Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2023-12874)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-12874 advisory. - x86: KVM: SVM: always update the x2avic msr interception Maxim Levitsky Orabug: 35857366 CVE-2023-5090 - netfilter: ipset: add the missing...

Oracle Linux 7 : Unbreakable Enterprise kernel-container (ELSA-2023-12910)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-12910 advisory. - x86: KVM: SVM: always update the x2avic msr interception Maxim Levitsky Orabug: 35857366 CVE-2023-5090 - netfilter: ipset: add the missing...

Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2023-12875)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-12875 advisory. - netfilter: ipset: add the missing IPSETHASHWITHNET0 macro for ipsethashnetportnet.c Kyle Zeng Orabug: 35824288 CVE-2023-42753 - rds: Fix lack of...

CVE-2023-22024

In the Unbreakable Enterprise Kernel UEK, the RDS module in UEK has two setsockopt2 options, RDSCONNRESET and RDS6CONNRESET, that are not re-entrant. A malicious local user with CAPNETADMIN can use this to crash the kernel. CVSS 3.1 Base Score 5.5 Availability impacts. CVSS Vector:...

CVE-2023-22024

CVE-2023-22024 affects the Unbreakable Enterprise Kernel (UEK) RDS module, where two setsockopt options (RDS_CONN_RESET and RDS6_CONN_RESET) are not re-entrant. A local attacker with CAP_NET_ADMIN can crash the kernel. Connected advisories (e.g., Oracle ELSA updates) indicate a security update ad...

CVE-2023-22024

In the Unbreakable Enterprise Kernel UEK, the RDS module in UEK has two setsockopt2 options, RDSCONNRESET and RDS6CONNRESET, that are not re-entrant. A malicious local user with CAPNETADMIN can use this to crash the kernel. CVSS 3.1 Base Score 5.5 Availability impacts. CVSS Vector:...

CVE-2023-22024

In the Unbreakable Enterprise Kernel UEK, the RDS module in UEK has two setsockopt2 options, RDSCONNRESET and RDS6CONNRESET, that are not re-entrant. A malicious local user with CAPNETADMIN can use this to crash the kernel. CVSS 3.1 Base Score 5.5 Availability impacts. CVSS Vector:...

Oracle Linux 7 : ELSA-2017-0294-1: / kernel (ELSA-2017-02941)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2017-02941 advisory. - The dccprcvstateprocess function in net/dccp/input.c in the Linux kernel through 4.9.11 mishandles DCCPPKTREQUEST packet data structures in the LISTEN state,...

Oracle Linux 5 : ELSA-2013-1292-1: / kernel (ELSA-2013-12921)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2013-12921 advisory. - Multiple race conditions in the madviseremove function in mm/madvise.c in the Linux kernel before 3.4.5 allow local users to cause a denial of servi...

kernel: memory leak in ipv6_renew_options()

A memory leak flaw was found in the Linux kernel’s IPv6 functionality in how a user triggers the setsockopt of the IPV6ADDRFORM and IPV6DSTOPTS type. This flaw allows a user to crash the system if the setsockopt function is being called simultaneously with the IPV6ADDRFORM type and other processe...

kernel: memory leak in ipv6_renew_options()

A memory leak flaw was found in the Linux kernel’s IPv6 functionality in how a user triggers the setsockopt of the IPV6ADDRFORM and IPV6DSTOPTS type. This flaw allows a user to crash the system if the setsockopt function is being called simultaneously with the IPV6ADDRFORM type and other processe...

kernel: data races around icsk->icsk_af_ops in do_ipv6_setsockopt

A vulnerability was found in the tcp subsystem in the Linux Kernel, due to a data race around icsk-icskafops. This issue could allow an attacker to leak internal kernel information...

kernel: memory leak in ipv6_renew_options()

A memory leak flaw was found in the Linux kernel’s IPv6 functionality in how a user triggers the setsockopt of the IPV6ADDRFORM and IPV6DSTOPTS type. This flaw allows a user to crash the system if the setsockopt function is being called simultaneously with the IPV6ADDRFORM type and other processe...

kernel: Linux kernel (TIPC): Information disclosure via uninitialized memory in tipc_topsrv_kern_subscr

A flaw was found in the Linux kernel's Transparent Inter-Process Communication TIPC protocol. This vulnerability allows a local user to disclose sensitive information due to four uninitialized bytes in the sub.usrhandle field within the tipctopsrvkernsubscr function. When a user issues a setsocko...

kernel: memory leak in ipv6_renew_options()

A memory leak flaw was found in the Linux kernel’s IPv6 functionality in how a user triggers the setsockopt of the IPV6ADDRFORM and IPV6DSTOPTS type. This flaw allows a user to crash the system if the setsockopt function is being called simultaneously with the IPV6ADDRFORM type and other processe...

kernel: data races around icsk->icsk_af_ops in do_ipv6_setsockopt

A vulnerability was found in the tcp subsystem in the Linux Kernel, due to a data race around icsk-icskafops. This issue could allow an attacker to leak internal kernel information...

RHEL 8 : kernel (RHSA-2023:1557)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1557 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: ALSA: pcm: Move rwsem lock inside...

RHEL 8 : kernel-rt (RHSA-2023:1556)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1556 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...

CVE-2023-0461

There is a use-after-free vulnerability in the Linux Kernel which can be exploited to achieve local privilege escalation. To reach the vulnerability kernel configuration flag CONFIGTLS or CONFIGXFRMESPINTCP has to be configured, but the operation does not require any privilege. There is a...

CVE-2023-0461

There is a use-after-free vulnerability in the Linux Kernel which can be exploited to achieve local privilege escalation. To reach the vulnerability kernel configuration flag CONFIGTLS or CONFIGXFRMESPINTCP has to be configured, but the operation does not require any privilege. There is a...