Ubuntu 22.04 LTS : Linux kernel (OEM) vulnerabilities (USN-6285-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6285-1 advisory. It was discovered that the NTFS file system implementation in the Linux kernel did not properly check buffer indexes in certain situations, leading to an...

Medium: kernel

Issue Overview: An issue was discovered in the Linux kernel before 6.2. The ntfs3 subsystem does not properly check for correctness during disk reads, leading to an out-of-bounds read in ntfssetea in fs/ntfs3/xattr.c. CVE-2022-48502 A side channel vulnerability on some of the AMD CPUs may allow a...

kernel: OOB access in the Linux kernel's XFS subsystem

An out-of-bounds memory access flaw was found in the Linux kernel’s XFS file system in how a user restores an XFS image after failure with a dirty log journal. This flaw allows a local user to crash or potentially escalate their privileges on the system...

ALSA-2023:4517 Important: kernel security and bug fix update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: use-after-free in l2capconnect and l2capleconnectreq in net/bluetooth/l2capcore.c CVE-2022-42896 kernel: tcindex: use-after-free vulnerability in traffic control index filter allows...

RHEL 8 : kernel-rt (RHSA-2023:4541)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:4541 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...

Important: kernel security and bug fix update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: use-after-free in l2capconnect and l2capleconnectreq in net/bluetooth/l2capcore.c CVE-2022-42896 kernel: tcindex: use-after-free vulnerability in traffic control index filter allows...

CVE-2020-8648 - use-after-free vulnerability

There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the nttyreceivebufcommon function in drivers/tty/ntty.c...

CVE-2023-37453

An out-of-bounds read issue was found in the USB subsystem in the Linux kernel. This flaw allows a malicious user to crash the system, resulting in a denial of service condition...

UNISOC Chipsets Security Vulnerability

UNISOC Chipsets is a chipset from China's Unisplendour UNISOC. A security vulnerability exists in UNISOC Chipsets that stems from a possible lack of privilege checking in the ims service module...

AlmaLinux 8 : kernel-rt (ALSA-2023:1584)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:1584 advisory. - A flaw was found in the Linux kernel Traffic Control TC subsystem. Using a specific networking configuration redirecting egress packets to ingress using...

SUSE SLES15: cluster-md-kmp-azure / dlm-kmp-azure / gfs2-kmp-azure / etc (SUSE-SU-2023:3182-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3182-1 advisory. The SUSE Linux Enterprise 15 SP4 Azure kernel was updated to receive various security and bugfixes. The following...

Moderate: Red Hat Security Advisory: Logging Subsystem 5.7.4 - Red Hat OpenShift bug fix and security update

Logging Subsystem 5.7.4 - Red Hat OpenShift Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References...

The vulnerability of the XFRM subsystem in the Linux operating system allows a hacker to gain access to protected information.

The vulnerability of the XFRM subsystem in the Linux operating system is related to reading memory beyond the boundaries of the allocated buffer in the net/xfrm/xfrmuser.c module. Exploiting this vulnerability can allow an attacker to gain access to protected information...

Debian: Security Advisory (DSA-5461-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-6261-1: Linux kernel (IoT) vulnerabilities

It was discovered that the IP-VLAN network driver for the Linux kernel did not properly initialize memory in some situations, leading to an out-of- bounds write vulnerability. An attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-3090 Sh...

Ubuntu 20.04 LTS : Linux kernel (IoT) vulnerabilities (USN-6261-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6261-1 advisory. It was discovered that the IP-VLAN network driver for the Linux kernel did not properly initialize memory in some situations, leading to an out-of- bound...

EulerOS Virtualization 2.10.0 : kernel (EulerOS-SA-2023-2488)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the Linux kernel's implementation of RDMA over infiniband. An attacker with a privileged local account can le...

USN-6256-1: Linux kernel (IoT) vulnerabilities

Jiasheng Jiang discovered that the HSA Linux kernel driver for AMD Radeon GPU devices did not properly validate memory allocation in certain situations, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service system crash. CVE-2022-3108...

USN-6260-1 linux-aws-5.19, linux-gcp-5.19, linux-hwe-5.19 vulnerabilities

It was discovered that the NTFS file system implementation in the Linux kernel did not properly check buffer indexes in certain situations, leading to an out-of-bounds read vulnerability. A local attacker could possibly use this to expose sensitive information kernel memory. CVE-2022-48502...

USN-6260-1: Linux kernel vulnerabilities

It was discovered that the NTFS file system implementation in the Linux kernel did not properly check buffer indexes in certain situations, leading to an out-of-bounds read vulnerability. A local attacker could possibly use this to expose sensitive information kernel memory. CVE-2022-48502...