Important: Red Hat Security Advisory: kpatch-patch security update

An update is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Important: Red Hat Security Advisory: kpatch-patch security update

An update is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Important: kernel-livepatch-5.10.112-108.499

Issue Overview: A use-after-free vulnerability was found in the Linux kernel's Netfilter subsystem in net/netfilter/nftablesapi.c. This flaw allows a local attacker with user access to cause a privilege escalation issue. CVE-2022-1966 Affected Packages: kernel-livepatch-5.10.112-108.499 Issue...

Important: kernel-livepatch-5.10.109-104.500

Issue Overview: A use-after-free vulnerability was found in the Linux kernel's Netfilter subsystem in net/netfilter/nftablesapi.c. This flaw allows a local attacker with user access to cause a privilege escalation issue. CVE-2022-1966 Affected Packages: kernel-livepatch-5.10.109-104.500 Issue...

SUSE: Security Advisory (SUSE-SU-2022:2281-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES15 Security Update : kernel (Live Patch 0 for SLE 15 SP4) (SUSE-SU-2022:2268-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2268-1 advisory. - In aiopollcompletework of aio.c, there is a possible memory corruption due to a use after free. This could lead to local escalati...

SUSE SLES15 Security Update : kernel (Live Patch 2 for SLE 15 SP3) (SUSE-SU-2022:2262-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2262-1 advisory. - Integer Overflow or Wraparound vulnerability in iouring of Linux Kernel allows local attacker to cause memory corruption and...

SUSE SLES15 Security Update : kernel (Live Patch 6 for SLE 15 SP3) (SUSE-SU-2022:2245-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2245-1 advisory. - Integer Overflow or Wraparound vulnerability in iouring of Linux Kernel allows local attacker to cause memory corruption and...

SUSE SLES15 Security Update : kernel (Live Patch 25 for SLE 15) (SUSE-SU-2022:2220-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:2220-1 advisory. - A flaw in Linux Kernel found in nfcmrvlnciunregisterdev in drivers/nfc/nfcmrvl/main.c can lead to use after free both read or write when n...

SUSE SLES15 Security Update : kernel (Live Patch 27 for SLE 15 SP2) (SUSE-SU-2022:2237-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2237-1 advisory. - In aiopollcompletework of aio.c, there is a possible memory corruption due to a use after free. This could lead to local escalati...

SUSE SLES15 Security Update : kernel (Live Patch 19 for SLE 15 SP3) (SUSE-SU-2022:2214-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2214-1 advisory. - Integer Overflow or Wraparound vulnerability in iouring of Linux Kernel allows local attacker to cause memory corruption and...

SUSE SLES12 Security Update : kernel (Live Patch 23 for SLE 12 SP4) (SUSE-SU-2022:2217-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2022:2217-1 advisory. - A flaw in Linux Kernel found in nfcmrvlnciunregisterdev in drivers/nfc/nfcmrvl/main.c can lead to use after free both read or write when non...

Important: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

Important: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

LSN-0087-1: Kernel Live Patch Security Notice

Aaron Adams discovered that the netfilter subsystem in the Linux kernel did not properly handle the removal of stateful expressions in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or execute arbitrary...

Important: Red Hat Security Advisory: kpatch-patch security update

An update is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

SUSE SLES12 / SLES15 Security Update : kernel (Live Patch 17 for SLE 15 SP3) (SUSE-SU-2022:1988-1)

The remote SUSE Linux SLES12 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:1988-1 advisory. - The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACESEIZE code path allows attackers to bypass intended...

SUSE SLES15 Security Update : kernel (Live Patch 30 for SLE 15 SP1) (SUSE-SU-2022:1949-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:1949-1 advisory. - The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACESEIZE code path allows attackers to bypass intended restrictions ...

SUSE-SU-2022:2000-1 Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-57 fixes several issues. The following security issues were fixed: - CVE-2022-1048: Fixed a race Condition in sndpcmhwfree leading to use-after-free due to the AB/BA lock with buffermutex and mmaplock bsc1197597. - CVE-2022-30594: Fixed restriction bypass o...

SUSE SLES12 Security Update : kernel (Live Patch 25 for SLE 12 SP5) (SUSE-SU-2022:1942-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1942-1 advisory. - A use-after-free flaw was found in the Linux kernel's sound subsystem in the way a user triggers concurrent calls of PCM hwparams. The hwfree...