158 matches found
Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-7021-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7021-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...
Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-7022-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7022-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...
Ubuntu 22.04 LTS : Linux kernel vulnerabilities (USN-7008-1)
"The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7008-1 advisory. Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cau...
Ubuntu 22.04 LTS : Linux kernel vulnerabilities (USN-7005-2)
The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7005-2 advisory. Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to caus...
Ubuntu 24.04 LTS : Linux kernel vulnerabilities (USN-7004-1)
The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7004-1 advisory. Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to caus...
ima: Fix use-after-free on a dentry's dname.name
...
CLSA-2024-1725871927 kernel: Fix of 30 CVEs
gfs2: Fix potential glock use-after-free on unmount CVE-2024-38570 - gfs2: Remove ill-placed consistency check CVE-2024-38570 - gfs2: introduce new gfs2glockassertwithdraw CVE-2024-38570 - gfs2: simplify gdlmputlock with outfree label CVE-2024-38570 - wifi: mt76: replace skbput with skbputzero...
CLSA-2024-1722512538 Fix of 10 CVEs
CVE-url: https://ubuntu.com/security/CVE-2024-25744 - x86/sev: Rename memencrypt.c to memencryptamd.c - x86: Introduce ia32enabled - x86/coco: Disable 32-bit emulation by default on TDX and SEV CVE-url: https://ubuntu.com/security/CVE-2024-36016 - tty: ngsm: fix frame reception handling - tty:...
SUSE CVE-2024-40947
In the Linux kernel, the following vulnerability has been resolved: ima: Avoid blocking in RCU read-side critical section A panic happens in imamatchpolicy: BUG: unable to handle kernel NULL pointer dereference at 0000000000000010 PGD 42f873067 P4D 0 Oops: 0000 1 SMP NOPTI CPU: 5 PID: 1286325 Com...
DEBIAN-CVE-2024-40947
In the Linux kernel, the following vulnerability has been resolved: ima: Avoid blocking in RCU read-side critical section A panic happens in imamatchpolicy: BUG: unable to handle kernel NULL pointer dereference at 0000000000000010 PGD 42f873067 P4D 0 Oops: 0000 1 SMP NOPTI CPU: 5 PID: 1286325 Com...
UBUNTU-CVE-2024-40947
In the Linux kernel, the following vulnerability has been resolved: ima: Avoid blocking in RCU read-side critical section A panic happens in imamatchpolicy: BUG: unable to handle kernel NULL pointer dereference at 0000000000000010 PGD 42f873067 P4D 0 Oops: 0000 1 SMP NOPTI CPU: 5 PID: 1286325 Com...
UBUNTU-CVE-2023-52779
In the Linux kernel, the following vulnerability has been resolved: fs: Pass ATGETATTRNOSEC flag to getattr interface function When vfsgetattrnosec calls a filesystem's getattr interface function then the 'nosec' should propagate into this function so that vfsgetattrnosec can again be called from...
Low: Red Hat Security Advisory: keylime security update
An update for keylime is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...
ALSA-2024:1139 Low: keylime security update
Keylime is a TPM based highly scalable remote boot attestation and runtime integrity measurement solution. Security Fixes: keylime: Attestation failure when the quote's signature does not validate CVE-2023-3674 For more details about the security issues, including the impact, a CVSS score,...
The vulnerability of the memblock_free_late function in the ima component of the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the memblockfreelate function in the ima component of the Linux operating system’s kernel is related to the use of memory after it has been freed. Exploiting this vulnerability could allow a remote attacker to cause service interruptions...
[SECURITY] Fedora 39 Update: keyring-ima-signer-0.1.0-11.fc39
The IMA Integrity Measurement Architecture is a key component of the Linux integrity subsystem designed to ensure integrity, authenticity, and confidentiality of systems including hardware root of trusts TPM. This tool allows signing of files in userspace, inclusding options of including the...
[SECURITY] Fedora 38 Update: keylime-6.6.0-2.fc38
Keylime is a TPM based highly scalable remote boot attestation and runtime integrity measurement solution...
Fedora: Security Advisory for keylime (FEDORA-2023-ed9922536e)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 37 Update: keyring-ima-signer-0.1.0-9.fc37
The IMA Integrity Measurement Architecture is a key component of the Linux integrity subsystem designed to ensure integrity, authenticity, and confidentiality of systems including hardware root of trusts TPM. This tool allows signing of files in userspace, inclusding options of including the...
kernel: lockdown bypass using IMA
An authentication bypass flaw was found in the Linux kernel’s IMA policy when a user performs lockdown. This flaw allows a local user to crash or potentially escalate their privileges on the system...