RHEL 8 : kpatch-patch (RHSA-2022:8831)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:8831 advisory. This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2022-10065)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-10065 advisory. - btrfs: Don't submit any btree write bio if the fs has errors Qu Wenruo Orabug: 31265340 CVE-2019-19377 - scsi: stex: Properly zero out the...

Unbreakable Enterprise kernel security update

4.1.12-124.69.5 - x86/smpboot: check cpuinitializedmask first after returning from schedule Dongli Zhang Orabug: 34798594 4.1.12-124.69.4 - btrfs: Remove BUGON as it is causing kernel to panic Rhythm Mahajan Orabug: 34840579 4.1.12-124.69.3 - btrfs: fix missing return for a non-void function...

RHEL 8 : kernel (RHSA-2022:8809)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:8809 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: KVM: cmpxchggpte can write to...

RHEL 8 : kernel (RHSA-2022:8767)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:8767 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: openvswitch: integer underflow leads to...

Important: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...

kernel: openvswitch: integer underflow leads to out-of-bounds write in reserve_sfa_size()

An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and reserving memory for a new action of a new flow, the reservesfasize function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write...

kernel: openvswitch: integer underflow leads to out-of-bounds write in reserve_sfa_size()

An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and reserving memory for a new action of a new flow, the reservesfasize function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write...

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Important: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availabl...

kernel: openvswitch: integer underflow leads to out-of-bounds write in reserve_sfa_size()

An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and reserving memory for a new action of a new flow, the reservesfasize function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write...

Oracle Linux 9 : kernel (ELSA-2022-8267)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-8267 advisory. - posix-cpu-timers: Cleanup CPU timers before freeing them during exec Wander Lairson Costa 2116968 CVE-2022-2585 - fix race between exititimers and...

SUSE SLES12 Security Update : openvswitch (SUSE-SU-2022:4050-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:4050-1 advisory. - In ovs versions v0.90.0 through v2.5.0 are vulnerable to heap buffer over-read in flow.c. An unsafe comparison of minimasks function could...

SUSE: Security Advisory (SUSE-SU-2022:4050-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2022:4050-1 Security update for openvswitch

This update for openvswitch fixes the following issues: - CVE-2022-32166: Fixed out of bounds read in minimaskequal bsc1203865...

RHEL 9 : kernel (RHSA-2022:8267)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:8267 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: off-path attacker may inject data or...

kernel: openvswitch: integer underflow leads to out-of-bounds write in reserve_sfa_size()

An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and reserving memory for a new action of a new flow, the reservesfasize function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write...

GSD-2022-1007622 openvswitch: switch from WARN to pr_warn

openvswitch: switch from WARN to prwarn This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.332 by commit...

GSD-2022-1007548 openvswitch: switch from WARN to pr_warn

openvswitch: switch from WARN to prwarn This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.298 by commit...

GSD-2022-1007457 openvswitch: switch from WARN to pr_warn

openvswitch: switch from WARN to prwarn This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.264 by commit...