SUSE-SU-2022:2750-1 Security update for the Linux Kernel (Live Patch 29 for SLE 15)

This update for the Linux Kernel 4.12.14-15000015089 fixes several issues. The following security issues were fixed: - CVE-2022-1419: Fixed a concurrency use-after-free in vgemgemdumbcreate bsc1198742. - CVE-2022-1679: Fixed a use-after-free in the Atheros wireless driver in the way a user forces...

kernel security, bug fix, and enhancement update

5.14.0-70.22.1.0.10.OL9 lockdown: also lock down previous kgdb use Daniel Thompson Orabug: 34290418 CVE-2022-21499 5.14.0-70.22.10.OL9 Update Oracle Linux certificates Kevin Lyons Disable signing for aarch64 Ilya Okomin Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys lis...

ALSA-2022:6003 Moderate: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: information leak in scsiioctl CVE-2022-0494 use-after-free in tcnewtfilter in net/sched/clsapi.c CVE-2022-1055 For more details about the security issues, including the impact, a CVSS score,...

SUSE-SU-2022:2696-1 Security update for the Linux Kernel (Live Patch 19 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-1503005971 fixes several issues. The following security issues were fixed: - CVE-2022-34918: Fixed a buffer overflow with nftseteleminit that could be used by a local attacker to escalate privileges bnc1201171. - CVE-2022-1679: Fixed a use-after-free in the...

GSD-2022-1004350 tcp: Fix a data-race around sysctl_tcp_probe_threshold.

tcp: Fix a data-race around sysctltcpprobethreshold. This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.58 by commit...

CVE-2020-36558

A race condition in the Linux kernel before 5.5.7 involving VTRESIZEX could lead to a NULL pointer dereference and general protection fault...

SUSE-SU-2022:2461-1 Security update for the Linux Kernel (Live Patch 26 for SLE 15 SP2)

This update for the Linux Kernel 5.3.18-15020024112 fixes several issues. The following security issues were fixed: - CVE-2022-20154: Fixed a use after free due to a race condition in locksocknested of sock.c. This could lead to local escalation of privilege with System execution privileges neede...

SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2022:2422-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2422-1 advisory. - Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in...

SUSE-SU-2022:2444-1 Security update for the Linux Kernel (Live Patch 23 for SLE 12 SP4)

This update for the Linux Kernel 4.12.14-9583 fixes several issues. The following security issues were fixed: - CVE-2022-20154: Fixed a use after free due to a race condition in locksocknested of sock.c. This could lead to local escalation of privilege with System execution privileges needed...

CVE-2021-33655

When sending malicous data to kernel by ioctl cmd FBIOPUTVSCREENINFO,kernel will write memory out of bounds...

Out-of-bounds

When setting font with malicous data by ioctl cmd PIOFONT,kernel will write memory out of bounds...

SUSE-SU-2022:2382-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-29900, CVE-2022-29901: Fixed the RETBLEED attack, a new Spectre like Branch Target Buffer attack, that can leak arbitrary kernel information bsc1199657....

RLSA-2022:5564 Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: race condition in perfeventopen leads to privilege escalation CVE-2022-1729 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other...

ALSA-2022:5564 Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: race condition in perfeventopen leads to privilege escalation CVE-2022-1729 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other...

Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: race condition in perfeventopen leads to privilege escalation CVE-2022-1729 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other...

Unbreakable Enterprise kernel security update

5.15.0-0.30.20 - floppy: use a statically allocated error counter Willy Tarreau Orabug: 34218638 CVE-2022-1652 - x86: Disable RET on kexec Konrad Rzeszutek Wilk Orabug: 34335631 CVE-2022-29901 CVE-2022-23816 - x86/bugs: do not enable IBPB-on-entry when IBPB is not supported Thadeu Lima de Souza...

kernel security and bug fix update

3.10.0-1160.71.1.0.1 - debug: lock down kgdb Orabug: 34270798 CVE-2022-21499 3.10.0-1160.71.1.OL7 - Update Oracle Linux certificates Ilya Okomin - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug: 24817676 -...

Important: kernel security and bug fix update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Small table perturb size in the TCP source port generation algorithm can lead to information leak CVE-2022-1012 kernel: race condition in perfeventopen leads to privilege escalation...

Important: kernel security and bug fix update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: buffer overflow in IPsec ESP transformation code CVE-2022-27666 kernel: out-of-bounds read in fbcongetfont function CVE-2020-28915 For more details about the security issues, including th...

GSD-2022-1002821 drm/plane: Move range check for format_count earlier

drm/plane: Move range check for formatcount earlier This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.18.3 by commit...