80 matches found
Rocky Linux 8 : shim (RLSA-2021:1734)
The remote Rocky Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RLSA-2021:1734 advisory. - A flaw was found in grub2 in versions prior to 2.06, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw...
SUSE CVE-2023-32246
In the Linux kernel, the following vulnerability has been resolved: ksmbd: call rcubarrier in ksmbdserverexit racy issue is triggered the bug by racing between closing a connection and rmmod. In ksmbd, rcubarrier is not called at module unload time, so nothing prevents ksmbd from getting unloaded...
SUSE CVE-2020-14372
A flaw was found in grub2 in versions prior to 2.06, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table SSDT containing code to overwrite the Linux kernel lockdow...
SUSE CVE-2022-21505
In the linux kernel, if IMA appraisal is used with the "imaappraise=log" boot param, lockdown can be defeated with kexec on any machine when Secure Boot is disabled or unavailable. IMA prevents setting "imaappraise=log" from the boot param when Secure Boot is enabled, but this does not cover case...
ignition security, bug fix, and enhancement update
2.14.0-1 - New release - Add ignition-apply symlink - Add ignition-rmcfg symlink and ignition-delete-config.service 2.13.0-2 - Rename -validate-nonlinux subpackage to -validate-redistributable - Add static Linux binaries to -redistributable - Fix macro invocation in comment - Avoid kernel lockdow...
Medium: kernel
Issue Overview: An out-of-bounds read flaw was found in the Linux kernel's TeleTYpe subsystem. The issue occurs in how a user triggers a race condition using ioctls TIOCSPTLCK and TIOCGPTPEER and TIOCSTI and TCXONC with leakage of memory in the flushtoldisc function. This flaw allows a local user...
Amazon Linux 2 : kernel (ALASKERNEL-5.15-2022-006)
The version of kernel installed on the remote host is prior to 5.15.57-29.131. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.15-2022-006 advisory. A flaw was found in hw. Mis-trained branch predictions for return instructions may allow arbitrary...
SUSE-SU-2022:2741-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-36946: Fixed an incorrect packet trucation operation which could lead to denial of service bnc1201940. - CVE-2022-29581: Fixed improper update of reference...
Mageia: Security Advisory (MGASA-2022-0279)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
OESA-2022-1794 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: The Linux kernel was found vulnerable out of bounds memory access in the drivers/video/fbdev/sm712fb.c:smtcfbread function. The vulnerability could result in local attackers being able to crash the kernel.CVE-2022-2380 In USB...
SUSE-SU-2022:2461-1 Security update for the Linux Kernel (Live Patch 26 for SLE 15 SP2)
This update for the Linux Kernel 5.3.18-15020024112 fixes several issues. The following security issues were fixed: - CVE-2022-20154: Fixed a use after free due to a race condition in locksocknested of sock.c. This could lead to local escalation of privilege with System execution privileges neede...
SUSE-SU-2022:2446-1 Security update for the Linux Kernel (Live Patch 22 for SLE 12 SP4)
This update for the Linux Kernel 4.12.14-9580 fixes several issues. The following security issues were fixed: - CVE-2022-20154: Fixed a use after free due to a race condition in locksocknested of sock.c. This could lead to local escalation of privilege with System execution privileges needed...
SUSE-SU-2022:2444-1 Security update for the Linux Kernel (Live Patch 23 for SLE 12 SP4)
This update for the Linux Kernel 4.12.14-9583 fixes several issues. The following security issues were fixed: - CVE-2022-20154: Fixed a use after free due to a race condition in locksocknested of sock.c. This could lead to local escalation of privilege with System execution privileges needed...
CVE-2022-21505
In the linux kernel, if IMA appraisal is used with the "imaappraise=log" boot param, lockdown can be defeated with kexec on any machine when Secure Boot is disabled or unavailable. IMA prevents setting "imaappraise=log" from the boot param when Secure Boot is enabled, but this does not cover case...
SUSE-SU-2022:2438-1 Security update for the Linux Kernel (Live Patch 30 for SLE 12 SP5)
This update for the Linux Kernel 4.12.14-122116 fixes several issues. The following security issues were fixed: - CVE-2022-20154: Fixed a use after free due to a race condition in locksocknested of sock.c. This could lead to local escalation of privilege with System execution privileges needed...
SUSE-SU-2022:2116-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 12 SP5 kernel was updated. The following security bugs were fixed: - CVE-2022-21127: Fixed a stale MMIO data transient which can be exploited to speculatively/transiently disclose information via spectre like attacks. bsc1199650 - CVE-2022-21123: Fixed a stale MMIO data...
SUSE-SU-2022:2082-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 12 SP3 kernel was updated to 3.12.31 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-21127: Fixed a stale MMIO data transient which can be exploited to speculatively/transiently disclose information via spectre like attacks...
DEBIAN-CVE-2022-21499
KGDB and KDB allow read and write access to kernel memory, and thus should be restricted during lockdown. An attacker with access to a serial port could trigger the debugger so it is important that the debugger respect the lockdown mode when/if it is triggered. CVSS 3.1 Base Score 6.7...
grub2: acpi command allows privileged user to load crafted ACPI tables when Secure Boot is enabled
A flaw was found in GRUB 2, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table SSDT containing code to overwrite the Linux kernel lockdown variable content direct...
grub2: acpi command allows privileged user to load crafted ACPI tables when Secure Boot is enabled
A flaw was found in GRUB 2, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table SSDT containing code to overwrite the Linux kernel lockdown variable content direct...