Security update for the Linux Kernel (important)

openSUSE Security Update: Security update for the Linux Kernel Announcement ID: openSUSE-SU-2022:2173-1 Rating: important References: 1177282 1199365 1200015 1200143 1200144 1200206 1200207 1200249 1200259 1200263 1200268 1200529 Cross-References: CVE-2020-26541 CVE-2022-1966 CVE-2022-1974...

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-5.17.1.5)

The version of AOS installed on the remote host is prior to 5.17.1.5. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-5.17.1.5 advisory. - An issue was discovered in the Linux kernel before 4.14.11. A double free may be caused by the function allocatetracebuff...

CVE-2022-2590

A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write COW breakage of private read-only shared memory mappings. This flaw allows an unprivileged, local user to gain write access to read-only memory mappings, increasing their privileges on the system...

CVE-2022-3028

A race condition was found in the Linux kernel's IP framework for transforming packets XFRM subsystem when multiple calls to xfrmprobealgs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an...

DEBIAN-CVE-2022-2590

A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write COW breakage of private read-only shared memory mappings. This flaw allows an unprivileged, local user to gain write access to read-only memory mappings, increasing their privileges on the system...

CVE-2022-3028

A race condition was found in the Linux kernel's IP framework for transforming packets XFRM subsystem when multiple calls to xfrmprobealgs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an...

Race condition

A race condition was found in the Linux kernel's IP framework for transforming packets XFRM subsystem when multiple calls to xfrmprobealgs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an...

Race condition

A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write COW breakage of private read-only shared memory mappings. This flaw allows an unprivileged, local user to gain write access to read-only memory mappings, increasing their privileges on the system...

CVE-2022-2590

A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write COW breakage of private read-only shared memory mappings. This flaw allows an unprivileged, local user to gain write access to read-only memory mappings, increasing their privileges on the system...

CVE-2022-2590

Astra Linux bulletin confirms CVE-2022-2590 was addressed in Linux kernel MM/GUP logic by fixing FOLL_FORCE COW security issue and removing FOLL_COW. The patch targets races where a read-only shared page could become writable via FOLL_FORCE during COW, enabling unprivileged local writes to read‑o...

CVE-2022-2590

A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write COW breakage of private read-only shared memory mappings. This flaw allows an unprivileged, local user to gain write access to read-only memory mappings, increasing their privileges on the system...

CVE-2022-3028

A race condition was found in the Linux kernel's IP framework for transforming packets XFRM subsystem when multiple calls to xfrmprobealgs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an...

The vulnerability in the arch/x86/kvm/lapic.c component of the KVM virtualization subsystem in the Linux operating system’s kernel allows a attacker to cause a service failure.

The vulnerability in the kvmfreelapic function of the arch/x86/kvm/lapic.c component of the KVM virtualization subsystem in the Linux operating system is related to incomplete cleanup of temporary or auxiliary resources. Exploiting this vulnerability can allow an attacker to cause a service failu...

CVE-2022-3028

CVE-2022-3028 describes a race condition in the Linux kernel’s IP framework (XFRM) where concurrent calls to xfrm_probe_algs can cause an out-of-bounds read that may be copied into a socket, or an out-of-bounds write, enabling a local attacker to leak kernel memory or crash the kernel. Connected ...

CVE-2022-3028

A race condition was found in the Linux kernel's IP framework for transforming packets XFRM subsystem when multiple calls to xfrmprobealgs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an...

USN-5590-1: Linux kernel (OEM) vulnerability

Domingo Dirutigliano and Nicola Guerrera discovered that the netfilter subsystem in the Linux kernel did not properly handle rules that truncated packets below the packet header size. When such rules are in place, a remote attacker could possibly use this to cause a denial of service system crash...

CVE-2022-3028

A race condition was found in the Linux kernel's IP framework for transforming packets XFRM subsystem when multiple calls to xfrmprobealgs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an...

CVE-2022-2905

An out-of-bounds memory read flaw was found in the Linux kernel's BPF subsystem in how a user calls the bpftailcall function with a key larger than the maxentries of the map. This flaw allows a local user to gain unauthorized access to data. Mitigation Mitigation for this issue is either not...

Ubuntu: Security Advisory (USN-5278-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-5557-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...