RHEL 7 : kpatch-patch (RHSA-2024:1960)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1960 advisory. This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel...

Important: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 7.7 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Important: Red Hat Security Advisory: kernel-rt security update

An update for kernel-rt is now available for Red Hat Enterprise Linux 8.2 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

RHEL 8 : kernel-rt (RHSA-2024:1269)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1269 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...

RHEL 8 : kernel-rt (RHSA-2024:0881)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0881 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...

Oracle Linux 9 : kernel (ELSA-2024-12149)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12149 advisory. - net/sched: schhfsc: Ensure inner classes have fsc curve CVE-2023-4623 - net/sched: schhfsc: upgrade 'rt' to 'sc' when it becomes a inner curve...

kernel security update

5.14.0-362.18.0.2 - net/sched: schhfsc: Ensure inner classes have fsc curve CVE-2023-4623 - net/sched: schhfsc: upgrade 'rt' to 'sc' when it becomes a inner curve CVE-2023-4623 - dpll: core: Add DPLL framework base functions CVE-2023-6679 - dpll: spec: Add Netlink spec in YAML CVE-2023-6679 - dpl...

RHEL 9 : kpatch-patch (RHSA-2024:0381)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0381 advisory. This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel...

Important: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availabl...

SUSE SLES12 Security Update : kernel (Live Patch 45 for SLE 12 SP5) (SUSE-SU-2023:4313-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2023:4313-1 advisory. - A use-after-free vulnerability in the Linux kernel's net/sched: schhfsc HFSC qdisc traffic control component can be exploited to achieve local...

SUSE SLES15 Security Update : kernel (Live Patch 41 for SLE 15 SP1) (SUSE-SU-2023:4278-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2023:4278-1 advisory. - A use-after-free vulnerability in the Linux kernel's net/sched: schhfsc HFSC qdisc traffic control component can be exploited to achieve local...

SUSE SLES12 Security Update : kernel (Live Patch 36 for SLE 12 SP5) (SUSE-SU-2023:4204-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2023:4204-1 advisory. - A use-after-free vulnerability in the Linux kernel's net/sched: schhfsc HFSC qdisc traffic control component can be exploited to achieve local...

SUSE SLES12 Security Update : kernel (Live Patch 44 for SLE 12 SP5) (SUSE-SU-2023:4208-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2023:4208-1 advisory. - A use-after-free vulnerability in the Linux kernel's net/sched: schhfsc HFSC qdisc traffic control component can be exploited to achieve local...

Ubuntu 20.04 LTS : Linux kernel (Oracle) vulnerabilities (USN-6446-3)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6446-3 advisory. Ross Lagerwall discovered that the Xen netback backend driver in the Linux kernel did not properly handle certain unusual packets from a paravirtualized...

Ubuntu 22.04 LTS : Linux kernel (StarFive) vulnerabilities (USN-6444-2)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6444-2 advisory. Ross Lagerwall discovered that the Xen netback backend driver in the Linux kernel did not properly handle certain unusual packets from a paravirtualized...

Ubuntu 20.04 LTS : Linux kernel (BlueField) vulnerabilities (USN-6442-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6442-1 advisory. Ross Lagerwall discovered that the Xen netback backend driver in the Linux kernel did not properly handle certain unusual packets from a paravirtualized...

Important: kernel

Issue Overview: A flaw was found in the Linux kernel's IP framework for transforming packets XFRM subsystem. This issue may allow a malicious user with CAPNETADMIN privileges to directly dereference a NULL pointer in xfrmupdateaeparams, leading to a possible kernel crash and denial of service...

Ubuntu 22.04 LTS : Linux kernel (OEM) vulnerabilities (USN-6415-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6415-1 advisory. Daniel Trujillo, Johannes Wikner, and Kaveh Razavi discovered that some AMD processors utilising speculative execution and branch prediction may allow...

CVE-2023-4623

A use-after-free flaw was found in the Linux kernel's net/sched: schhfsc HFSC qdisc traffic control component that can be exploited to achieve local privilege escalation. If a class with a link-sharing curve, for example, with the HFSCFSC flag set, has a parent without a link-sharing curve, then...