Download
| Alert*
oval:org.secpod.oval:def:89051383
This update for suse-module-tools fixes the following issues: Updated to version 15.2.19: * Added a symlink for /boot/.vmlinuz.hmac . Updated to version 15.2.18: * CVE-2023-23559: Blacklisted RNDIS modules . * CVE-2023-1829: Blacklisted the cls_tcindex module . oval:org.secpod.oval:def:89050996 This update for suse-module-tools fixes the following issues: * Updated to version 12.13: * CVE-2023-1829: Blacklisted the Linux kernel tcindex classifier module . * CVE-2023-23559: Blacklisted the Linux kernel RNDIS modules . * Disabled the isst_if_mbox_msr driver . oval:org.secpod.oval:def:89050998 This update for suse-module-tools fixes the following issues: * Updated to version 15.3.17: * CVE-2023-1829: Blacklisted the Linux kernel tcindex classifier module . * CVE-2023-23559: Blacklisted the Linux kernel RNDIS modules . * Updated to version 15.3.16: * Fixed a build issue for s390x . oval:org.secpod.oval:def:89050997 This update for suse-module-tools fixes the following issues: * Updated to version 15.1.25: * CVE-2023-1829: Blacklisted the Linux kernel tcindex classifier module . * CVE-2023-23559: Blacklisted the Linux kernel RNDIS modules . oval:org.secpod.oval:def:89050981 This update for suse-module-tools fixes the following issues: * Update to version 15.5.3: * CVE-2023-1829: Blacklisted the Linux kernel tcindex classifier module . * CVE-2023-23559: Blacklisted the Linux kernel RNDIS modules . oval:org.secpod.oval:def:89050982 This update for suse-module-tools fixes the following issues: * Updated to version 15.4.18: * CVE-2023-1829: Blacklisted the Linux kernel tcindex classifier module . * CVE-2023-23559: Blacklisted the Linux kernel RNDIS modules . oval:org.secpod.oval:def:708124 linux-aws: Linux kernel for Amazon Web Services systems - linux-aws-hwe: Linux kernel for Amazon Web Services systems The system could be made to run programs as an administrator. oval:org.secpod.oval:def:96324 linux-azure-fde: Linux kernel for Microsoft Azure CVM cloud systems - linux-kvm: Linux kernel for cloud environments - linux-azure-5.15: Linux kernel for Microsoft Azure cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:96323 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-ibm: Linux kernel for IBM cloud systems - linux-kvm: Linux kernel for cloud environments - ... oval:org.secpod.oval:def:91473 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gke: Linux kernel for Google Container Engine systems - linux-gkeop: Linux kernel for Google Container Engine systems - linux-ibm: Linux kernel for I ... oval:org.secpod.oval:def:91475 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gke: Linux kernel for Google Container Engine systems - linux-gkeop: Linux kernel for Goo ... oval:org.secpod.oval:def:96328 linux-aws: Linux kernel for Amazon Web Services systems - linux-aws-hwe: Linux kernel for Amazon Web Services systems The system could be made to run programs as an administrator. oval:org.secpod.oval:def:96325 linux-ibm-5.4: Linux kernel for IBM cloud systems - linux-snapdragon: Linux kernel for Qualcomm Snapdragon processors The system could be made to run programs as an administrator. oval:org.secpod.oval:def:96331 linux-raspi: Linux kernel for Raspberry Pi systems - linux-raspi-5.4: Linux kernel for Raspberry Pi systems - linux-raspi2: Linux kernel for Raspberry Pi systems The system could be made to run programs as an administrator. oval:org.secpod.oval:def:708117 linux-ibm-5.4: Linux kernel for IBM cloud systems - linux-snapdragon: Linux kernel for Qualcomm Snapdragon processors The system could be made to run programs as an administrator. oval:org.secpod.oval:def:708116 linux-azure-fde: Linux kernel for Microsoft Azure CVM cloud systems - linux-kvm: Linux kernel for cloud environments - linux-azure-5.15: Linux kernel for Microsoft Azure cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:708112 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gke: Linux kernel for Google Container Engine systems - linux-gkeop: Linux kernel for Goo ... oval:org.secpod.oval:def:96332 linux-raspi: Linux kernel for Raspberry Pi systems - linux-azure-fde-5.15: Linux kernel for Microsoft Azure CVM cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:708105 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gke: Linux kernel for Google Container Engine systems - linux-gkeop: Linux kernel for Google Container Engine systems - linux-ibm: Linux kernel for I ... oval:org.secpod.oval:def:708107 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-ibm: Linux kernel for IBM cloud systems - linux-kvm: Linux kernel for cloud environments - ... oval:org.secpod.oval:def:708135 linux-raspi: Linux kernel for Raspberry Pi systems - linux-raspi-5.4: Linux kernel for Raspberry Pi systems - linux-raspi2: Linux kernel for Raspberry Pi systems The system could be made to run programs as an administrator. oval:org.secpod.oval:def:708137 linux-raspi: Linux kernel for Raspberry Pi systems - linux-azure-fde-5.15: Linux kernel for Microsoft Azure CVM cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:89050974 This update for suse-module-tools fixes the following issues: * Updated to version 15.2.18: * CVE-2023-1829: Blacklisted the Linux kernel tcindex classifier module . * Blacklisted the Linux kernel RNDIS modules . * Fixed a build issue for s390x. oval:org.secpod.oval:def:89049332 The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-1829: Fixed a use-after-free vulnerability in the control index filter . * CVE-2023-3389: Fixed a use-after-free vulnerability in the io_uring subsystem . ... oval:org.secpod.oval:def:708139 linux-oem-6.0: Linux kernel for OEM systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:94934 linux-oem-6.0: Linux kernel for OEM systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:3301909 Security update for the Linux Kernel oval:org.secpod.oval:def:1601656 In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure during the renaming of a device oval:org.secpod.oval:def:1701231 In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure during the renaming of a device oval:org.secpod.oval:def:708205 linux-intel-iotg: Linux kernel for Intel IoT platforms Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:708325 linux-iot: Linux kernel for IoT platforms Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:94988 linux-xilinx-zynqmp: Linux kernel for Xilinx ZynqMP processors Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:708167 linux-bluefield: Linux kernel for NVIDIA BlueField platforms Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:94981 linux-bluefield: Linux kernel for NVIDIA BlueField platforms Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:94982 linux-intel-iotg-5.15: Linux kernel for Intel IoT platforms Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:94940 linux-intel-iotg: Linux kernel for Intel IoT platforms Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:708209 linux-intel-iotg-5.15: Linux kernel for Intel IoT platforms Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:94993 linux-iot: Linux kernel for IoT platforms Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:708294 linux-xilinx-zynqmp: Linux kernel for Xilinx ZynqMP processors Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:507904 This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Security Fix: * kernel: use-after-free in l2cap_connect and l2cap_le_connect_req in net/bluetooth/l2cap_core.c * kernel: tcindex: use-after-free vulnerability in t ... oval:org.secpod.oval:def:507907 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: use-after-free in l2cap_connect and l2cap_le_connect_req in net/bluetooth/l2cap_core.c * kernel: tcindex: use-after-free vulnerability in traffic control index filter allows privilege escal ... oval:org.secpod.oval:def:1506883 [4.18.0-477.21.1.el8_8.OL8] - Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM {CVE-2022-42896} - net/sched: tcindex: update imperfect hash filters respecting rcu {CVE-2023-1281} - net/sched: tcindex: search key must be 16 bits {CVE-2023-1281} - net/sched: Retire tcindex classi ... oval:org.secpod.oval:def:2501160 The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. oval:org.secpod.oval:def:94933 linux-oem-5.17: Linux kernel for OEM systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:4501493 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: use-after-free in l2cap_connect and l2cap_le_connect_req in net/bluetooth/l2cap_core.c * kernel: tcindex: use-after-free vulnerability in traffic control index filter allows privilege escal ... oval:org.secpod.oval:def:708136 linux-oem-5.17: Linux kernel for OEM systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:4501495 The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix: * kernel: use-after-free in l2cap_connect and l2cap_le_connect_req in net/bluetooth/l2cap_core.c * kernel: tcindex: use-after-free vulnerabili ... oval:org.secpod.oval:def:2501159 The kernel packages contain the Linux kernel, the core of any Linux operating system. oval:org.secpod.oval:def:708092 linux-oem-6.1: Linux kernel for OEM systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:1701220 A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2 attacks on L1 due to L1 thinking it doesn't need retpolines or IBPB after running L2 due to KVM advertising eIBRS support to L1. An attacker at L2 with code execution ... oval:org.secpod.oval:def:19500196 kernel: Type confusion in pick_next_rt_entity, which can result in memory corruption. A flaw use after free in the Linux kernel integrated infrared receiver/transceiver driver was found in the way user detaching rc device. A local user could use this flaw to crash the system or potentially escalate ... oval:org.secpod.oval:def:94928 linux-oem-6.1: Linux kernel for OEM systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:1701228 A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2 attacks on L1 due to L1 thinking it doesn't need retpolines or IBPB after running L2 due to KVM advertising eIBRS support to L1. An attacker at L2 with code execution ... oval:org.secpod.oval:def:1701238 A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2 attacks on L1 due to L1 thinking it doesn't need retpolines or IBPB after running L2 due to KVM advertising eIBRS support to L1. An attacker at L2 with code execution ... oval:org.secpod.oval:def:89049344 The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2022-36280: Fixed out-of-bounds memory access vulnerability found in vmwgfx driver . * CVE-2022-38096: Fixed NULL-ptr deref in vmw_cmd_dx_define_query . * CVE-2 ... oval:org.secpod.oval:def:3302303 Security update for the Linux Kernel |