the Linux kernel before does not initialize a certain bitmap data structure, which allows local users to obtain sensitive information from kernel memory via a GET_BITMAP_FILE ioctl call. oval:org.secpod.oval:def:1501120 The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kernel provide inappropriate -EAGAIN return values, which allows remote attackers to cause a denial of service (EPOLLET epoll application read outage) via an incorrect checksum in a UDP packet. oval:org.secpod.oval:def:1501128 The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kernel provide inappropriate -EAGAIN return values, which allows remote attackers to cause a denial of service (EPOLLET epoll application read outage) via an incorrect checksum in a UDP packet. oval:org.secpod.oval:def:1501293 The key_gc_unused_keys function in security/keys/gc.c in the Linux kernel allows local users to cause a denial of service (OOPS) via crafted keyctl commands. oval:org.secpod.oval:def:1501294 It was found that the Linux kernel's keys subsystem did not correctly garbage collect uninstantiated keyrings. A local attacker could use this flaw to crash the system or, potentially, escalate their privileges on the system. oval:org.secpod.oval:def:26787 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the kernel"s implementation of the Berkeley Packet Filter . A local attacker could craft BPF code to crash the system by creating a situation in which the JIT compiler would fail to correctly ... oval:org.secpod.oval:def:1501298 Race condition in the IPC object implementation in the Linux kernel allows local users to gain privileges by triggering an ipc_addid call that leads to uid and gid comparisons against uninitialized data, related to msg.c, shm.c, and util.c. oval:org.secpod.oval:def:1501937 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1500939 The kvm_iommu_map_pages function in virt/kvm/iommu.c in the Linux kernel through 3.17.2 miscalculates the number of pages during the handling of a mapping failure, which allows guest OS users to cause a denial of service (host OS page unpinning) or possibly have unspecified other impact by leveragin ... oval:org.secpod.oval:def:1500941 The kvm_iommu_map_pages function in virt/kvm/iommu.c in the Linux kernel through 3.17.2 miscalculates the number of pages during the handling of a mapping failure, which allows guest OS users to cause a denial of service (host OS page unpinning) or possibly have unspecified other impact by leveragin ... oval:org.secpod.oval:def:1500940 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1500943 The ieee80211_fragment function in net/mac80211/tx.c in the Linux kernel before 3.13.5 does not properly maintain a certain tail pointer, which allows remote attackers to obtain sensitive cleartext information by reading packets. oval:org.secpod.oval:def:1500942 The ieee80211_fragment function in net/mac80211/tx.c in the Linux kernel before 3.13.5 does not properly maintain a certain tail pointer, which allows remote attackers to obtain sensitive cleartext information by reading packets. oval:org.secpod.oval:def:1501010 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A buffer overflow flaw was found in the way the Linux kernel"s Intel AES-NI instructions optimized version of the RFC4106 GCM mode decryption functionality handled fragmented packets. A remote attacker could use ... oval:org.secpod.oval:def:1501013 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A buffer overflow flaw was found in the way the Linux kernel"s Intel AES-NI instructions optimized version of the RFC4106 GCM mode decryption functionality handled fragmented packets. A remote attacker could use ... oval:org.secpod.oval:def:1501017 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A buffer overflow flaw was found in the way the Linux kernel"s Intel AES-NI instructions optimized version of the RFC4106 GCM mode decryption functionality handled fragmented packets. A remote attacker could use ... oval:org.secpod.oval:def:1501026 The kernel package contains the Linux kernel , the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. oval:org.secpod.oval:def:1501027 The kernel package contains the Linux kernel , the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. oval:org.secpod.oval:def:1501029 The kernel package contains the Linux kernel , the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. oval:org.secpod.oval:def:1501030 The kernel package contains the Linux kernel , the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. oval:org.secpod.oval:def:1501033 The kernel package contains the Linux kernel , the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. oval:org.secpod.oval:def:1501034 The kernel package contains the Linux kernel , the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. oval:org.secpod.oval:def:1501102 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:1501108 Moderate: Oracle Linux 5 Unbreakable Enterprise kernel security update. oval:org.secpod.oval:def:1501111 Moderate: Oracle Linux 6 Unbreakable Enterprise kernel security update. oval:org.secpod.oval:def:1501115 Moderate: Oracle Linux 6 Unbreakable Enterprise kernel security update. oval:org.secpod.oval:def:1501116 Moderate: Oracle Linux 5 Unbreakable Enterprise kernel security update. oval:org.secpod.oval:def:1501006 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A buffer overflow flaw was found in the way the Linux kernel"s Intel AES-NI instructions optimized version of the RFC4106 GCM mode decryption functionality handled fragmented packets. A remote attacker could use ... oval:org.secpod.oval:def:1501096 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:1501063 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A NULL pointer dereference flaw was found in the way the Linux kernel"s virtual console implementation handled reference counting when accessing pseudo-terminal device files . A local, unprivileged attacker could ... oval:org.secpod.oval:def:1501065 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A NULL pointer dereference flaw was found in the way the Linux kernel"s virtual console implementation handled reference counting when accessing pseudo-terminal device files . A local, unprivileged attacker could ... oval:org.secpod.oval:def:1501073 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A NULL pointer dereference flaw was found in the way the Linux kernel"s virtual console implementation handled reference counting when accessing pseudo-terminal device files . A local, unprivileged attacker could ... oval:org.secpod.oval:def:1501071 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A NULL pointer dereference flaw was found in the way the Linux kernel"s virtual console implementation handled reference counting when accessing pseudo-terminal device files . A local, unprivileged attacker could ... oval:org.secpod.oval:def:1501072 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A NULL pointer dereference flaw was found in the way the Linux kernel"s virtual console implementation handled reference counting when accessing pseudo-terminal device files . A local, unprivileged attacker could ... oval:org.secpod.oval:def:1501075 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A NULL pointer dereference flaw was found in the way the Linux kernel"s virtual console implementation handled reference counting when accessing pseudo-terminal device files . A local, unprivileged attacker could ... oval:org.secpod.oval:def:1500966 Use-after-free vulnerability in the sctp_assoc_update function in net/sctp/associola.c in the Linux kernel before 3.18.8 allows remote attackers to cause a denial of service (slab corruption and panic) or possibly have unspecified other impact by triggering an INIT collision that leads to improper h ... oval:org.secpod.oval:def:1500849 It was found that the parse_rock_ridge_inode_internal() function of the Linux kernel's ISOFS implementation did not correctly check relocated directories when processing Rock Ridge child link (CL) tags. An attacker with physical access to the system could use a specially crafted ISO image to crash t ... oval:org.secpod.oval:def:1500970 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1500972 The InfiniBand (IB) implementation in the Linux kernel package does not properly restrict use of User Verbs for registration of memory regions, which allows local users to access arbitrary physical memory locations, and consequently cause a denial of service (system crash) or gain privileges, by lev ... oval:org.secpod.oval:def:1500971 Use-after-free vulnerability in the sctp_assoc_update function in net/sctp/associola.c in the Linux kernel before 3.18.8 allows remote attackers to cause a denial of service (slab corruption and panic) or possibly have unspecified other impact by triggering an INIT collision that leads to improper h ... oval:org.secpod.oval:def:1500974 The InfiniBand (IB) implementation in the Linux kernel package does not properly restrict use of User Verbs for registration of memory regions, which allows local users to access arbitrary physical memory locations, and consequently cause a denial of service (system crash) or gain privileges, by lev ... oval:org.secpod.oval:def:1500855 It was found that the parse_rock_ridge_inode_internal() function of the Linux kernel's ISOFS implementation did not correctly check relocated directories when processing Rock Ridge child link (CL) tags. An attacker with physical access to the system could use a specially crafted ISO image to crash t ... oval:org.secpod.oval:def:1500864 It was found that the parse_rock_ridge_inode_internal() function of the Linux kernel's ISOFS implementation did not correctly check relocated directories when processing Rock Ridge child link (CL) tags. An attacker with physical access to the system could use a specially crafted ISO image to crash t ... oval:org.secpod.oval:def:1500802 It was found that the Linux kernel's networking implementation did not correctly handle the setting of the keepalive socket option on raw sockets. A local user able to create a raw socket could use this flaw to crash the system. oval:org.secpod.oval:def:1500806 It was found that the Linux kernel's networking implementation did not correctly handle the setting of the keepalive socket option on raw sockets. A local user able to create a raw socket could use this flaw to crash the system. oval:org.secpod.oval:def:1500821 It was found that the parse_rock_ridge_inode_internal() function of the Linux kernel's ISOFS implementation did not correctly check relocated directories when processing Rock Ridge child link (CL) tags. An attacker with physical access to the system could use a specially crafted ISO image to crash t ... oval:org.secpod.oval:def:1503708 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1500203 An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 6. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link inthe References section. The kernel-uek is main comp ... oval:org.secpod.oval:def:1500208 An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 5. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ... oval:org.secpod.oval:def:1500212 An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 6. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link inthe References section. The kernel-uek is main comp ... oval:org.secpod.oval:def:1503815 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1500161 An updated kernel-uek package that fixes one security issue and multiple bugs isnow available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderatesecurity impact. The kernel-uek is main component of an operating system. This security update re-a ... oval:org.secpod.oval:def:1500165 An updated kernel-uek package that fixes one security issue and multiple bugs isnow available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderatesecurity impact. The kernel-uek is main component of an operating system. This security update re-a ... oval:org.secpod.oval:def:1503793 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1500192 An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 6. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link inthe References section. The kernel-uek is main comp ... oval:org.secpod.oval:def:1500193 An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 5. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link inthe References section. The kernel-uek is main comp ... oval:org.secpod.oval:def:1500196 An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 5. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ... oval:org.secpod.oval:def:1500195 An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 6. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ... oval:org.secpod.oval:def:1500240 An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 5. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link inthe References section. The kernel-uek is main comp ... oval:org.secpod.oval:def:1500022 An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderatesecurity impact. A Common Vulnerability Scoring System base score, which gives a detailed severity ... oval:org.secpod.oval:def:1500143 An updated kernel-uek package that fixes one security issue and multiple bugs isnow available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderatesecurity impact. A Common Vulnerability Scoring System base score, which gives a detailed severity ... oval:org.secpod.oval:def:1500144 An updated kernel-uek package that fixes one security issue and multiple bugs isnow available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderatesecurity impact. A Common Vulnerability Scoring System base score, which gives a detailed severity ... oval:org.secpod.oval:def:1500156 An updated kernel-uek package that fixes one security issue and multiple bugs isnow available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderatesecurity impact. A Common Vulnerability Scoring System base score, which gives a detailed severity ... oval:org.secpod.oval:def:1500157 An updated kernel-uek package that fixes one security issue and multiple bugs isnow available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderatesecurity impact. A Common Vulnerability Scoring System base score, which gives a detailed severity ... oval:org.secpod.oval:def:1500093 An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderatesecurity impact. A Common Vulnerability Scoring System base score, which gives a detailed severity ... oval:org.secpod.oval:def:1500177 An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 5. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ... oval:org.secpod.oval:def:1500179 An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 6. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ... oval:org.secpod.oval:def:1500994 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way seunshare, a utility for running executables under a different security context, used the capng_lock functionality of the libcap-ng library. The subsequent invocation of suid root bina ... oval:org.secpod.oval:def:1500998 The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way seunshare, a utility for running executables under a different security context, used the capng_lock functionality of the libcap-ng library. The subsequent invocation of suid root bina ... oval:org.secpod.oval:def:1504803 [4.14.35-2047.500.9.3.el7uek] - net/rds: Reject error code change [Orabug: 32577425] - PCI: hotplug: Add module parameter to allow user control of LEDs [Orabug: 32577399] - net/rds: increase 1MB MR pool size for RDS [Orabug: 32577394] [4.14.35-2047.500.9.2.el7uek] - Fix double free KASAN warnings ... oval:org.secpod.oval:def:1504766 [4.14.35-2047.500.9.1] - xen-blkback: fix error handling in xen_blkbk_map [Orabug: 32492110] {CVE-2021-26930} - xen-scsiback: dont "handle" error by BUG [Orabug: 32492102] {CVE-2021-26931} - xen-netback: dont "handle" error by BUG [Orabug: 32492102] {CVE-2021-26931} - xen-blkback: dont "handle" e ... oval:org.secpod.oval:def:1504643 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1504727 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1504635 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1504636 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501775 The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel mishandles DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service (double free) via an application that makes an IPV6_RECVPKTINFO setsocko ... oval:org.secpod.oval:def:1501779 The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel mishandles DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service (double free) via an application that makes an IPV6_RECVPKTINFO setsocko ... oval:org.secpod.oval:def:1501777 The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel mishandles DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service (double free) via an application that makes an IPV6_RECVPKTINFO setsocko ... oval:org.secpod.oval:def:1501783 The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel mishandles DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service (double free) via an application that makes an IPV6_RECVPKTINFO setsocko ... oval:org.secpod.oval:def:1505736 [4.1.12-124.62.3.1] - debug: Lock down kgdb [Orabug: 34152701] {CVE-2022-21499} oval:org.secpod.oval:def:1505948 [5.15.0-1.43.4.2.el9uek] - rds: copy_from_user only once per rds_sendmsg system call [Orabug: 33981854] {CVE-2022-21385} oval:org.secpod.oval:def:1507422 [4.1.12-124.78.4.1] - rds: Fix lack of reentrancy for connection reset with dst addr zero [Orabug: 35741584] {CVE-2023-22024} oval:org.secpod.oval:def:1507004 [5.15.0-105.125.6.2.1.el9uek] - rds: Fix lack of reentrancy for connection reset with dst addr zero [Orabug: 35713695] {CVE-2023-22024} oval:org.secpod.oval:def:1507005 [4.1.12-124.78.4.1.el7uek] - rds: Fix lack of reentrancy for connection reset with dst addr zero [Orabug: 35741584] {CVE-2023-22024} oval:org.secpod.oval:def:1507010 [5.15.0-105.125.6.2.1.el8uek] - rds: Fix lack of reentrancy for connection reset with dst addr zero [Orabug: 35713695] {CVE-2023-22024} oval:org.secpod.oval:def:1507011 [4.14.35-2047.529.3.1.el7uek] - rds: Fix lack of reentrancy for connection reset with dst addr zero [Orabug: 35708852] {CVE-2023-22024} oval:org.secpod.oval:def:1506009 [4.14.35-2047.517.3.el7uek] - KVM: x86: use raw clock values consistently [Orabug: 34575637] - KVM: x86: reorganize pvclock_gtod_data members [Orabug: 34575637] - KVM: x86: switch KVMCLOCK base to monotonic raw clock [Orabug: 34575637] [4.14.35-2047.517.2.el7uek] - kernfs: Replace global kernfs_o ... oval:org.secpod.oval:def:1506138 [4.14.35-2047.519.2.1.el7uek] - xfs: trim IO to found COW extent limit [Orabug: 34765284] - xfs: don"t use delalloc extents for COW on files with extsize hints oval:org.secpod.oval:def:1505853 [5.15.0-0.30.20.1.el9uek] - lockdown: Fix kexec lockdown bypass with ima policy [Orabug: 34386636] {CVE-2022-21505} oval:org.secpod.oval:def:1505855 [5.15.0-0.30.20.el9uek] - floppy: use a statically allocated error counter [Orabug: 34218638] {CVE-2022-1652} - x86: Disable RET on kexec [Orabug: 34335631] {CVE-2022-29901} {CVE-2022-23816} - x86/bugs: do not enable IBPB-on-entry when IBPB is not supported [Orabug: 34335631] {CVE-2022-29901} {CV ... oval:org.secpod.oval:def:1505639 [4.14.35-2047.513.2.1.el7uek] - perf: Fix sys_perf_event_open race against self [Orabug: 34175592] {CVE-2022-1729} oval:org.secpod.oval:def:1505824 [5.15.0-0.30.20.1] - lockdown: Fix kexec lockdown bypass with ima policy [Orabug: 34386636] {CVE-2022-21505} oval:org.secpod.oval:def:1505837 [5.15.0-0.30.20] - floppy: use a statically allocated error counter [Orabug: 34218638] {CVE-2022-1652} - x86: Disable RET on kexec [Orabug: 34335631] {CVE-2022-29901} {CVE-2022-23816} - x86/bugs: do not enable IBPB-on-entry when IBPB is not supported [Orabug: 34335631] {CVE-2022-29901} {CVE-2022- ... oval:org.secpod.oval:def:1505847 [5.15.0-0.30.20.1.el8uek] - lockdown: Fix kexec lockdown bypass with ima policy [Orabug: 34386636] {CVE-2022-21505} oval:org.secpod.oval:def:1506308 [4.14.35-2047.520.3.1.el7uek] - proc: proc_skip_spaces shouldn"t think it is working on C strings [Orabug: 34883027] {CVE-2022-4378} - proc: avoid integer type confusion in get_proc_long [Orabug: 34883027] {CVE-2022-4378} - hugetlbfs: don"t delete error page from pagecache [Orabug: 34883072] - mm ... oval:org.secpod.oval:def:1506311 [4.1.12-124.69.5.1.el7uek] - proc: proc_skip_spaces shouldn"t think it is working on C strings oval:org.secpod.oval:def:1506324 [4.1.12-124.69.5.1] - proc: proc_skip_spaces shouldn"t think it is working on C strings [Orabug: 34883048] {CVE-2022-4378} - proc: avoid integer type confusion in get_proc_long [Orabug: 34883048] {CVE-2022-4378} oval:org.secpod.oval:def:1506226 [5.15.0-4.70.5.2] - Revert "sched: Remove the limitation of WF_ON_CPU on wakelist if wakee cpu is idle" [Orabug: 34783367] [5.15.0-4.70.5.1] - NFSv4: Fixes for nfs4_inode_return_delegation [Orabug: 34751176] [5.15.0-4.70.5] - uek: kabi: update kABI files for new symbols [Orabug: 34595591] - Rever ... oval:org.secpod.oval:def:1505580 [4.14.35-2047.512.6.el7uek] - Revert rds/ib: recover rds connection from stuck rx path [Orabug: 34039271] - uek-rpm: update kABI lists for new symbols [Orabug: 33993774] [4.14.35-2047.512.5.el7uek] - netfilter: nf_tables: initialize registers in nft_do_chain [Orabug: 34012925] {CVE-2022-1016} - r ... oval:org.secpod.oval:def:1505582 [4.1.12-124.61.2] - exec, elf: ignore invalid note data [Orabug: 34023956] [4.1.12-124.61.1] - drm/i915: Flush TLBs before releasing backing store [Orabug: 33835812] {CVE-2022-0330} - drm/i915: Reduce locking in execlist command submission [Orabug: 33835812] {CVE-2022-0330} - ipv4: make exception ... oval:org.secpod.oval:def:1505423 [4.1.12-124.59.1.2] - fix regression in "epoll: Keep a reference on files added to the check list" [Orabug: 33679854] {CVE-2021-1048} - fget: check that the fd still exists after getting a ref to it [Orabug: 33679806] {CVE-2021-0920} - fs: add fget_many and fput_many [Orabug: 33679806] - af_unix: ... oval:org.secpod.oval:def:1505555 [4.1.12-124.61.2.el7uek] - exec, elf: ignore invalid note data [Orabug: 34023956] [4.1.12-124.61.1.el7uek] - drm/i915: Flush TLBs before releasing backing store [Orabug: 33835812] {CVE-2022-0330} - drm/i915: Reduce locking in execlist command submission [Orabug: 33835812] {CVE-2022-0330} - ipv4: ... oval:org.secpod.oval:def:1505560 [4.14.35-2047.511.5.8.el7uek] - netfilter: nf_tables: initialize registers in nft_do_chain [Orabug: 34048826] {CVE-2022-1016} oval:org.secpod.oval:def:1500899 The sctp_process_param function in net/sctp/sm_make_chunk.c in the SCTP implementation in the Linux kernel before 3.17.4, when ASCONF is used, allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via a malformed INIT chunk. oval:org.secpod.oval:def:1500898 The sctp_process_param function in net/sctp/sm_make_chunk.c in the SCTP implementation in the Linux kernel before 3.17.4, when ASCONF is used, allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via a malformed INIT chunk. oval:org.secpod.oval:def:1505343 [4.1.12-124.58.2.el7uek] - ovl: prevent private clone if bind mount is not allowed [Orabug: 33560431] {CVE-2021-3732} [4.1.12-124.58.1.el7uek] - sunrpc: move NO_CRKEY_TIMEOUT to the auth->au_flags [Orabug: 33443537] - xen/netfront: stop tx queues during live migration [Orabug: 33536410] oval:org.secpod.oval:def:1505596 [4.1.12-124.54.6] - xen-netback: do not kfree_skb when irq is disabled [Orabug: 33282046] [4.1.12-124.54.5] - l2tp: fix race between l2tp_session_delete and l2tp_tunnel_closeall [Orabug: 33113975] {CVE-2020-0429} - l2tp: ensure sessions are freed after their PPPOL2TP socket [Orabug: 33113975] {CV ... oval:org.secpod.oval:def:1500903 The sctp_process_param function in net/sctp/sm_make_chunk.c in the SCTP implementation in the Linux kernel before 3.17.4, when ASCONF is used, allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via a malformed INIT chunk. oval:org.secpod.oval:def:1500902 The sctp_process_param function in net/sctp/sm_make_chunk.c in the SCTP implementation in the Linux kernel before 3.17.4, when ASCONF is used, allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via a malformed INIT chunk. oval:org.secpod.oval:def:1500905 The sctp_process_param function in net/sctp/sm_make_chunk.c in the SCTP implementation in the Linux kernel before 3.17.4, when ASCONF is used, allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via a malformed INIT chunk. oval:org.secpod.oval:def:1500904 The sctp_process_param function in net/sctp/sm_make_chunk.c in the SCTP implementation in the Linux kernel before 3.17.4, when ASCONF is used, allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via a malformed INIT chunk. oval:org.secpod.oval:def:1505438 [4.1.12-124.60.1] - xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate [Orabug: 33699627] [Orabug: 33762471] {CVE-2021-4155} - fix regression in "epoll: Keep a reference on files added to the check list" [Orabug: 33679854] [Orabug: 33762505] {CVE-2021-1048} {CVE-2021-1048} - B ... oval:org.secpod.oval:def:1505683 [4.1.12-124.62.3] - fget: check that the fd still exists after getting a ref to it [Orabug: 33679806] {CVE-2021-0920} - fs: add fget_many and fput_many [Orabug: 33679806] - af_unix: fix garbage collect vs MSG_PEEK [Orabug: 33679806] {CVE-2021-0920} - net: split out functions related to registerin ... oval:org.secpod.oval:def:1505448 [4.1.12-124.58.2] - ovl: prevent private clone if bind mount is not allowed [Orabug: 33560431] {CVE-2021-3732} [4.1.12-124.58.1] - sunrpc: move NO_CRKEY_TIMEOUT to the auth- oval:org.secpod.oval:def:1505051 [4.14.35-2047.506.8.el7uek] - A/A Bonding: dev_hold/put the delayed GARP work handler"s netdev in rdmaip [Orabug: 33187189] - rds/ib: quarantine STALE mr before dereg [Orabug: 33187192] - rds/ib: avoid dereg of mr in frwr_clean [Orabug: 33187195] - rds/ib: update mr incarnation after forming inv ... oval:org.secpod.oval:def:1505297 [5.4.17-2136.301.1.2] - Revert "net/rds: Allocate pages on HCA NUMA nodeid" [Orabug: 33561324] - Revert "net/rds: Allocate rds_ib_{incoming,frag}_slab on HCA NUMA nodeid" [Orabug: 33561324] - Revert "net/rds: Use the same vector for send & receive" [Orabug: 33561324] - Revert "net/rds: Get rid of ... oval:org.secpod.oval:def:1505069 [4.14.35-2047.506.10.el7uek] - Revert rds/ib: reap tx completions during connection shutdown [Orabug: 33220435] - Revert rds/ib: handle posted ACK during connection shutdown [Orabug: 33220435] - Revert rds/ib: recover rds connection from interrupt loss scenario [Orabug: 33220435] - Revert rds/ib: ... oval:org.secpod.oval:def:1504712 [4.14.35-2047.501.0.el7uek] - block/diskstats: accumulate all per-cpu counters in one pass [Orabug: 32531559] - uek-rpm: config-aarch-embedded2 update for Jan 2021 Elba patches [Orabug: 32532588] - dts/pensando: Fix compatile - compatible typeo. [Orabug: 32532588] - Interrupt domain controllers f ... oval:org.secpod.oval:def:1504613 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1504623 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1504630 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1504589 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1504592 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1504591 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502240 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502241 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502247 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1504618 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1504621 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1503038 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1503066 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1503014 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502478 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502479 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502487 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1505455 [4.1.12-124.57.1] - target; fix print statement warning [Orabug: 33495661] - enic;: fix warning on module_param disable_vlan0, [Orabug: 33495661] - bnx2fc: correct BNX2FC_TM_TIMEOUT to be 60 sec [Orabug: 33495661] - target: Fix linux-4.1.y specific compile warning [Orabug: 33495661] - net/mlx4: ... oval:org.secpod.oval:def:1504550 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1504551 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502676 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502677 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502674 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1505595 [4.1.12-124.56.1] - ocfs2: subsystem.su_mutex is required while accessing the item- oval:org.secpod.oval:def:1503051 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1503052 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1503017 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1503024 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1503025 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1503076 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1503081 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502752 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502533 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502532 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502540 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502541 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502544 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502505 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502509 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502506 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502512 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502515 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502516 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502519 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502518 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502521 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502528 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502529 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502536 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502104 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502588 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502105 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502589 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502591 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502590 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501044 arch/x86/kernel/entry_64.S in the Linux kernel before 3.19.2 does not prevent the TS_COMPAT flag from reaching a user-mode task, which might allow local users to bypass the seccomp or audit protection mechanism via a crafted application that uses the (1) fork or (2) close system call, as demonstrate ... oval:org.secpod.oval:def:1501045 arch/x86/kernel/entry_64.S in the Linux kernel before 3.19.2 does not prevent the TS_COMPAT flag from reaching a user-mode task, which might allow local users to bypass the seccomp or audit protection mechanism via a crafted application that uses the (1) fork or (2) close system call, as demonstrate ... oval:org.secpod.oval:def:1501048 arch/x86/kernel/entry_64.S in the Linux kernel before 3.19.2 does not prevent the TS_COMPAT flag from reaching a user-mode task, which might allow local users to bypass the seccomp or audit protection mechanism via a crafted application that uses the (1) fork or (2) close system call, as demonstrate ... oval:org.secpod.oval:def:1501049 arch/x86/kernel/entry_64.S in the Linux kernel before 3.19.2 does not prevent the TS_COMPAT flag from reaching a user-mode task, which might allow local users to bypass the seccomp or audit protection mechanism via a crafted application that uses the (1) fork or (2) close system call, as demonstrate ... oval:org.secpod.oval:def:1504745 [4.14.35-1902.3.2] - x86/speculation: Exclude ATOMs from speculation through SWAPGS [Orabug: 29967570] {CVE-2019-1125} - x86/speculation: Enable Spectre v1 swapgs mitigations [Orabug: 29967570] {CVE-2019-1125} - x86/speculation: Prepare entry code for Spectre v1 swapgs mitigations [Orabug: 299675 ... oval:org.secpod.oval:def:1502443 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501052 arch/x86/kernel/entry_64.S in the Linux kernel before 3.19.2 does not prevent the TS_COMPAT flag from reaching a user-mode task, which might allow local users to bypass the seccomp or audit protection mechanism via a crafted application that uses the (1) fork or (2) close system call, as demonstrate ... oval:org.secpod.oval:def:1501050 arch/x86/kernel/entry_64.S in the Linux kernel before 3.19.2 does not prevent the TS_COMPAT flag from reaching a user-mode task, which might allow local users to bypass the seccomp or audit protection mechanism via a crafted application that uses the (1) fork or (2) close system call, as demonstrate ... oval:org.secpod.oval:def:1502340 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502220 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502233 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502231 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502249 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502250 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502492 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502494 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502310 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502311 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502217 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502189 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502190 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502394 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502395 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502288 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502289 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502290 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502177 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502178 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502482 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502136 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502320 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502321 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502082 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502083 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502084 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502092 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502090 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502163 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502164 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502053 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501923 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501818 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501821 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501914 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501915 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501920 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502348 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502349 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502244 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502000 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502245 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502007 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502008 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502017 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502304 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502305 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502203 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502201 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502205 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502214 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502219 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502049 Several security issues were fixed in Linux Kernel. oval:org.secpod.oval:def:1502047 Several security issues were fixed in Linux Kernel. oval:org.secpod.oval:def:1502295 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502050 Several security issues were fixed in Linux Kernel. oval:org.secpod.oval:def:1502057 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502296 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502055 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501947 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501957 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501966 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501311 The join_session_keyring function in security/keys/process_keys.c in the Linux kernel mishandles object references in a certain error case, which allows local users to gain privileges or cause a denial of service (integer overflow and use-after-free) via crafted keyctl commands. oval:org.secpod.oval:def:1501316 The join_session_keyring function in security/keys/process_keys.c in the Linux kernel mishandles object references in a certain error case, which allows local users to gain privileges or cause a denial of service (integer overflow and use-after-free) via crafted keyctl commands. oval:org.secpod.oval:def:1501558 Security vulnerabilities are present in kernel-uek and dtrace-modules oval:org.secpod.oval:def:1501314 The join_session_keyring function in security/keys/process_keys.c in the Linux kernel mishandles object references in a certain error case, which allows local users to gain privileges or cause a denial of service (integer overflow and use-after-free) via crafted keyctl commands. oval:org.secpod.oval:def:1501319 The join_session_keyring function in security/keys/process_keys.c in the Linux kernel mishandles object references in a certain error case, which allows local users to gain privileges or cause a denial of service (integer overflow and use-after-free) via crafted keyctl commands. oval:org.secpod.oval:def:1501562 Security vulnerabilities are present in kernel-uek and dtrace-modules oval:org.secpod.oval:def:1501731 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501735 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501863 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501860 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501861 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501864 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501763 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501764 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501765 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501766 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501451 net/sctp/sm_sideeffect.c in the Linux kernel before does not properly manage the relationship between a lock and a socket, which allows local users to cause a denial of service (deadlock) via a crafted sctp_accept call. oval:org.secpod.oval:def:1501452 net/sctp/sm_sideeffect.c in the Linux kernel before does not properly manage the relationship between a lock and a socket, which allows local users to cause a denial of service (deadlock) via a crafted sctp_accept call. oval:org.secpod.oval:def:1501469 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A flaw was found in the way the Linux kernel"s ASN.1 DER decoder processed certain certificate files with tags of indefinite length. A local, unprivileged user could use a specially crafted X.509 ce ... oval:org.secpod.oval:def:1501472 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A flaw was found in the way the Linux kernel"s ASN.1 DER decoder processed certain certificate files with tags of indefinite length. A local, unprivileged user could use a specially crafted X.509 ce ... oval:org.secpod.oval:def:1501476 Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:1501480 Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:1501481 Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:1501482 Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:1501819 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501817 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501822 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501820 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501827 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501824 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501707 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A use-after-free vulnerability was found in the kernels socket recvmmsg subsystem. This may allows remote attackers to corrupt memory and may allow execution of arbitrary code. This corruption takes ... oval:org.secpod.oval:def:1501716 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A use-after-free vulnerability was found in the kernels socket recvmmsg subsystem. This may allows remote attackers to corrupt memory and may allow execution of arbitrary code. This corruption takes ... oval:org.secpod.oval:def:1501714 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A use-after-free vulnerability was found in the kernels socket recvmmsg subsystem. This may allows remote attackers to corrupt memory and may allow execution of arbitrary code. This corruption takes ... oval:org.secpod.oval:def:1501715 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A use-after-free vulnerability was found in the kernels socket recvmmsg subsystem. This may allows remote attackers to corrupt memory and may allow execution of arbitrary code. This corruption takes ... oval:org.secpod.oval:def:1500318 An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 5. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ... oval:org.secpod.oval:def:1500680 The sctp_association_free function in net/sctp/associola.c in the Linux kernel before 3.15.2 does not properly manage a certain backlog value, which allows remote attackers to cause a denial of service (socket outage) via a crafted SCTP packet. oval:org.secpod.oval:def:1500682 The futex_requeue function in kernel/futex.c in the Linux kernel through 3.14.5 does not ensure that calls have two different futex addresses, which allows local users to gain privileges via a crafted FUTEX_REQUEUE command that facilitates unsafe waiter modification. oval:org.secpod.oval:def:1500563 An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 6. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ... oval:org.secpod.oval:def:1500202 An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 5. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link inthe References section. The kernel-uek is main comp ... oval:org.secpod.oval:def:1500325 An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 5. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ... oval:org.secpod.oval:def:1500687 The futex_requeue function in kernel/futex.c in the Linux kernel through 3.14.5 does not ensure that calls have two different futex addresses, which allows local users to gain privileges via a crafted FUTEX_REQUEUE command that facilitates unsafe waiter modification. oval:org.secpod.oval:def:1500569 An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 6. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ... oval:org.secpod.oval:def:1500570 An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 5. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ... oval:org.secpod.oval:def:1500572 An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 6. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ... oval:org.secpod.oval:def:1500211 An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 5. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ... oval:org.secpod.oval:def:1500574 An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 6. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ... oval:org.secpod.oval:def:1500210 An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 6. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ... oval:org.secpod.oval:def:1500577 An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 6. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ... oval:org.secpod.oval:def:1500579 An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 5. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ... oval:org.secpod.oval:def:1500583 An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 6. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ... oval:org.secpod.oval:def:1500585 An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 5. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ... oval:org.secpod.oval:def:1500342 An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 6. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ... oval:org.secpod.oval:def:1500345 An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 5. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ... oval:org.secpod.oval:def:1500588 An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 5. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ... oval:org.secpod.oval:def:1500350 An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 6. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ... oval:org.secpod.oval:def:1500352 An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 6. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ... oval:org.secpod.oval:def:1500230 An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 5. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link inthe References section. The kernel-uek is main comp ... oval:org.secpod.oval:def:1500353 An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 5. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ... oval:org.secpod.oval:def:1500764 sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 does not ensure possession of a read/write lock, which allows local users to cause a denial of service (use-after-free) and obtain sensitive information from kernel memory by leveraging /dev/snd/controlCX acces ... oval:org.secpod.oval:def:1500770 include/linux/netdevice.h in the Linux kernel before 2.6.36 incorrectly uses macros for netdev_printk and its related logging implementation, which allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) by sending invalid packets to a VxLAN interface. oval:org.secpod.oval:def:1500772 A use-after-free flaw was found in the way the Linux kernel's Advanced Linux Sound Architecture (ALSA) implementation handled user controls. A local, privileged user could use this flaw to crash the system. oval:org.secpod.oval:def:1500773 A use-after-free flaw was found in the way the Linux kernel's Advanced Linux Sound Architecture (ALSA) implementation handled user controls. A local, privileged user could use this flaw to crash the system. oval:org.secpod.oval:def:1500412 An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 6. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ... oval:org.secpod.oval:def:1500657 The BPF_S_ANC_NLATTR and BPF_S_ANC_NLATTR_NEST extensions fail to check for a minimal message length before testing the supplied offset to be within the bounds of the message. This allows the subtraction of the nla header to underflow and therefore -- as the data type is unsigned -- allowing far to ... oval:org.secpod.oval:def:1500417 An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 5. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ... oval:org.secpod.oval:def:1500659 The (1) BPF_S_ANC_NLATTR and (2) BPF_S_ANC_NLATTR_NEST extension implementations in the sk_run_filter function in net/core/filter.c in the Linux kernel through 3.14.3 do not check whether a certain length value is sufficiently large, which allows local users to cause a denial of service (integer und ... oval:org.secpod.oval:def:1500416 An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 6. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ... oval:org.secpod.oval:def:1500658 The (1) BPF_S_ANC_NLATTR and (2) BPF_S_ANC_NLATTR_NEST extension implementations in the sk_run_filter function in net/core/filter.c in the Linux kernel through 3.14.3 do not check whether a certain length value is sufficiently large, which allows local users to cause a denial of service (integer und ... oval:org.secpod.oval:def:1500418 An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 5. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ... oval:org.secpod.oval:def:1500660 Race condition in the mac80211 subsystem in the Linux kernel before 3.13.7 allows remote attackers to cause a denial of service (system crash) via network traffic that improperly interacts with the WLAN_STA_PS_STA state (aka power-save mode), related to sta_info.c and tx.c. oval:org.secpod.oval:def:1500661 Race condition in the mac80211 subsystem in the Linux kernel before 3.13.7 allows remote attackers to cause a denial of service (system crash) via network traffic that improperly interacts with the WLAN_STA_PS_STA state (aka power-save mode), related to sta_info.c and tx.c. oval:org.secpod.oval:def:1500785 Multiple buffer overflows in the command_port_read_callback function in drivers/usb/serial/whiteheat.c in the Whiteheat USB Serial Driver in the Linux kernel before 3.16.2 allow physically proximate attackers to execute arbitrary code or cause a denial of service (memory corruption and system crash) ... oval:org.secpod.oval:def:1500421 An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 6. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ... oval:org.secpod.oval:def:1500663 The BPF_S_ANC_NLATTR and BPF_S_ANC_NLATTR_NEST extensions fail to check for a minimal message length before testing the supplied offset to be within the bounds of the message. This allows the subtraction of the nla header to underflow and therefore -- as the data type is unsigned -- allowing far to ... oval:org.secpod.oval:def:1500786 Multiple buffer overflows in the command_port_read_callback function in drivers/usb/serial/whiteheat.c in the Whiteheat USB Serial Driver in the Linux kernel before 3.16.2 allow physically proximate attackers to execute arbitrary code or cause a denial of service (memory corruption and system crash) ... oval:org.secpod.oval:def:1500788 Multiple buffer overflows in the command_port_read_callback function in drivers/usb/serial/whiteheat.c in the Whiteheat USB Serial Driver in the Linux kernel before 3.16.2 allow physically proximate attackers to execute arbitrary code or cause a denial of service (memory corruption and system crash) ... oval:org.secpod.oval:def:1500309 An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 6. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ... oval:org.secpod.oval:def:1500790 Multiple buffer overflows in the command_port_read_callback function in drivers/usb/serial/whiteheat.c in the Whiteheat USB Serial Driver in the Linux kernel before 3.16.2 allow physically proximate attackers to execute arbitrary code or cause a denial of service (memory corruption and system crash) ... oval:org.secpod.oval:def:1500672 The sctp_association_free function in net/sctp/associola.c in the Linux kernel before 3.15.2 does not properly manage a certain backlog value, which allows remote attackers to cause a denial of service (socket outage) via a crafted SCTP packet. oval:org.secpod.oval:def:1500312 An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 5. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ... oval:org.secpod.oval:def:1500675 For a TCP-style socket, while processing the COOKIE_ECHO chunk in sctp_sf_do_5_1D_ce(), after it has passed a series of sanity check, a new association would be created in sctp_unpack_cookie(), but afterwards, some processing maybe failed, and sctp_association_free() will be called to free the previ ... oval:org.secpod.oval:def:1500796 Multiple buffer overflows in the command_port_read_callback function in drivers/usb/serial/whiteheat.c in the Whiteheat USB Serial Driver in the Linux kernel before 3.16.2 allow physically proximate attackers to execute arbitrary code or cause a denial of service (memory corruption and system crash) ... oval:org.secpod.oval:def:1500674 The sctp_association_free function in net/sctp/associola.c in the Linux kernel before 3.15.2 does not properly manage a certain backlog value, which allows remote attackers to cause a denial of service (socket outage) via a crafted SCTP packet. oval:org.secpod.oval:def:1500795 Multiple buffer overflows in the command_port_read_callback function in drivers/usb/serial/whiteheat.c in the Whiteheat USB Serial Driver in the Linux kernel before 3.16.2 allow physically proximate attackers to execute arbitrary code or cause a denial of service (memory corruption and system crash) ... oval:org.secpod.oval:def:1500314 An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 5. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ... oval:org.secpod.oval:def:1500556 An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 6. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ... oval:org.secpod.oval:def:1500677 For a TCP-style socket, while processing the COOKIE_ECHO chunk in sctp_sf_do_5_1D_ce(), after it has passed a series of sanity check, a new association would be created in sctp_unpack_cookie(), but afterwards, some processing maybe failed, and sctp_association_free() will be called to free the previ ... oval:org.secpod.oval:def:1500555 An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 6. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ... oval:org.secpod.oval:def:1500679 Linux kernel built with the support for Stream Control Transmission Protocol is vulnerable to a NULL pointer dereference flaw. It could occur when simultaneous new connections are initiated between the same pair of hosts. A remote user/program could use this flaw to crash the system kernel resulting ... oval:org.secpod.oval:def:1500370 An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 6. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ... oval:org.secpod.oval:def:1500251 An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 5. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ... oval:org.secpod.oval:def:1500372 An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 6. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ... oval:org.secpod.oval:def:1500374 An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 5. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ... oval:org.secpod.oval:def:1500376 An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 6. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ... oval:org.secpod.oval:def:1500258 An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 6. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ... oval:org.secpod.oval:def:1500379 An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 5. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ... oval:org.secpod.oval:def:1500384 An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 5. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ... oval:org.secpod.oval:def:1500714 Linux kernel built with the system-call auditing support(CONFIG_AUDITSYSCALL) is vulnerable to a kernel crash or information disclosure flaw caused by out of bounds memory access. It could occur when system call audit rules are configured on a system. Administrative privileges are required to add su ... oval:org.secpod.oval:def:1500834 An integer overflow flaw was found in the way the Linux kernel's Advanced Linux Sound Architecture (ALSA) implementation handled user controls. A local, privileged user could use this flaw to crash the system. oval:org.secpod.oval:def:1500716 Linux kernel built with the system-call auditing support(CONFIG_AUDITSYSCALL) is vulnerable to a kernel crash or information disclosure flaw caused by out of bounds memory access. It could occur when system call audit rules are configured on a system. Administrative privileges are required to add su ... oval:org.secpod.oval:def:1500715 kernel/auditsc.c in the Linux kernel through 3.14.5, when CONFIG_AUDITSYSCALL is enabled with certain syscall rules, allows local users to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service (OOPS) via a large value of a syscall number. oval:org.secpod.oval:def:1500838 A flaw was found in the way the Linux kernel's Stream Control Transmission Protocol (SCTP) implementation handled duplicate Address Configuration Change Chunks (ASCONF). A remote attacker could use either of these flaws to crash the system. oval:org.secpod.oval:def:1500602 The raw_cmd_copyin function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly handle error conditions during processing of an FDRAWCMD ioctl call, which allows local users to trigger kfree operations and gain privileges by leveraging write access to a /dev/fd device. oval:org.secpod.oval:def:1500844 Multiple out-of-bounds write flaws were found in the way the Cherry Cymotion keyboard driver, KYE/Genius device drivers, Logitech device drivers, Monterey Genius KB29E keyboard driver, Petalynx Maxter remote control driver, and Sunplus wireless desktop driver handled HID reports with an invalid repo ... oval:org.secpod.oval:def:1500843 Multiple out-of-bounds write flaws were found in the way the Cherry Cymotion keyboard driver, KYE/Genius device drivers, Logitech device drivers, Monterey Genius KB29E keyboard driver, Petalynx Maxter remote control driver, and Sunplus wireless desktop driver handled HID reports with an invalid repo ... oval:org.secpod.oval:def:1500846 An information leak flaw was found in the way the Linux kernel's Advanced Linux Sound Architecture (ALSA) implementation handled access of the user control's state. A local, privileged user could use this flaw to leak kernel memory to user space. oval:org.secpod.oval:def:1500848 A flaw was found in the way the Linux kernel's Stream Control Transmission Protocol (SCTP) implementation handled duplicate Address Configuration Change Chunks (ASCONF). A remote attacker could use either of these flaws to crash the system. oval:org.secpod.oval:def:1500611 The Linux kernel before 3.15.4 on Intel processors does not properly restrict use of a non-canonical value for the saved RIP address in the case of a system call that does not use IRET, which allows local users to leverage a race condition and gain privileges, or cause a denial of service (double fa ... oval:org.secpod.oval:def:1500853 A flaw was found in the way the Linux kernel's Stream Control Transmission Protocol (SCTP) implementation handled duplicate Address Configuration Change Chunks (ASCONF). A remote attacker could use either of these flaws to crash the system. oval:org.secpod.oval:def:1500613 The skb_flow_dissect function in net/core/flow_dissector.c in the Linux kernel through 3.12 allows remote attackers to cause a denial of service (infinite loop) via a small value in the IHL field of a packet with IPIP encapsulation. oval:org.secpod.oval:def:1500612 A flaw was found in the way pppol2tp_setsockopt() and pppol2tp_getsockopt() functions in the Linux kernel's PPP over L2TP implementation handled non-SOL_PPPOL2TP level. oval:org.secpod.oval:def:1500854 A flaw was found in the way the Linux kernel's Stream Control Transmission Protocol (SCTP) implementation handled malformed Address Configuration Change Chunks (ASCONF). A remote attacker could use either of these flaws to crash the system. oval:org.secpod.oval:def:1500615 The PPPoL2TP feature in net/l2tp/l2tp_ppp.c in the Linux kernel through 3.15.6 allows local users to gain privileges by leveraging data-structure differences between an l2tp socket and an inet socket. oval:org.secpod.oval:def:1500617 The PPPoL2TP feature in net/l2tp/l2tp_ppp.c in the Linux kernel through 3.15.6 allows local users to gain privileges by leveraging data-structure differences between an l2tp socket and an inet socket. oval:org.secpod.oval:def:1500622 The skb_flow_dissect function in net/core/flow_dissector.c in the Linux kernel through 3.12 allows remote attackers to cause a denial of service (infinite loop) via a small value in the IHL field of a packet with IPIP encapsulation. oval:org.secpod.oval:def:1500870 A flaw was found in the way the Linux kernel's Stream Control Transmission Protocol (SCTP) implementation handled duplicate Address Configuration Change Chunks (ASCONF). A remote attacker could use either of these flaws to crash the system. oval:org.secpod.oval:def:1500752 sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 does not ensure possession of a read/write lock, which allows local users to cause a denial of service (use-after-free) and obtain sensitive information from kernel memory by leveraging /dev/snd/controlCX acces ... oval:org.secpod.oval:def:1500753 include/linux/netdevice.h in the Linux kernel before 2.6.36 incorrectly uses macros for netdev_printk and its related logging implementation, which allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) by sending invalid packets to a VxLAN interface. oval:org.secpod.oval:def:1500804 A flaw was found in the way the Linux kernel's Stream Control Transmission Protocol (SCTP) implementation handled duplicate Address Configuration Change Chunks (ASCONF). A remote attacker could use either of these flaws to crash the system. oval:org.secpod.oval:def:1500808 A flaw was found in the way the Linux kernel's Stream Control Transmission Protocol (SCTP) implementation handled duplicate Address Configuration Change Chunks (ASCONF). A remote attacker could use either of these flaws to crash the system. oval:org.secpod.oval:def:1500815 A flaw was found in the way the Linux kernel's Stream Control Transmission Protocol (SCTP) implementation handled duplicate Address Configuration Change Chunks (ASCONF). A remote attacker could use either of these flaws to crash the system. oval:org.secpod.oval:def:1500817 An information leak flaw was found in the way the Linux kernel's Advanced Linux Sound Architecture (ALSA) implementation handled access of the user control's state. A local, privileged user could use this flaw to leak kernel memory to user space. oval:org.secpod.oval:def:1500705 Linux kernel built with the support for Stream Control Transmission Protocol is vulnerable to a NULL pointer dereference flaw. It could occur when simultaneous new connections are initiated between the same pair of hosts. A remote user/program could use this flaw to crash the system kernel resulting ... oval:org.secpod.oval:def:1500704 kernel/auditsc.c in the Linux kernel through 3.14.5, when CONFIG_AUDITSYSCALL is enabled with certain syscall rules, allows local users to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service (OOPS) via a large value of a syscall number. oval:org.secpod.oval:def:1500825 An out-of-bounds write flaw was found in the way the Apple Magic Mouse/Trackpad multi-touch driver handled Human Interface Device (HID) reports with an invalid size. An attacker with physical access to the system could use this flaw to crash the system or, potentially, escalate their privileges on t ... oval:org.secpod.oval:def:1500949 Stack-based buffer overflow in the ttusbdecfe_dvbs_diseqc_send_master_cmd function in drivers/media/usb/ttusb-dec/ttusbdecfe.c in the Linux kernel before 3.17.4 allows local users to cause a denial of service (system crash) or possibly gain privileges via a large message length in an ioctl call. oval:org.secpod.oval:def:1500950 Stack-based buffer overflow in the ttusbdecfe_dvbs_diseqc_send_master_cmd function in drivers/media/usb/ttusb-dec/ttusbdecfe.c in the Linux kernel before 3.17.4 allows local users to cause a denial of service (system crash) or possibly gain privileges via a large message length in an ioctl call. oval:org.secpod.oval:def:1500711 Linux kernel built with the support for Stream Control Transmission Protocol is vulnerable to a NULL pointer dereference flaw. It could occur when simultaneous new connections are initiated between the same pair of hosts. A remote user/program could use this flaw to crash the system kernel resulting ... oval:org.secpod.oval:def:1507426 [4.1.12-124.82.2] - Bluetooth: Reject connection with the device which has same BD_ADDR [Orabug: 35959598] {CVE-2020-26555} - sched/rt: pick_next_rt_entity: check list_entry [Orabug: 35181560] {CVE-2023-1077} - sched/debug: Fix SCHED_WARN_ON to return a value on !CONFIG_SCHED_DEBUG as well [Orabu ... oval:org.secpod.oval:def:1506633 [5.15.0-102.110.5] - RISC-V: Fix up a cherry-pick warning in setup_vm_final - Revert "Bluetooth: btsdio: fix use after free bug in btsdio_remove due to unfinished work" - riscv: mm: remove redundant parameter of create_fdt_early_page_table - kernfs: change kernfs_rename_lock into a read-write loc ... oval:org.secpod.oval:def:1506975 [4.1.12-124.78.2.el7uek] - xfrm: fix crash in XFRM_MSG_GETSA netlink handler [Orabug: 35598955] {CVE-2023-3106} - netfilter: nf_tables: validate registers coming from userspace [Orabug: 34012909] {CVE-2022-1015} [4.1.12-124.78.1.el7uek] - vc_screen: move load of struct vc_data pointer in vcs_read ... oval:org.secpod.oval:def:1507419 [4.1.12-124.78.2] - xfrm: fix crash in XFRM_MSG_GETSA netlink handler [Orabug: 35598955] {CVE-2023-3106} - netfilter: nf_tables: validate registers coming from userspace [Orabug: 34012909] {CVE-2022-1015} [4.1.12-124.78.1] - vc_screen: move load of struct vc_data pointer in vcs_read to avoid UAF ... oval:org.secpod.oval:def:1507183 [4.1.12-124.81.2.el7uek] - rebuild bumping release [4.1.12-124.81.1.el7uek] - netfilter: xt_sctp: validate the flag_info count [Orabug: 35923500] {CVE-2023-39193} - USB: ene_usb6250: Allocate enough memory for full object [Orabug: 35924058] {CVE-2023-45862} - netfilter: xt_u32: validate user space ... oval:org.secpod.oval:def:1506712 [4.1.12-124.76.2] - firewire: fix potential uaf in outbound_phy_packet_callback [Orabug: 35493606] {CVE-2023-3159} - ath9k: fix use-after-free in ath9k_hif_usb_rx_cb [Orabug: 35448003] {CVE-2022-1679} - dm ioctl: fix nested locking in table_clear to remove deadlock concern [Orabug: 35354880] {CVE ... oval:org.secpod.oval:def:1506714 [4.1.12-124.75.3] - net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg [Orabug: 35354791] {CVE-2023-2248} [4.1.12-124.75.2] - prlimit: do_prlimit needs to have a speculation check [Orabug: 35354303] {CVE-2023-0458} - kernel/sys.c: fix potential Spectre v1 issue [Orabug: 35354303] ... oval:org.secpod.oval:def:1506964 [4.1.12-124.76.2.el7uek] - firewire: fix potential uaf in outbound_phy_packet_callback [Orabug: 35493606] {CVE-2023-3159} - ath9k: fix use-after-free in ath9k_hif_usb_rx_cb [Orabug: 35448003] {CVE-2022-1679} - dm ioctl: fix nested locking in table_clear to remove deadlock concern [Orabug: 3535488 ... oval:org.secpod.oval:def:1506965 [4.1.12-124.77.2.el7uek] - media: dm1105: Fix use after free bug in dm1105_remove due to race condition [Orabug: 35514108] {CVE-2023-35824} - media: dvb-core: Fix kernel WARNING for blocking operation in wait_event* [Orabug: 35477742] {CVE-2023-31084} - media: dvb_frontend: fix locking issues at d ... oval:org.secpod.oval:def:1505811 [4.1.12-124.64.1.el7uek] - iscsi-target: Fix the issue with shutdown_session removal [Orabug: 29661566] - scsi: target: fix hang when multiple threads try to destroy the same iscsi session [Orabug: 29661566] - scsi: target: remove boilerplate code [Orabug: 29661566] - iscsi-target: remove usage o ... oval:org.secpod.oval:def:1505836 [4.1.12-124.64.1] - iscsi-target: Fix the issue with shutdown_session removal [Orabug: 29661566] - scsi: target: fix hang when multiple threads try to destroy the same iscsi session [Orabug: 29661566] - scsi: target: remove boilerplate code [Orabug: 29661566] - iscsi-target: remove usage of - oval:org.secpod.oval:def:1506425 [5.15.0-7.86.6.1.el8uek] - net/rds: Delegate fan-out to a background worker [Orabug: 35051226] [5.15.0-7.86.6.el8uek] - runtime revert of virtio_net: Stripe queue affinities across cores. [Orabug: 35001044] - rds: ib: Make sure messages that errors out also get unmapped [Orabug: 35015598] - Ignor ... oval:org.secpod.oval:def:1506426 [4.14.35-2047.522.3.el7uek] - ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC [Orabug: 34653896] {CVE-2022-3303} - net/rds: Fill in rds_exthdr_size gaps [Orabug: 34979172] - net/rds: Trigger rds_send_hs_ping more than once. oval:org.secpod.oval:def:1506427 [5.15.0-7.86.6.1.el8uek] - net/rds: Delegate fan-out to a background worker [Orabug: 35051226] [5.15.0-7.86.6.el8uek] - runtime revert of virtio_net: Stripe queue affinities across cores. [Orabug: 35001044] - rds: ib: Make sure messages that errors out also get unmapped [Orabug: 35015598] - Ignor ... oval:org.secpod.oval:def:1507425 [4.1.12-124.81.2] - rebuild bumping release [4.1.12-124.81.1] - netfilter: xt_sctp: validate the flag_info count [Orabug: 35923500] {CVE-2023-39193} - USB: ene_usb6250: Allocate enough memory for full object [Orabug: 35924058] {CVE-2023-45862} - netfilter: xt_u32: validate user space input [Orabu ... oval:org.secpod.oval:def:1507421 [4.1.12-124.80.1] - Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb [Orabug: 35814478] {CVE-2023-40283} - net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free [Orabug: 35814297] {CVE-2023-4208} - RDMA/core: net: fix kernel NULL error [Orabug: 35723252] oval:org.secpod.oval:def:1506458 [4.1.12-124.71.3] - USB: core: Prevent nested device-reset calls [Orabug: 34951641] {CVE-2022-4662} - Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM [Orabug: 34833307] {CVE-2022-42896} {CVE-2022-42896} - Bluetooth: L2CAP: Introduce proper defines for PSM ranges [Orabug: 34833 ... oval:org.secpod.oval:def:1506459 [5.15.0-7.86.6.1] - net/rds: Delegate fan-out to a background worker [Orabug: 35051226] [5.15.0-7.86.6] - runtime revert of virtio_net: Stripe queue affinities across cores. [Orabug: 35001044] - rds: ib: Make sure messages that errors out also get unmapped [Orabug: 35015598] - Ignore hot plug eve ... oval:org.secpod.oval:def:1506637 [5.15.0-101.103.2.1] - Revert "attr: use consistent sgid stripping checks" [Orabug: 35346968] - Revert "iommu: Force iommu shutdown on panic" [Orabug: 35346963] [5.15.0-101.103.2] - uek-rpm: mod-extra: Remove mt7921e.ko from extras list [Orabug: 34999685] - crypto: allow ECDH and ECDSA algorithms ... oval:org.secpod.oval:def:1506405 [4.1.12-124.70.2] - proc: proc_skip_spaces shouldn"t think it is working on C strings [Orabug: 34882781] {CVE-2022-4378} - proc: avoid integer type confusion in get_proc_long [Orabug: 34882781] {CVE-2022-4378} - netfilter: nf_conntrack_irc: Fix forged IP logic [Orabug: 34872056] {CVE-2022-2663} - ... oval:org.secpod.oval:def:1507128 [4.1.12-124.80.1.el7uek] - Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb [Orabug: 35814478] {CVE-2023-40283} - net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free [Orabug: 35814297] {CVE-2023-4208} - RDMA/core: net: fix kernel NULL error [Orabug: 35723252 ... oval:org.secpod.oval:def:1506344 [5.15.0-6.80.3.1.el9uek] - Revert rds: ib: Enable FC by default oval:org.secpod.oval:def:1506340 [5.15.0-6.80.3.1.el8uek] - Revert rds: ib: Enable FC by default oval:org.secpod.oval:def:1507424 [4.1.12-124.83.2] - Input: add bounds checking to input_set_capability [Orabug: 36192120] {CVE-2022-48619} - netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack [Orabug: 36155598] {CVE-2023-7192} [4.1.12-124.83.1] - ext4: improve error recovery code paths in __ext4_remou ... oval:org.secpod.oval:def:1507367 [4.1.12-124.83.2.el7uek] - Input: add bounds checking to input_set_capability [Orabug: 36192120] {CVE-2022-48619} - netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack [Orabug: 36155598] {CVE-2023-7192} [4.1.12-124.83.1.el7uek] - ext4: improve error recovery code paths i ... oval:org.secpod.oval:def:1507384 [5.15.0-204.147.6.2.el8uek] - smb3: Replace smb2pdu 1-element arrays with flex-arrays [Orabug: 36353543] - hv_netvsc: Register VF in netvsc_probe if NET_DEVICE_REGISTER missed [Orabug: 36358874] - hv_netvsc: Fix race condition between netvsc_probe and netvsc_remove - hv_netvsc: Calculate correct ... oval:org.secpod.oval:def:1507385 [5.15.0-204.147.6.2.el9uek] - smb3: Replace smb2pdu 1-element arrays with flex-arrays [Orabug: 36353543] - hv_netvsc: Register VF in netvsc_probe if NET_DEVICE_REGISTER missed [Orabug: 36358874] - hv_netvsc: Fix race condition between netvsc_probe and netvsc_remove - hv_netvsc: Calculate correct ... oval:org.secpod.oval:def:1507042 [4.1.12-124.79.2] - net/sched: cls_route: No longer copy tcf_result on update to avoid use-after-free [Orabug: 35814273] {CVE-2023-4206} - net/sched: sch_qfq: account for stab overhead in qfq_enqueue [Orabug: 35636291] {CVE-2023-3611} - rds: Fix lack of reentrancy for connection reset with dst add ... oval:org.secpod.oval:def:1507420 [4.1.12-124.79.2] - net/sched: cls_route: No longer copy tcf_result on update to avoid use-after-free [Orabug: 35814273] {CVE-2023-4206} - net/sched: sch_qfq: account for stab overhead in qfq_enqueue [Orabug: 35636291] {CVE-2023-3611} - rds: Fix lack of reentrancy for connection reset with dst add ... oval:org.secpod.oval:def:1500591 The __do_follow_link function in fs/namei.c in the Linux kernel before 2.6.33 does not properly handle the last pathname component during use of certain filesystems, which allows local users to cause a denial of service (incorrect free operations and system crash) via an open system call. oval:org.secpod.oval:def:1500593 The __do_follow_link function in fs/namei.c in the Linux kernel before 2.6.33 does not properly handle the last pathname component during use of certain filesystems, which allows local users to cause a denial of service (incorrect free operations and system crash) via an open system call. oval:org.secpod.oval:def:1500596 The raw_cmd_copyin function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly handle error conditions during processing of an FDRAWCMD ioctl call, which allows local users to trigger kfree operations and gain privileges by leveraging write access to a /dev/fd device. oval:org.secpod.oval:def:1503041 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1505597 [4.1.12-124.54.6.1] - fs/namespace.c: fix mountpoint reference counter race [Orabug: 33369433] {CVE-2020-12114} {CVE-2020-12114} - btrfs: only search for left_info if there is no right_info in try_merge_free_space [Orabug: 33369414] {CVE-2019-19448} {CVE-2019-19448} - cfg80211: wext: avoid copying ... oval:org.secpod.oval:def:1502269 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502267 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1500600 The raw_cmd_copyin function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly handle error conditions during processing of an FDRAWCMD ioctl call, which allows local users to trigger kfree operations and gain privileges by leveraging write access to a /dev/fd device. oval:org.secpod.oval:def:1506045 [4.1.12-124.67.3] - media: imon: Fix null-ptr-deref in imon_probe [Orabug: 31225377] {CVE-2017-16537} - fbcon: remove soft scrollback code [Orabug: 31914703] {CVE-2020-14390} - inet: use bigger hash table for IP ID generation [Orabug: 33778986] {CVE-2021-45486} - ipv4: speedup ip_idents_reserve ... |