Lucene search
K

180 matches found

OSV
OSV
added 2022/05/28 8:56 a.m.6 views

MGASA-2022-0212 Updated kernel packages fix security vulnerabilities

This kernel update is based on upstream 5.15.43 and fixes at least the following security issues: A race condition in the perf subsystem allows for a local privilege escalation. NOTE: Mageia kernels by default has disabled the perf usage for unprivileged users, effectively rendering this...

7CVSS7AI score0.00612EPSS
Exploits0References4
OSV
OSV
added 2022/05/21 8:50 a.m.7 views

MGASA-2022-0195 Updated kernel-linus packages fix security vulnerabilities

This kernel-linus update is based on upstream 5.15.41 and fixes at least the following security issues: A flaw was found in unrestricted eBPF usage by the BPFBTFLOAD, leading to a possible out-of-bounds memory write in the Linux kernel BPF subsystem due to the way a user loads BTF. This flaw allo...

8.2CVSS7.5AI score0.02972EPSS
Exploits7References8
OSV
OSV
added 2022/05/21 8:50 a.m.13 views

MGASA-2022-0194 Updated kernel packages fix security vulnerabilities

This kernel update is based on upstream 5.15.41 and fixes at least the following security issues: A flaw was found in unrestricted eBPF usage by the BPFBTFLOAD, leading to a possible out-of-bounds memory write in the Linux kernel BPF subsystem due to the way a user loads BTF. This flaw allows a...

8.2CVSS7.5AI score0.02972EPSS
Exploits7References8
OSV
OSV
added 2022/04/15 2:5 a.m.8 views

SUSE-SU-2022:1242-1 Security update for the Linux Kernel (Live Patch 20 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-12277 fixes several issues. The following security issues were fixed: - CVE-2022-27666: Fixed a buffer overflow vulnerability in IPsec ESP transformation code. This flaw allowed a local attacker with a normal user privilege to overwrite kernel heap objects...

7.8CVSS8AI score0.05524EPSS
Exploits5References5
OSV
OSV
added 2022/04/14 8:34 p.m.9 views

SUSE-SU-2022:1230-1 Security update for the Linux Kernel (Live Patch 26 for SLE 15)

This update for the Linux Kernel 4.12.14-15078 fixes one issue. The following security issue was fixed: - CVE-2022-27666: Fixed a buffer overflow vulnerability in IPsec ESP transformation code. This flaw allowed a local attacker with a normal user privilege to overwrite kernel heap objects and ma...

7.8CVSS7.7AI score0.05524EPSS
Exploits2References3
OSV
OSV
added 2022/04/14 6:3 a.m.6 views

SUSE-SU-2022:1194-1 Security update for the Linux Kernel (Live Patch 20 for SLE 15 SP2)

This update for the Linux Kernel 5.3.18-2486 fixes several issues. The following security issues were fixed: - CVE-2022-27666: Fixed a buffer overflow vulnerability in IPsec ESP transformation code. This flaw allowed a local attacker with a normal user privilege to overwrite kernel heap objects a...

7.8CVSS8.6AI score0.05524EPSS
Exploits5References7
OSV
OSV
added 2022/04/13 7:4 p.m.6 views

SUSE-SU-2022:1189-1 Security update for the Linux Kernel (Live Patch 27 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122106 fixes several issues. The following security issues were fixed: - CVE-2022-27666: Fixed a buffer overflow vulnerability in IPsec ESP transformation code. This flaw allowed a local attacker with a normal user privilege to overwrite kernel heap object...

7.8CVSS8AI score0.05524EPSS
Exploits5References5
OSV
OSV
added 2022/03/30 7:36 a.m.9 views

SUSE-SU-2022:1037-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-25636: Fixed an issue which allowed a local users to gain privileges because of a heap out-of-bounds write in nfdupnetdev.c, related to nftablesoffload...

7.8CVSS8AI score0.02633EPSS
Exploits11References50
OSV
OSV
added 2022/03/29 2:25 p.m.6 views

MGASA-2022-0121 Updated kernel packages fix security vulnerabilities

This kernel update is based on upstream 5.15.32 and fixes at least the following security issues: An out-of-bounds OOB memory write flaw was found in the Linux kernel’s watchqueue event notification subsystem. This flaw can overwrite parts of the kernel state, potentially allowing a local user to...

7.8CVSS7.6AI score0.06197EPSS
Exploits24References6
OSV
OSV
added 2022/03/09 5:3 p.m.17 views

MGASA-2022-0095 Updated kernel-linus packages fix security vulnerabilities

This kernel-linus update is based on upstream 5.15.26 and fixes at least the following security issues: A vulnerability in the Linux kernel since version 5.8 due to uninitialized variables. It enables anybody to write arbitrary data to arbitrary files, even if the file is ORDONLY, immutable or on...

7.8CVSS6.6AI score0.88106EPSS
Exploits107References5
OSV
OSV
added 2022/02/01 11:16 a.m.8 views

SUSE-SU-2022:0270-1 Security update for the Linux Kernel (Live Patch 7 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-5927 fixes several issues. The following security issues were fixed: - CVE-2022-0185: Incorrect param length parsing in legacyparseparam which could have led to a local privilege escalation bsc1194517. - CVE-2021-4028: Fixed use-after-free in RDMA listen th...

8.4CVSS8.2AI score0.25151EPSS
Exploits11References7
OSV
OSV
added 2021/12/29 7:12 p.m.12 views

MGASA-2021-0588 Updated kernel packages fix security vulnerabilities

This kernel update is based on upstream 5.15.11 and fixes at least the following security issues: netdevsim: Zero-initialize memory for new map's value in function nsimbpfmapalloc CVE-2021-4135. Potentially malicious XEN PV backends can cause guest DoS due to unhardened frontends in the guests,...

7.8CVSS6.7AI score0.00549EPSS
Exploits1References6
OSV
OSV
added 2021/12/21 11:27 p.m.12 views

MGASA-2021-0574 Updated kernel packages fix security vulnerabilities

This kernel update is based on upstream 5.15.10 and fixes at least the following security issues: A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call close and fget simultaneously and can potentially trigger a...

7.8CVSS7.7AI score0.00513EPSS
Exploits3References9
OSV
OSV
added 2021/12/05 7:6 p.m.9 views

MGASA-2021-0538 Updated kernel packages fix security vulnerabilities

This kernel update is based on upstream 5.15.6 and fixes at least the following security issues: A vulnerability was found in Linux kernel, where a use-after-frees in nouveau's postclose handler could happen if removing device that is not common to remove video card physically without power-off,...

4.7CVSS5.5AI score0.00515EPSS
Exploits1References4
OSV
OSV
added 2021/11/11 3:2 p.m.19 views

MGASA-2021-0507 Updated kernel packages fix security vulnerabilities

This kernel update is based on upstream 5.10.78 and fixes at least the following security issues: A use-after-free vulnerability in the NFC stack can lead to a threat to confidentiality, integrity, and system availability CVE-2021-3760. A flaw in the SCTP stack where a blind attacker may be able ...

9.8CVSS7AI score0.57853EPSS
Exploits4References5
OSV
OSV
added 2021/10/12 3:8 p.m.7 views

SUSE-SU-2021:3386-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP56 kernel was updated. The following security bugs were fixed: - CVE-2020-3702: Fixed a bug which could be triggered with specifically timed and handcrafted traffic and cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a...

7.9CVSS7.1AI score0.01736EPSS
Exploits2References44
OSV
OSV
added 2021/09/08 9:23 a.m.8 views

MGASA-2021-0419 Updated kernel-linus packages fix security vulnerabilities

This kernel-linus update is based on upstream 5.10.62 and fixes at least the following security issues: Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over...

7.1CVSS6.7AI score0.0072EPSS
Exploits3References4
OSV
OSV
added 2021/09/08 9:23 a.m.10 views

MGASA-2021-0418 Updated kernel packages fix security vulnerabilities

This kernel update is based on upstream 5.10.62 and fixes at least the following security issues: A flaw use-after-free in function scosocksendmsg of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIOREGISTER or other way triggers race condition of the call scoconndel...

7.1CVSS6.2AI score0.0072EPSS
Exploits4References5
OSV
OSV
added 2021/07/22 7:8 a.m.10 views

MGASA-2021-0367 Updated kernel-linus packages fix security vulnerabilities

This kernel-linus update is based on upstream 5.10.52 and fixes at least the following security issues: There is a race condition in net/can/bcm.c that can lead to local privilege escalation to root CVE-2021-3609. A vulnerability was found in the Linux kernel. Missing size validations on inbound...

7.8CVSS6.3AI score0.09729EPSS
Exploits7References8
OSV
OSV
added 2021/07/12 8:26 p.m.16 views

MGASA-2021-0347 Updated kernel packages fix security vulnerabilities

This kernel update is based on upstream 5.10.48 and fixes at least the following security issues: The Linux kernel through 5.8.13 does not properly enforce the Secure Boot Forbidden Signature Database aka dbx protection mechanism. This affects certs/blacklist.c and certs/systemkeyring.c...

8.7CVSS7.1AI score0.0066EPSS
Exploits2References4
Rows per page
Query Builder