kernel: ipvlan: out-of-bounds write caused by unclear skb->cb

A flaw was found in the IPVLAN network driver in the Linux kernel. This issue is caused by missing skb-cb initialization in ipoptionsecho and can lead to an out-of-bounds write stack overflow. This may allow a local user to cause a denial of service or potentially achieve local privilege escalati...

kernel: ipvlan: out-of-bounds write caused by unclear skb->cb

A flaw was found in the IPVLAN network driver in the Linux kernel. This issue is caused by missing skb-cb initialization in ipoptionsecho and can lead to an out-of-bounds write stack overflow. This may allow a local user to cause a denial of service or potentially achieve local privilege escalati...

RHEL 8 : kpatch-patch (RHSA-2023:4516)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:4516 advisory. This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel...

kernel security, bug fix, and enhancement update

5.14.0-284.25.1.0.12 - Fix KVM: x86/mmu: Fix race condition in directpagefault Orabug: 35673032 CVE-2022-45869 5.14.0-284.25.12 - KVM: x86/mmu: Fix race condition in directpagefault - prlimit: doprlimit needs to have a speculation check CVE-2023-0458 - x86/speculation: Allow enabling STIBP with...

AlmaLinux 9 : kpatch-patch (ALSA-2023:4380)

The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2023:4380 advisory. - A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited to achieve local privilege escalation. The...

Important: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

kernel: ipvlan: out-of-bounds write caused by unclear skb->cb

A flaw was found in the IPVLAN network driver in the Linux kernel. This issue is caused by missing skb-cb initialization in ipoptionsecho and can lead to an out-of-bounds write stack overflow. This may allow a local user to cause a denial of service or potentially achieve local privilege escalati...

kernel: ipvlan: out-of-bounds write caused by unclear skb->cb

A flaw was found in the IPVLAN network driver in the Linux kernel. This issue is caused by missing skb-cb initialization in ipoptionsecho and can lead to an out-of-bounds write stack overflow. This may allow a local user to cause a denial of service or potentially achieve local privilege escalati...

Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: ipvlan: out-of-bounds write caused by unclear skb-cb CVE-2023-3090 kernel: clsflower: out-of-bounds write in flsetgeneveopt CVE-2023-35788 kernel: KVM: x86/mmu: race condition in...

Important: kernel-rt security and bug fix update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: ipvlan: out-of-bounds write caused by unclear skb-cb CVE-2023-3090 kernel: clsflower: out-of-bounds write in flsetgeneveopt...

RHEL 9 : kernel-rt (RHSA-2023:4378)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:4378 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...

RHEL 9 : kernel (RHSA-2023:4377)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:4377 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: ipvlan: out-of-bounds write...

ALSA-2023:4377 Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: ipvlan: out-of-bounds write caused by unclear skb-cb CVE-2023-3090 kernel: clsflower: out-of-bounds write in flsetgeneveopt CVE-2023-35788 kernel: KVM: x86/mmu: race condition in...

ALSA-2023:4378 Important: kernel-rt security and bug fix update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: ipvlan: out-of-bounds write caused by unclear skb-cb CVE-2023-3090 kernel: clsflower: out-of-bounds write in flsetgeneveopt...

Ubuntu 22.04 LTS : Linux kernel vulnerabilities (USN-6260-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6260-1 advisory. It was discovered that the NTFS file system implementation in the Linux kernel did not properly check buffer indexes in certain situations, leading to an...

CLSA-2023-1690395540 Fix of 12 CVEs

Bionic update: upstream stable patchset 2021-11-12 LP: 1950816 // CVE- url: https://ubuntu.com/security/CVE-2021-20321 - ovl: fix missing negative dentry check in ovlrename CVE-url: https://ubuntu.com/security/CVE-2021-20321 - ovl: cleanup unused var in rename2 Jammy update: v5.15.93 upstream...

CLSA-2023-1690395161 Fix of 12 CVEs

Bionic update: upstream stable patchset 2021-11-12 LP: 1950816 // CVE- url: https://ubuntu.com/security/CVE-2021-20321 - ovl: fix missing negative dentry check in ovlrename CVE-url: https://ubuntu.com/security/CVE-2021-20321 - ovl: cleanup unused var in rename2 Jammy update: v5.15.93 upstream...

OESA-2023-1439 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: A time-of-check to time-of-use issue exists in iouring subsystem's IORINGOPCLOSE operation in the Linux kernel's versions 5.6 - 5.11 inclusive, which allows a local user to elevate their privileges to root. Introduced in...

OESA-2023-1437 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited to achieve local privilege escalation. The out-of-bounds write is caused by missing skb-cb initialization in the ipvlan network...

OESA-2023-1435 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: A time-of-check to time-of-use issue exists in iouring subsystem's IORINGOPCLOSE operation in the Linux kernel's versions 5.6 - 5.11 inclusive, which allows a local user to elevate their privileges to root. Introduced in...