kernel security, bug fix, and enhancement update

4.18.0-348.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and shim-x...

Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

GSD-2021-1001965 regmap: Fix possible double-free in regcache_rbtree_exit()

regmap: Fix possible double-free in regcacherbtreeexit This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.254 by commit...

Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

kernel security, bug fix, and enhancement update

An update is available for kernel. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...

CLSA-2021-1634922728 Fixed 22 CVEs in kernel

ELS-138: netfilter: xtables: add missing tables zeroing - ELS-138: CVE-2021-33909: seqfile: disallow extremely large seq buffer allocation - ELS-138: CVE-2021-22555: netfilter: xtables: fix compat match/target pad out-of-bound write - ELS-138: CVE-2020-29661: tty: Fix -pgrp locking in tiocspgrp -...

Unbreakable Enterprise kernel security update

4.14.35-2047.508.3 - fuse: fix live lock in fuseiget Amir Goldstein Orabug: 33396682 CVE-2021-28950 - block: workaround to avoid self-deadlock in delgendisk Junxiao Bi Orabug: 33392821 - net: bonding: add new option arpallslaves for arpiptarget Venkat Venkatsubra Orabug: 33352735 4.14.35-2047.508...

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 7.6 Advanced Update Support, Red Hat Enterprise Linux 7.6 Telco Extended Update Support, and Red Hat Enterprise Linux 7.6 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impac...

SUSE-SU-2021:3371-1 Security update for the Linux Kernel (Live Patch 24 for SLE 15)

This update for the Linux Kernel 4.12.14-15072 fixes several issues. The following security issues were fixed: - CVE-2021-3715: Fixed a user-after-free in the Linux kernel's Traffic Control networking subsystem which could lead to local privilege escalation. bsc1190350. - CVE-2021-38160: Fixed a...

Unbreakable Enterprise kernel security update

4.14.35-2047.507.7.6 - fuse: fix live lock in fuseiget Amir Goldstein Orabug: 33406810 CVE-2021-28950 - block: workaround to avoid self-deadlock in delgendisk Junxiao Bi Orabug: 33406819 - net: bonding: add new option arpallslaves for arpiptarget Venkat Venkatsubra Orabug: 33406814 - net/mlx5: Ra...

arch/mips/net/bpf_jit.c in the Linux kernel before 5.4.10 can generate undesirable machine code when transforming unprivileged cBPF programs allowing execution of arbitrary code within the kernel context. This occurs because conditional branches can exceed the 128 KB limit of the MIPS architecture.

...

SUSE-SU-2021:3205-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-3640: Fixed a Use-After-Free vulnerability in function scosocksendmsg in the bluetooth stack bsc1188172. - CVE-2021-3653: Missing validation of the intc...

Unbreakable Enterprise kernel security update

4.1.12-124.54.6.1 - fs/namespace.c: fix mountpoint reference counter race Piotr Krysiuk Orabug: 33369433 CVE-2020-12114 CVE-2020-12114 - btrfs: only search for leftinfo if there is no rightinfo in trymergefreespace Josef Bacik Orabug: 33369414 CVE-2019-19448 CVE-2019-19448 - cfg80211: wext: avoid...

SUSE-SU-2021:3177-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP2 Realtime kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-3759: Unaccounted ipc objects in Linux kernel could have lead to breaking memcg limits and DoS attacks bsc1190115. - CVE-2021-38160: Data...

kernel: SVM nested virtualization issue in KVM (AVIC support)

A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB virtual machine control block provided by the L1 guest to spawn/handle a nested guest L2. Due to improper validation of the "intctl" field, this issue could allow a malicious ...

Moderate: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: SVM nested virtualization issue in KVM AVIC support CVE-2021-3653 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

kernel: out-of-bounds write in xt_compat_target_from_user() in net/netfilter/x_tables.c

A flaw was discovered in processing setsockopt IPTSOSETREPLACE or IP6TSOSETREPLACE for 32 bit processes on 64 bit systems. This flaw will allow local user to gain privileges or cause a DoS through user name space. This action is usually restricted to root-privileged users but can also be leverage...

LSN-0081-1 Kernel Live Patch Security Notice

Maxim Levitsky discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel did not properly prevent a guest VM from enabling AVIC in nested guest VMs. An attacker in a guest VM could use this to write to portions of the host's physical memory.CVE-2021-3653 Maxim...

CVE-2021-33909 affecting package kernel 5.10.168.1-1

CVE-2021-33909 affecting package kernel 5.10.168.1-1. A patched version of the package is available...