[Important] [Security] Virtuozzo ReadyKernel Patch 161.0 for Virtuozzo Hybrid Server 7.5

The cumulative Virtuozzo ReadyKernel patch was updated with security fixes. The patch applies to all supported kernels of Virtuozzo Hybrid Server 7.5. Vulnerability id: PSBM-150027 3.10.0-1160.53.1.vz7.185.3 to 3.10.0-1160.90.1.vz7.200.7 A race condition in 'venetdev' leads to corrupted data in...

SUSE CVE-2023-32629

Local privilege escalation vulnerability in Ubuntu Kernels overlayfs ovlcopyupmetainodedata skip permission checks when calling ovldosetxattr on Ubuntu kernels...

CVE-2023-32629

Local privilege escalation vulnerability in Ubuntu Kernels overlayfs ovlcopyupmetainodedata skip permission checks when calling ovldosetxattr on Ubuntu kernels...

CVE-2023-32629

Local privilege escalation vulnerability in Ubuntu Kernels overlayfs ovlcopyupmetainodedata skip permission checks when calling ovldosetxattr on Ubuntu kernels...

Privilege escalation

Local privilege escalation vulnerability in Ubuntu Kernels overlayfs ovlcopyupmetainodedata skip permission checks when calling ovldosetxattr on Ubuntu kernels...

AZL-27272 CVE-2023-3312 affecting package kernel for versions less than 5.15.118.1-2

A vulnerability was found in drivers/cpufreq/qcom-cpufreq-hw.c in cpufreq subsystem in the Linux Kernel. This flaw, during device unbind will lead to double release problem leading to denial of service...

grub2 security update

2.06-46.0.4.el91.3 - Bump SBAT metadata for grub to 3 Orabug: 34872719 - Fix CVE-2022-3775 Orabug: 34871953 - Enable signing for aarch64 EFI - Fix signing certificate names - Enable back btrfs grub module for EFI pre-built image Orabug: 34360986 - Replaced bugzilla.oracle.com references Orabug:...

CVE-2023-2640

On Ubuntu kernels carrying both c914c0e27eb0 and "UBUNTU: SAUCE: overlayfs: Skip permission checking for trusted.overlayfs. xattrs", an unprivileged user may set privileged extended attributes on the mounted files, leading them to be set on the upper files without the appropriate security checks...

CVE-2023-32629

Local privilege escalation vulnerability in Ubuntu Kernels overlayfs ovlcopyupmetainodedata skip permission checks when calling ovldosetxattr on Ubuntu kernels...

PT-2023-4062

Name of the Vulnerable Software and Affected Versions Ubuntu kernels affected versions not specified Description The issue is related to a local privilege escalation vulnerability in Ubuntu kernels, specifically in the overlayfs ovl copy up meta inode data function, which skips permission checks...

PT-2023-4040

Name of the Vulnerable Software and Affected Versions Ubuntu kernels carrying both c914c0e27eb0 and "UBUNTU: SAUCE: overlayfs: Skip permission checking for trusted.overlayfs. xattrs" Description The issue is related to the overlayfs file system in Ubuntu kernels, where an unprivileged user may se...

AZL-27061 CVE-2023-2598 affecting package kernel for versions less than 5.15.116.1-1

A flaw was found in the fixed buffer registration code for iouring iosqebufferregister in iouring/rsrc.c in the Linux kernel that allows out-of-bounds access to physical memory beyond the end of the buffer. This flaw enables full local privilege escalation...

CVE-2023-2612 shiftfs lock unbalance in Ubuntu-specific kernels

Jean-Baptiste Cayrou discovered that the shiftfs file system in the Ubuntu Linux kernel contained a race condition when handling inode locking in some situations. A local attacker could use this to cause a denial of service kernel deadlock...

AZL-26340 CVE-2023-2166 affecting package kernel for versions less than 5.15.111.1-1

A null pointer dereference issue was found in can protocol in net/can/afcan.c in the Linux before Linux. mlpriv may not be initialized in the receive path of CAN frames. A local user could use this flaw to crash the system or potentially cause a denial of service...

SUSE-SU-2023:1856-1 Security update for tftpboot-installation images

This update provides updated tftboot-installation images, rebuilt with current shim and kernels. bsc1209014 bsc1198581...

AZL-25932 CVE-2023-0179 affecting package kernel for versions less than 5.15.107.1-2

A buffer overflow vulnerability was found in the Netfilter subsystem in the Linux Kernel. This issue could allow the leakage of both stack and heap addresses, and potentially allow Local Privilege Escalation to the root user via arbitrary code execution...

The vulnerability of the AMD KVM subsystem for supporting embedded virtualization in Linux kernel allows a hacker to induce a service failure.

The vulnerability of the AMD KVM subsystem for supporting embedded virtualization in Linux operating systems’ kernels is related to improper handling of embedded termination processes. Exploiting this vulnerability can allow attackers to cause service failures...

Android GKI Kernels Contain Broken Non-Upstream Speculative Page Faults MM Code Exploit

Android GKI kernels contain broken non-upstream Speculative Page Faults MM code that can lead to multiple use-after-free conditions. Android: GKI kernels contain broken non-upstream Speculative Page Faults MM code A central recurring theme in Linux MM development is that contention on the mmap lo...

Android GKI Kernels Contain Broken Non-Upstream Speculative Page Faults MM Code

Android: GKI kernels contain broken non-upstream Speculative Page Faults MM code A central recurring theme in Linux MM development is that contention on the mmap lock can have a big negative performance impact on multithreaded workloads: If one thread is holding the mmap lock in exclusive mode fo...

K17120: Linux kernel vulnerability CVE-2014-8134

Security Advisory Description The paravirtopssetup function in arch/x86/kernel/kvm.c in the Linux kernel through 3.18 uses an improper paravirtenabled setting for KVM guest kernels, which makes it easier for guest OS users to bypass the ASLR protection mechanism via a crafted application that rea...