Lucene search
CloudLinuxCLSA-2023:1700591846HistoryNov 21, 2023 - 6:37 p.m.
kernel: Fix of 10 CVEs
2023-11-2118:37:30
repo.cloudlinux.com
15
kernel
fix
10 cves
openvswitch
xen/blkfront
bluetooth
btrfs
filldir[64]
ath9k
net
memstick
wifi
ext4
security
vulnerability
patch
information leak
buffer overflow
slab-out-of-bounds
uaf bug
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
9 High
AI Score
Confidence
High
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.014 Low
EPSS
Percentile
86.1%
- openvswitch: fix OOB access in reserve_sfa_size() {CVE-2022-2639}
- xen/blkfront: fix leaking data in shared pages {CVE-2022-26365}
- Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt() {CVE-2020-36386}
- btrfs: only search for left_info if there is no right_info in try_merge_free_space {CVE-2019-19448}
- filldir[64]: remove WARN_ON_ONCE() for bad directory entries {CVE-2019-10220}
- Make filldir64 verify the directory entry filename is valid {CVE-2019-10220}
- ath9k: release allocated buffer if timed out {CVE-2019-19074}
- net: sched: sch_qfq: prevent slab-out-of-bounds in {CVE-2023-31436}
- memstick: r592: Fix UAF bug in r592_remove due to race {CVE-2023-3141}
- wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid {CVE-2023-23559}
- ext4: fix kernel infoleak via ext4_extent_header {CVE-2022-0850}
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Centos | 6 | noarch | kernel-abi-whitelists | <Â 2.6.32 | kernel-2.6.32-754.35.8.el6.tuxcare.els13.src.rpm |
| Centos | 6 | noarch | kernel-doc | <Â 2.6.32 | kernel-2.6.32-754.35.8.el6.tuxcare.els13.src.rpm |
| Centos | 6 | noarch | kernel-firmware | <Â 2.6.32 | kernel-2.6.32-754.35.8.el6.tuxcare.els13.src.rpm |
Related
cloudlinux
cloudlinux
kernel: Fix of 10 CVEs
2023-11-21 18:24:34
symantec
symantec
Linux kernel CVE-2019-19448 Use After Free Denial of Service Vulnerability
2019-11-30 00:00:00
Linux Kernel CVE-2019-10220 Directory Traversal Vulnerability
2019-11-27 00:00:00
veracode
veracode
Arbitrary Code Execution
2020-10-14 01:07:16
Denial Of Service (DoS)
2020-05-06 03:17:05
Denial Of Service (DoS)
2021-11-26 00:41:02
debiancve
debiancve
cve
cve
ubuntucve
ubuntucve
redhatcve
redhatcve
prion
prion
Design/Logic Flaw
2019-12-08 02:15:00
Memory corruption
2019-11-18 06:15:00
Code injection
2019-11-27 16:15:00
f5
f5
K43378049 : Linux kernel vulnerability CVE-2019-19074
2020-01-22 00:00:00
K29203191 : Linux kernel vulnerability CVE-2019-10220
2020-02-06 00:00:00
K76934290 : Linux kernel vulnerability CVE-2020-36386
2022-10-19 00:00:00
nessus
nessus
CBL Mariner 2.0 Security Update: kernel (CVE-2023-23559)
2023-03-20 00:00:00
RHEL 8 : kpatch-patch (RHSA-2023:0059)
2023-01-11 00:00:00
RHEL 8 : kpatch-patch (RHSA-2022:8768)
2022-12-03 00:00:00
osv
osv
Linux kernel vulnerability advisory
2023-02-01 00:00:00
linux-aws vulnerabilities
2022-08-30 13:48:13
linux, linux-kvm, linux-lts-xenial vulnerabilities
2022-08-24 15:13:07
cbl_mariner
cbl_mariner
CVE-2023-23559 affecting package kernel 5.10.167.1-1
2023-03-02 04:18:44
CVE-2023-23559 affecting package kernel 5.15.87.1-1
2023-02-14 20:21:22
CVE-2022-0850 affecting package kernel 5.15.126.1-1
2023-08-30 15:15:49
githubexploit
githubexploit
Exploit for Incorrect Conversion between Numeric Types in Linux Linux Kernel
2022-09-05 15:31:56
Exploit for CVE-2022-2639
2022-09-05 14:12:06
Exploit for Incorrect Conversion between Numeric Types in Linux Linux Kernel
2022-10-25 12:59:31
redhat
redhat
(RHSA-2022:8768) Important: kpatch-patch security update
2022-12-02 19:08:39
(RHSA-2022:8765) Important: kernel-rt security and bug fix update
2022-12-02 19:08:15
(RHSA-2023:0059) Important: kpatch-patch security update
2023-01-10 16:11:38
openvas
openvas
Mageia: Security Advisory (MGASA-2020-0355)
2022-01-28 00:00:00
SUSE: Security Advisory (SUSE-SU-2019:2829-1)
2021-04-19 00:00:00
SUSE: Security Advisory (SUSE-SU-2019:3263-1)
2021-04-19 00:00:00
mageia
mageia
Updated kernel and kernel-linus packages fix security vulnerabilities
2020-08-30 21:45:14
ibm
ibm
oraclelinux
oraclelinux
Unbreakable Enterprise kernel-container security update
2023-04-10 00:00:00
Unbreakable Enterprise kernel security update
2021-10-08 00:00:00
Unbreakable Enterprise kernel security update
2023-04-10 00:00:00
amazon
amazon
Medium: kernel
2023-05-11 17:49:00
Medium: kernel
2023-05-11 18:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2022-08-24 00:00:00
Linux kernel (AWS) vulnerabilities
2022-08-30 00:00:00
Linux kernel (AWS) vulnerabilities
2022-08-18 00:00:00
debian
debian
[SECURITY] [DSA 5402-1] linux security update
2023-05-13 11:20:28
[SECURITY] [DLA 3446-1] linux-5.10 security update
2023-06-05 18:45:37
suse
suse
Security update for the Linux Kernel (important)
2021-06-28 00:00:00
Security update for the Linux Kernel (important)
2021-06-30 00:00:00
fedora
fedora
[SECURITY] Fedora 36 Update: xen-4.16.1-5.fc36
2022-07-13 02:00:48
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
9 High
AI Score
Confidence
High
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.014 Low
EPSS
Percentile
86.1%
Related for CLSA-2023:1700591846