RXSA-2023:1566 Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: stack overflow in doprocdointvec and procskipspaces CVE-2022-4378 ALSA: pcm: Move rwsem lock inside sndctlelemread to prevent UAF CVE-2023-0266 kernel: FUSE filesystem low-privileged user...

CVE-2023-21492

Kernel pointers are printed in the log file prior to SMR May-2023 Release 1 allows a privileged local attacker to bypass ASLR...

Use Of Uninitialized Variable

linux-gke is vulnerable to Use of Uninitialized Variable. The vulnerability allows users with the ability to execute high-privileged code to exploit the flaws within 'nftosfeval function' causing a lack of proper initialization of memory prior to accessing it resulting in the attacker gaining...

CLSA-2023-1682712108 kernel: Fix of 7 CVEs

mISDN: fix use-after-free bugs in l1oip timer handlers CVE-2022-3565 - media: rc: Fix use-after-free bugs caused by enetxirqsim CVE-2023-1118 - Bluetooth: btsdio: fix use after free bug in btsdioremove due to unfinished work CVE-2023-1989 - proc: procskipspaces shouldn't think it is working on C...

CLSA-2023-1682711481 kernel: Fix of 7 CVEs

mISDN: fix use-after-free bugs in l1oip timer handlers CVE-2022-3565 - media: rc: Fix use-after-free bugs caused by enetxirqsim CVE-2023-1118 - Bluetooth: btsdio: fix use after free bug in btsdioremove due to unfinished work CVE-2023-1989 - proc: procskipspaces shouldn't think it is working on C...

kernel security and bug fix update

3.10.0-1160.90.1.0.1.OL7 - debug: lock down kgdb Orabug: 34270798 CVE-2022-21499 3.10.0-1160.90.1.OL7 - Update Oracle Linux certificates Ilya Okomin - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug: 2481767...

SUSE-SU-2023:1992-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-5753: Fixed spectre V1 vulnerability on netlink bsc1209547. - CVE-2017-5753: Fixed spectre vulnerability in prlimit bsc1209256. - CVE-2022-4744: Fixe...

SUSE-SU-2023:1982-1 Security update for the Linux Kernel (Live Patch 35 for SLE 15 SP1)

This update for the Linux Kernel 4.12.14-150100197126 fixes several issues. The following security issues were fixed: - CVE-2023-0590: Fixed race condition in qdiscgraft bsc1207795. - CVE-2023-1118: Fixed a use-after-free bugs caused by enetxirqsim in media/rc bsc1208837...

SUSE-SU-2023:1977-1 Security update for the Linux Kernel RT (Live Patch 3 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-1504001511 fixes several issues. The following security issues were fixed: - CVE-2023-1652: Fixed use-after-free that could lead to DoS and information leak in nfsd4sscsetupdul in fs/nfsd/nfs4proc.c bsc1209788. - CVE-2023-1118: Fixed a use-after-free bugs...

Unbreakable Enterprise kernel security update

4.14.35-2047.524.5 - rds/ib: Fix the softlock-up in RDS cache GC worker Arumugam Kolappan Orabug: 35079728 4.14.35-2047.524.4 - xfs: add missing cmap-brstate = XFSEXTNORM update Gao Xiang Orabug: 35202792 - x86/tsc: Disable clocksource watchdog for TSC on qualified platorms Feng Tang Orabug:...

RLSA-2023:1566 Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: stack overflow in doprocdointvec and procskipspaces CVE-2022-4378 ALSA: pcm: Move rwsem lock inside sndctlelemread to prevent UAF CVE-2023-0266 kernel: FUSE filesystem low-privileged user...

kernel security, bug fix, and enhancement update

An update is available for kernel. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...

Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

OESA-2023-1198 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: A use after free vulnerability exists in the ALSA PCM package in the Linux Kernel. SNDRVCTLIOCTLELEMREAD|WRITE32 is missing locks that can be used in a use-after-free that can result in a priviledge escalation to gain ring0 acces...

OESA-2023-1199 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: A use after free vulnerability exists in the ALSA PCM package in the Linux Kernel. SNDRVCTLIOCTLELEMREAD|WRITE32 is missing locks that can be used in a use-after-free that can result in a priviledge escalation to gain ring0 acces...

SUSE-SU-2023:1640-1 Security update for the Linux Kernel (Live Patch 39 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122147 fixes several issues. The following security issues were fixed: - CVE-2023-26545: Fixed double free in net/mpls/afmpls.c upon an allocation failure bsc1208909. - CVE-2023-0266: Fixed a use-after-free vulnerability inside the ALSA PCM package...

CBL Mariner 2.0 Security Update: kernel (CVE-2023-22998)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-22998 advisory. - In the Linux kernel before 6.0.3, drivers/gpu/drm/virtio/virtgpuobject.c misinterprets the...

Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

LSN-0093-1 Kernel Live Patch Security Notice

Davide Ornaghi discovered that the netfilter subsystem in the Linux kernel did not properly handle VLAN headers in some situations. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code.CVE-2023-0179 It was discovered that the Upper Level...

PT-2023-15734 · Huawei · Emui +1

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned, so: Some products affected versions not specified Description: The issue concerns a double fetch vulnerability. Successful exploitation of this vulnerability may cause denial of service DoS...