RHEL 7 : kernel-rt (RHSA-2022:7338)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:7338 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...

hw: cpu: Intel: RetBleed Arbitrary Speculative Code Execution with Return Instructions

A flaw was found in hw. Non-transparent sharing of branch predictor targets between contexts in some IntelR processors may potentially allow an authorized user to enable information disclosure via local access...

Important: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

Oracle Linux 8 : kernel (ELSA-2022-7110)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-7110 advisory. - debug: lockdown kgdb Orabug: 34270802 CVE-2022-21499 - intelidle: Fix false positive RCU splats due to incorrect hardirqs state Waiman Long 2103167...

Ubuntu 22.10 : Linux kernel vulnerabilities (USN-5700-1)

The remote Ubuntu 22.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5700-1 advisory. David Bouman and Billy Jheng Bing Jhong discovered that a race condition existed in the iouring subsystem in the Linux kernel, leading to a use- after-free...

AlmaLinux 8 : kernel-rt (ALSA-2022:7134)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:7134 advisory. - A kernel information leak flaw was identified in the scsiioctl function in drivers/scsi/scsiioctl.c in the Linux kernel. This flaw allows a local attack...

hw: cpu: AMD: RetBleed Arbitrary Speculative Code Execution with Return Instructions

A flaw was found in hw. Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions...

hw: cpu: AMD: RetBleed Arbitrary Speculative Code Execution with Return Instructions

A flaw was found in hw. Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions...

kernel-rt security and bug fix update

An update is available for kernel-rt. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel-rt packages provide the Real Time Linux Kernel, which enables...

RLSA-2022:7110 Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: A use-after-free in clsroute filter implementation may lead to privilege escalation CVE-2022-2588 Information leak in scsiioctl CVE-2022-0494 A kernel-info-leak issue in pfkeyregister CVE-2022-13...

ALSA-2022:7134 Important: kernel-rt security and bug fix update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: a use-after-free in clsroute filter implementation may lead to privilege escalation CVE-2022-2588 kernel: information leak in...

RHEL 8 : kernel-rt (RHSA-2022:7134)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:7134 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...

Amazon Linux 2 : kernel (ALASKERNEL-5.4-2022-037)

The version of kernel installed on the remote host is prior to 5.4.217-126.408. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.4-2022-037 advisory. - Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution...

SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2022:3293-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3293-1 advisory. - The einjerrorinject function in drivers/acpi/apei/einj.c in the Linux kernel allows local users to simulate...

SUSE SLES15 Security Update : kernel (SUSE-SU-2022:3288-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3288-1 advisory. - The einjerrorinject function in drivers/acpi/apei/einj.c in the Linux kernel allows local users to simulate hardware errors and...

Amazon Linux 2 : kernel, --advisory ALAS2-2022-1838 (ALAS-2022-1838)

The version of kernel installed on the remote host is prior to 4.14.291-218.527. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1838 advisory. In the Linux kernel, the following vulnerability has been resolved: i2c: Fix a potential use after free Free the...

[SECURITY] [DLA 3102-1] linux-5.10 new package

Debian LTS Advisory DLA-3102-1 [email protected] https://www.debian.org/lts/security/ Ben Hutchings September 11, 2022 https://wiki.debian.org/LTS Package : linux-5.10 Version : 5.10.136-1deb10u3 CVE ID : CVE-2022-2585 CVE-2022-2586 CVE-2022-2588 CVE-2022-26373 CVE-2022-29900...

Amazon Linux 2022 : bpftool, kernel, kernel-devel (ALAS2022-2022-127)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-127 advisory. A flaw was found in hw. Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions. CVE-2022-2381...

Amazon Linux 2 : kernel (ALASKERNEL-5.15-2022-006)

The version of kernel installed on the remote host is prior to 5.15.57-29.131. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.15-2022-006 advisory. A flaw was found in hw. Mis-trained branch predictions for return instructions may allow arbitrary...