Rocky Linux 9 : kernel (RLSA-2022:7318)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:7318 advisory. - The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACESEIZE code path allows attackers to bypass intended restrictions on setting t...

CBL Mariner 2.0 Security Update: kernel (CVE-2022-30594)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-30594 advisory. - The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACESEIZE code path allows attackers to...

Oracle Linux 9 : kernel (ELSA-2022-7318)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-7318 advisory. - lockdown: also lock down previous kgdb use Daniel Thompson Orabug: 34290418 CVE-2022-21499 - ptrace: Check PTRACEOSUSPENDSECCOMP permission on...

AlmaLinux 9 : kernel-rt (ALSA-2022:7319)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:7319 advisory. - The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACESEIZE code path allows attackers to bypass intended restrictions on setting the...

AlmaLinux 9 : kernel (ALSA-2022:7318)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:7318 advisory. - The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACESEIZE code path allows attackers to bypass intended restrictions on setting the...

Security update for the Linux Kernel (important)

openSUSE Security Update: Security update for the Linux Kernel Announcement ID: openSUSE-SU-2022:2177-1 Rating: important References: 1055117 1061840 1065729 1103269 1118212 1153274 1154353 1156395 1158266 1167773 1176447 1177282 1178134 1180100 1183405 1188885 1195826 1196426 1196478 1196570...

SUSE SLES15 Security Update : kernel (Live Patch 0 for SLE 15 SP4) (SUSE-SU-2022:2268-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2268-1 advisory. - In aiopollcompletework of aio.c, there is a possible memory corruption due to a use after free. This could lead to local escalati...

SUSE: Security Advisory (SUSE-SU-2022:2083-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2022:2078-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES15 Security Update : kernel (Live Patch 0 for SLE 15 SP3) (SUSE-SU-2022:2000-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2000-1 advisory. - A use-after-free flaw was found in the Linux kernel's sound subsystem in the way a user triggers concurrent calls of PCM hwparams...

SUSE SLES15 Security Update : kernel (Live Patch 23 for SLE 15 SP2) (SUSE-SU-2022:1947-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1947-1 advisory. - A use-after-free flaw was found in the Linux kernel's sound subsystem in the way a user triggers concurrent calls of PCM hwparams...

SUSE SLES15 Security Update : kernel (Live Patch 28 for SLE 15 SP1) (SUSE-SU-2022:1945-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1945-1 advisory. - A use-after-free flaw was found in the Linux kernel's sound subsystem in the way a user triggers concurrent calls of PCM hwparams...

SUSE SLES15 Security Update : kernel (Live Patch 16 for SLE 15 SP3) (SUSE-SU-2022:1948-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1948-1 advisory. - A use-after-free flaw was found in the Linux kernel's sound subsystem in the way a user triggers concurrent calls of PCM hwparams...

SUSE SLES12 Security Update : kernel (Live Patch 25 for SLE 12 SP5) (SUSE-SU-2022:1942-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1942-1 advisory. - A use-after-free flaw was found in the Linux kernel's sound subsystem in the way a user triggers concurrent calls of PCM hwparams. The hwfree...

SUSE SLES12 Security Update : kernel (Live Patch 22 for SLE 12 SP4) (SUSE-SU-2022:1939-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1939-1 advisory. - A use-after-free flaw was found in the Linux kernel's sound subsystem in the way a user triggers concurrent calls of PCM hwparams. The hwfree...

Authentication Bypass

linux-aws is vulnerable to Authentication Bypass. The vulnerability exists due to the mishandles of seccomp permissions, allowing an attacker to bypass the intended restrictions on the PTSUSPENDSECCOMP flag through the PTRACESEIZEcode path...

CVE-2022-30594

A flaw was found in the Linux kernel. The PTRACESEIZE code path allows attackers to bypass intended restrictions on setting the PTSUSPENDSECCOMP flag, possibly disabling seccomp. Mitigation If ptrace is not required, ptrace can be disabled in multiple ways. 1. SELinux policy. setsebool -P...

CVE-2022-30594

The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACESEIZE code path allows attackers to bypass intended restrictions on setting the PTSUSPENDSECCOMP flag...

CVE-2022-30594

The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACESEIZE code path allows attackers to bypass intended restrictions on setting the PTSUSPENDSECCOMP flag...

Design/Logic Flaw

The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACESEIZE code path allows attackers to bypass intended restrictions on setting the PTSUSPENDSECCOMP flag...