CVE-2022-21385

A flaw in netrdsallocsgs in Oracle Linux kernels allows unprivileged local users to crash the machine. CVSS 3.1 Base Score 6.2 Availability impacts. CVSS Vector CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H...

CVE-2022-20383

In AllocateInternalBuffers of g3aabufferallocator.cc, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

Moderate: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

[SECURITY] Fedora 36 Update: golang-github-prometheus-node-exporter-1.3.1-10.fc36

Prometheus exporter for hardware and OS metrics exposed by NIX kernels, writ ten in Go with pluggable metric collectors...

CVE-2022-33745

insufficient TLB flush for x86 PV guests in shadow mode For migration as well as to work around kernels unaware of L1TF see XSA-273, PV guests may be run in shadow paging mode. To address XSA-401, code was moved inside a function in Xen. This code movement missed a variable changing meaning / val...

Design/Logic Flaw

insufficient TLB flush for x86 PV guests in shadow mode For migration as well as to work around kernels unaware of L1TF see XSA-273, PV guests may be run in shadow paging mode. To address XSA-401, code was moved inside a function in Xen. This code movement missed a variable changing meaning / val...

CVE-2022-33745

The CVE-2022-33745 issue is in the Xen hypervisor affecting x86 paravirtualized guests. The root cause is an incorrect TLB flush condition after code movement inside Xen, causing some necessary TLB flushes to be omitted when running PV guests in shadow paging mode (to support migrations and L1TF ...

CVE-2022-21505

In the linux kernel, if IMA appraisal is used with the "imaappraise=log" boot param, lockdown can be defeated with kexec on any machine when Secure Boot is disabled or unavailable. IMA prevents setting "imaappraise=log" from the boot param when Secure Boot is enabled, but this does not cover case...

RLSA-2022:5564 Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: race condition in perfeventopen leads to privilege escalation CVE-2022-1729 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other...

Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: race condition in perfeventopen leads to privilege escalation CVE-2022-1729 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other...

[SECURITY] Fedora 36 Update: golang-github-prometheus-node-exporter-1.3.1-9.fc36

Prometheus exporter for hardware and OS metrics exposed by NIX kernels, writ ten in Go with pluggable metric collectors...

keycloakauthenticator (>=3.0.0 <=3.1.0), ssb-ipython-kernels (>=0.2.25 <=0.3.2) potentially affected by CVE-2022-31027 via oauthenticator (>=14.0.0 <=14.2.0)

oauthenticator PYPI version =14.0.0, =3.0.0, =0.2.25, =0.3.2 Source cves: CVE-2022-31027 Source advisory: OSV:PYSEC-2022-206...

keycloakauthenticator (>=3.0.0 <=3.1.0), ssb-ipython-kernels (>=0.2.25 <=0.3.2) potentially affected by CVE-2022-31027 via oauthenticator (>=14.0.0 <=14.2.0)

oauthenticator PYPI version =14.0.0, =3.0.0, =0.2.25, =0.3.2 Source cves: CVE-2022-31027 Source advisory: OSV:GHSA-R7V4-JWX9-WX43...

USN-5444-1 linux-oem-5.14, linux-oem-5.17 vulnerability

Kyle Zeng discovered that the Network Queuing and Scheduling subsystem of the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or execute arbitrary code...

CVE-2022-1729

A race condition was found the Linux kernel in perfeventopen which can be exploited by an unprivileged user to gain root privileges. The bug allows to build several exploit primitives such as kernel address information leak, arbitrary execution, etc...

UBUNTU-CVE-2022-28658

Apport argument parsing mishandles filename splitting on older kernels resulting in argument spoofing...

GHSA-VFJC-2QCW-J95J Docker Moby /proc/scsi Path Exposure Allows Host Data Loss (SCSI MICDROP)

The DefaultLinuxSpec function in oci/defaults.go in Docker Moby through 17.03.2-ce does not block /proc/scsi pathnames, which allows attackers to trigger data loss when certain older Linux kernels are used by leveraging Docker container access to write a "scsi remove-single-device" line to...

PT-2022-19148 · Apport +2 · Apport +2

Name of the Vulnerable Software and Affected Versions: Apport affected versions not specified Description: The issue is related to Apport argument parsing, which mishandles filename splitting on older kernels, resulting in argument spoofing. Recommendations: At the moment, there is no information...

grub2 security, bug fix, and enhancement update

2.02-123.0.1 - backport arm64: Fix EFI loader kernel image allocation Orabug: 33702462 - backport Arm: check for the PE magic for the compiled arch Orabug: 33702462 - Backport some better script logic for BTRFS support Orabug: 32448171 - Do not add shim and grub certificate deps for aarch64...

CVE-2022-1116

Integer Overflow or Wraparound vulnerability in iouring of Linux Kernel allows local attacker to cause memory corruption and escalate privileges to root. This issue affects: Linux Kernel versions prior to 5.4.189; version 5.4.24 and later versions...