GSD-2022-1004263 netfilter: nf_dup_netdev: do not push mac header a second time

netfilter: nfdupnetdev: do not push mac header a second time This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.18.8 by commit...

RHEL 8 : kernel (RHSA-2022:1550)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:1550 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: use-after-free in RDMA listen...

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

Important: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

Important: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

RLSA-2022:1550 Important: kernel security and bug fix update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: use-after-free in RDMA listen CVE-2021-4028 kernel: heap out of bounds write in nfdupnetdev.c CVE-2022-25636 For more details about the security issues, including the impact, a CVSS score...

ALSA-2022:1550 Important: kernel security and bug fix update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: use-after-free in RDMA listen CVE-2021-4028 kernel: heap out of bounds write in nfdupnetdev.c CVE-2022-25636 For more details about the security issues, including the impact, a CVSS score...

Important: kernel security and bug fix update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: use-after-free in RDMA listen CVE-2021-4028 kernel: heap out of bounds write in nfdupnetdev.c CVE-2022-25636 For more details about the security issues, including the impact, a CVSS score...

RHEL 8 : kernel (RHSA-2022:1455)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:1455 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: fget: check that the fd still...

kernel: heap out of bounds write in nf_dup_netdev.c

An out-of-bounds OOB memory access flaw was found in nftfwddupnetdevoffload in net/netfilter/nfdupnetdev.c in the netfilter subcomponent in the Linux kernel due to a heap out-of-bounds write problem. This flaw allows a local attacker with a user account on the system to gain access to out-of-boun...

RHEL 8 : kernel-rt (RHSA-2022:1413)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:1413 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...

SUSE SLES15 Security Update : kernel (Live Patch 12 for SLE 15 SP3) (SUSE-SU-2022:0998-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0998-1 advisory. - A vulnerability was found in the Linux kernel's cgroupreleaseagentwrite in the kernel/cgroup/cgroup-v1.c function. This flaw, und...

Ubuntu 20.04 LTS : Linux kernel vulnerabilities (USN-5317-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5317-1 advisory. Nick Gregory discovered that the Linux kernel incorrectly handled network offload functionality. A local attacker could use this to cause a denial of...

Heap overflow

net/netfilter/nfdupnetdev.c in the Linux kernel 5.4 through 5.6.10 allows local users to gain privileges because of a heap out-of-bounds write. This is related to nftablesoffload...