8 matches found
CentOS 7 : kernel (RHSA-2023:4819)
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:4819 advisory. - An issue in Zen 2 CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information...
K000137791: Linux kernel vulnerability CVE-2023-35788
Security Advisory Description An issue was discovered in flsetgeneveopt in net/sched/clsflower.c in the Linux kernel before 6.3.7. It allows an out-of-bounds write in the flower classifier code via TCAFLOWERKEYENCOPTSGENEVE packets. This may result in denial of service or privilege escalation...
kernel: cls_flower: out-of-bounds write in fl_set_geneve_opt()
A flaw was found in the TC flower classifier clsflower in the Networking subsystem of the Linux kernel. This issue occurs when sending two TCAFLOWERKEYENCOPTSGENEVE packets with a total size of 252 bytes, which results in an out-of-bounds write when the third packet enters flsetgeneveopt,...
RHEL 8 : kpatch-patch (RHSA-2023:4888)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:4888 advisory. This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel...
RHEL 8 : kernel (RHSA-2023:4815)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:4815 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: ipvlan: out-of-bounds write...
RHEL 8 : kernel-rt (RHSA-2023:4817)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:4817 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...
OESA-2023-1380 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: A use-after-free flaw was found in r592remove in drivers/memstick/host/r592.c in media access in the Linux Kernel. This flaw allows a local attacker to crash the system at device disconnect, possibly leading to a kernel informati...
The vulnerability of the fl_set_geneve_opt() function in the net/sched/cls_flower.c module, part of the network scheduling subsystem in the Linux operating system’s kernel, allows a malicious actor to cause service failures or increase their privileges.
The vulnerability of the flsetgeneveopt function in the net/sched/clsflower.c module, within the net/sched scheduling subsystem of the Linux operating system’s kernel, is related to incorrect calculations of buffer boundaries during writing operations. Exploiting this vulnerability may allow a...