Red Hat Security Advisory 2024-0575-03 - An update for kernel is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include denial of service, double free, null pointer, out of bounds write, and use-after-free vulnerabilities.
787ee2074ed3180a632abb108b59142b8aa890f03eff2d1d5ba28366f33e2f13Ubuntu Security Notice 6385-1 - It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. William Zhao discovered that the Traffic Control subsystem in the Linux kernel did not properly handle network packet retransmission in certain situations. A local attacker could use this to cause a denial of service.
397aabee4166381c7e45af794aab5e2f5ce22baf3c0ee09c03c9b743ea1a8b5fUbuntu Security Notice 6341-1 - Jordy Zomer and Alexandra Sandulescu discovered that syscalls invoking the do_prlimit function in the Linux kernel did not properly handle speculative execution barriers. A local attacker could use this to expose sensitive information. It was discovered that a use-after-free vulnerability existed in the IEEE 1394 implementation in the Linux kernel. A privileged attacker could use this to cause a denial of service or possibly execute arbitrary code.
ca34fa3d447279b67b01ba5d2440f9e87fb69131a520e1fce87446a60f8869f2Red Hat Security Advisory 2023-4814-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include null pointer, out of bounds write, and use-after-free vulnerabilities.
8c5ac94c6537d23ca9834883b4b960ad9b55d066cc97d33f79eed6c4cff6d24bRed Hat Security Advisory 2023-4801-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include null pointer, out of bounds write, and use-after-free vulnerabilities.
69dee2dbee577aa7aa5d1ce9e6212537a5783f26169f7850358b75c721ad04abRed Hat Security Advisory 2023-4664-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift Virtualization 4.13.3 images. Issues addressed include a denial of service vulnerability.
e6adec08a41db66a6b16db061aa69314b8013291796ba90e7c9baac7c7edf27cRed Hat Security Advisory 2023-4456-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.13.8. Issues addressed include an add administrator vulnerability.
b0a498344d09cd12609bee557f305594f2cff6126e3cae1cdc620fc9159bf3ecRed Hat Security Advisory 2023-4378-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include an out of bounds write vulnerability.
511ec66ad263f75e030de1cbda1509e172580911b01a2b63f2b3736fac3387e2Red Hat Security Advisory 2023-4377-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include an out of bounds write vulnerability.
981ee03460bd476e4e848f2ec945b4f7f01dc4a931edef8abf648725a187cc49Ubuntu Security Notice 6256-1 - Jiasheng Jiang discovered that the HSA Linux kernel driver for AMD Radeon GPU devices did not properly validate memory allocation in certain situations, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service. Zheng Wang discovered that the Intel i915 graphics driver in the Linux kernel did not properly handle certain error conditions, leading to a double-free. A local attacker could possibly use this to cause a denial of service.
53c2946b5d19f257334d1182e7199b58771f576b4b09ca7d1fb73edd8b8401a3Ubuntu Security Notice 6254-1 - Jordy Zomer and Alexandra Sandulescu discovered that syscalls invoking the do_prlimit function in the Linux kernel did not properly handle speculative execution barriers. A local attacker could use this to expose sensitive information. It was discovered that a race condition existed in the btrfs file system implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly expose sensitive information.
0faaa1a4c904d2777eb8f39748a9d767eddb9f41659d19079b8dcbea4f5d81efUbuntu Security Notice 6222-1 - Jiasheng Jiang discovered that the HSA Linux kernel driver for AMD Radeon GPU devices did not properly validate memory allocation in certain situations, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service. Zheng Wang discovered that the Intel i915 graphics driver in the Linux kernel did not properly handle certain error conditions, leading to a double-free. A local attacker could possibly use this to cause a denial of service.
94dbf49a52b22f22555588a1537c9f53427bb276aea89e1ea9e550c810bfd1d7Ubuntu Security Notice 6134-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier has been removed. It was discovered that the Traffic-Control Index implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
f29d43641cf6602854ca5f12c8ec924f3cc0c924589ae311e0273f588159f703Ubuntu Security Notice 6096-1 - It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service.
34cc30ebdf58924fb1b0c1d2ffdb4157e4f644bf5821397bbd37680bea54a1e2Ubuntu Security Notice 6093-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier has been removed. It was discovered that the Traffic-Control Index implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
a978cac588db84607cc6b04a9d12c7eba418d67966b505fd71ab931daba3fd00Ubuntu Security Notice 6091-1 - It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service.
651ba1a89cf9b5d5fcfc6ec7f0f13b73b41225a33fc642efba219a7eab3cd1baUbuntu Security Notice 6079-1 - It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service.
c55226f642efc261a275c77b949560f51ecbee738f4b1ae410a64e9ef5623271
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed