56 matches found
MiracleLinux 7 : kernel-3.10.0-1160.45.1.el7 (AXSA:2021-2485:23)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2485:23 advisory. kernel: Improper handling of VMIO|VMPFNMAP vmas in KVM can bypass RO checks CVE-2021-22543 kernel: powerpc: KVM guest OS users can cause host OS...
Amazon Linux 2 : microvm-kernel (ALASMICROVM-KERNEL-4.14-2023-002)
The version of microvm-kernel installed on the remote host is prior to 4.14.246-199.474. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2MICROVM-KERNEL-4.14-2023-002 advisory. A flaw was found in the Linux kernel's implementation of wireless drivers using the...
K80212034: Linux kernel vulnerability CVE-2021-3656
Security Advisory Description A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB virtual machine control block provided by the L1 guest to spawn/handle a nested guest L2. Due to improper validation of the "virtext" field, this...
Security Bulletin: Multiple vulnerabilities in Linux Kernel affect IBM QRadar SIEM (CVE-2021-22543, CVE-2021-3653, CVE-2021-3656, CVE-2021-37576)
Summary There are multiple vulnerabilities in Linux Kernel Version used by IBM QRadar SIEM. IBM QRadar SIEM has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2021-22543 DESCRIPTION: Linux Kernel could allow a local authenticated attacker to gain elevated privileges on the system,...
Oracle Linux 7 / 8 : Unbreakable Enterprise kernel-container (ELSA-2022-9245)
The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-9245 advisory. - lib/ioviter: initialize 'flags' in new pipebuffer Max Kellermann Orabug: 33942325 CVE-2022-0847 - arm64: Use the clearbhb instruction in...
CVE-2021-3656 affecting package kernel 5.10.161.1-1
CVE-2021-3656 affecting package kernel 5.10.161.1-1. A patched version of the package is available...
CVE-2021-3656
A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB virtual machine control block provided by the L1 guest to spawn/handle a nested guest L2. Due to improper validation of the "virtext" field, this issue could allow a malicious...
CVE-2021-3656
CVE-2021-3656 describes a flaw in the KVM hypervisor for AMD processors where the L1 guest can provide a VMCB with an improperly validated virt_ext field, allowing the L1 to disable VMLOAD/VMSAVE intercepts and VLS for the L2 guest. This enables the L2 guest to read/write portions of the host’s p...
Mageia: Security Advisory (MGASA-2021-0409)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle Linux 7 / 8 : Unbreakable Enterprise kernel-container (ELSA-2021-9565)
The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-9565 advisory. - LTS tag: v5.4.142 Jack Vogel CVE-2021-3653 CVE-2021-3656 - KVM: nSVM: always intercept VMLOAD/VMSAVE when nested CVE-2021-3656 Maxim Levitsky -...
Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2021-9564)
The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-9564 advisory. - LTS tag: v5.4.142 Jack Vogel CVE-2021-3653 CVE-2021-3656 - KVM: nSVM: always intercept VMLOAD/VMSAVE when nested CVE-2021-3656 Maxim Levitsky -...
bpftool, kernel, perf, python security update
CentOS Errata and Security Advisory CESA-2021:3801 An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
CentOS 8 : kernel (CESA-2021:4056)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:4056 advisory. - kernel: use-after-free in drivers/infiniband/core/ucma.c ctx use-after-free CVE-2020-36385 - kernel: out-of-bounds write due to a heap buffer overflo...
Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update
An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
Important: kernel security, bug fix, and enhancement update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: use-after-free in drivers/infiniband/core/ucma.c ctx use-after-free CVE-2020-36385 kernel: out-of-bounds write due to a heap buffer overflow in hidinputchangeresolutionmultipliers of...
RHEL 8 : kernel-rt (RHSA-2021:3909)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:3909 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...
RHEL 8 : kernel (RHSA-2021:3904)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:3904 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: SVM nested virtualization issu...
Moderate: Red Hat Security Advisory: kernel-rt security and bug fix update
An update for kernel-rt is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...
[SECURITY] [DLA 2785-1] linux-4.19 security update
Debian LTS Advisory DLA-2785-1 [email protected] https://www.debian.org/lts/security/ Ben Hutchings October 15, 2021 https://wiki.debian.org/LTS Package : linux-4.19 Version : 4.19.208-1deb9u1 CVE ID : CVE-2020-3702 CVE-2020-16119 CVE-2021-3444 CVE-2021-3600 CVE-2021-3612 CVE-2021-3653...
SUSE SLES15: cluster-md-kmp-rt / dlm-kmp-rt / gfs2-kmp-rt / kernel-devel-rt / etc (SUSE-SU-2021:3415-1)
The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3415-1 advisory. The SUSE Linux Enterprise 15 SP3 kernel was updated. The following security bugs were fixed: - CVE-2020-3702: Fixed a bug which could be...