874 matches found
Important: kernel-livepatch-6.1.75-99.163
Issue Overview: A use-after-free vulnerability in the Linux kernel's netfilter: nftables component can be exploited to achieve local privilege escalation. The nftverdictinit function allows positive values as drop error within the hook verdict, and hence the nfhookslow function can cause a double...
Important: kernel-livepatch-4.14.343-260.564
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: exthdr: fix 4-byte stack OOB write If priv-len is a multiple of 4, then dstlen / 4 can write past the destination array which leads to stack corruption. This construct is necessary to clean th...
Important: kernel-livepatch-4.14.336-257.562
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: exthdr: fix 4-byte stack OOB write If priv-len is a multiple of 4, then dstlen / 4 can write past the destination array which leads to stack corruption. This construct is necessary to clean th...
Important: kernel-livepatch-4.14.336-257.566
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: exthdr: fix 4-byte stack OOB write If priv-len is a multiple of 4, then dstlen / 4 can write past the destination array which leads to stack corruption. This construct is necessary to clean th...
Important: kernel-livepatch-5.10.205-195.807
Issue Overview: An out-of-bounds access vulnerability involving netfilter was reported and fixed as: f1082dd31fe4 netfilter: nftables: Reject tables of unsupported family; While creating a new netfilter table, lack of a safeguard against invalid nftables family pf values within nftablesnewtable...
SUSE SLES15 Security Update : kernel RT (Live Patch 6 for SLE 15 SP5) (SUSE-SU-2024:0620-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2024:0620-1 advisory. - An issue was discovered in the Linux kernel before 6.6.8. dovccioctl in net/atm/ioctl.c has a use-after- free because of a vccrecvmsg race condition...
Important: kernel-livepatch-4.14.336-253.554
Issue Overview: An out-of-bounds access vulnerability involving netfilter was reported and fixed as: f1082dd31fe4 netfilter: nftables: Reject tables of unsupported family; While creating a new netfilter table, lack of a safeguard against invalid nftables family pf values within nftablesnewtable...
Important: kernel-livepatch-4.14.334-252.552
Issue Overview: An out-of-bounds access vulnerability involving netfilter was reported and fixed as: f1082dd31fe4 netfilter: nftables: Reject tables of unsupported family; While creating a new netfilter table, lack of a safeguard against invalid nftables family pf values within nftablesnewtable...
Important: kernel-livepatch-4.14.328-248.540
Issue Overview: An out-of-bounds access vulnerability involving netfilter was reported and fixed as: f1082dd31fe4 netfilter: nftables: Reject tables of unsupported family; While creating a new netfilter table, lack of a safeguard against invalid nftables family pf values within nftablesnewtable...
Important: kernel-livepatch-4.14.330-250.540
Issue Overview: An out-of-bounds access vulnerability involving netfilter was reported and fixed as: f1082dd31fe4 netfilter: nftables: Reject tables of unsupported family; While creating a new netfilter table, lack of a safeguard against invalid nftables family pf values within nftablesnewtable...
SUSE-SU-2023:4919-1 Security update for openssl-1_1-livepatches
This update for openssl-11-livepatches fixes the following issues: Security issue fixed: - CVE-2023-5678: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow bsc1217151. Other fixes: - Report livepatch number on OpenSSLversion jsc709...
SUSE-SU-2023:4918-1 Security update for openssl-1_1-livepatches
This update for openssl-11-livepatches fixes the following issues: Security issue fixed: - CVE-2023-5678: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow bsc1217151. Other fixes: - Report livepatch number on OpenSSLversion jsc709...
Important: kernel-livepatch-6.1.61-85.141
Issue Overview: A use-after-free vulnerability in the Linux kernel's netfilter: nftables component can be exploited to achieve local privilege escalation. The function nfttransgccatchall did not remove the catchall set element from the catchalllist when the argument sync is true, making it possib...
Important: kernel-livepatch-6.1.56-82.125
Issue Overview: x86: KVM: SVM: always update the x2avic msr interception CVE-2023-5090 A heap out-of-bounds write vulnerability in the Linux kernel's Linux Kernel Performance Events perf component can be exploited to achieve local privilege escalation. If perfreadgroup is called while an event's...
Important: kernel-livepatch-5.10.192-182.736
Issue Overview: An issue was discovered in drivers/net/ethernet/intel/igb/igbmain.c in the IGB driver in the Linux kernel before 6.5.3. A buffer size may not be adequate for frames larger than the MTU. CVE-2023-45871 A use-after-free vulnerability in the Linux kernel's netfilter: nftables compone...
Important: kernel-livepatch-4.14.322-244.539
Issue Overview: An issue was discovered in drivers/net/ethernet/intel/igb/igbmain.c in the IGB driver in the Linux kernel before 6.5.3. A buffer size may not be adequate for frames larger than the MTU. CVE-2023-45871 Affected Packages: kernel-livepatch-4.14.322-244.539 Issue Correction: Please...
Important: kernel-livepatch-5.10.196-185.743
Issue Overview: A use-after-free vulnerability in the Linux kernel's netfilter: nftables component can be exploited to achieve local privilege escalation. Addition and removal of rules from chain bindings within the same transaction causes leads to use-after-free. We recommend upgrading past comm...
Important: kernel-livepatch-5.10.192-183.736
Issue Overview: A use-after-free vulnerability in the Linux kernel's net/sched: schhfsc HFSC qdisc traffic control component can be exploited to achieve local privilege escalation. If a class with a link-sharing curve i.e. with the HFSCFSC flag set has a parent without a link-sharing curve, then...
Important: kernel-livepatch-6.1.38-59.109
Issue Overview: A use-after-free vulnerability in the Linux kernel's net/sched: clsfw component can be exploited to achieve local privilege escalation. If tcfchangeindev fails, fwsetparms will immediately return an error after incrementing or decrementing the reference counter in tcfbindfilter. I...
Important: kernel-livepatch-6.1.29-50.88
Issue Overview: A use-after-free vulnerability in the Linux kernel's net/sched: clsu32 component can be exploited to achieve local privilege escalation. If tcfchangeindev fails, u32setparms will immediately return an error after incrementing or decrementing the reference counter in tcfbindfilter...