openSUSE Security Update : libvirt (openSUSE-2020-1778)

This update for libvirt fixes the following issues : - CVE-2020-15708: Added a note to libvirtd.conf about polkit auth in SUSE distros bsc1174955. - CVE-2020-25637: Fixed a double free in qemuAgentGetInterfaces bsc1177155. - qemu: Adjust max memlock on mdev hotplug bsc1177480. - Xen: Don't add do...

Security update for libvirt (important)

openSUSE Security Update: Security update for libvirt Announcement ID: openSUSE-SU-2020:1778-1 Rating: important References: 1174955 1175465 1175574 1176430 1177155 1177480 Cross-References: CVE-2020-15708 CVE-2020-25637 Affected Products: openSUSE Leap 15.1 An update that solves two...

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

cloud-init security, bug fix, and enhancement update

19.4-7.0.3 - Add conditional restart of NetworkManager for cloud-final. Orabug: 31965645 - Correct postinstall upgrade cloud-init.service mismerge order. 19.4-7.0.1 - Add Oracle Linux variant to known distros - Add cloud-init hotplug event handling support Orabug: 30485135 - Oracle data source...

kernel: race condition caused by a malicious USB device in the USB character device driver layer

A flaw was found in the Linux kernel, where there is a race condition bug that can be caused by a malicious USB device in the USB character device driver layer. An attacker who can hotplug at least two devices of this class can cause a use-after-free situation...

SUSE SLES12 Security Update : libvirt (SUSE-SU-2020:2233-1)

This update for libvirt fixes the following issues : CVE-2020-14339: Don't leak /dev/mapper/control into QEMU. Use ioctl's to obtain the dependency tree of disks and drop use of libdevmapper. - bsc1161883, bsc1174458 qemu: Setup emulator thread and cpuset.mems before exec - bsc1171946 libxl:...

Unbreakable Enterprise kernel security update

4.14.35-1902.304.6 - bpf: fix sanitation rewrite in case of non-pointers Daniel Borkmann Orabug: 31552243 4.14.35-1902.304.5 - acpi: disallow loading configfs acpi tables when locked down Jason A. Donenfeld Orabug: 31493187 - selftests/bpf: do not run testkmod.sh for UEK5 Alan Maguire Orabug:...

kernel: Two memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wireless/marvell/mwifiex/pcie.c allows for a DoS

Two memory leak flaws were found in the Linux kernel's mwifiexpcieinitevtring function. A local attacker, able to reload the kernel module or hotplug Marvell WiFi hardware using this driver, can cause a denial of service memory consumption by triggering mwifiexmappcimemory failures...

CVE-2019-19447

A flaw was found in the Linux kernel's ext4unlink function. An attacker could corrupt memory or escalate privileges when deleting a file from a recently unmounted specially crafted ext4 filesystem, including local, USB, and iSCSI. Mitigation Ext4 filesytems are built into the kernel so it is not...

Linux kernel memory leak vulnerability (CNVD-2019-41265)

The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. A memory leak vulnerability exists in the acphwinit function in drivers/gpu/drm/amd/amdgpu/amdgpuacp.c in versions of...

systemd security, bug fix, and enhancement update

239-18.0.1 - fix netdev is missing for iscsi entry in /etc/fstab [email protected] Orabug: 25897792 - set 'RemoveIPC=no' in logind.conf as default for OL7.2 Orabug: 22224874 - allow dm remove ioctl to co-operate with UEK3 Vaughan Cao Orabug: 18467469 - add hv dynamic memory support Jerry...

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 7.5 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

PT-2019-4206 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.3.8 Description: The issue is related to four memory leaks in the acp hw init function in the Linux kernel, which can cause a denial of service due to memory consumption. This can be triggered by failures in m...

kernel security, bug fix, and enhancement update

3.10.0-1062.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug: 24817676 3.10.0-1062 - fs revert 'xfs: disable copyfilerange to avoid broken splice copy' Eric...

SUSE SLES12 Security Update : libvirt (SUSE-SU-2019:1438-1) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)

This update for libvirt fixes the following issues : Four new speculative execution information leak issues have been identified in Intel CPUs. bsc1111331 CVE-2018-12126: Microarchitectural Store Buffer Data Sampling MSBDS CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling MFBDS...

CentOS 7 : kernel (CESA-2019:0512)

An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

Fedora 29 : xen (2019-3e89502cb1)

xen: various flaws 1685577 grant table transfer issues on large hosts XSA-284 race with pass-through device hotplug XSA-285 x86: stealpage violates pagestruct access discipline XSA-287 x86: Inconsistent PV IOMMU discipline XSA-288 missing preemption in x86 PV page table unvalidation XSA-290 x86/P...

kernel security, bug fix, and enhancement update

3.10.0-957 - mm mlock: avoid increase mm-lockedvm on mlock when already mlock2, MLOCKONFAULT Rafael Aquini 1633059 3.10.0-956 - block blk-mq: fix hctx debugfs entry related race between update hw queues and cpu hotplug Ming Lei 1619988 - nvme nvme-pci: unquiesce dead controller queues Ming Lei...

kernel security and bug fix update

2.6.32-754.6.3.OL6 - Update genkey bug 25599697 2.6.32-754.6.3 - kvm VMX: fixes for vmentryl1dflush module parameter Marcelo Tosatti 1628796 - x86 speculation: Use ARCHCAPABILITIES to skip L1D flush on vmentry Marcelo Tosatti 1628796 - x86 KVM: VMX: skip L1TF flush on VM-entry if EPT is disabled...

CVE-2014-3471

Use-after-free vulnerability in hw/pci/pcie.c in QEMU aka Quick Emulator allows local guest OS users to cause a denial of service QEMU instance crash via hotplug and hotunplug operations of Virtio block devices...