USN-6441-3 linux-iot, linux-raspi, linux-raspi-5.4 vulnerabilities

Ross Lagerwall discovered that the Xen netback backend driver in the Linux kernel did not properly handle certain unusual packets from a paravirtualized network frontend, leading to a buffer overflow. An attacker in a guest VM could use this to cause a denial of service host system crash or...

Ubuntu 18.04 ESM / 20.04 LTS : Linux kernel vulnerabilities (USN-6441-3)

The remote Ubuntu 18.04 ESM / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6441-3 advisory. Ross Lagerwall discovered that the Xen netback backend driver in the Linux kernel did not properly handle certain unusual packets from a...

Ubuntu 16.04 ESM : Linux kernel (HWE) vulnerabilities (USN-6440-3)

The remote Ubuntu 16.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6440-3 advisory. Seth Jenkins discovered that the Linux kernel did not properly perform address randomization for a per-cpu memory management structure. A local attacker...

SUSE-SU-2023:4160-1 Security update for suse-module-tools

This update for suse-module-tools fixes the following issues: - Updated to version 15.1.25: - CVE-2023-1829: Blacklisted the Linux kernel tcindex classifier module bsc1210335. - CVE-2023-23559: Blacklisted the Linux kernel RNDIS modules bsc1205767, jscPED-5731...

SUSE-SU-2023:4158-1 Security update for suse-module-tools

This update for suse-module-tools fixes the following issues: - Updated to version 15.3.17: - CVE-2023-1829: Blacklisted the Linux kernel tcindex classifier module bsc1210335. - CVE-2023-23559: Blacklisted the Linux kernel RNDIS modules bsc1205767, jscPED-5731. - Updated to version 15.3.16: - Fix...

Ubuntu 23.04 : Linux kernel vulnerabilities (USN-6175-1)

The remote Ubuntu 23.04 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6175-1 advisory. Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leadi...

Ubuntu 22.04 LTS : Linux kernel (Intel IoTG) vulnerabilities (USN-6445-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6445-1 advisory. It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash collisions in connection lookup table. A remote attacker...

SUSE-SU-2023:4135-1 Security update for suse-module-tools

This update for suse-module-tools fixes the following issues: - Updated to version 15.4.18: - CVE-2023-1829: Blacklisted the Linux kernel tcindex classifier module bsc1210335. - CVE-2023-23559: Blacklisted the Linux kernel RNDIS modules bsc1205767, jscPED-5731...

LSN-0098-1 Kernel Live Patch Security Notice

It was discovered that the IP-VLAN network driver for the Linux kernel did not properly initialize memory in some situations, leading to an out-of- bounds write vulnerability. An attacker could use this to cause a denial of service system crash or possibly execute arbitrary code.CVE-2023-3090 It...

ROS-20231009-04

Vulnerability of the nftsetcatchallflush function in the net/netfilter/nftablesapi.c module of the netfilter component of the Linux kernel is related to the re-release of previously freed memory of the Linux kernel is related to the re-release of previously freed memory. Exploitation of the...

USN-6416-2 linux-hwe-5.15, linux-oracle-5.15 vulnerabilities

It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash collisions in connection lookup table. A remote attacker could use this to cause a denial of service excessive CPU consumption. CVE-2023-1206 Daniël Trujillo, Johannes Wikner, and Kaveh Razavi...

Ubuntu 18.04 ESM / 20.04 LTS : Linux kernel vulnerabilities (USN-6417-1)

The remote Ubuntu 18.04 ESM / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6417-1 advisory. It was discovered that the eBPF implementation in the Linux kernel contained a race condition around read- only maps. A privileged attacker...

Ubuntu 20.04 LTS : Linux kernel (BlueField) vulnerabilities (USN-6397-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6397-1 advisory. Daniel Moghimi discovered that some IntelR Processors did not properly clear microarchitectural state after speculative execution of various instructions...

Important: kernel-livepatch-5.10.184-175.731

Issue Overview: A use-after-free vulnerability in the Linux kernel's net/sched: clsu32 component can be exploited to achieve local privilege escalation. If tcfchangeindev fails, u32setparms will immediately return an error after incrementing or decrementing the reference counter in tcfbindfilter...

USN-6343-1: Linux kernel (OEM) vulnerabilities

It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash collisions in connection lookup table. A remote attacker could use this to cause a denial of service excessive CPU consumption. CVE-2023-1206 Ross Lagerwall discovered that the Xen netback backend...

LSN-0097-1 Kernel Live Patch Security Notice

It was discovered that the IP-VLAN network driver for the Linux kernel did not properly initialize memory in some situations, leading to an out-of- bounds write vulnerability. An attacker could use this to cause a denial of service system crash or possibly execute arbitrary code.CVE-2023-3090...

ROS-20230905-02

Vulnerability in the ksmbd module of Linux kernel operating systems is related to synchronization errors when using a shared resource. synchronization errors when using a shared resource. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary code using the...

Ubuntu: Security Advisory (USN-6331-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 23.04 : Linux kernel vulnerabilities (USN-6321-1)

The remote Ubuntu 23.04 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6321-1 advisory. Daniel Moghimi discovered that some IntelR Processors did not properly clear microarchitectural state after speculative execution of various instructions. A...

USN-6318-1 linux, linux-aws, linux-aws-6.2, linux-azure, linux-hwe-6.2, linux-ibm, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-6.2, linux-raspi vulnerabilities

Daniel Moghimi discovered that some IntelR Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. CVE-2022-40982 Tavis Ormandy discovered that some AMD processors...