4641 matches found
kernel security, bug fix, and enhancement update
4.18.0-372.26.1.0.16.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32...
CVE-2021-0942
The path in this case is a little bit convoluted. The end result is that via an ioctl an untrusted app can control the ui32PageIndex offset in the expression:sPA.uiAddr = pagetophyspsOSPageArrayData-pagearrayui32PageIndex;With the current PoC this crashes as an OOB read. However, given that the O...
Moderate: Red Hat Security Advisory: kernel security, bug fix, and enhancement update
An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
kernel security, bug fix, and enhancement update
An update is available for kernel. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...
Moderate: kernel security, bug fix, and enhancement update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: Incomplete cleanup of multi-core shared buffers aka SBDR CVE-2022-21123 Incomplete cleanup of microarchitectural fill buffers aka SBDS CVE-2022-21125 Incomplete cleanup in specific special regist...
Exploit for Incorrect Conversion between Numeric Types in Linux Linux_Kernel
CVE-2022-2639 using pipe primitive CVE-2022-2639https://...
CVE-2022-20148
In TBD of TBD, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...
CVE-2022-1016
A flaw was found in the Linux kernel in net/netfilter/nftablescore.c:nftdochain, which can cause a use-after-free. This issue needs to handle 'return' with proper preconditions, as it can lead to a kernel information leak problem caused by a local, unprivileged attacker...
CVE-2021-4028
A flaw in the Linux kernel's implementation of RDMA communications manager listener code allowed an attacker with local access to setup a socket to listen on a high port allowing for a list element to be used after free. Given the ability to execute code, a local attacker could leverage this...
OESA-2022-1844 kernel security update
Security Fixes: The Linux kernel before 5.18.13 lacks a certain clear operation for the block starting symbol .bss. This allows Xen PV guest OS users to cause a denial of service or gain privileges.CVE-2022-36123 In v4l2m2mquerybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to...
OESA-2022-1846 kernel security update
Security Fixes: The Linux kernel before 5.18.13 lacks a certain clear operation for the block starting symbol .bss. This allows Xen PV guest OS users to cause a denial of service or gain privileges.CVE-2022-36123 In v4l2m2mquerybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to...
SUSE-SU-2022:2809-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-36557: Fixed a race condition between the VTDISALLOCATE ioctl and closing/opening of ttys could lead to a use-after-free bnc1201429. - CVE-2020-36558:...
SUSE-SU-2022:2808-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-26341: Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage bsc1201050. -...
SUSE-SU-2022:2779-1 Security update for the Linux Kernel (Live Patch 26 for SLE 15 SP2)
This update for the Linux Kernel 5.3.18-15020024112 fixes several issues. The following security issues were fixed: - CVE-2022-1679: Fixed a use-after-free in the Atheros wireless driver in the way a user forces the ath9khtcwaitfortarget function to fail with some input messages bsc1199487. -...
SUSE-SU-2022:2761-1 Security update for the Linux Kernel (Live Patch 22 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-1503005987 fixes several issues. The following security issues were fixed: - CVE-2022-1116: Fixed a integer overflow vulnerability in iouring which allowed a local attacker to cause memory corruption and escalate privileges to root bnc1199647. -...
SUSE-SU-2022:2750-1 Security update for the Linux Kernel (Live Patch 29 for SLE 15)
This update for the Linux Kernel 4.12.14-15000015089 fixes several issues. The following security issues were fixed: - CVE-2022-1419: Fixed a concurrency use-after-free in vgemgemdumbcreate bsc1198742. - CVE-2022-1679: Fixed a use-after-free in the Atheros wireless driver in the way a user forces...
kernel security, bug fix, and enhancement update
5.14.0-70.22.1.0.10.OL9 lockdown: also lock down previous kgdb use Daniel Thompson Orabug: 34290418 CVE-2022-21499 5.14.0-70.22.10.OL9 Update Oracle Linux certificates Kevin Lyons Disable signing for aarch64 Ilya Okomin Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys lis...
ALSA-2022:6003 Moderate: kernel security, bug fix, and enhancement update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: information leak in scsiioctl CVE-2022-0494 use-after-free in tcnewtfilter in net/sched/clsapi.c CVE-2022-1055 For more details about the security issues, including the impact, a CVSS score,...
SUSE-SU-2022:2696-1 Security update for the Linux Kernel (Live Patch 19 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-1503005971 fixes several issues. The following security issues were fixed: - CVE-2022-34918: Fixed a buffer overflow with nftseteleminit that could be used by a local attacker to escalate privileges bnc1201171. - CVE-2022-1679: Fixed a use-after-free in the...
GSD-2022-1004350 tcp: Fix a data-race around sysctl_tcp_probe_threshold.
tcp: Fix a data-race around sysctltcpprobethreshold. This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.58 by commit...