Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

Unbreakable Enterprise kernel security update

5.4.17-2011.1.2 - ctf: discard CTF from the vDSO Nick Alcock Orabug: 31194036 5.4.17-2011.1.1 - slcan: Don't transmit uninitialized stack data in padding Richard Palethorpe Orabug: 31136750 CVE-2020-11494 - blktrace: Protect q-blktrace with RCU Jan Kara Orabug: 31123573 CVE-2019-19768 - KVM: x86:...

March 17, 2020—KB4541333 (OS Build 17134.1399)

March 17, 2020—KB4541333 OS Build 17134.1399 Windows 10, version 1803 the April 2018 Update Home and Pro editions have reached end of service. For Windows 10 devices that are at, or within several months of reaching end of service, Windows Update will automatically initiate a feature update with...

Unbreakable Enterprise kernel security update

4.14.35-1902.301.1 - vhost: Check docket skfamily instead of call getname Eugenio Perez Orabug: 31085991 CVE-2020-10942 - uek-rpm: config-mips64-embedded misc pruning Eric Saint-Etienne Orabug: 31079017 - ubifs: Check for name being NULL while mounting Richard Weinberger Orabug: 29410897 - team:...

Information Disclosure

kernel is vulnerable to information disclosure. The vulnerability exists as a bug in the random number generator that prevented the manual seeding of the entropy pool...

Unbreakable Enterprise kernel security update

kernel-uek 3.8.13-118.44.1 - net: qlogic: Fix memory leak in qlalloclargebuffers Navid Emamdoost Orabug: 31055328 CVE-2019-18806 - swiotlb: clean up reporting Kees Cook Orabug: 31085018 CVE-2018-5953...

Moderate: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

Kernel: net: using kernel space address bits to derive IP ID may potentially break KASLR

A flaw was found in the way the Linux kernel derived the IP ID field from a partial kernel space address returned by a nethashmix function. A remote user could observe this IP ID field to extract the kernel address bits used to derive its value, which may result in leaking the hash key and...

Kernel: KVM: export MSR_IA32_TSX_CTRL to guest - incomplete fix for TAA (CVE-2019-11135)

A flaw was found in the fix for CVE-2019-11135, the way Intel CPUs handle speculative execution of instructions when a TSX Asynchronous Abort TAA error occurs. When a guest is running on a host CPU affected by the TAA flaw TAANO=0, but is not affected by the MDS issue MDSNO=1, the guest was to...

SUSE-SU-2020:0558-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-2732: Fixed an issue affecting Intel CPUs where an L2 guest may trick the L0 hypervisor into accessing sensitive L1 resources bsc1163971. -...

Unbreakable Enterprise kernel security update

4.1.12-124.36.1.1 - KVM: nVMX: Check IO instruction VM-exit conditions Oliver Upton Orabug: 30847137 CVE-2020-2732 - KVM: nVMX: Refactor IO bitmap checks into helper function Oliver Upton Orabug: 30847137 CVE-2020-2732 - KVM: nVMX: Dont emulate instructions in guest mode Paolo Bonzini Orabug:...

Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 7.5 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

MGASA-2020-0089 Updated kernel-linus packages fix security vulnerabilities

This update provides upstream 5.4.20, adding support for new hardware and features, and resolves at least the following security issues: In a Linux KVM guest that has PV TLB enabled, a process in the guest kernel may be able to read memory locations from another process in the same guest. This...

Unbreakable Enterprise kernel security update

4.1.12-124.36.1 - iscsi-target: graceful disconnect on invalid mapping to iovec Imran Haider Orabug: 30459537 - x86/microcode: Issue update message only once Borislav Petkov Orabug: 30528904 - x86/microcode/intel: Issue the revision updated message only on the BSP Borislav Petkov Orabug: 30528904...

openSUSE: Security Advisory for the Linux Kernel (openSUSE-SU-2019:2507-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Important: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 7.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availabl...

kernel security and bug fix update

2.6.32-754.25.1.OL6 - Update genkey Orabug: 25599697 2.6.32-754.25.1 - kvm KVM: VMX: Set VMENTERL1DFLUSHNOTREQUIRED if !X86BUGL1TF Waiman Long 1733760 - virt KVM: coalescedmmio: add bounds checking Bandan Das 1746799 CVE-2019-14821 - virt KVM: MMIO: Lock coalesced device when checking for availab...

SUSE-SU-2019:3289-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 kernel-azure was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2019-19531: Fixed a use-after-free due to a malicious USB device in the drivers/usb/misc/yurex.c driver, aka CID-fc05481b2fca bsc1158445. - CVE-2019-19543:...

SUSE-SU-2019:3258-1 Security update for the Linux Kernel (Live Patch 25 for SLE 12 SP3)

This update for the Linux Kernel 4.4.178-9491 fixes several issues. The following security issues were fixed: - CVE-2018-20856: Fixed a use-after-free in block/blk-core.c due to improper error handling bsc1156331. - CVE-2019-13272: Fixed a privilege escalation from user to root due to improper...

SUSE-SU-2019:3248-1 Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP1)

This update for the Linux Kernel 4.12.14-195 fixes several issues. The following security issues were fixed: - CVE-2019-13272: Fixed a privilege escalation from user to root due to improper handling of credentials by leveraging certain scenarios with a parent-child process relationship bsc1156321...