LSN-0089-1 Kernel Live Patch Security Notice

Aaron Adams discovered that the netfilter subsystem in the Linux kernel did not properly handle the removal of stateful expressions in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or execute arbitrary code...

PT-2022-4880 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to an out-of-bounds access in the Linux kernel sound subsystem, specifically with the get ctl id hash function. This occurs when the id-name parameter does not end...

DEBIAN-CVE-2021-3759

A memory overflow vulnerability was found in the Linux kernel’s ipc functionality of the memcg subsystem, in the way a user calls the semget function multiple times, creating semaphores. This flaw allows a local user to starve the resources, causing a denial of service. The highest threat from th...

Design/Logic Flaw

A memory overflow vulnerability was found in the Linux kernel’s ipc functionality of the memcg subsystem, in the way a user calls the semget function multiple times, creating semaphores. This flaw allows a local user to starve the resources, causing a denial of service. The highest threat from th...

CVE-2021-3759

CVE-2021-3759 is a memory overflow in the Linux kernel memcg IPC path, where repeated semget calls by a local user can exhaust memory and cause a denial of service. Public docs confirm impact is local and availability-focused. Debian LTS advisory DLA-3244-1 and Amazon ALAS2KERNEL advisories for k...

Amazon Linux 2 : kernel (ALASKERNEL-5.15-2022-006)

The version of kernel installed on the remote host is prior to 5.15.57-29.131. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.15-2022-006 advisory. A flaw was found in hw. Mis-trained branch predictions for return instructions may allow arbitrary...

CVE-2021-3759

A memory overflow vulnerability was found in the Linux kernel’s ipc functionality of the memcg subsystem, in the way a user calls the semget function multiple times, creating semaphores. This flaw allows a local user to starve the resources, causing a denial of service. The highest threat from th...

SUSE-SU-2022:2869-1 Security update for u-boot

This update for u-boot fixes the following issues: - CVE-2022-33103: Fixed a flaw in the squashfs subsystem that could lead to arbitrary code execution bsc1201213...

SUSE-SU-2022:2868-1 Security update for u-boot

This update for u-boot fixes the following issues: - CVE-2022-33103: Fixed a flaw in the squashfs subsystem that could lead to arbitrary code execution bsc1201213...

"As Nasty as Dirty Pipe" — 8 Year Old Linux Kernel Vulnerability Uncovered

Details of an eight-year-old security vulnerability in the Linux kernel have emerged that the researchers say is "as nasty as Dirty Pipe." Dubbed DirtyCred by a group of academics from Northwestern University, the security weakness exploits a previously unknown flaw CVE-2022-2588 to escalate...

CVE-2022-36879

A flaw was found in the Linux kernel’s IP framework for transforming packets XFRM subsystem. An error while resolving policies in xfrmbundlelookup causes the refcount to drop twice, leading to a possible crash and a denial of service. Mitigation Mitigation for this issue is either not available o...

Input validation

Incomplete cleanup in a firmware subsystem for IntelR SPS before versions SPSE304.08.04.330.0 and SPSE304.01.04.530.0 may allow a privileged user to potentially enable denial of service via local access...

CVE-2022-26074

Incomplete cleanup in a firmware subsystem for IntelR SPS before versions SPSE304.08.04.330.0 and SPSE304.01.04.530.0 may allow a privileged user to potentially enable denial of service via local access...

Important: Red Hat Security Advisory: Logging Subsystem 5.5.0 - Red Hat OpenShift security update

An update is now available for RHOL-5.5-RHEL-8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2022-2257)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP5 : kernel (EulerOS-SA-2022-2273)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Insufficient control flow management for the IntelR 82599 Ethernet Controllers and Adapters may allow an authenticated user to potentially enabl...

Debian: Security Advisory (DSA-5207-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root

A use-after-free vulnerability was found in the Linux kernel's Netfilter subsystem in net/netfilter/nftablesapi.c. This flaw allows a local attacker with user access to cause a privilege escalation issue...

Important: Red Hat Security Advisory: kpatch-patch security update

An update is now available for Red Hat Enterprise Linux 7.7 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

RHEL 7 : kpatch-patch (RHSA-2022:6075)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:6075 advisory. This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Security Fixe...