ROS-20250314-01

Vulnerability of x86/bugs components of Linux operating system kernel is related to resource management errors in the arch/x86/include/asm/nospec-branch.h file. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the mptcp component of the Lin...

Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2025-802)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-802 advisory. In the Linux kernel, the following vulnerability has been resolved: nullblk: fix null-ptr-dereference while configuring 'power' and 'submitqueues' CVE-2024-36478 In the Linux kernel, the...

Oracle Linux 9 : kernel (ELSA-2024-8617)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-8617 advisory. - redhat/configs: Add CONFIGMITIGATIONSPECTREBHI Waiman Long RHEL-45492 RHEL-28203 CVE-2024-2201 - x86/bugs: Fix BHI retpoline check Waiman Long...

CVE-2024-50072

In the Linux kernel, the following vulnerability has been resolved: x86/bugs: Use code segment selector for VERW operand Robert Gill reported below GP in 32-bit mode when dosemu software was executing vm86 system call: general protection fault: 0000 1 PREEMPT SMP CPU: 4 PID: 4610 Comm: dosemu.bin...

CVE-2024-50072

CVE-2024-50072 affects the Linux kernel on x86 where VERW is used. The issue can trigger a general protection fault (#GP) in 32-bit vm86 contexts when VERW mitigations (e.g., MDS/RFDS) are enabled and the code segment selector is not properly referenced. The root cause is using VERW with an arbit...

CVE-2024-50072 x86/bugs: Use code segment selector for VERW operand

In the Linux kernel, the following vulnerability has been resolved: x86/bugs: Use code segment selector for VERW operand Robert Gill reported below GP in 32-bit mode when dosemu software was executing vm86 system call: general protection fault: 0000 1 PREEMPT SMP CPU: 4 PID: 4610 Comm: dosemu.bin...

CVE-2024-50072 x86/bugs: Use code segment selector for VERW operand

In the Linux kernel, the following vulnerability has been resolved: x86/bugs: Use code segment selector for VERW operand Robert Gill reported below GP in 32-bit mode when dosemu software was executing vm86 system call: general protection fault: 0000 1 PREEMPT SMP CPU: 4 PID: 4610 Comm: dosemu.bin...

Oracle Linux 9 : kernel (ELSA-2024-8162)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-8162 advisory. - gfs2: Fix NULL pointer dereference in gfs2logflush CKI Backport Bot RHEL-51561 RHEL-51559 CVE-2024-42079 - KVM: SVM: WARN on vNMI + NMI window iff NM...

Oracle Linux 8 : kernel (ELSA-2024-5101)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-5101 advisory. - ionic: fix use after netifnapidel CKI Backport Bot RHEL-47624 CVE-2024-39502 - ionic: clean interrupt before enabling queue to avoid credit race CKI...

Unbreakable Enterprise kernel security update

5.15.0-207.156.6 - uek-container: Add advanced routing options Boris Ostrovsky Orabug: 36691279 - slub: use countpartialfreeapprox in slaboutofmemory Jianfeng Wang Orabug: 36655468 - slub: introduce countpartialfreeapprox Jianfeng Wang Orabug: 36655468 - Revert 'lockd: introduce safe async lock o...

GSD-2022-1004553 x86/bugs: Report Intel retbleed vulnerability

x86/bugs: Report Intel retbleed vulnerability This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.133 by commit...

SUSE: Security Advisory (SUSE-SU-2018:1374-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OracleVM 3.4 : Unbreakable / etc (OVMSA-2019-0007) (Spectre)

The remote OracleVM system is missing necessary patches to address critical security updates : - x86/bugs: Fix the AMD SSBD usage of the SPECCTRL MSR Tom Lendacky Orabug: 28870524 CVE-2018-3639 - x86/bugs: Add AMD's SPECCTRL MSR usage Konrad Rzeszutek Wilk Orabug: 28870524 CVE-2018-3639 -...

OracleVM 3.4 : Unbreakable / etc (OVMSA-2018-0228) (Spectre)

The remote OracleVM system is missing necessary patches to address critical security updates : - netlink: add a start callback for starting a netlink dump Tom Herbert Orabug: 27169581 CVE-2017-16939 - ipsec: Fix aborted xfrm policy dump crash Herbert Xu Orabug: 27169581 CVE-2017-16939 - net/rds:...