Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2023-2916)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

AlmaLinux 8 : kernel (ALSA-2023:5244)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:5244 advisory. - A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hcisock.c in the Linux Kernel. This flaw...

kernel security, bug fix, and enhancement update

4.18.0-477.27.0.18.OL8 - bluetooth: Perform careful capability checks in hcisockioctl CVE-2023-2002 - ipvlan:Fix out-of-bounds caused by unclear skb-cb CVE-2023-3090 - net/sched: clsfw: Fix improper refcount update leads to use-after-free CVE-2023-3776 - netfilter: nftsetpipapo: fix improper...

SUSE SLES15 Security Update : kernel RT (Live Patch 0 for SLE 15 SP5) (SUSE-SU-2023:3671-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3671-1 advisory. - In the Linux kernel, picknextrtentity may return a type confused entry, not detected by the BUGON condition, as the confused entry will not b...

SUSE SLES15 Security Update : kernel RT (Live Patch 5 for SLE 15 SP4) (SUSE-SU-2023:3668-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3668-1 advisory. - In the Linux kernel, picknextrtentity may return a type confused entry, not detected by the BUGON condition, as the confused entry will not b...

SUSE SLES15 Security Update : kernel RT (Live Patch 1 for SLE 15 SP5) (SUSE-SU-2023:3676-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3676-1 advisory. - A flaw was found in the networking subsystem of the Linux kernel within the handling of the RPL protocol. This issue results from the lack of...

kernel: ipvlan: out-of-bounds write caused by unclear skb->cb

A flaw was found in the IPVLAN network driver in the Linux kernel. This issue is caused by missing skb-cb initialization in ipoptionsecho and can lead to an out-of-bounds write stack overflow. This may allow a local user to cause a denial of service or potentially achieve local privilege escalati...

Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

kernel: ipvlan: out-of-bounds write caused by unclear skb->cb

A flaw was found in the IPVLAN network driver in the Linux kernel. This issue is caused by missing skb-cb initialization in ipoptionsecho and can lead to an out-of-bounds write stack overflow. This may allow a local user to cause a denial of service or potentially achieve local privilege escalati...

Important: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 8. 'Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

kernel: ipvlan: out-of-bounds write caused by unclear skb->cb

A flaw was found in the IPVLAN network driver in the Linux kernel. This issue is caused by missing skb-cb initialization in ipoptionsecho and can lead to an out-of-bounds write stack overflow. This may allow a local user to cause a denial of service or potentially achieve local privilege escalati...

SUSE SLES15 Security Update : kernel (Live Patch 32 for SLE 15 SP3) (SUSE-SU-2023:3628-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3628-1 advisory. - In the Linux kernel, picknextrtentity may return a type confused entry, not detected by the BUGON condition, as the confused entry will not b...

Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: ipvlan: out-of-bounds write caused by unclear skb-cb CVE-2023-3090 kernel: UAF in nftables when nftsetlookupglobal triggered after handling named and anonymous sets in batch requests...

SUSE-SU-2023:3620-1 Security update for the Linux Kernel (Live Patch 36 for SLE 15 SP2)

This update for the Linux Kernel 5.3.18-15020024151 fixes several issues. The following security issues were fixed: - CVE-2023-32233: Fixed a use-after-free in Netfilter nftables when processing batch requests bsc1211187. - CVE-2023-3567: Fixed a use-after-free in vcsread in...

SUSE SLES15 Security Update : kernel (Live Patch 41 for SLE 15 SP1) (SUSE-SU-2023:3571-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3571-1 advisory. - A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited to achieve local privilege escalation. Th...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2023-2787)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

kernel: ipvlan: out-of-bounds write caused by unclear skb->cb

A flaw was found in the IPVLAN network driver in the Linux kernel. This issue is caused by missing skb-cb initialization in ipoptionsecho and can lead to an out-of-bounds write stack overflow. This may allow a local user to cause a denial of service or potentially achieve local privilege escalati...

kernel: ipvlan: out-of-bounds write caused by unclear skb->cb

A flaw was found in the IPVLAN network driver in the Linux kernel. This issue is caused by missing skb-cb initialization in ipoptionsecho and can lead to an out-of-bounds write stack overflow. This may allow a local user to cause a denial of service or potentially achieve local privilege escalati...

RHEL 8 : kernel-rt (RHSA-2023:4961)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:4961 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...

CLSA-2023-1693431257 Fix of 17 CVEs

Jammy update: v5.15.75 upstream stable release LP: 1996825 // CVE-url: https://ubuntu.com/security/CVE-2022-1184 - ext4: fix check for block being out of directory size Jammy update: v5.15.61 upstream stable release LP: 1990162 // CVE-url: https://ubuntu.com/security/CVE-2022-1184 - ext4: check i...