CVE-2023-53552 drm/i915: mark requests for GuC virtual engines to avoid use-after-free

In the Linux kernel, the following vulnerability has been resolved: drm/i915: mark requests for GuC virtual engines to avoid use-after-free References to i915requests may be trapped by userspace inside a syncfile or dmabuf dma-resv and held indefinitely across different proceses. To counter-act t...

kernel: drm/i915: fix race condition UAF in i915_perf_add_config_ioctl

A use-after-free vulnerability was found in the Intel i915 GPU driver's performance monitoring subsystem. A race condition between adding and removing OA configurations allows dereferencing a freed object...

Rocky Linux 8 : kernel (RLSA-2023:0101)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:0101 advisory. - A flaw was found in the Linux kernel's driver for the ASIX AX88179178A-based USB 2.0/3.0 Gigabit Ethernet Devices. The vulnerability contains multiple...

Ubuntu 22.04 LTS : Linux kernel (OEM) vulnerability (USN-6089-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-6089-1 advisory. It was discovered that the Intel i915 graphics driver in the Linux kernel did not perform a GPU TLB flush in some situations. A local attacker could use this to...

Ubuntu 22.10 : Linux kernel (KVM) vulnerabilities (USN-5950-1)

The remote Ubuntu 22.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5950-1 advisory. It was discovered that the Upper Level Protocol ULP subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain...

Ubuntu 22.04 LTS : Linux kernel (GKE) vulnerabilities (USN-5938-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5938-1 advisory. It was discovered that the Upper Level Protocol ULP subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain...

Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-5912-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5912-1 advisory. It was discovered that the Upper Level Protocol ULP subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state i...

Ubuntu 22.04 LTS : Linux kernel vulnerabilities (USN-5911-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5911-1 advisory. It was discovered that the Upper Level Protocol ULP subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain...

K30914425: Linux vulnerabilities CVE-2022-0330 and CVE-2022-22942

Security Advisory Description CVE-2022-0330 A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. This flaw allows a local user to crash the system or escalate their privileges on the system...

Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2023-12116)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-12116 advisory. - netfilter: nftpayload: incorrect arithmetics when fetching VLAN header bits Pablo Neira Ayuso Orabug: 34978152 CVE-2023-0179 Tenable has extract...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2023-12119)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-12119 advisory. - Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM Luiz Augusto von Dentz CVE-2022-42896 - drm/i915: fix TLB invalidation for...

RHEL 8 : kernel-rt (RHSA-2023:0114)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0114 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...

Important: kernel

Issue Overview: A buffer overflow flaw in the Linux kernel BPF subsystem was found in the way users run BPF with long jump over an instruction sequence where inner instructions require substantial expansions into multiple BPF instructions. A local user could use this flaw to crash the system or...

SUSE SLES15 Security Update : the Linux RT Kernel (SUSE-SU-2022:0543-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0543-1 advisory. - The vgacon subsystem in the Linux kernel before 5.8.10 mishandles software scrollback. There is a vgaconscrolldelta out-of-bounds read, aka...

Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel (GKE) vulnerabilities (USN-5297-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5297-1 advisory. Szymon Heidrich discovered that the USB Gadget subsystem in the Linux kernel did not properly restrict the size of control requests for certa...

Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-5294-2)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5294-2 advisory. It was discovered that the Packet network protocol implementation in the Linux kernel contained a double- free vulnerability. A local attacke...

Ubuntu 20.04 LTS : Linux kernel vulnerabilities (USN-5294-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5294-1 advisory. It was discovered that the Packet network protocol implementation in the Linux kernel contained a double- free vulnerability. A local attacker could use...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel-container (ELSA-2022-9148)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-9148 advisory. - cgroup-v1: Require capabilities to set releaseagent Eric W. Biederman Orabug: 33832582 CVE-2022-0492 - tee: handle lookup of shm with reference...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2022-9147)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-9147 advisory. - cgroup-v1: Require capabilities to set releaseagent Eric W. Biederman Orabug: 33832582 CVE-2022-0492 - tee: handle lookup of shm with reference...

Vulnerability found in i915 kernel driver

A researcher has found a vulnerability in the Linux i915 kernel driver. The memory cache of the i915 kernel graphics driver is not properly cleaned up. An attacker exploiting this vulnerability could cause a local denial-of-service DoS cause or gain access to system data or elevated user...