14 matches found
MGASA-2026-0098 Updated kernel-linus packages fix security vulnerabilities
Vanilla upstream kernel version 6.6.130 fixes bugs and vulnerabilities. For information about the vulnerabilities see the links...
Mageia: Security Advisory (MGASA-2023-0008)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated kernel-linus packages fix security vulnerabilities
This kernel-linus update is based on upstream 5.15.58 and fixes at least the following security issues: Kernel lockdown bypass when UEFI secure boot is disabled / unavailable and IMA appraisal is enabled CVE-2022-21505. Aliases in the branch predictor may cause some AMD processors to predict the...
Updated kernel-linus packages fix security vulnerabilities
This kernel-linus update is based on upstream 5.15.55 and fixes at least the following security issues: There are use-after-free vulnerabilities caused by timer handler in net/rose/rosetimer.c of linux that allow attackers to crash linux kernel without any privileges CVE-2022-2318. Xen Block and...
MGASA-2022-0264 Updated kernel-linus packages fix security vulnerabilities
This kernel-linus update is based on upstream 5.15.55 and fixes at least the following security issues: There are use-after-free vulnerabilities caused by timer handler in net/rose/rosetimer.c of linux that allow attackers to crash linux kernel without any privileges CVE-2022-2318. Xen Block and...
MGASA-2022-0101 Updated kernel-linus packages fix security vulnerabilities
This kernel-linus update is based on upstream 5.15.28 and fixes at least the following security issues: Non-transparent sharing of branch predictor selectors between contexts in some IntelR Processors may allow an authorized user to potentially enable information disclosure via local access...
MGASA-2022-0063 Updated kernel-linus packages fix security vulnerabilities
This kernel-linus update is based on upstream 5.15.23 and fixes at least the following security issues: A stack overflow flaw was found in the Linux kernel TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than th...
MGASA-2022-0027 Updated kernel-linus packages fix security vulnerability
This kernel-linus update is based on upstream 5.15.16 and fixes at least the following security issue: William Liu and Jamie Hill-Daniel discovered that the file system context functionality in the Linux kernel contained an integer underflow vulnerability, leading to an out-of-bounds write. A loc...
MGASA-2021-0589 Updated kernel-linus packages fix security vulnerabilities
This kernel-linus update is based on upstream 5.15.11 and fixes at least the following security issues: netdevsim: Zero-initialize memory for new map's value in function nsimbpfmapalloc CVE-2021-4135. Potentially malicious XEN PV backends can cause guest DoS due to unhardened frontends in the...
MGASA-2021-0398 Updated kernel-linus packages fix security vulnerabilities
This kernel-linus update is based on upstream 5.10.56 and fixes at least the following security issues: In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because the protection...
MGASA-2021-0258 Updated kernel-linus packages fix security vulnerabilities
This kernel-linus update is based on upstream 5.10.43 and fixes at least the following security issues: The 802.11 standard that underpins Wi-Fi Protected Access WPA, WPA2, and WPA3 and Wired Equivalent Privacy WEP doesn't require that received fragments be cleared from memory after reconnecting ...
MGASA-2021-0062 Updated kernel-linus packages fix security vulnerability
This kernel-linus update is based on upstream 5.10.12 and fixes at least the following security issue: An issue was discovered in the Linux kernel through 5.10.11. PI futexes have a kernel stack use-after-free during fault handling, allowing local users to execute code in the kernel CVE-2021-3347...
MGASA-2017-0188 Updated kernel-linus packages fixes critical security vulnerabilities
This kernel-linus update is based on upstream 4.4.74 and fixes at least the following security issues: The ipxitfioctl function in net/ipx/afipx.c in the Linux kernel through 4.11.1 mishandles reference counts, which allows local users to cause a denial of service use-after-free or possibly have...
MGASA-2017-0099 Updated kernel-linus packages fixes security vulnerability
This kernel-linus update is based on upstream 4.4.59 and fixes at least the following security issue: The xfrmreplayverifylen function in net/xfrm/xfrmuser.c in the Linux kernel through 4.10.6 does not validate certain size data after an XFRMMSGNEWAE update, which allows local users to obtain roo...