6 matches found
DEBIAN-CVE-2022-21505
In the linux kernel, if IMA appraisal is used with the "imaappraise=log" boot param, lockdown can be defeated with kexec on any machine when Secure Boot is disabled or unavailable. IMA prevents setting "imaappraise=log" from the boot param when Secure Boot is enabled, but this does not cover case...
SUSE CVE-2022-21505
In the linux kernel, if IMA appraisal is used with the "imaappraise=log" boot param, lockdown can be defeated with kexec on any machine when Secure Boot is disabled or unavailable. IMA prevents setting "imaappraise=log" from the boot param when Secure Boot is enabled, but this does not cover case...
GSD-2022-1004145 lockdown: Fix kexec lockdown bypass with ima policy
lockdown: Fix kexec lockdown bypass with ima policy This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.18.15 by commit...
Unbreakable Enterprise kernel-container security update
5.15.0-0.30.20.1 - lockdown: Fix kexec lockdown bypass with ima policy Eric Snowberg Orabug: 34386636 CVE-2022-21505...
Unbreakable Enterprise kernel-container security update
5.4.17-2136.309.5 - lockdown: Fix kexec lockdown bypass with ima policy Eric Snowberg Orabug: 34386637 CVE-2022-21505...
USN-3405-1 linux, linux-aws, linux-gke, linux-raspi2, linux-snapdragon vulnerabilities
It was discovered that a use-after-free vulnerability existed in the POSIX message queue implementation in the Linux kernel. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2017-11176 Huang Weller discovered that the ext4 filesyste...