65 matches found
Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2021-9085)
The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-9085 advisory. - xen-blkback: fix error handling in xenblkbkmap Jan Beulich Orabug: 32492109 CVE-2021-26930 - xen-scsiback: dont 'handle' error by BUG Jan Beulich...
Unbreakable Enterprise kernel-container security update
4.14.35-2047.500.10.el7 - xen-blkback: fix error handling in xenblkbkmap Jan Beulich Orabug: 32492110 CVE-2021-26930 - xen-scsiback: don't 'handle' error by BUG Jan Beulich Orabug: 32492102 CVE-2021-26931 - xen-netback: don't 'handle' error by BUG Jan Beulich Orabug: 32492102 CVE-2021-26931 -...
DEBIAN-CVE-2021-26930
An issue was discovered in the Linux kernel 3.11 through 5.10.16, as used by Xen. To service requests to the PV backend, the driver maps grant references provided by the frontend. In this process, errors may be encountered. In one case, an error encountered earlier might be discarded by later...
UBUNTU-CVE-2021-26930
An issue was discovered in the Linux kernel 3.11 through 5.10.16, as used by Xen. To service requests to the PV backend, the driver maps grant references provided by the frontend. In this process, errors may be encountered. In one case, an error encountered earlier might be discarded by later...
Unbreakable Enterprise kernel security update
4.14.35-2047.500.9.1 - xen-blkback: fix error handling in xenblkbkmap Jan Beulich Orabug: 32492110 CVE-2021-26930 - xen-scsiback: dont 'handle' error by BUG Jan Beulich Orabug: 32492102 CVE-2021-26931 - xen-netback: dont 'handle' error by BUG Jan Beulich Orabug: 32492102 CVE-2021-26931 -...
Unbreakable Enterprise kernel security update
5.4.17-2036.103.3.1uek - xen-blkback: fix error handling in xenblkbkmap Jan Beulich Orabug: 32492109 CVE-2021-26930 - xen-scsiback: don't 'handle' error by BUG Jan Beulich Orabug: 32492101 CVE-2021-26931 - xen-netback: don't 'handle' error by BUG Jan Beulich Orabug: 32492101 CVE-2021-26931 -...
Unbreakable Enterprise kernel security update
4.1.12-124.48.3.1 - xen-blkback: fix error handling in xenblkbkmap Jan Beulich Orabug: 32492113 CVE-2021-26930 - xen-scsiback: don't 'handle' error by BUG Jan Beulich Orabug: 32492105 CVE-2021-26931 - xen-netback: don't 'handle' error by BUG Jan Beulich Orabug: 32492105 CVE-2021-26931 -...
Unbreakable Enterprise kernel-container security update
5.4.17-2036.102.0.2.el7 - xen-blkback: set ring-xenblkd to NULL after kthreadstop Pawel Wieczorkiewicz Orabug: 32260252 CVE-2020-29569 - xenbus/xenbusbackend: Disallow pending watch messages SeongJae Park Orabug: 32253409 CVE-2020-29568 - xen/xenbus: Count pending messages for each watch SeongJae...
Unbreakable Enterprise kernel security update
5.4.17-2036.102.0.2uek - xen-blkback: set ring-xenblkd to NULL after kthreadstop Pawel Wieczorkiewicz Orabug: 32260252 CVE-2020-29569 - xenbus/xenbusbackend: Disallow pending watch messages SeongJae Park Orabug: 32253409 CVE-2020-29568 - xen/xenbus: Count pending messages for each watch SeongJae...
Use after free triggered by block frontend in Linux blkback
ISSUE DESCRIPTION The Linux kernel PV block backend expects the kernel thread handler to reset ring-xenblkd to NULL when stopped. However, the handler may not have time to run if the frontend quickly toggle between the states connect and disconnect. As a consequence, the block backend may re-use ...
CVE-2020-29569
An issue was discovered in the Linux kernel through 5.10.1, as used with Xen through 4.14.x. The Linux kernel PV block backend expects the kernel thread handler to reset ring-xenblkd to NULL when stopped. However, the handler may not have time to run if the frontend quickly toggles between the...
OracleVM 3.4 : Unbreakable / etc (OVMSA-2019-0002)
The remote OracleVM system is missing necessary patches to address critical security updates : - rds: congestion updates can be missed when kernel low on memory Mukesh Kacker Orabug: 28425811 - net/rds: ib: Fix endless RNR Retries caused by memory allocation failures Venkat Venkatsubra Orabug:...
Unbreakable Enterprise kernel security update
4.1.12-124.24.5 - rds: congestion updates can be missed when kernel low on memory Mukesh Kacker Orabug: 28425811 - net/rds: ib: Fix endless RNR Retries caused by memory allocation failures Venkat Venkatsubra Orabug: 28127993 - net: rds: fix excess initialization of the recv SGEs Zhu Yanjun Orabug...
Unbreakable Enterprise kernel security update
4.1.12-124.20.1 - bnxten: xdp: don't make drivers report attachment mode partial backport Somasundaram Krishnasamy Orabug: 27988326 - bpf: make bnxt compatible w/ bpfxdpadjusttail Nikita V. Shirokov Orabug: 27988326 - bnxten: add meta pointer for direct access partial backport Somasundaram...
blkif responses leak backend stack data
ISSUE DESCRIPTION The block interface response structure has some discontiguous fields. Certain backends populate the structure fields of an otherwise uninitialized instance of this structure on their stacks, leaking data through the internal or trailing padding field. IMPACT A malicious...
Unbreakable Enterprise kernel security update
kernel-uek 4.1.12-61.1.10 - netfilter: xtables: make sure e-nextoffset covers remaining blob size Florian Westphal Orabug: 24682076 CVE-2016-4997 CVE-2016-4998 - netfilter: xtables: validate e-targetoffset early Florian Westphal Orabug: 24682076 CVE-2016-4997 CVE-2016-4998 4.1.12-61.1.9 -...
OracleVM 3.3 : kernel-uek (OVMSA-2016-0084)
The remote OracleVM system is missing necessary patches to address critical security updates : - Revert 'x8664: expand kernel stack to 16K' Chuck Anderson Orabug: 23608686 - megaraidsas : Update threshold based reply post host index register Orabug: 23562756 - xen/events: Don't move disabled irqs...
Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2016-3573)
The remote Oracle Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2016-3573 advisory. kernel-uek 3.8.13-118.7.1 - megaraidsas : Update threshold based reply post host index register [email protected] Orabug: 23562756 - xen/events:...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.7.1 - megaraidsas : Update threshold based reply post host index register [email protected] Orabug: 23562756 - xen/events: Don't move disabled irqs Ross Lagerwall Orabug: 23055234 - xen/events: Mask a moving irq Boris Ostrovsky Orabug: 23055234 - xen/pciback: Save t...
OracleVM 3.3 : kernel-uek (OVMSA-2016-0046)
The remote OracleVM system is missing necessary patches to address critical security updates : - skbuff: skbsegment: orphan frags before copying Dongli Zhang - RDS/IB: VRPC DELAY / OSS RECONNECT CAUSES 5 MINUTE STALL ON PORT FAILURE Venkat Venkatsubra Orabug: 22888920 - mlx4core: Introduce...