180 matches found
SUSE-SU-2023:4261-1 Security update for the Linux Kernel (Live Patch 36 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-15030059133 fixes several issues. The following security issues were fixed: - CVE-2023-4623: Fixed a use-after-free issue in the HFSC network scheduler which could be exploited to achieve local privilege escalation bsc1215440. - CVE-2023-4004: Fixed imprope...
SUSE-SU-2023:3627-1 Security update for the Linux Kernel (Live Patch 30 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-15030059115 fixes several issues. The following security issues were fixed: - CVE-2023-32233: Fixed a use-after-free in Netfilter nftables when processing batch requests bsc1211187. - CVE-2023-2156: Fixed a flaw in the networking subsystem within the handli...
MGASA-2023-0237 Updated kernel packages fix security vulnerabilities
This kernel update is based on upstream 5.15.120 and fixes atleast the following security issues: A flaw null pointer dereference in the Linux kernel DECnet networking protocol was found. A remote user could use this flaw to crash the system. This is fixed by removing DECnet support CVE-2023-3338...
MGASA-2023-0238 Updated kernel-linus packages fix security vulnerabilities
This kernel-linus update is based on upstream 5.15.120 and fixes atleast the following security issues: A flaw null pointer dereference in the Linux kernel DECnet networking protocol was found. A remote user could use this flaw to crash the system. This is fixed by removing DECnet support...
MGASA-2023-0173 Updated kernel-linus packages fix security vulnerabilities
This kernel-linus update is based on upstream 5.15.110 and fixes atleast the following security issues: A slab-out-of-bound read problem was found in brcmfgetassocies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c. This issue could occur when associnfo-reqlen data is bigger than t...
MGASA-2023-0166 Updated kernel packages fix security vulnerabilities
This kernel update is based on upstream 5.15.110 and fixes atleast the following security issues: A slab-out-of-bound read problem was found in brcmfgetassocies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c. This issue could occur when associnfo-reqlen data is bigger than the siz...
MGASA-2023-0149 Updated kernel-linus packages fix security vulnerability
This kernel-linus update is based on upstream 5.15.106 and fixes atleast the following security issues: A flaw was found in the Linux Kernel. The tun/tap sockets have their socket UID hardcoded to 0 due to a type confusion in their initialization function. While it will be often correct, as tunta...
MGASA-2023-0088 Updated kernel-linus packages fix security vulnerabilities
This kernel-linus update is based on upstream 5.15.98 and fixes atleast the following security issues: A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2 attacks on L1 due to L1 thinking it doesn't need retpolines o...
PT-2023-35181 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.90 Description: A potential security issue exists in the Linux Kernel. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prior to v5.15.90, upda...
MGASA-2023-0008 Updated kernel-linus packages fix security vulnerabilities
This kernel-linus update is based on upstream 5.15.88 and fixes atleast the following security issues: A use-after-free flaw was found in the Linux kernel’s SGI GRU driver in the way the first grufileunlockedioctl function is called by the user, where a fail pass occurs in the...
SUSE-SU-2022:4072-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-28748: Fixed a leak of kernel memory over the network by ax88179178a devices bsc1196018. - CVE-2022-1882: Fixed a use-after-free flaw in freepipeinfo th...
PT-2022-34766 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.19.12 Description: The issue is related to a potential security vulnerability in the Linux Kernel, specifically in the s390/dasd component. It is caused by a missing pavgroup, which can lead to an Oops in das...
MGASA-2022-0308 Updated kernel-linus packages fix security vulnerabilities
This kernel update is based on upstream 5.15.62 and fixes at least the following security issues: A use-after-free flaw was found in the Linux kernel Atheros wireless adapter driver in the way a user forces the ath9khtcwaitfortarget function to fail with some input messages. This flaw allows a...
SUSE-SU-2022:2745-1 Security update for the Linux Kernel (Live Patch 27 for SLE 12 SP5)
This update for the Linux Kernel 4.12.14-122106 fixes several issues. The following security issues were fixed: - CVE-2022-28389: Fixed a double free in drivers/net/can/usb/mcbausb.c vulnerability in the Linux kernel. bnc1198033 - CVE-2022-26490: Fixed a buffer overflow in the st21nfca driver. An...
SUSE-SU-2022:2699-1 Security update for the Linux Kernel (Live Patch 25 for SLE 12 SP4)
This update for the Linux Kernel 4.12.14-9593 fixes several issues. The following security issues were fixed: - CVE-2022-28389: Fixed a double free in drivers/net/can/usb/mcbausb.c vulnerability in the Linux kernel. bnc1198033 - CVE-2022-26490: Fixed a buffer overflow in the st21nfca driver. An...
SUSE-SU-2022:2549-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-29900, CVE-2022-29901: Fixed the RETBLEED attack, a new Spectre like Branch Target Buffer attack, that can leak arbitrary kernel information bsc1199657....
SUSE-SU-2022:2515-1 Security update for the Linux Kernel (Live Patch 19 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-1503005971 fixes several issues. The following security issues were fixed: - CVE-2022-20154: Fixed a use after free due to a race condition in locksocknested of sock.c. This could lead to local escalation of privilege with System execution privileges needed...
MGASA-2022-0230 Updated kernel-linus packages fix security vulnerabilities
This kernel-linus update is based on upstream 5.15.46 and fixes at least the following security issues: KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID CVE-2022-1789. KVM: x86: avoid calling x86 emulator without a decoded instruction CVE-2022-1852. A use-after-free vulnerability was...
MGASA-2022-0229 Updated kernel packages fix security vulnerabilities
This kernel update is based on upstream 5.15.46 and fixes at least the following security issues: KVM: x86: avoid calling x86 emulator without a decoded instruction CVE-2022-1852. A use-after-free vulnerability was found in the Linux kernel's Netfilter subsystem in net/netfilter/nftablesapi.c. Th...
MGASA-2022-0212 Updated kernel packages fix security vulnerabilities
This kernel update is based on upstream 5.15.43 and fixes at least the following security issues: A race condition in the perf subsystem allows for a local privilege escalation. NOTE: Mageia kernels by default has disabled the perf usage for unprivileged users, effectively rendering this...