Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -4 articles for you...
89
security advisorysecurity issuefedoraFedora 40: Security Advisory FEDORA-2024-169a1cc589 for Xen Threats
double unlock in x86 guest IRQ handling [XSA-458, CVE-2024-31143] x86: Native Branch History Injection [XSA-456 version 3, CVE-2024-2201]. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-169a1cc589 2024-08-01 02:52:09.188975 -------------------------------------------------------------------------------- Name : xen Product : Fedora 40 Version : 4.18.2 Release : 4.fc40 URL : https://xenproject.org/ Summary : Xen is a virtual machine monitor Description : This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor -------------------------------------------------------------------------------- Update Information: double unlock in x86 guest IRQ handling [XSA-458, CVE-2024-31143] x86: Native Branch History Injection [XSA-456 version 3, CVE-2024-2201] -------------------------------------------------------------------------------- ChangeLog: * Tue Jul 16 2024 Michael Young - 4.18.2-4 - double unlock in x86 guest IRQ handling [XSA-458, CVE-2024-31143] * Fri Jun 7 2024 Python Maint - 4.18.2-3 - Rebuilt for Python 3.13 * Mon Jun 3 2024 Michael Young - 4.18.2-2 - x86: Native Branch History Injection [XSA-456 version 3, CVE-2024-2201] -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-169a1cc589' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list
Aug 01, 2024
•Critical
Fedora
89
security advisoryFedorabranch history injectionFedora 39: 2024-58c950d8d8 Moderate: Double Unlock, IRQ Handling
x86: Native Branch History Injection [XSA-456 version 3, CVE-2024-2201] double unlock in x86 guest IRQ handling [XSA-458, CVE-2024-31143]. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-58c950d8d8 2024-08-01 01:24:27.004238 -------------------------------------------------------------------------------- Name : xen Product : Fedora 39 Version : 4.17.4 Release : 2.fc39 URL : https://xenproject.org/ Summary : Xen is a virtual machine monitor Description : This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor -------------------------------------------------------------------------------- Update Information: x86: Native Branch History Injection [XSA-456 version 3, CVE-2024-2201] double unlock in x86 guest IRQ handling [XSA-458, CVE-2024-31143] -------------------------------------------------------------------------------- ChangeLog: * Tue Jul 16 2024 Michael Young - 4.17.4-2 - x86: Native Branch History Injection [XSA-456 version 3, CVE-2024-2201] - double unlock in x86 guest IRQ handling [XSA-458, CVE-2024-31143] -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-58c950d8d8' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Aug 01, 2024
•Important
Fedora
89
security advisorymoderateFedoraFedora 39 FEDORA-2024-4357ec611d Moderate: Xen Bug Check Mitigations
x86: Native Branch History Injection [XSA-456, CVE-2024-2201] update to xen 4.17.4, remove patches now included upstream rebase xen.gcc12.fixes.patch x86 HVM hypercalls may trigger Xen bug check [XSA-454, CVE-2023-46842] x86: Incorrect logic for BTC/SRSO mitigations [XSA-455, CVE-2024-31142]. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-4357ec611d 2024-04-25 01:19:12.574795 -------------------------------------------------------------------------------- Name : xen Product : Fedora 39 Version : 4.17.4 Release : 1.fc39 URL : https://xenproject.org/ Summary : Xen is a virtual machine monitor Description : This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor -------------------------------------------------------------------------------- Update Information: x86: Native Branch History Injection [XSA-456, CVE-2024-2201] update to xen 4.17.4, remove patches now included upstream rebase xen.gcc12.fixes.patch x86 HVM hypercalls may trigger Xen bug check [XSA-454, CVE-2023-46842] x86: Incorrect logic for BTC/SRSO mitigations [XSA-455, CVE-2024-31142] -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 9 2024 Michael Young - 4.17.4-1 - x86: Native Branch History Injection [XSA-456, CVE-2024-2201] - update to xen 4.17.4, remove patches now included upstream rebase xen.gcc12.fixes.patch - x86 HVM hypercalls may trigger Xen bug check [XSA-454, CVE-2023-46842] - x86: Incorrect logic for BTC/SRSO mitigations [XSA-455, CVE-2024-31142] -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-4357ec611d' at the command line. For more information, refer to the dnf documentation availableat http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Apr 25, 2024
Fedora
89
security advisoryFedoraxen updateFedora 40 Notification: FEDORA-2024-a46df5ba2f Critical Xen Native Branch
x86: Native Branch History Injection [XSA-456, CVE-2024-2201] update to xen 4.18.2, remove patches now included upstream x86 HVM hypercalls may trigger Xen bug check [XSA-454, CVE-2023-46842] x86: Incorrect logic for BTC/SRSO mitigations [XSA-455, CVE-2024-31142]. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-a46df5ba2f 2024-04-25 00:59:19.184421 -------------------------------------------------------------------------------- Name : xen Product : Fedora 40 Version : 4.18.2 Release : 1.fc40 URL : https://xenproject.org/ Summary : Xen is a virtual machine monitor Description : This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor -------------------------------------------------------------------------------- Update Information: x86: Native Branch History Injection [XSA-456, CVE-2024-2201] update to xen 4.18.2, remove patches now included upstream x86 HVM hypercalls may trigger Xen bug check [XSA-454, CVE-2023-46842] x86: Incorrect logic for BTC/SRSO mitigations [XSA-455, CVE-2024-31142] -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 9 2024 Michael Young - 4.18.2-1 - x86: Native Branch History Injection [XSA-456, CVE-2024-2201] - update to xen 4.18.2, remove patches now included upstream * Tue Apr 9 2024 Michael Young - 4.18.1-2 - x86 HVM hypercalls may trigger Xen bug check [XSA-454, CVE-2023-46842] - x86: Incorrect logic for BTC/SRSO mitigations [XSA-455, CVE-2024-31142] -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-a46df5ba2f' at the command line. For more information, refer to the dnf documentation availableat http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Apr 25, 2024
•Critical
Fedora
100
security advisorydenial of servicesecurity issueSUSE: 2022:0766-1 Important: Kernel Security Update for Multiple Issues
An update that solves 9 vulnerabilities and has 7 fixes is now available. . SUSE Security Update: Security update for the Linux Kernel ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:0766-1 Rating: important References: #1107207 #1185973 #1191580 #1194516 #1195536 #1195543 #1195612 #1195840 #1195897 #1195908 #1195949 #1195987 #1196079 #1196155 #1196584 #1196612 Cross-References: CVE-2021-44879 CVE-2022-0001 CVE-2022-0002 CVE-2022-0487 CVE-2022-0492 CVE-2022-0617 CVE-2022-0644 CVE-2022-24448 CVE-2022-24959 CVSS scores: CVE-2021-44879 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2021-44879 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2022-0001 (SUSE): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N CVE-2022-0002 (SUSE): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N CVE-2022-0487 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVE-2022-0487 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2022-0492 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2022-0617 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2022-0617 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2022-0644 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2022-24448 (NVD) : 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVE-2022-24448 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVE-2022-24959 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2022-24959 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: SUSE Linux Enterprise High Availability 15 SUSE Linux Enterprise High Performance Computing 15 SUSE Linux Enterprise High Performance Computing 15-ESPOS SUSE Linux Enterprise High Performance Computing 15-LTSS SUSE Linux Enterprise Module for Live Patching 15 SUSE Linux Enterprise Server 15 SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Server for SAP 15 SUSE Linux Enterprise Server for SAP Applications 15 ______________________________________________________________________________ An update that solves 9 vulnerabilities and has 7 fixes is now available. Description: The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. Transient execution side-channel attacks attacking the Branch History Buffer (BHB), named "Branch Target Injection" and "Intra-Mode Branch History Injection" are now mitigated. The following security bugs were fixed: - CVE-2022-0001: Fixed Branch History Injection vulnerability (bsc#1191580). - CVE-2022-0002: Fixed Intra-Mode Branch Target Injection vulnerability (bsc#1191580). - CVE-2022-0617: Fixed a null pointer dereference in UDF file system functionality. A local user could crash the system by triggering udf_file_write_iter() via a malicious UDF image. (bsc#1196079) - CVE-2022-0644: Fixed a denial of service by a local user. A assertion failure could be triggered in kernel_read_file_from_fd() (bsc#1196155). - CVE-2021-44879: In gc_data_segment() in fs/f2fs/gc.c, special files were not considered, which lead to a move_data_page NULL pointer dereference (bsc#1195987). - CVE-2022-24959: Fixed a memory leak in yam_siocdevprivate() in drivers/net/hamradio/yam.c (bsc#1195897). - CVE-2022-0487: A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove() indrivers/memstick/host/rtsx_usb_ms.c (bsc#1194516). - CVE-2022-0492: Fixed a privilege escalation related to cgroups v1 release_agent feature, which allowed bypassing namespace isolation unexpectedly (bsc#1195543). - CVE-2022-24448: Fixed an issue in fs/nfs/dir.c. If an application sets the O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should have occured, but the server instead returned uninitialized data in the file descriptor (bsc#1195612). The following non-security bugs were fixed: - crypto: af_alg - get_page upon reassignment to TX SGL (bsc#1195840). - hv_netvsc: fix network namespace issues with VF support (bsc#1107207). - hv_netvsc: move VF to same namespace as netvsc device (bsc#1107207). - lib/iov_iter: initialize "flags" in new pipe_buffer (bsc#1196584). Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for SAP 15: zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2022-766=1 - SUSE Linux Enterprise Server 15-LTSS: zypper in -t patch SUSE-SLE-Product-SLES-15-2022-766=1 - SUSE Linux Enterprise Module for Live Patching 15: zypper in -t patch SUSE-SLE-Module-Live-Patching-15-2022-766=1 - SUSE Linux Enterprise High Performance Computing 15-LTSS: zypper in -t patch SUSE-SLE-Product-HPC-15-2022-766=1 - SUSE Linux Enterprise High Performance Computing 15-ESPOS: zypper in -t patch SUSE-SLE-Product-HPC-15-2022-766=1 - SUSE Linux Enterprise High Availability 15: zypper in -t patch SUSE-SLE-Product-HA-15-2022-766=1 Package List: - SUSE Linux Enterprise Server for SAP 15 (ppc64le x86_64): kernel-default-4.12.14-150.86.1 kernel-default-base-4.12.14-150.86.1 kernel-default-debuginfo-4.12.14-150.86.1 kernel-default-debugsource-4.12.14-150.86.1 kernel-default-devel-4.12.14-150.86.1 kernel-default-devel-debuginfo-4.12.14-150.86.1 kernel-obs-build-4.12.14-150.86.1 kernel-obs-build-debugsource-4.12.14-150.86.1 kernel-syms-4.12.14-150.86.1 kernel-vanilla-base-4.12.14-150.86.1 kernel-vanilla-base-debuginfo-4.12.14-150.86.1 kernel-vanilla-debuginfo-4.12.14-150.86.1 kernel-vanilla-debugsource-4.12.14-150.86.1 reiserfs-kmp-default-4.12.14-150.86.1 reiserfs-kmp-default-debuginfo-4.12.14-150.86.1 - SUSE Linux Enterprise Server for SAP 15 (noarch): kernel-devel-4.12.14-150.86.1 kernel-docs-4.12.14-150.86.1 kernel-macros-4.12.14-150.86.1 kernel-source-4.12.14-150.86.1 - SUSE Linux Enterprise Server 15-LTSS (aarch64 s390x): kernel-default-4.12.14-150.86.1 kernel-default-base-4.12.14-150.86.1 kernel-default-debuginfo-4.12.14-150.86.1 kernel-default-debugsource-4.12.14-150.86.1 kernel-default-devel-4.12.14-150.86.1 kernel-default-devel-debuginfo-4.12.14-150.86.1 kernel-obs-build-4.12.14-150.86.1 kernel-obs-build-debugsource-4.12.14-150.86.1 kernel-syms-4.12.14-150.86.1 kernel-vanilla-base-4.12.14-150.86.1 kernel-vanilla-base-debuginfo-4.12.14-150.86.1 kernel-vanilla-debuginfo-4.12.14-150.86.1 kernel-vanilla-debugsource-4.12.14-150.86.1 reiserfs-kmp-default-4.12.14-150.86.1 reiserfs-kmp-default-debuginfo-4.12.14-150.86.1 - SUSE Linux Enterprise Server 15-LTSS (noarch): kernel-devel-4.12.14-150.86.1 kernel-docs-4.12.14-150.86.1 kernel-macros-4.12.14-150.86.1 kernel-source-4.12.14-150.86.1 - SUSE Linux Enterprise Server 15-LTSS (s390x): kernel-default-man-4.12.14-150.86.1 kernel-zfcpdump-debuginfo-4.12.14-150.86.1 kernel-zfcpdump-debugsource-4.12.14-150.86.1 - SUSE Linux Enterprise Module for Live Patching 15 (ppc64le x86_64): kernel-default-debuginfo-4.12.14-150.86.1 kernel-default-debugsource-4.12.14-150.86.1 kernel-default-livepatch-4.12.14-150.86.1 kernel-livepatch-4_12_14-150_86-default-1-1.3.1 kernel-livepatch-4_12_14-150_86-default-debuginfo-1-1.3.1 - SUSE Linux Enterprise High Performance Computing 15-LTSS (aarch64 x86_64): kernel-default-4.12.14-150.86.1 kernel-default-base-4.12.14-150.86.1 kernel-default-debuginfo-4.12.14-150.86.1 kernel-default-debugsource-4.12.14-150.86.1 kernel-default-devel-4.12.14-150.86.1 kernel-default-devel-debuginfo-4.12.14-150.86.1 kernel-obs-build-4.12.14-150.86.1 kernel-obs-build-debugsource-4.12.14-150.86.1 kernel-syms-4.12.14-150.86.1 kernel-vanilla-base-4.12.14-150.86.1 kernel-vanilla-base-debuginfo-4.12.14-150.86.1 kernel-vanilla-debuginfo-4.12.14-150.86.1 kernel-vanilla-debugsource-4.12.14-150.86.1 - SUSE Linux Enterprise High Performance Computing 15-LTSS (noarch): kernel-devel-4.12.14-150.86.1 kernel-docs-4.12.14-150.86.1 kernel-macros-4.12.14-150.86.1 kernel-source-4.12.14-150.86.1 - SUSE Linux Enterprise High Performance Computing 15-ESPOS (aarch64 x86_64): kernel-default-4.12.14-150.86.1 kernel-default-base-4.12.14-150.86.1 kernel-default-debuginfo-4.12.14-150.86.1 kernel-default-debugsource-4.12.14-150.86.1 kernel-default-devel-4.12.14-150.86.1 kernel-default-devel-debuginfo-4.12.14-150.86.1 kernel-obs-build-4.12.14-150.86.1 kernel-obs-build-debugsource-4.12.14-150.86.1 kernel-syms-4.12.14-150.86.1 kernel-vanilla-base-4.12.14-150.86.1 kernel-vanilla-base-debuginfo-4.12.14-150.86.1 kernel-vanilla-debuginfo-4.12.14-150.86.1 kernel-vanilla-debugsource-4.12.14-150.86.1 - SUSE Linux Enterprise High Performance Computing 15-ESPOS (noarch): kernel-devel-4.12.14-150.86.1 kernel-docs-4.12.14-150.86.1 kernel-macros-4.12.14-150.86.1 kernel-source-4.12.14-150.86.1 - SUSE Linux Enterprise High Availability 15 (aarch64 ppc64le s390x x86_64): cluster-md-kmp-default-4.12.14-150.86.1 cluster-md-kmp-default-debuginfo-4.12.14-150.86.1 dlm-kmp-default-4.12.14-150.86.1 dlm-kmp-default-debuginfo-4.12.14-150.86.1 gfs2-kmp-default-4.12.14-150.86.1 gfs2-kmp-default-debuginfo-4.12.14-150.86.1 kernel-default-debuginfo-4.12.14-150.86.1 kernel-default-debugsource-4.12.14-150.86.1 ocfs2-kmp-default-4.12.14-150.86.1 ocfs2-kmp-default-debuginfo-4.12.14-150.86.1 References: https://www.suse.com/security/cve/CVE-2021-44879.html https://www.suse.com/security/cve/CVE-2022-0001.html https://www.suse.com/security/cve/CVE-2022-0002.html https://www.suse.com/security/cve/CVE-2022-0487.html https://www.suse.com/security/cve/CVE-2022-0492.html https://www.suse.com/security/cve/CVE-2022-0617.html https://www.suse.com/security/cve/CVE-2022-0644.html https://www.suse.com/security/cve/CVE-2022-24448.html https://www.suse.com/security/cve/CVE-2022-24959.html https://bugzilla.suse.com/1107207 https://bugzilla.suse.com/1185973 https://bugzilla.suse.com/1191580 https://bugzilla.suse.com/1194516 https://bugzilla.suse.com/1195536 https://bugzilla.suse.com/1195543 https://bugzilla.suse.com/1195612 https://bugzilla.suse.com/1195840 https://bugzilla.suse.com/1195897 https://bugzilla.suse.com/1195908 https://bugzilla.suse.com/1195949 https://bugzilla.suse.com/1195987 https://bugzilla.suse.com/1196079 https://bugzilla.suse.com/1196155 https://bugzilla.suse.com/1196584 https://bugzilla.suse.com/1196612 . SUSE rolls out a significant enhancement for the Linux Kernel, tackling 9 vulnerabilities and incorporating 7 improvements.. SUSE Linux Kernel Update,SUSE Security Patch,SUSE Security Issues. . Severity: Important. LinuxSecurity.com Team
Mar 08, 2022
•Important
SuSE
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!