CVE-2021-4028

A flaw in the Linux kernel's implementation of RDMA communications manager listener code allowed an attacker with local access to setup a socket to listen on a high port allowing for a list element to be used after free. Given the ability to execute code, a local attacker could leverage this...

OESA-2022-1844 kernel security update

Security Fixes: The Linux kernel before 5.18.13 lacks a certain clear operation for the block starting symbol .bss. This allows Xen PV guest OS users to cause a denial of service or gain privileges.CVE-2022-36123 In v4l2m2mquerybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to...

OESA-2022-1846 kernel security update

Security Fixes: The Linux kernel before 5.18.13 lacks a certain clear operation for the block starting symbol .bss. This allows Xen PV guest OS users to cause a denial of service or gain privileges.CVE-2022-36123 In v4l2m2mquerybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to...

SUSE-SU-2022:2809-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-36557: Fixed a race condition between the VTDISALLOCATE ioctl and closing/opening of ttys could lead to a use-after-free bnc1201429. - CVE-2020-36558:...

SUSE-SU-2022:2808-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-26341: Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage bsc1201050. -...

SUSE-SU-2022:2779-1 Security update for the Linux Kernel (Live Patch 26 for SLE 15 SP2)

This update for the Linux Kernel 5.3.18-15020024112 fixes several issues. The following security issues were fixed: - CVE-2022-1679: Fixed a use-after-free in the Atheros wireless driver in the way a user forces the ath9khtcwaitfortarget function to fail with some input messages bsc1199487. -...

SUSE-SU-2022:2761-1 Security update for the Linux Kernel (Live Patch 22 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-1503005987 fixes several issues. The following security issues were fixed: - CVE-2022-1116: Fixed a integer overflow vulnerability in iouring which allowed a local attacker to cause memory corruption and escalate privileges to root bnc1199647. -...

SUSE-SU-2022:2750-1 Security update for the Linux Kernel (Live Patch 29 for SLE 15)

This update for the Linux Kernel 4.12.14-15000015089 fixes several issues. The following security issues were fixed: - CVE-2022-1419: Fixed a concurrency use-after-free in vgemgemdumbcreate bsc1198742. - CVE-2022-1679: Fixed a use-after-free in the Atheros wireless driver in the way a user forces...

kernel security, bug fix, and enhancement update

5.14.0-70.22.1.0.10.OL9 lockdown: also lock down previous kgdb use Daniel Thompson Orabug: 34290418 CVE-2022-21499 5.14.0-70.22.10.OL9 Update Oracle Linux certificates Kevin Lyons Disable signing for aarch64 Ilya Okomin Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys lis...

ALSA-2022:6003 Moderate: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: information leak in scsiioctl CVE-2022-0494 use-after-free in tcnewtfilter in net/sched/clsapi.c CVE-2022-1055 For more details about the security issues, including the impact, a CVSS score,...

SUSE-SU-2022:2696-1 Security update for the Linux Kernel (Live Patch 19 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-1503005971 fixes several issues. The following security issues were fixed: - CVE-2022-34918: Fixed a buffer overflow with nftseteleminit that could be used by a local attacker to escalate privileges bnc1201171. - CVE-2022-1679: Fixed a use-after-free in the...

GSD-2022-1004350 tcp: Fix a data-race around sysctl_tcp_probe_threshold.

tcp: Fix a data-race around sysctltcpprobethreshold. This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.58 by commit...

CVE-2020-36558

A race condition in the Linux kernel before 5.5.7 involving VTRESIZEX could lead to a NULL pointer dereference and general protection fault...

SUSE-SU-2022:2461-1 Security update for the Linux Kernel (Live Patch 26 for SLE 15 SP2)

This update for the Linux Kernel 5.3.18-15020024112 fixes several issues. The following security issues were fixed: - CVE-2022-20154: Fixed a use after free due to a race condition in locksocknested of sock.c. This could lead to local escalation of privilege with System execution privileges neede...

SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2022:2422-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2422-1 advisory. - Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in...

SUSE-SU-2022:2444-1 Security update for the Linux Kernel (Live Patch 23 for SLE 12 SP4)

This update for the Linux Kernel 4.12.14-9583 fixes several issues. The following security issues were fixed: - CVE-2022-20154: Fixed a use after free due to a race condition in locksocknested of sock.c. This could lead to local escalation of privilege with System execution privileges needed...

CVE-2021-33655

When sending malicous data to kernel by ioctl cmd FBIOPUTVSCREENINFO,kernel will write memory out of bounds...

Out-of-bounds

When setting font with malicous data by ioctl cmd PIOFONT,kernel will write memory out of bounds...

SUSE-SU-2022:2382-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-29900, CVE-2022-29901: Fixed the RETBLEED attack, a new Spectre like Branch Target Buffer attack, that can leak arbitrary kernel information bsc1199657....

RLSA-2022:5564 Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: race condition in perfeventopen leads to privilege escalation CVE-2022-1729 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other...