openSUSE 15 Security Update : virtualbox (openSUSE-SU-2024:0364-1)

The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2024:0364-1 advisory. Update to release 7.1.4: NAT: Fixed DHCP problems with certain guests when domain is empty VMSVGA: Improved flickering, black screen and other...

CVE-2024-50112

In CVE-2024-50112, the Linux kernel fixes a weakness in Linear Address Masking (LAM) on x86 by disabling LAM in most cases. The vulnerability stems from transient execution risk related to LAM unless Linear Address Space Separation (LASS) is active. Until LASS support lands, LAM should only be al...

USN-7028-1: Linux kernel vulnerabilities

It was discovered that the JFS file system contained an out-of-bounds read vulnerability when printing xattr debug information. A local attacker could use this to cause a denial of service system crash. Several security issues were discovered in the Linux kernel. An attacker could possibly use...

USN-6069-1 linux-raspi, linux-raspi-5.4, linux-raspi2 vulnerability

It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the...

USN-6052-1 linux-ibm-5.4, linux-snapdragon vulnerability

It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the...

Unbreakable Enterprise kernel security update

5.4.17-2136.313.6 - Uninitialized variable imageext in fixupvdsoexception of extable.c Alok Tiwari Orabug: 33000550 - NFSD: fix use-after-free on source server when doing inter-server copy Dai Ngo Orabug: 34475857 - EDAC/mceamd: Do not load edacmceamd module on guests Smita Koralahalli Orabug:...

Security update for virtualbox (important)

openSUSE Security Update: Security update for virtualbox Announcement ID: openSUSE-SU-2022:10152-1 Rating: important References: 1201720 1203086 1203306 1203370 1203735 1204019 Cross-References: CVE-2022-21554 CVE-2022-21571 CVSS scores: CVE-2022-21554 NVD : 4.4...

Security update for virtualbox (important)

openSUSE Security Update: Security update for virtualbox Announcement ID: openSUSE-SU-2022:10129-1 Rating: important References: 1201720 1203086 1203306 1203370 Cross-References: CVE-2022-21554 CVE-2022-21571 CVSS scores: CVE-2022-21554 NVD : 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H...

kernel security, bug fix, and enhancement update

An update is available for kernel. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...

ALSA-2022:5564 Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: race condition in perfeventopen leads to privilege escalation CVE-2022-1729 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other...

MGASA-2022-0197 Updated nvidia390 packages fix security vulnerabilities

Updated nvidia390 packages fix security vulnerabilities: NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer, where an unprivileged regular user on the network can cause an out-of-bounds write through a specially crafted shader, which may lead to code execution, denial of...

SUSE-SU-2021:3899-1 Security update for aaa_base

This update for aaabase fixes the following issues: - Allowed ping and ICMP commands without CAPNETRAW bsc1174504. - Add $HOME/.local/bin to PATH, if it exists bsc1192248. - Fixed getkernelversion.c to work also for recent kernels on the s390/X platform bsc1191563. - Support xz compressed kernel...

MGASA-2021-0509 Updated openafs packages fix security vulnerability

Openafs packages have been updated to 1.9.1 for various bugfixes, and added a fix for security vulnerability: There exist in the wild AFS3 clients that improperly construct access control lists which are then stored to directories via RXAFSStoreACL opcode 134. These clients add negative access...

SUSE-SU-2021:2861-1 Security update for spectre-meltdown-checker

This update for spectre-meltdown-checker fixes the following issues: spectre-meltdown-checker was updated to version 0.44 bsc1189477 - feat: add support for SRBDS related vulnerabilities - feat: add zstd kernel decompression 370 - enh: arm: add experimental support for binary arm images - enh: rs...

Security update for virtualbox (important)

openSUSE Security Update: Security update for virtualbox Announcement ID: openSUSE-SU-2021:1092-1 Rating: important References: 1188045 1188105 1188535 1188536 1188537 1188538 Cross-References: CVE-2021-2409 CVE-2021-2442 CVE-2021-2443 CVE-2021-2454 CVSS scores: CVE-2021-2409 NVD : 8.2...

microcode_ctl security, bug fix and enhancement update

4:20210216-1.20210525.0.1 - add support for UEK6 kernels - remove no longer appropriate caveats for 06-2d-07 and 06-55-04 4:20210216-1.20210525.1 - Update Intel CPU microcode to microcode-20210525 release, addresses CVE-2020-24489, CVE-2020-24511, CVE-2020-24512, and CVE-2020-24513 1962663,...

Security update for virtualbox (important)

openSUSE Security Update: Security update for virtualbox Announcement ID: openSUSE-SU-2021:0165-1 Rating: important References: 1181197 1181198 Cross-References: CVE-2021-2074 CVE-2021-2129 Affected Products: openSUSE Leap 15.2 An update that fixes two vulnerabilities is now available. Descriptio...

SUSE SLED15 / SLES15 Security Update : libvirt (SUSE-SU-2020:3037-1)

This update for libvirt fixes the following issues : CVE-2020-15708: Added a note to libvirtd.conf about polkit auth in SUSE distros bsc1174955. CVE-2020-25637: Fixed a double free in qemuAgentGetInterfaces bsc1177155. qemu: Adjust max memlock on mdev hotplug bsc1177480. Xen: Don't add dom0 twice...

microcode_ctl security, bug fix and enhancement update

4:20200609-2.20201027.1.0.1 - add support for UEK6 kernels - remove no longer appropriate caveats for 06-2d-07 and 06-55-04 4:20200609-2.20201027.1 - Update Intel CPU microcode to microcode-20201027 release, addresses CVE-2020-8694, CVE-2020-8695, CVE-2020-8696, CVE-2020-8698 1893265, 1893253,...

openSUSE Security Update : libvirt (openSUSE-2020-1778)

This update for libvirt fixes the following issues : - CVE-2020-15708: Added a note to libvirtd.conf about polkit auth in SUSE distros bsc1174955. - CVE-2020-25637: Fixed a double free in qemuAgentGetInterfaces bsc1177155. - qemu: Adjust max memlock on mdev hotplug bsc1177480. - Xen: Don't add do...