Privilege Escalation

linux is vulnerable to privilege escalation. The vulnerability exists because of a race condition existed in the iouring subsystem which allows a local attacker to execute code on the affected systems with elevated privileges...

CVE-2022-41218

A use-after-free flaw was found in the Linux kernel’s dvb-core subsystem DVB API used by Digital TV devices in how a user physically removed a USB device such as a DVB demultiplexer device while running malicious code. This flaw allows a local user to crash or potentially escalate their privilege...

Oracle Linux 8 : Unbreakable Enterprise kernel-container (ELSA-2022-9931)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-9931 advisory. - afkey: Do not call xfrmprobealgs in parallel Herbert Xu Orabug: 34566751 CVE-2022-3028 - KVM: x86: do not report a vCPU as preempted outside instruction...

Important: kernel

Issue Overview: A use-after-free flaw was found in the Linux kernel's Unix socket Garbage Collection and iouring. This flaw allows a local user to crash or potentially escalate their privileges on the system. CVE-2022-2602 A flaw was found in hw. The unprotected alternative channel of return bran...

Updated kernel-linus packages fix security vulnerabilities

This kernel-linus update is based on upstream 5.15.74 and fixes at least the following security issues: A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root host user-level application to crash the host kernel by creating a confidential guest V...

Updated kernel packages fix security vulnerabilities

This kernel update is based on upstream 5.15.74 and fixes at least the following security issues: A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root host user-level application to crash the host kernel by creating a confidential guest VM...

MGASA-2022-0379 Updated kernel packages fix security vulnerabilities

This kernel update is based on upstream 5.15.74 and fixes at least the following security issues: A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root host user-level application to crash the host kernel by creating a confidential guest VM...

SUSE SLES15: cluster-md-kmp-default / dlm-kmp-default / gfs2-kmp-default / etc (SUSE-SU-2022:3688-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3688-1 advisory. The SUSE Linux Enterprise 15 kernel was updated. The following security bugs were fixed: - CVE-2022-3303: Fixed a race condition in...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2022-9926)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-9926 advisory. - afkey: Do not call xfrmprobealgs in parallel Herbert Xu Orabug: 34566752 CVE-2022-3028 Tenable has extracted the preceding description block...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel-container (ELSA-2022-9927)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-9927 advisory. - afkey: Do not call xfrmprobealgs in parallel Herbert Xu Orabug: 34566752 CVE-2022-3028 Tenable has extracted the preceding description block...

SUSE SLES15: kernel-livepatch-5_14_21-150400_22-default / etc (SUSE-SU-2022:3628-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3628-1 advisory. This update for the Linux Kernel 5.14.21-15040022 fixes several issues. The following security issues were fixed: - CVE-2022-41674: Fixed buffe...

[SECURITY] [DSA 5257-1] linux security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5257-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso October 18, 2022 https://www.debian.org/security/faq -...

PT-2022-5150

Name of the Vulnerable Software and Affected Versions Linux kernel versions 5.1 through 6.0.3 Description A use-after-free issue exists in the io uring asynchronous input/output interface of the Linux kernel, specifically related to Unix SCM garbage collection and the improper update of reference...

SUSE SLES15 Security Update : kernel (Live Patch 2 for SLE 15 SP4) (SUSE-SU-2022:3605-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3605-1 advisory. This update for the Linux Kernel 5.14.21-1504002418 fixes several issues. The following security issues were fixed: - CVE-2022-41674: Fixed...

SUSE SLED12: cluster-md-kmp-default / dlm-kmp-default / gfs2-kmp-default / etc (SUSE-SU-2022:3587-1)

The remote SUSE Linux SLED12 / SLEDSAP12 / SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3587-1 advisory. The SUSE Linux Enterprise 12 SP5 kernel was updated. The following security bugs were fixed: - CVE-2022-3303:...

SUSE-SU-2022:3599-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP3 kernel was updated. The following security bugs were fixed: - CVE-2022-3303: Fixed a race condition in the sound subsystem due to improper locking bnc1203769. - CVE-2022-41218: Fixed an use-after-free caused by refcount races in drivers/media/dvb-core/dmxdev.c...

Linux Kernel Competition Condition Issue Vulnerability (CNVD-2022-74088)

Linux Kernel is the kernel used by the Linux Foundation's open source operating system, Linux. Linux Kernel is vulnerable to a contention condition issue. The vulnerability stems from a copy-on-write COW corruption in the memory subsystem's handling of private read-only shared memory maps. A loca...

SUSE SLES15: cluster-md-kmp-azure / dlm-kmp-azure / gfs2-kmp-azure / etc (SUSE-SU-2022:3585-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3585-1 advisory. The SUSE Linux Enterprise 15 SP4 kernel was updated. The following security bugs were fixed: - CVE-2022-3303: Fixed a...

Ubuntu 22.04 LTS : Linux kernel (IBM) vulnerabilities (USN-5683-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5683-1 advisory. It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of-...

USN-5683-1: Linux kernel (IBM) vulnerabilities

It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-33655 Selim En...