USN-5299-1: Linux kernel vulnerabilities

Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation could reassemble mixed encrypted and plaintext fragments. A physically proximate attacker could possibly use this issue to inject packets or exfiltrate selected fragments. CVE-2020-26147 It was discovered that the bluetooth...

USN-5299-1 linux, linux-aws, linux-kvm, linux-lts-xenial vulnerabilities

Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation could reassemble mixed encrypted and plaintext fragments. A physically proximate attacker could possibly use this issue to inject packets or exfiltrate selected fragments. CVE-2020-26147 It was discovered that the bluetooth...

Ubuntu 16.04 ESM : Linux kernel vulnerabilities (USN-5299-1)

The remote Ubuntu 16.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5299-1 advisory. Mathy Vanhoef discovered that the Linux kernels WiFi implementation could reassemble mixed encrypted and plaintext fragments. A physically proximate...

PT-2025-8599 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to the version containing commit ffa0b64e3be5 Description: A bug in the Linux kernel has been resolved, related to memory hotplug. The issue arises when the kernel validates an address against the high memory value...

kernel security and bug fix update

4.18.0-348.7.15.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...

EulerOS 2.0 SP5 : kernel (EulerOS-SA-2021-2221)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The kernel package contains the Linux kernel vmlinuz, the core of any Linux operating system. The kernel handles the basic functions of the...

SUSE: Security Advisory (SUSE-SU-2018:2223-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-4982-1: Linux kernel vulnerabilities

Kiyin 尹亮 discovered that the NFC LLCP protocol implementation in the Linux kernel contained a reference counting error. A local attacker could use this to cause a denial of service system crash. CVE-2020-25670 Kiyin 尹亮 discovered that the NFC LLCP protocol implementation in the Linux kernel did n...

USN-4984-1: Linux kernel vulnerabilities

Jan Beulich discovered that the Xen netback backend in the Linux kernel did not properly handle certain error conditions under paravirtualization. An attacker in a guest VM could possibly use this to cause a denial of service host domain crash. CVE-2021-28038 It was discovered that the Realtek...

USN-4984-1 linux, linux-aws, linux-azure, linux-gcp, linux-hwe-5.8, linux-kvm, linux-oracle, linux-raspi vulnerabilities

Jan Beulich discovered that the Xen netback backend in the Linux kernel did not properly handle certain error conditions under paravirtualization. An attacker in a guest VM could possibly use this to cause a denial of service host domain crash. CVE-2021-28038 It was discovered that the Realtek...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2021-1967)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-4979-1 linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities

Kiyin 尹亮 discovered that the NFC LLCP protocol implementation in the Linux kernel contained a reference counting error. A local attacker could use this to cause a denial of service system crash. CVE-2020-25670 Kiyin 尹亮 discovered that the NFC LLCP protocol implementation in the Linux kernel did n...

USN-4979-1: Linux kernel vulnerabilities

Kiyin 尹亮 discovered that the NFC LLCP protocol implementation in the Linux kernel contained a reference counting error. A local attacker could use this to cause a denial of service system crash. CVE-2020-25670 Kiyin 尹亮 discovered that the NFC LLCP protocol implementation in the Linux kernel did n...

Ubuntu: Security Advisory (USN-4982-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-4948-1: Linux kernel (OEM) vulnerabilities

Ryota Shiga discovered that the eBPF implementation in the Linux kernel did not properly verify that a BPF program only reserved as much memory for a ring buffer as was allocated. A local attacker could use this to cause a denial of service system crash or execute arbitrary code. CVE-2021-3489...

Fedora 32 : kernel (2021-9503fffad9)

The remote Fedora 32 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-9503fffad9 advisory. - An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c performs undesirable out- of-bounds speculation on pointer...

In drivers/pci/hotplug/rpadlpar_sysfs.c in the Linux kernel through 5.11.8 the RPA PCI Hotplug driver has a user-tolerable buffer overflow when writing a new device name to the driver from userspace allowing userspace to write data to the kernel stack frame directly. This occurs because add_slot_store and remove_slot_store mishandle drc_name '\0' termination aka CID-cc7a0bb058b8.

...

Fedora 33 : kernel (2021-68b0dd2373)

The remote Fedora 33 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-68b0dd2373 advisory. - An issue was discovered in fs/iouring.c in the Linux kernel through 5.11.8. It allows attackers to cause a denial of service deadlock because exit...

Unbreakable Enterprise kernel security update

4.14.35-2047.500.9.3.el7uek - net/rds: Reject error code change Ka-Cheong Poon Orabug: 32577425 - PCI: hotplug: Add module parameter to allow user control of LEDs James Puthukattukaran Orabug: 32577399 - net/rds: increase 1MB MR pool size for RDS Manjunath Patil Orabug: 32577394...

CVE-2021-28972

A flaw in the Linux kernels implementation of the RPA PCI Hotplug driver for power-pc. A user with permissions to write to the sysfs settings for this driver can trigger a buffer overflow when writing a new device name to the driver from userspace, overwriting data in the kernel's stack. Mitigati...