kernel:4.18.0 security update

4.18.0-553.30.110.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...

ROS-20241028-03

The vulnerability of the quota component of the Linux kernel is related to the NULL pointer dereferencing in the functions dquotmarkdquotdirty, dquotallocspace, dquotallocinode, EXPORTSYMBOL, dquotclaimspacenodirty, dquotreclaimspacenodirty, dquotfreespace, dquotfreeinode, and dquottransfer in...

CVE-2024-50017 x86/mm/ident_map: Use gbpages only where full GB page should be mapped.

In the Linux kernel, the following vulnerability has been resolved: x86/mm/identmap: Use gbpages only where full GB page should be mapped. When identpudinit uses only GB pages to create identity maps, large ranges of addresses not actually requested can be included in the resulting table; a 4K...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2024-12780)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12780 advisory. - VMCI: Fix use-after-free when removing resource in vmciresourceremove David Fernandez Gonzalez Orabug: 37037205 CVE-2024-46738 - exec: Fix ToCTo...

CVE-2024-44965

In the Linux kernel, the following vulnerability has been resolved: x86/mm: Fix pticlonepgtable alignment assumption Guenter reported dodgy crashes on an i386-nosmp build using GCC-11 that had the form of endless traps until entry stack exhaust and then DF from the stack guard. It turned out that...

CVE-2024-44965

In the Linux kernel, the following vulnerability has been resolved: x86/mm: Fix pticlonepgtable alignment assumption Guenter reported dodgy crashes on an i386-nosmp build using GCC-11 that had the form of endless traps until entry stack exhaust and then DF from the stack guard. It turned out that...

CVE-2024-44965

In the Linux kernel, the following vulnerability has been resolved: x86/mm: Fix pticlonepgtable alignment assumption Guenter reported dodgy crashes on an i386-nosmp build using GCC-11 that had the form of endless traps until entry stack exhaust and then DF from the stack guard. It turned out that...

CVE-2024-44965

CVE-2024-44965 is a Linux kernel vulnerability where pti_clone_pgtable() made alignment assumptions (PMD alignment) on the start address, which is valid on x86_64 but not on i386, causing the end condition to malfunction and potentially a short clone of user mappings. The issue could lead to trap...

CVE-2024-44965 x86/mm: Fix pti_clone_pgtable() alignment assumption

In the Linux kernel, the following vulnerability has been resolved: x86/mm: Fix pticlonepgtable alignment assumption Guenter reported dodgy crashes on an i386-nosmp build using GCC-11 that had the form of endless traps until entry stack exhaust and then DF from the stack guard. It turned out that...

CVE-2024-44965

In the Linux kernel, the following vulnerability has been resolved: x86/mm: Fix pticlonepgtable alignment assumption Guenter reported dodgy crashes on an i386-nosmp build using GCC-11 that had the form of endless traps until entry stack exhaust and then DF from the stack guard. It turned out that...

CVE-2024-44965 x86/mm: Fix pti_clone_pgtable() alignment assumption

In the Linux kernel, the following vulnerability has been resolved: x86/mm: Fix pticlonepgtable alignment assumption Guenter reported dodgy crashes on an i386-nosmp build using GCC-11 that had the form of endless traps until entry stack exhaust and then DF from the stack guard. It turned out that...

CVE-2023-52659

A vulnerability in the Linux kernel affected the x86/mm code, specifically in the pfntokaddr macro. The issue arises when the macro does not correctly handle input as a 64-bit type, causing crashes on 64-bit platforms, especially for SEV-SNP guests, when processing addresses above the 1TB range...

CVE-2024-26906 x86/mm: Disallow vsyscall page read for copy_from_kernel_nofault()

In the Linux kernel, the following vulnerability has been resolved: x86/mm: Disallow vsyscall page read for copyfromkernelnofault When trying to use copyfromkernelnofault to read vsyscall page through a bpf program, the following oops was reported: BUG: unable to handle page fault for address:...

CVE-2023-52576

In the Linux kernel, the following vulnerability has been resolved: x86/mm, kexec, ima: Use memblockfreelate from imafreekexecbuffer The code calling imafreekexecbuffer runs long after the memblock allocator has already been torn down, potentially resulting in a use after free in...

CVE-2023-52576 x86/mm, kexec, ima: Use memblock_free_late() from ima_free_kexec_buffer()

In the Linux kernel, the following vulnerability has been resolved: x86/mm, kexec, ima: Use memblockfreelate from imafreekexecbuffer The code calling imafreekexecbuffer runs long after the memblock allocator has already been torn down, potentially resulting in a use after free in...

CVE-2023-3640 Kernel: x86/mm: a per-cpu entry area leak was identified through the init_cea_offsets function when prefetchnta and prefetcht2 instructions being used for the per-cpu entry area mapping to the user space

A possible unauthorized memory access flaw was found in the Linux kernel's cpuentryarea mapping of X86 CPU data to memory, where a user may guess the location of exception stacks or other important data. Based on the previous CVE-2023-0597, the 'Randomize per-cpu entry area' feature was implement...

Fedora 36 : kernel (2023-c9ab30c8e3)

The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-c9ab30c8e3 advisory. The 6.1.9 stable kernel update contains a number of important fixes across the tree. Tenable has extracted the preceding description block directly...

Fedora 37 : kernel (2023-4006357f7e)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-4006357f7e advisory. The 6.1.9 stable kernel update contains a number of important fixes across the tree. Tenable has extracted the preceding description block directly...

Updated kernel packages fix security vulnerabilities

This update is based on upstream 5.4.6 and fixes various potential security issues related to buffer overflows, double frees, NUll pointer dereferences, improper / missing input validations and so on. It also adds other bugfixes all over the kernel. Other fixes added in this update: - x86/MCE/AMD...

OracleVM 3.4 : xen (OVMSA-2018-0221)

The remote OracleVM system is missing necessary patches to address critical security updates : - BUILDINFO: OVMF commit=173bf5c847e3ca8b42c11796ce048d8e2e916ff8 - BUILDINFO: xen commit=5ee0a217664a1fde547afa506e92e4998ed26699 - BUILDINFO: QEMU upstream...