Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerability has been resolved: x86/speculation: Fill RSB on vmexit for IBRS Prevent RSB underflow/poisoning attacks with RSB. Additionally, add a number of comments to attempt to document the current state of knowledge regarding RSB attacks and what exactly is...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989727)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989727 advisory. In the Linux kernel, the following vulnerability has been resolved: x86/speculation: Fill RSB on vmexit for IBRS Prevent RSB underflow/poisoning attacks with RSB...

Unity Linux 20.1050e Security Update: kernel (UTSA-2025-989923)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989923 advisory. In the Linux kernel, the following vulnerability has been resolved: x86/speculation: Fill RSB on vmexit for IBRS Prevent RSB underflow/poisoning attacks with RSB...

SUSE CVE-2022-49611

In the Linux kernel, the following vulnerability has been resolved: x86/speculation: Fill RSB on vmexit for IBRS Prevent RSB underflow/poisoning attacks with RSB. While at it, add a bunch of comments to attempt to document the current state of tribal knowledge about RSB attacks and what exactly i...

DEBIAN-CVE-2022-49611

In the Linux kernel, the following vulnerability has been resolved: x86/speculation: Fill RSB on vmexit for IBRS Prevent RSB underflow/poisoning attacks with RSB. While at it, add a bunch of comments to attempt to document the current state of tribal knowledge about RSB attacks and what exactly i...

CVE-2022-49611 x86/speculation: Fill RSB on vmexit for IBRS

In the Linux kernel, the following vulnerability has been resolved: x86/speculation: Fill RSB on vmexit for IBRS Prevent RSB underflow/poisoning attacks with RSB. While at it, add a bunch of comments to attempt to document the current state of tribal knowledge about RSB attacks and what exactly i...

CVE-2022-49611

The CVE-2022-49611 entry refers to a Linux kernel x86 speculation mitigation: Fill RSB on vmexit for IBRS to prevent RSB underflow/poisoning. The description notes mitigation is implemented in the kernel and documents tribal knowledge about RSB attacks. Connected Nessus/OpenVAS entries for EulerO...

CLSA-2024-1714073393 Fix of 16 CVEs

Jammy update: v5.15.81 upstream stable release LP: 2003130 // CVE-url: https://ubuntu.com/security/CVE-2023-1382 - tipc: set con sock in tipcconnalloc - tipc: add an extra connget in tipcconnalloc CVE-url: https://ubuntu.com/security/CVE-2023-1998 - x86/speculation: Allow enabling STIBP with lega...

kernel security update

2.6.32-754.49.1.OL6 - x86/speculation: Use generic retpoline by default on AMD CVE-2021-26401 Orabug: 34986011...

Unbreakable Enterprise kernel security update

5.15.0-106.131.4 - jbd2: check 'jh-btransaction' before removing it from checkpoint Zhihao Cheng - jbd2: fix checkpoint cleanup performance regression Zhang Yi - scsi: qla2xxx: Fix TMF leak through Quinn Tran - scsi: qla2xxx: Fix command flush during TMF Quinn Tran - scsi: qla2xxx: Limit TMF to 8...

CLSA-2023-1695046627 Fix of 7 CVEs

Bionic update: upstream stable patchset 2022-12-01 LP: 1998542 // CVE-2022-26373 - x86/speculation: Add RSB VM Exit protections Bionic update: upstream stable patchset 2022-12-01 LP: 1998542 - Revert "x86/cpu: Add a steppings field to struct x86cpuid" - x86/cpufeature: Add facility to check for m...

CLSA-2023-1695041288 Fix of 8 CVEs

CVE-url: https://ubuntu.com/security/CVE-2023-4622 - afunix: Fix null-ptr-deref in unixstreamsendpage. Jammy update: v5.15.105 upstream stable release LP: 2023230 // CVE-url: https://ubuntu.com/security/CVE-2022-4269 - net/sched: actmirred: better wording on protection against excessive stack...

kernel security, bug fix, and enhancement update

5.14.0-284.25.1.0.12 - Fix KVM: x86/mmu: Fix race condition in directpagefault Orabug: 35673032 CVE-2022-45869 5.14.0-284.25.12 - KVM: x86/mmu: Fix race condition in directpagefault - prlimit: doprlimit needs to have a speculation check CVE-2023-0458 - x86/speculation: Allow enabling STIBP with...

kernel security and bug fix update

3.10.0-1160.80.1.0.1.OL7 - debug: lock down kgdb Orabug: 34270798 CVE-2022-21499 3.10.0-1160.80.1.OL7 - Update Oracle Linux certificates Ilya Okomin - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug: 2481767...

Unbreakable Enterprise kernel security update

5.15.0-3.60.5.1 - fs: remove nollseek Jason A. Donenfeld Orabug: 34721465 - vfio: do not set FMODELSEEK flag Jason A. Donenfeld Orabug: 34721465 - dma-buf: remove useless FMODELSEEK flag Jason A. Donenfeld Orabug: 34721465 - fs: do not compare against -llseek Jason A. Donenfeld Orabug: 34721465 -...

GSD-2022-1004368 x86/speculation: Disable RRSBA behavior

x86/speculation: Disable RRSBA behavior This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.57 by commit...

Unbreakable Enterprise kernel security update

5.15.0-0.30.19 - net/mlx4: Increase numsrq in lowmemprofile Dave Kleikamp Orabug: 34052160 5.15.0-0.30.18 - Revert ocfs2: mount shared volume without ha stack Junxiao Bi Orabug: 33701900 - KVM: x86/speculation: Disable Fill buffer clear within guests Pawan Gupta Orabug: 34202258 CVE-2022-21123...

Unbreakable Enterprise kernel-container security update

4.14.35-2047.511.5.4.el7 - x86/speculation: Add knob for eibrsretpolineenabled Patrick Colp Orabug: 33922122 CVE-2021-26341 - x86/speculation: Extend our code to properly support eibrs+lfence and eibrs+retpoline Patrick Colp Orabug: 33922122 CVE-2021-26341 - x86/speculation: Update link to AMD...

Unbreakable Enterprise kernel security update

5.4.17-2011.5.3uek - misc: pvpanic: add crash loaded event zhenwei pi Orabug: 31677096 - misc: pvpanic: move bit definition to uapi header file zhenwei pi Orabug: 31677096 - RDMA/netlink: Do not always generate an ACK for some netlink operations Hakon Bugge Orabug: 31666971 - bnxten: Fix statisti...

OracleVM 3.4 : Unbreakable / etc (OVMSA-2020-0028)

The remote OracleVM system is missing necessary patches to address critical security updates : - ipv4: ipv4defaultadvmss should use route mtu Eric Dumazet Orabug: 31563095 - net: ipv4: Refine the ipv4defaultadvmss Gao Feng Orabug: 31563095 - Revert 'bnxten: Remove busy poll logic in the driver.'...