40 matches found
kernel:4.18.0 security update
4.18.0-553.30.110.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
CVE-2024-53072 platform/x86/amd/pmc: Detect when STB is not available
In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd/pmc: Detect when STB is not available Loading the amdpmc module as: amdpmc enablestb=1 ...can result in the following messages in the kernel ring buffer: amdpmc AMDI0009:00: SMU cmd failed. err: 0xff ioremap on R...
ROS-20241028-03
The vulnerability of the quota component of the Linux kernel is related to the NULL pointer dereferencing in the functions dquotmarkdquotdirty, dquotallocspace, dquotallocinode, EXPORTSYMBOL, dquotclaimspacenodirty, dquotreclaimspacenodirty, dquotfreespace, dquotfreeinode, and dquottransfer in...
CVE-2024-50017
In the Linux kernel, the following vulnerability has been resolved: x86/mm/identmap: Use gbpages only where full GB page should be mapped. When identpudinit uses only GB pages to create identity maps, large ranges of addresses not actually requested can be included in the resulting table; a 4K...
CVE-2024-50017
CVE-2024-50017 affects the Linux kernel’s identity-mapping code (x86/mm/ident_map). When ident_pud_init() creates identity maps using only GB pages, it can map large address ranges not requested (a 4K request could yield a full 1GB mapping), potentially including BIOS-reserved areas. This enables...
CVE-2024-50017 x86/mm/ident_map: Use gbpages only where full GB page should be mapped.
In the Linux kernel, the following vulnerability has been resolved: x86/mm/identmap: Use gbpages only where full GB page should be mapped. When identpudinit uses only GB pages to create identity maps, large ranges of addresses not actually requested can be included in the resulting table; a 4K...
CVE-2024-50017 x86/mm/ident_map: Use gbpages only where full GB page should be mapped.
In the Linux kernel, the following vulnerability has been resolved: x86/mm/identmap: Use gbpages only where full GB page should be mapped. When identpudinit uses only GB pages to create identity maps, large ranges of addresses not actually requested can be included in the resulting table; a 4K...
Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2024-12780)
The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12780 advisory. - VMCI: Fix use-after-free when removing resource in vmciresourceremove David Fernandez Gonzalez Orabug: 37037205 CVE-2024-46738 - exec: Fix ToCTo...
OracleVM 3.4 : kernel-uek (OVMSA-2024-0013)
The remote OracleVM system is missing necessary patches to address security updates: 4.1.12-124.90.3- SUNRPC: increase size of rpcwaitqueue.qlen from unsigned short to unsigned int Dai Ngo Orabug: 370554394.1.12-124.90.2- scsi: lpfc: Fix possible memory leak in lpfcrcvpadisc Justin Tee Orabug:...
CVE-2024-44965
In the Linux kernel, the following vulnerability has been resolved: x86/mm: Fix pticlonepgtable alignment assumption Guenter reported dodgy crashes on an i386-nosmp build using GCC-11 that had the form of endless traps until entry stack exhaust and then DF from the stack guard. It turned out that...
CVE-2024-44965
In the Linux kernel, the following vulnerability has been resolved: x86/mm: Fix pticlonepgtable alignment assumption Guenter reported dodgy crashes on an i386-nosmp build using GCC-11 that had the form of endless traps until entry stack exhaust and then DF from the stack guard. It turned out that...
CVE-2024-44965
In the Linux kernel, the following vulnerability has been resolved: x86/mm: Fix pticlonepgtable alignment assumption Guenter reported dodgy crashes on an i386-nosmp build using GCC-11 that had the form of endless traps until entry stack exhaust and then DF from the stack guard. It turned out that...
CVE-2024-44965 x86/mm: Fix pti_clone_pgtable() alignment assumption
In the Linux kernel, the following vulnerability has been resolved: x86/mm: Fix pticlonepgtable alignment assumption Guenter reported dodgy crashes on an i386-nosmp build using GCC-11 that had the form of endless traps until entry stack exhaust and then DF from the stack guard. It turned out that...
CVE-2024-44965
CVE-2024-44965 is a Linux kernel vulnerability where pti_clone_pgtable() made alignment assumptions (PMD alignment) on the start address, which is valid on x86_64 but not on i386, causing the end condition to malfunction and potentially a short clone of user mappings. The issue could lead to trap...
CVE-2024-44965
In the Linux kernel, the following vulnerability has been resolved: x86/mm: Fix pticlonepgtable alignment assumption Guenter reported dodgy crashes on an i386-nosmp build using GCC-11 that had the form of endless traps until entry stack exhaust and then DF from the stack guard. It turned out that...
CVE-2024-44965 x86/mm: Fix pti_clone_pgtable() alignment assumption
In the Linux kernel, the following vulnerability has been resolved: x86/mm: Fix pticlonepgtable alignment assumption Guenter reported dodgy crashes on an i386-nosmp build using GCC-11 that had the form of endless traps until entry stack exhaust and then DF from the stack guard. It turned out that...
RLSA-2024:4211 Important: kernel security and bug fix update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Bluetooth BR/EDR PIN Pairing procedure is vulnerable to an impersonation attack CVE-2020-26555 kernel: TCP-spoofed ghost ACKs and leak leak initial sequence number...
Rocky Linux 8 : kernel (RLSA-2024:4211)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:4211 advisory. kernel: Bluetooth BR/EDR PIN Pairing procedure is vulnerable to an impersonation attack CVE-2020-26555 kernel: TCP-spoofed ghost ACKs and leak leak...
CVE-2024-35877
In the Linux kernel, the following vulnerability has been resolved: x86/mm/pat: fix VMPAT handling in COW mappings PAT handling won't do the right thing in COW mappings: the first PTE or, in fact, all PTEs can be replaced during write faults to point at anon folios. Reliably recovering the correc...
CVE-2024-35877 x86/mm/pat: fix VM_PAT handling in COW mappings
In the Linux kernel, the following vulnerability has been resolved: x86/mm/pat: fix VMPAT handling in COW mappings PAT handling won't do the right thing in COW mappings: the first PTE or, in fact, all PTEs can be replaced during write faults to point at anon folios. Reliably recovering the correc...