USN-5465-1 linux, linux-aws, linux-kvm, linux-lts-xenial vulnerabilities

It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. CVE-2022-21499 Aaron Adams discovered that the netfilter subsystem in the Linux...

USN-5465-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. CVE-2022-21499 Aaron Adams discovered that the netfilter subsystem in the Linux...

Ubuntu 16.04 ESM : Linux kernel vulnerabilities (USN-5465-1)

The remote Ubuntu 16.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5465-1 advisory. It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged...

SUSE SLES12 Security Update : kernel (Live Patch 25 for SLE 12 SP4) (SUSE-SU-2022:2006-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2006-1 advisory. - A use-after-free flaw was found in the Linux kernel's sound subsystem in the way a user triggers concurrent calls of PCM hwparams...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: dm: fix mempool NULL pointer race when completing IO CVE-2021-47435 A memory leak flaw was found in the Linux kernel's DMA subsystem, in the way a user calls DMAFROMDEVICE. This flaw allows a local user to read...

SUSE SLES15 Security Update : kernel (Live Patch 0 for SLE 15 SP3) (SUSE-SU-2022:2000-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2000-1 advisory. - A use-after-free flaw was found in the Linux kernel's sound subsystem in the way a user triggers concurrent calls of PCM hwparams...

SUSE SLES15 Security Update : kernel (Live Patch 15 for SLE 15 SP3) (SUSE-SU-2022:1974-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1974-1 advisory. - A use-after-free flaw was found in the Linux kernel's sound subsystem in the way a user triggers concurrent calls of PCM hwparams...

SUSE SLES15 Security Update : kernel (Live Patch 16 for SLE 15 SP3) (SUSE-SU-2022:1948-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1948-1 advisory. - A use-after-free flaw was found in the Linux kernel's sound subsystem in the way a user triggers concurrent calls of PCM hwparams...

SUSE SLES12 Security Update : kernel (Live Patch 25 for SLE 12 SP5) (SUSE-SU-2022:1942-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1942-1 advisory. - A use-after-free flaw was found in the Linux kernel's sound subsystem in the way a user triggers concurrent calls of PCM hwparams. The hwfree...

SUSE SLES15 Security Update : kernel (Live Patch 28 for SLE 15 SP1) (SUSE-SU-2022:1945-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1945-1 advisory. - A use-after-free flaw was found in the Linux kernel's sound subsystem in the way a user triggers concurrent calls of PCM hwparams...

SUSE SLES15 Security Update : kernel (Live Patch 23 for SLE 15 SP2) (SUSE-SU-2022:1947-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1947-1 advisory. - A use-after-free flaw was found in the Linux kernel's sound subsystem in the way a user triggers concurrent calls of PCM hwparams...

SUSE SLES12 Security Update : kernel (Live Patch 22 for SLE 12 SP4) (SUSE-SU-2022:1939-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1939-1 advisory. - A use-after-free flaw was found in the Linux kernel's sound subsystem in the way a user triggers concurrent calls of PCM hwparams. The hwfree...

LSN-0086-1: Kernel Live Patch Security Notice

It was discovered that a race condition existed in the network scheduling subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code.CVE-2021-39713 Yiqi Sun and Kevin Wang...

LSN-0086-1 Kernel Live Patch Security Notice

It was discovered that a race condition existed in the network scheduling subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code.CVE-2021-39713 Yiqi Sun and Kevin Wang...

USN-5443-2 linux-gcp-5.13, linux-oracle, linux-oracle-5.13 vulnerabilities

Kyle Zeng discovered that the Network Queuing and Scheduling subsystem of the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or execute arbitrary code...

USN-5442-2 linux-bluefield, linux-gcp-5.4, linux-gkeop, linux-gkeop-5.4, linux-ibm-5.4, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4 vulnerabilities

Kyle Zeng discovered that the Network Queuing and Scheduling subsystem of the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or execute arbitrary code...

USN-5442-2: Linux kernel vulnerabilities

Kyle Zeng discovered that the Network Queuing and Scheduling subsystem of the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or execute arbitrary code...

Ubuntu: Security Advisory (USN-5443-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Authentication Bypass

linux-aws is vulnerable to Authentication Bypass. The vulnerability exists due to the mishandles of seccomp permissions, allowing an attacker to bypass the intended restrictions on the PTSUSPENDSECCOMP flag through the PTRACESEIZEcode path...

USN-5442-1 linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-azure-fde, linux-gcp, linux-gke, linux-gke-5.4, linux-hwe-5.4, linux-ibm, linux-kvm vulnerabilities

Kyle Zeng discovered that the Network Queuing and Scheduling subsystem of the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or execute arbitrary code...