kernel security and bug fix update

3.10.0-1160.90.1.0.1.OL7 - debug: lock down kgdb Orabug: 34270798 CVE-2022-21499 3.10.0-1160.90.1.OL7 - Update Oracle Linux certificates Ilya Okomin - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug: 2481767...

SUSE-SU-2023:1992-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-5753: Fixed spectre V1 vulnerability on netlink bsc1209547. - CVE-2017-5753: Fixed spectre vulnerability in prlimit bsc1209256. - CVE-2022-4744: Fixe...

SUSE-SU-2023:1982-1 Security update for the Linux Kernel (Live Patch 35 for SLE 15 SP1)

This update for the Linux Kernel 4.12.14-150100197126 fixes several issues. The following security issues were fixed: - CVE-2023-0590: Fixed race condition in qdiscgraft bsc1207795. - CVE-2023-1118: Fixed a use-after-free bugs caused by enetxirqsim in media/rc bsc1208837...

SUSE-SU-2023:1977-1 Security update for the Linux Kernel RT (Live Patch 3 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-1504001511 fixes several issues. The following security issues were fixed: - CVE-2023-1652: Fixed use-after-free that could lead to DoS and information leak in nfsd4sscsetupdul in fs/nfsd/nfs4proc.c bsc1209788. - CVE-2023-1118: Fixed a use-after-free bugs...

Unbreakable Enterprise kernel security update

4.14.35-2047.524.5 - rds/ib: Fix the softlock-up in RDS cache GC worker Arumugam Kolappan Orabug: 35079728 4.14.35-2047.524.4 - xfs: add missing cmap-brstate = XFSEXTNORM update Gao Xiang Orabug: 35202792 - x86/tsc: Disable clocksource watchdog for TSC on qualified platorms Feng Tang Orabug:...

RLSA-2023:1566 Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: stack overflow in doprocdointvec and procskipspaces CVE-2022-4378 ALSA: pcm: Move rwsem lock inside sndctlelemread to prevent UAF CVE-2023-0266 kernel: FUSE filesystem low-privileged user...

kernel security, bug fix, and enhancement update

An update is available for kernel. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...

Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

OESA-2023-1199 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: A use after free vulnerability exists in the ALSA PCM package in the Linux Kernel. SNDRVCTLIOCTLELEMREAD|WRITE32 is missing locks that can be used in a use-after-free that can result in a priviledge escalation to gain ring0 acces...

OESA-2023-1198 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: A use after free vulnerability exists in the ALSA PCM package in the Linux Kernel. SNDRVCTLIOCTLELEMREAD|WRITE32 is missing locks that can be used in a use-after-free that can result in a priviledge escalation to gain ring0 acces...

SUSE-SU-2023:1640-1 Security update for the Linux Kernel (Live Patch 39 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122147 fixes several issues. The following security issues were fixed: - CVE-2023-26545: Fixed double free in net/mpls/afmpls.c upon an allocation failure bsc1208909. - CVE-2023-0266: Fixed a use-after-free vulnerability inside the ALSA PCM package...

CBL Mariner 2.0 Security Update: kernel (CVE-2023-22998)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-22998 advisory. - In the Linux kernel before 6.0.3, drivers/gpu/drm/virtio/virtgpuobject.c misinterprets the...

Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

LSN-0093-1 Kernel Live Patch Security Notice

Davide Ornaghi discovered that the netfilter subsystem in the Linux kernel did not properly handle VLAN headers in some situations. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code.CVE-2023-0179 It was discovered that the Upper Level...

PT-2023-15734 · Huawei · Emui +1

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned, so: Some products affected versions not specified Description: The issue concerns a double fetch vulnerability. Successful exploitation of this vulnerability may cause denial of service DoS...

SUSE-SU-2023:1574-1 Security update for the Linux Kernel RT (Live Patch 2 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-150400158 fixes several issues. The following security issues were fixed: - CVE-2023-26545: Fixed double free in net/mpls/afmpls.c upon an allocation failure bsc1208700. - CVE-2023-1078: Fixed a heap out-of-bounds write in rdsrmzerocopycallback bsc1208838...

Linux kernel resource management error vulnerability (CNVD-2023-34470)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a security issue in the traffic control index filter tcindex, where a call to tcfextsexec while using a...

Important: kernel

Issue Overview: A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2 attacks on L1 due to L1 thinking it doesn't need retpolines or IBPB after running L2 due to KVM L0 advertising eIBRS support to L1. An attacker at L...

SUSE-SU-2023:0749-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security and bugfixes. - CVE-2022-3523: Fixed use after free related to device private page handling bsc1204363. - CVE-2022-38096: Fixed NULL-ptr deref in vmwcmddxdefinequery bsc1203331. - CVE-2023-0461: Fixed use-after-fre...

SUSE-SU-2023:0778-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes. - CVE-2022-36280: Fixed out-of-bounds memory access vulnerability found in vmwgfx driver bsc1203332. - CVE-2022-38096: Fixed NULL-ptr deref in vmwcmddxdefinequery bsc1203331. - CVE-2023-0045: Fixed missi...