kernel: RDMA/rxe: Return CQE error if invalid lkey was supplied

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Return CQE error if invalid lkey was supplied RXE is missing update of WQE status in LOCALWRITE failures. This caused the following kernel panic if someone sent an atomic operation with an explicitly wrong lkey. leonro@...

kernel: dm rq: don't queue request to blk-mq during DM suspend

In the Linux kernel, the following vulnerability has been resolved: dm rq: don't queue request to blk-mq during DM suspend DM uses blk-mq's quiesce/unquiesce to stop/start device mapper queue. But blk-mq's unquiesce may come from outside events, such as elevator switch, updating nrrequests or...

udisks2: insecure defaults in user-accessible mount helpers allow for a DoS

A vulnerability found in udisks2. This flaw allows an attacker to input a specially crafted image file/USB leading to kernel panic. The highest threat from this vulnerability is to system availability...

kernel: IPv6: panic in fib6_rule_suppress when fib6_rule_lookup fails

A flaw was found in the IPv6 module of the Linux kernel. The arg.result was not used consistently in fib6rulelookup, sometimes holding rt6info and other times fib6info. This was not accounted for in other parts of the code where rt6info was expected unconditionally, potentially leading to a kerne...

RHEL 8 : kpatch-patch (RHSA-2022:1619)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:1619 advisory. This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Security Fixe...

Cisco Unified Communications Products DoS (cisco-sa-ucm-dos-zHS9X9kD)

A vulnerability in the Cisco Discovery Protocol of Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an unauthenticated, adjacent attacker to cause a kernel panic on an affected system, resulting in a...

Important: Red Hat Security Advisory: kpatch-patch security update

An update is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

EulerOS 2.0 SP8 : udisks2 (EulerOS-SA-2022-1589)

According to the versions of the udisks2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A vulnerability found in udisks2. This flaw allows an attacker to input a specially crafted image file/USB leading to kernel panic. The highest...

GSD-2022-1001736 ath11k: fix kernel panic during unload/load ath11k modules

ath11k: fix kernel panic during unload/load ath11k modules This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.34 by commit...

GSD-2022-1001412 ath11k: fix kernel panic during unload/load ath11k modules

ath11k: fix kernel panic during unload/load ath11k modules This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.16.20 by commit...

GSD-2022-1001075 ath11k: fix kernel panic during unload/load ath11k modules

ath11k: fix kernel panic during unload/load ath11k modules This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.17.3 by commit...

CVE-2022-20804

A vulnerability in the Cisco Discovery Protocol of Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an unauthenticated, adjacent attacker to cause a kernel panic on an affected system, resulting in a...

CVE-2022-20804

A vulnerability in the Cisco Discovery Protocol of Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an unauthenticated, adjacent attacker to cause a kernel panic on an affected system, resulting in a...

Race condition

A vulnerability in the Cisco Discovery Protocol of Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an unauthenticated, adjacent attacker to cause a kernel panic on an affected system, resulting in a...

CVE-2022-20804 Cisco Unified Communications Products Denial of Service Vulnerability

A vulnerability in the Cisco Discovery Protocol of Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an unauthenticated, adjacent attacker to cause a kernel panic on an affected system, resulting in a...

EulerOS 2.0 SP10 : udisks2 (EulerOS-SA-2022-1522)

According to the versions of the udisks2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A vulnerability found in udisks2. This flaw allows an attacker to input a specially crafted image file/USB leading to kernel panic. The highest...

CVE-2022-20804

A vulnerability in the Cisco Discovery Protocol of Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an unauthenticated, adjacent attacker to cause a kernel panic on an affected system, resulting in a...

EulerOS 2.0 SP10 : udisks2 (EulerOS-SA-2022-1521)

According to the versions of the udisks2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A vulnerability found in udisks2. This flaw allows an attacker to input a specially crafted image file/USB leading to kernel panic. The highest...

Huawei EulerOS: Security Advisory for udisks2 (EulerOS-SA-2022-1521)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

FreeBSD -- zlib compression out-of-bounds write

Problem Description: Certain inputs can cause zlib's compression routine to overwrite an internal buffer with compressed data. This issue may require the use of uncommon or non-default compression parameters. Impact: The out-of-bounds write may result in memory corruption and an application crash...