SUSE-SU-2019:1768-1 Security update for the Linux Kernel (Live Patch 26 for SLE 12 SP3)

This update for the Linux Kernel 4.4.180-9497 fixes one issue. The following security issue was fixed: - CVE-2019-11487: The Linux kernel allowed page-refcount reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM exists. This is related to fs/fuse/dev.c,...

Unbreakable Enterprise kernel security update

4.14.35-1902.3.1 - x86/platform/UV: Mark tscchecksync as an init function [email protected] Orabug: 29701029 - mm, pagealloc: check for max order in hot path Michal Hocko Orabug: 29924411 - net/mlx5: FW tracer, Enable tracing Feras Daoud Orabug: 29717200 - net/mlx5: FW tracer, parse traces and...

SUSE-SU-2019:1692-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 kernel version 3.12.61 was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2019-11477: A sequence of SACKs may have been crafted by a remote attacker such that one can trigger an integer overflow, leading to a kernel...

SUSE-SU-2019:1671-1 Security update for the Linux Kernel (Live Patch 27 for SLE 12 SP2)

This update for the Linux Kernel 4.4.121-92101 fixes several issues. The following security issues were fixed: - CVE-2019-3846: A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless networ...

SUSE-SU-2019:1668-1 Security update for the Linux Kernel (Live Patch 32 for SLE 12 SP1)

This update for the Linux Kernel 3.12.74-6064107 fixes several issues. The following security issues were fixed: - CVE-2019-3846: A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless...

SUSE-SU-2019:1581-1 Security update for the Linux Kernel (Live Patch 6 for SLE 15)

This update for the Linux Kernel 4.12.14-2522 fixes several issues. The following security issues were fixed: - CVE-2019-3846: A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network...

Unbreakable Enterprise kernel security update

4.14.35-1902.2.0 - mm: account managed pages to correct zone during deferred page init Daniel Jordan Orabug: 29914836 4.14.35-1902.1.5 - CVE numbers for build v4.14.35-1902.1.3 and fixup Jack Vogel Orabug: 29890784 Orabug: 29884301 Orabug: 29884301 CVE-2019-11477 CVE-2019-11478 CVE-2019-11479...

Kernel security update: Virtuozzo ReadyKernel patch 80.0 for Virtuozzo 7.0 Update 10 HF1

The cumulative Virtuozzo ReadyKernel patch was updated with security and stability fixes. The patch applies to the kernel 3.10.0-957.12.2.vz7.86.2 Virtuozzo 7.0 Update 10 HF1. Vulnerability id: PSBM-94535 It was discovered that a certain sequence of operations related to IPv4 routing could trigge...

Unbreakable Enterprise kernel security update

4.14.35-1844.5.3 - x86/mds: Add empty commit for CVE-2019-11091 Konrad Rzeszutek Wilk Orabug: 29721848 CVE-2019-11091 - x86/speculation/mds: Make mdsmitigation mutable after init Konrad Rzeszutek Wilk Orabug: 29721835 CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 4.14.35-1844.5.2 - xen: Fix x86...

Unbreakable Enterprise kernel security update

4.1.12-124.27.1 - scsi: libfc: sanitize EDTOV and RATOV setting Hannes Reinecke Orabug: 25933179 - scsi: libfc: use configured rport EDTOV Hannes Reinecke Orabug: 25933179 - scsi: libfc: additional debugging messages Hannes Reinecke Orabug: 25933179 - scsi: libfc: don't advance state machine for...

kernel security update

3.10.0-957.12.2.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676 3.10.0-957.12.2 - x86 x86/speculation/mds: Add SMT warning message Waiman Long 1692597...

EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1513)

According to the versions of the kernel packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the USB-MIDI Linux kernel driver: a double-free error could be triggered for the 'umidi' object. A...

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

Unbreakable Enterprise kernel security update

4.14.35-1844.4.5.2 - x86/mds: Add empty commit for CVE-2019-11091 Konrad Rzeszutek Wilk Orabug: 29721848 CVE-2019-11091 - x86/speculation/mds: Make mdsmitigation mutable after init Konrad Rzeszutek Wilk Orabug: 29721835 CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 4.14.35-1844.4.5.1 -...

Unbreakable Enterprise kernel security update

2.6.39-400.310.1 - x86/speculation/mds: Make cpumatches cpuinit Patrick Colp Orabug: 29752091 CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091 - x86/speculation/mds: Only worry about firmware loaded microcode Patrick Colp Orabug: 29641786 CVE-2018-12126 CVE-2018-12130 CVE-2018-12127...

EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1517)

According to the versions of the kernel packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - A memory corruption flaw was found in the way the USB ConnectTech WhiteHEAT serial driver processed completion command...

kernel security and bug fix update

2.6.32-754.12.1.OL6 - Update genkey bug 25599697 2.6.32-754.12.1 - x86 vDSO: Don't generate retpoline for indirect call Waiman Long 1638552 - fs cifs: fix reparse point/symlink breakage Leif Sahlberg 1636484 - scsi qla2xxx: Mask off Scope bits in retry delay Himanshu Madhani 1588133 - net tcp: ma...

April 9, 2019—KB4493448 (Security-only update)

April 9, 2019—KB4493448 Security-only update Improvements and fixes This security update includes quality improvements. Key changes include: Provides protections against Spectre Variant 2 CVE-2017-5715 and Meltdown CVE-2017-5754 for VIA-based computers. These protections are enabled by default fo...

Unbreakable Enterprise kernel security update

2.6.39-400.308.1 - x86/fpu: Fix 32-bit signal frame handling Dave Hansen Orabug: 28874707 - x86/fpu: Factor out memsetxstate, 0 in fpufinit paths Oleg Nesterov Orabug: 28874707 - x86/fpu: Always allow FPU in interrupt if useeagerfpu Oleg Nesterov Orabug: 28874707 - x86/fpu: Don't do threadfpuend ...

Unbreakable Enterprise kernel security update

kernel-uek 3.8.13-118.32.1 - x86/fpu: Factor out memsetxstate, 0 in fpufinit paths Oleg Nesterov Orabug: 29012034 - x86/fpu: Always allow FPU in interrupt if useeagerfpu Oleg Nesterov Orabug: 29012034 - x86/fpu: Fix 32-bit signal frame handling Dave Hansen Orabug: 29012034 - x86/fpu: Don't do...