Linux Kernel Organization, Inc. Security Vulnerabilities

Ubuntu 16.04 ESM : Linux kernel vulnerabilities (USN-5557-1)

The remote Ubuntu 16.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5557-1 advisory. It was discovered that a nft object or expression could reference a nft set on a different nft table, leading to a use-after-free once that table...

Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-5560-1)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5560-1 advisory. A kernel information leak flaw was identified in the scsi_ioctl function in drivers/scsi/scsi_ioctl.c in the Linux kernel. This flaw allows a local...

openSUSE Security Update : the Linux Kernel (openSUSE-2019-65)

The openSUSE Leap 15.0 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2018-19407: The vcpu_scan_ioapic function in arch/x86/kvm/x86.c allowed local users to cause a denial of service (NULL pointer dereference and BUG) via ...

CVE-2022-2652

Depending on the way the format strings in the card label are crafted it's possible to leak kernel stack memory. There is also the possibility for DoS due to the v4l2loopback kernel module crashing when providing the card label on request (reproduce e.g. with many %s modifiers in a...

Oracle Linux 8 : kernel (ELSA-2024-3138)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3138 advisory. - x86/sev: Harden #VC instruction emulation somewhat (Vitaly Kuznetsov) [RHEL-30040] {CVE-2024-25743 CVE-2024-25742} - mm/sparsemem: fix race in...

Amazon Linux 2 : kernel (ALAS-2022-1903)

The version of kernel installed on the remote host is prior to 4.14.301-224.520. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1903 advisory. 2024-06-06: CVE-2023-26607 was added to this advisory. A vulnerability was found in Linux Kernel. It has been...

Amazon Linux 2 : kernel (ALAS-2022-1838)

The version of kernel installed on the remote host is prior to 4.14.291-218.527. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1838 advisory. 2024-06-06: CVE-2022-20566 was added to this advisory. 2024-04-11: CVE-2023-1095 was added to this advisory. A...

CVE-2022-48719

In the Linux kernel, the following vulnerability has been resolved: net, neigh: Do not trigger immediate probes on NUD_FAILED from neigh_managed_work syzkaller was able to trigger a deadlock for NTF_MANAGED entries [0]: kworker/0:16/14617 is trying to acquire lock: ffffffff8d4dd370...

CVE-2024-39465

In the Linux kernel, the following vulnerability has been resolved: media: mgb4: Fix double debugfs remove Fixes an error where debugfs_remove_recursive() is called first on a parent directory and then again on a child which causes a kernel panic. [hverkuil: added Fixes/Cc...

RHEL 9 : kernel (RHSA-2024:3619)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3619 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: ipv6: sr: fix possible...

Amazon Linux 2 : kernel (ALAS-2023-2328)

The version of kernel installed on the remote host is prior to 4.14.327-246.539. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2328 advisory. 2024-06-06: CVE-2023-52567 was added to this advisory. 2024-04-11: CVE-2023-42754 was added to this advisory. A...

Amazon Linux 2 : kernel (ALAS-2022-1852)

The version of kernel installed on the remote host is prior to 4.14.294-220.533. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1852 advisory. 2024-06-06: CVE-2022-48687 was added to this advisory. 2023-10-12: CVE-2023-2860 was added to this advisory. An...

RHEL 9 : kernel (RHSA-2024:1881)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1881 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: Marvin vulnerability...

RHEL 7 : kernel (RHSA-2021:0526)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0526 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: umask not applied on...

RHEL 7 : kernel (RHSA-2020:3598)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:3598 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: kernel: DAX hugepages not...

RHEL 7 : kernel (RHSA-2020:2214)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2214 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: double free may be caused...

RHEL 7 : kernel (RHSA-2020:1460)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:1460 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * hardware: bluetooth: BR/EDR encryption key...

CVE-2024-33619

In the Linux kernel, the following vulnerability has been resolved: efi: libstub: only free priv.runtime_map when allocated priv.runtime_map is only allocated when efi_novamap is not set. Otherwise, it is an uninitialized value. In the error path, it is freed unconditionally. Avoid passing an...

CVE-2022-48763

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Forcibly leave nested virt when SMM state is toggled Forcibly leave nested virtualization operation if userspace toggles SMM state via KVM_SET_VCPU_EVENTS or KVM_SYNC_X86_EVENTS. If userspace forces the vCPU out of...

CVE-2023-28841

Moby is an open source container framework developed by Docker Inc. that is distributed as Docker, Mirantis Container Runtime, and various other downstream projects/products. The Moby daemon component (dockerd), which is developed as moby/moby is commonly referred to as Docker. Swarm Mode, which...

(RHSA-2024:2006) Important: kernel security and bug fix update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): kernel: use-after-free in smb2_is_status_io_timeout() (CVE-2023-1192) kernel: vmxnet3: NULL pointer dereference in vmxnet3_rq_cleanup() (CVE-2023-4459) kernel: tun: bugs for oversize...

Slackware 14.2 : Slackware 14.2 kernel (SSA:2019-030-01)

New kernel packages are available for Slackware 14.2 to fix security...

CVE-2024-36478

In the Linux kernel, the following vulnerability has been resolved: null_blk: fix null-ptr-dereference while configuring 'power' and 'submit_queues' Writing 'power' and 'submit_queues' concurrently will trigger kernel panic: Test script: modprobe null_blk nr_devices=0 mkdir -p...

openSUSE Security Update : the Linux Kernel (openSUSE-2019-140)

The openSUSE Leap 42.3 Linux kernel was updated to 4.4.172 to receive various security and bugfixes. The following security bugs were fixed : CVE-2019-3459,CVE-2019-3460: Two remote information leak vulnerabilities in the Bluetooth stack were fixed that could potentially leak kernel...

Ubuntu 18.04 LTS : Linux kernel regression (USN-3871-2)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-3871-2 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version...

RHEL 8 : kernel (RHSA-2024:3529)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3529 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: nf_tables: use-after-free...

RHEL 9 : kernel (RHSA-2024:2627)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2627 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * CVE-2024-25743 hw: amd:...

RHEL 7 : kernel (RHSA-2024:1747)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:1747 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: net/sched: fix use-after-free in...

RHEL 8 : kernel (RHSA-2021:0558)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0558 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: locking issue in...

RHEL 7 : kernel (RHSA-2020:3226)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3226 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: kernel: DAX hugepages not...

RHEL 7 : kernel (RHSA-2020:2831)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:2831 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * Kernel: vfio: access to disabled MMIO...

RHEL 8 : kernel (RHSA-2020:2102)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2102 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * Kernel: NetLabel: null pointer...

RHEL 6 : kernel (RHSA-2020:2103)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:2103 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * Kernel: NetLabel: null pointer dereference...

RHEL 7 : kernel (RHSA-2020:1266)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:1266 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: heap overflow in...

CVE-2024-38539

In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Fix kmemleak in rdma_core observed during blktests nvme/rdma use siw When running blktests nvme/rdma, the following kmemleak issue will appear. kmemleak: Kernel memory leak detector initialized (mempool available:36041).....

RHEL 7 : kernel (RHSA-2024:2004)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2004 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security fixes: * kernel: use after free in...

RHEL 9 : kernel (RHSA-2024:1532)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1532 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: CIFS Filesystem...

RHEL 7 : kernel (RHSA-2021:2734)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:2734 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: size_t-to-int conversion...

RHEL 7 : kernel (RHSA-2021:2355)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:2355 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: Integer overflow in...

RHEL 8 : kernel (RHSA-2021:1578)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:1578 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: Integer overflow in...

RHEL 8 : kernel (RHSA-2020:4431)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4431 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: use after free in the...

RHEL 8 : kernel (RHSA-2020:4287)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4287 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: net: bluetooth: type...

RHEL 8 : kernel (RHSA-2020:1372)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1372 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: powerpc: local user can...

RHEL 8 : kernel (RHSA-2020:3010)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3010 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: use-after-free in...

RHEL 7 : kernel (RHSA-2020:2832)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2832 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: buffer overflow in...

RHEL 7 : kernel (RHSA-2020:2082)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2082 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: double free may be caused...

RHEL 8 : kernel (RHSA-2024:3528)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3528 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: NULL pointer dereference...

RHEL 7 : kernel (RHSA-2024:0980)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0980 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: use-after-free in...

RHEL 7 : kernel (RHSA-2021:2164)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:2164 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: Integer overflow in...

RHEL 7 : kernel (RHSA-2020:3220)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3220 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: kernel: DAX hugepages not...