Download
| Alert*
oval:org.secpod.oval:def:94905
linux-oem-5.17: Linux kernel for OEM systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:1506141 [5.4.17-2136.313.6.el8uek] - Uninitialized variable image_ext in fixup_vdso_exception of extable.c [Orabug: 33000550] - NFSD: fix use-after-free on source server when doing inter-server copy [Orabug: 34475857] oval:org.secpod.oval:def:1506142 [5.4.17-2136.313.6.el7] - Uninitialized variable image_ext in fixup_vdso_exception of extable.c [Orabug: 33000550] - NFSD: fix use-after-free on source server when doing inter-server copy [Orabug: 34475857] - EDAC/mce_amd: Do not load edac_mce_amd module on guests oval:org.secpod.oval:def:707810 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gke: Linux kernel for Google Container Engine systems - linux-gkeop: Linux kernel for Goo ... oval:org.secpod.oval:def:124151 The kernel meta package oval:org.secpod.oval:def:124150 The kernel meta package oval:org.secpod.oval:def:707774 linux-oem-5.17: Linux kernel for OEM systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:707850 linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:707813 linux-gcp-4.15: Linux kernel for Google Cloud Platform systems - linux-gcp: Linux kernel for Google Cloud Platform systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:88634 linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:707812 linux-intel-iotg: Linux kernel for Intel IoT platforms - linux-raspi: Linux kernel for Raspberry Pi systems - linux-gcp-5.15: Linux kernel for Google Cloud Platform systems - linux-gke-5.15: Linux kernel for Google Container Engine systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:1506097 [5.15.0-3.60.5.1.el9uek] - fs: remove no_llseek [Orabug: 34721465] - vfio: do not set FMODE_LSEEK flag [Orabug: 34721465] - dma-buf: remove useless FMODE_LSEEK flag [Orabug: 34721465] oval:org.secpod.oval:def:1506091 [5.15.0-3.60.5.1.el8uek] - fs: remove no_llseek [Orabug: 34721465] - vfio: do not set FMODE_LSEEK flag [Orabug: 34721465] - dma-buf: remove useless FMODE_LSEEK flag [Orabug: 34721465] oval:org.secpod.oval:def:1506093 [5.15.0-3.60.5.1.el8] - fs: remove no_llseek [Orabug: 34721465] - vfio: do not set FMODE_LSEEK flag [Orabug: 34721465] - dma-buf: remove useless FMODE_LSEEK flag [Orabug: 34721465] oval:org.secpod.oval:def:1506136 [5.4.17-2136.313.6.el8] - Uninitialized variable image_ext in fixup_vdso_exception of extable.c [Orabug: 33000550] - NFSD: fix use-after-free on source server when doing inter-server copy [Orabug: 34475857] - EDAC/mce_amd: Do not load edac_mce_amd module on guests [Orabug: 34484268] - uek: kabi: ... oval:org.secpod.oval:def:1506137 [5.4.17-2136.313.6.el7uek] - Uninitialized variable image_ext in fixup_vdso_exception of extable.c [Orabug: 33000550] - NFSD: fix use-after-free on source server when doing inter-server copy [Orabug: 34475857] oval:org.secpod.oval:def:86529 linux-intel-iotg: Linux kernel for Intel IoT platforms - linux-raspi: Linux kernel for Raspberry Pi systems - linux-gcp-5.15: Linux kernel for Google Cloud Platform systems - linux-gke-5.15: Linux kernel for Google Container Engine systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:86528 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gke: Linux kernel for Google Container Engine systems - linux-gkeop: Linux kernel for Goo ... oval:org.secpod.oval:def:707806 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-dell300x: Linux kernel for Dell 300x platforms - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle Cloud systems - linux-raspi2: Linux kernel for Raspberry Pi systems - linux-s ... oval:org.secpod.oval:def:86524 linux-gcp-4.15: Linux kernel for Google Cloud Platform systems - linux-gcp: Linux kernel for Google Cloud Platform systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:86523 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-dell300x: Linux kernel for Dell 300x platforms - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle Cloud systems - linux-raspi2: Linux kernel for Raspberry Pi systems - linux-s ... oval:org.secpod.oval:def:3300768 SUSE Security Update: Security update for the Linux Kernel oval:org.secpod.oval:def:3300927 SUSE Security Update: Security update for the Linux Kernel oval:org.secpod.oval:def:1506784 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1701026 A use-after-free flaw was found in the Linux kernel's Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages. This flaw allows a local user to crash or potentially escalate their privileges on the system. A use-after-free flaw ... oval:org.secpod.oval:def:89047049 The SUSE Linux Enterprise 15 SP1 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-36516: Fixed an issue in the mixed IPID assignment method where an attacker was able to inject data into or terminate a victim"s TCP session . - CVE-2 ... oval:org.secpod.oval:def:89047047 The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-36879: Fixed an issue in xfrm_expand_policies in net/xfrm/xfrm_policy.c where a refcount could be dropped twice . - CVE-2022-3028: Fixed race condition tha ... oval:org.secpod.oval:def:89047004 The SUSE Linux Enterprise 15 SP2 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-39188: Fixed race condition in include/asm-generic/tlb.h where a device driver can free a page while it still has stale TLB entries . - CVE-2022-2663: ... oval:org.secpod.oval:def:1701025 A vulnerability was found in the Linux kernel's EBPF verifier when handling internal data structures. Internal memory locations could be returned to userspace. A local attacker with the permissions to insert eBPF code to the kernel can use this to leak internal kernel memory details defeating some o ... oval:org.secpod.oval:def:89047682 The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-39190: Fixed an issue that was discovered in net/netfilter/nf_tables_api.c and could cause a denial of service upon binding to an already bound chain . - C ... oval:org.secpod.oval:def:1701023 A use-after-free flaw was found in the Linux kernel's Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages. This flaw allows a local user to crash or potentially escalate their privileges on the system. A flaw was found in t ... oval:org.secpod.oval:def:89047041 The SUSE Linux Enterprise 15 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-36516: Fixed an issue in the mixed IPID assignment method where an attacker was able to inject data into or terminate a victim"s TCP session . - CVE-2021- ... oval:org.secpod.oval:def:89047482 The SUSE Linux Enterprise 15 SP3 kernel was updated receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-39190: Fixed an issue that was discovered in net/netfilter/nf_tables_api.c and could cause a denial of service upon binding to an already bound chain . - CVE- ... oval:org.secpod.oval:def:2600221 The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. oval:org.secpod.oval:def:3301127 SUSE Security Update: Security update for the Linux Kernel oval:org.secpod.oval:def:1701015 An out-of-bounds write flaw was found in the Linux kernel and rsquo;s framebuffer-based console driver functionality in the way a user triggers ioctl FBIOPUT_VSCREENINFO with malicious data. This flaw allows a local user to crash or potentially escalate their privileges on the system. A vulnerabilit ... oval:org.secpod.oval:def:1506672 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:89047038 The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-36879: Fixed an issue in xfrm_expand_policies in net/xfrm/xfrm_policy.c where a refcount could be dropped twice . - CVE-2022-3028: Fixed race conditi ... oval:org.secpod.oval:def:707828 linux-gcp-5.4: Linux kernel for Google Cloud Platform systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:89046982 The SUSE Linux Enterprise 12 SP2 kernel was updated receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-39188: Fixed race condition in include/asm-generic/tlb.h where a device driver can free a page while it still has stale TLB entries . - CVE-2022-36879: Fixed ... oval:org.secpod.oval:def:2501099 The kernel packages contain the Linux kernel, the core of any Linux operating system. oval:org.secpod.oval:def:3300902 SUSE Security Update: Security update for the Linux Kernel oval:org.secpod.oval:def:2600199 The kernel packages contain the Linux kernel, the core of any Linux operating system. oval:org.secpod.oval:def:89048277 The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-13695: Fixed fix acpi operand cache leak in nseval.c . - CVE-2018-7755: Fixed bypass of kernel security protections such as KASLR using fd_locked_ioctl fun ... oval:org.secpod.oval:def:89047022 The SUSE Linux Enterprise 12 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-39188: Fixed race condition in include/asm-generic/tlb.h where a device driver can free a page while it still has stale TLB entries . - CVE-2022-36879: Fix ... oval:org.secpod.oval:def:707815 linux-azure-fde: Linux kernel for Microsoft Azure CVM cloud systems - linux-gke: Linux kernel for Google Container Engine systems - linux-gkeop: Linux kernel for Google Container Engine systems - linux-raspi-5.4: Linux kernel for Raspberry Pi systems Several security issues were fixed in the Linux ... oval:org.secpod.oval:def:1601589 An out-of-bounds write flaw was found in the Linux kernel and rsquo;s framebuffer-based console driver functionality in the way a user triggers ioctl FBIOPUT_VSCREENINFO with malicious data. This flaw allows a local user to crash or potentially escalate their privileges on the system. A vulnerabilit ... oval:org.secpod.oval:def:507697 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * use-after-free in l2cap_connect and l2cap_le_connect_req in net/bluetooth/l2cap_core.c * net/ulp: use-after-free in listening ULP sockets * cpu: AMD CPUs may transiently execute beyond uncondition ... oval:org.secpod.oval:def:2501079 The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. oval:org.secpod.oval:def:507734 The kernel packages contain the Linux kernel, the core of any Linux operating system. The following packages have been upgraded to a later upstream version: kernel . Security Fix: * use-after-free caused by l2cap_reassemble_sdu in net/bluetooth/l2cap_core.c * net/ulp: use-after-free in listening U ... oval:org.secpod.oval:def:89047018 The SUSE Linux Enterprise 12 SP4 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-36946: Fixed a denial of service inside nfqnl_mangle in net/netfilter/nfnetlink_queue.c . - CVE-2022-36879: Fixed an issue in xfrm_expand_policies in ... oval:org.secpod.oval:def:86525 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-bluefield: Linux kernel for NVIDIA BlueField platforms - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-ibm: Linux kernel for IBM c ... oval:org.secpod.oval:def:86527 linux-gcp-5.4: Linux kernel for Google Cloud Platform systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:707807 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-bluefield: Linux kernel for NVIDIA BlueField platforms - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-ibm: Linux kernel for IBM c ... oval:org.secpod.oval:def:86526 linux-azure-fde: Linux kernel for Microsoft Azure CVM cloud systems - linux-gke: Linux kernel for Google Container Engine systems - linux-gkeop: Linux kernel for Google Container Engine systems - linux-raspi-5.4: Linux kernel for Raspberry Pi systems Several security issues were fixed in the Linux ... oval:org.secpod.oval:def:3301154 SUSE Security Update: Security update for the Linux Kernel oval:org.secpod.oval:def:1506067 [4.14.35-2047.518.4.el7] - xfs: avoid race between writeback and data/cow fork changes oval:org.secpod.oval:def:1506073 [5.4.17-2136.312.3.4] - Revert "fs: check FMODE_LSEEK to control internal pipe splicing" [Orabug: 34666845] [5.4.17-2136.312.3.3] cpus_read_lock deadlock [Orabug: 34607590] - cgroup: Elide write-locking threadgroup_rwsem when updating csses on an empty subtree [Orabug: 34607590] - cgroup: Optimiz ... oval:org.secpod.oval:def:1506074 [5.4.17-2136.312.3.4] - Revert "fs: check FMODE_LSEEK to control internal pipe splicing" [Orabug: 34666845] [5.4.17-2136.312.3.3] cpus_read_lock deadlock [Orabug: 34607590] - cgroup: Elide write-locking threadgroup_rwsem when updating csses on an empty subtree [Orabug: 34607590] - cgroup: Optimiz ... oval:org.secpod.oval:def:1506056 [4.14.35-2047.518.4] - xfs: avoid race between writeback and data/cow fork changes [Orabug: 34508036] [4.14.35-2047.518.3] - KVM: SVM: Clear the CR4 register on reset [Orabug: 34617675] [4.14.35-2047.518.2] - af_key: Do not call xfrm_probe_algs in parallel [Orabug: 34566753] {CVE-2022-3028} - l2t ... oval:org.secpod.oval:def:19500119 2023-05-11: CVE-2023-2019 was added to this advisory.A flaw was found in the Linux kernel's netdevsim device driver, within the scheduling of events. This issue results from the improper management of a reference count. This may allow an attacker to create a denial of service condition on the system ... oval:org.secpod.oval:def:1507165 [5.4.17-2136.325.5.el7] - perf symbols: Symbol lookup with kcore can fail if multiple segments match stext [Orabug: 35905508] - char: misc: Increase the maximum number of dynamic misc devices to 1048448 [Orabug: 35905508] - perf/arm-cmn: Fix invalid pointer when access dtc object sharing the same ... oval:org.secpod.oval:def:1506045 [4.1.12-124.67.3] - media: imon: Fix null-ptr-deref in imon_probe [Orabug: 31225377] {CVE-2017-16537} - fbcon: remove soft scrollback code [Orabug: 31914703] {CVE-2020-14390} - inet: use bigger hash table for IP ID generation [Orabug: 33778986] {CVE-2021-45486} - ipv4: speedup ip_idents_reserve ... |