Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -4 articles for you...
203
security advisorybug fixkernelMageia 9: MGASA-2025-0030 critical: kernel and kmod security fixes
Upstream kernel version 6.6.74 fixes bugs and vulnerabilities. The kmod-virtualbox and kmod-xtables-addons packages have been updated to work with this new kernel. For information about the vulnerabilities see the links. . MGASA-2025-0030 - Updated kernel, kmod-virtualbox, kmod-xtables-addons & dwarves packages fix security vulnerabilities Publication date: 31 Jan 2025 URL: https://advisories.mageia.org/MGASA-2025-0030.html Type: security Affected Mageia releases: 9 CVE: CVE-2024-36476, CVE-2024-39282, CVE-2024-41935, CVE-2024-43098, CVE-2024-45828, CVE-2024-46896, CVE-2024-47141, CVE-2024-47143, CVE-2024-47408, CVE-2024-47809, CVE-2024-48873, CVE-2024-48875, CVE-2024-48881, CVE-2024-49568, CVE-2024-49571, CVE-2024-50051, CVE-2024-52332, CVE-2024-53164, CVE-2024-53196, CVE-2024-53240, CVE-2024-53241, CVE-2024-53680, CVE-2024-53685, CVE-2024-53687, CVE-2024-53690, CVE-2024-54031, CVE-2024-54680, CVE-2024-54683, CVE-2024-55639, CVE-2024-55881, CVE-2024-55916, CVE-2024-56369, CVE-2024-56372, CVE-2024-56565, CVE-2024-56568, CVE-2024-56583, CVE-2024-56584, CVE-2024-56585, CVE-2024-56586, CVE-2024-56587, CVE-2024-56589, CVE-2024-56590, CVE-2024-56592, CVE-2024-56593, CVE-2024-56594, CVE-2024-56595, CVE-2024-56596, CVE-2024-56597, CVE-2024-56598, CVE-2024-56600, CVE-2024-56601, CVE-2024-56602, CVE-2024-56603, CVE-2024-56604, CVE-2024-56605, CVE-2024-56606, CVE-2024-56610, CVE-2024-56611, CVE-2024-56613, CVE-2024-56614, CVE-2024-56615, CVE-2024-56616, CVE-2024-56617, CVE-2024-56619, CVE-2024-56622, CVE-2024-56623, CVE-2024-56625, CVE-2024-56626, CVE-2024-56627, CVE-2024-56628, CVE-2024-56629, CVE-2024-56630, CVE-2024-56631, CVE-2024-56633, CVE-2024-56634, CVE-2024-56635, CVE-2024-56636, CVE-2024-56637, CVE-2024-56638, CVE-2024-56640, CVE-2024-56641, CVE-2024-56642, CVE-2024-56643, CVE-2024-56644, CVE-2024-56645, CVE-2024-56648, CVE-2024-56649, CVE-2024-56650, CVE-2024-56651, CVE-2024-56653, CVE-2024-56654, CVE-2024-56655, CVE-2024-56657, CVE-2024-56658, CVE-2024-56659, CVE-2024-56660, CVE-2024-56661, CVE-2024-56662, CVE-2024-56663, CVE-2024-56664, CVE-2024-56665, CVE-2024-56667, CVE-2024-56670, CVE-2024-56672, CVE-2024-56675, CVE-2024-56709, CVE-2024-56715, CVE-2024-56716, CVE-2024-56717, CVE-2024-56718, CVE-2024-56719, CVE-2024-56760, CVE-2024-56762, CVE-2024-56763, CVE-2024-56765, CVE-2024-56766, CVE-2024-56767, CVE-2024-56769, CVE-2024-56770, CVE-2024-56781, CVE-2024-56783, CVE-2024-56785, CVE-2024-56786, CVE-2024-56787, CVE-2024-57791, CVE-2024-57792, CVE-2024-57798, CVE-2024-57801, CVE-2024-57802, CVE-2024-57807, CVE-2024-57841, CVE-2024-57843, CVE-2024-57849, CVE-2024-57850, CVE-2024-57874, CVE-2024-57876, CVE-2024-57882, CVE-2024-57884, CVE-2024-57885, CVE-2024-57887, CVE-2024-57889, CVE-2024-57890, CVE-2024-57892, CVE-2024-57893, CVE-2024-57894, CVE-2024-57895, CVE-2024-57896, CVE-2024-57897, CVE-2024-57899, CVE-2024-57900, CVE-2024-57901, CVE-2024-57902, CVE-2024-57903, CVE-2024-57904, CVE-2024-57906, CVE-2024-57907, CVE-2024-57908, CVE-2024-57910, CVE-2024-57911, CVE-2024-57912, CVE-2024-57913, CVE-2024-57915, CVE-2024-57916, CVE-2024-57917, CVE-2024-57922, CVE-2024-57925, CVE-2024-57926, CVE-2024-57929, CVE-2024-57930, CVE-2024-57931, CVE-2024-57932, CVE-2024-57933, CVE-2024-57938, CVE-2024-57939, CVE-2024-57940, CVE-2024-57945, CVE-2024-57946, CVE-2025-21629, CVE-2025-21631, CVE-2025-21632, CVE-2025-21636, CVE-2025-21637, CVE-2025-21638, CVE-2025-21639, CVE-2025-21640, CVE-2025-21642, CVE-2025-21645, CVE-2025-21646, CVE-2025-21647, CVE-2025-21648, CVE-2025-21652, CVE-2025-21653, CVE-2025-21654, CVE-2025-21655, CVE-2025-21656, CVE-2025-21658, CVE-2025-21660, CVE-2025-21662, CVE-2025-21663, CVE-2025-21664, CVE-2025-23125, CVE-2025-23128 Upstream kernel version 6.6.74 fixes bugs and vulnerabilities. The kmod-virtualbox and kmod-xtables-addons packages have been updated to work with this new kernel. For information about the vulnerabilities see the links. References: - https://bugs.mageia.org/show_bug.cgi?id=33961 - https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.66 - https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.67 - https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.68 - https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.69 - https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.70 - https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.71 - https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.72 - https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.73 - https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.74 - https://www.cve.org/CVERecord?id=CVE-2024-36476 - https://www.cve.org/CVERecord?id=CVE-2024-39282 - https://www.cve.org/CVERecord?id=CVE-2024-41935 - https://www.cve.org/CVERecord?id=CVE-2024-43098 - https://www.cve.org/CVERecord?id=CVE-2024-45828 - https://www.cve.org/CVERecord?id=CVE-2024-46896 - https://www.cve.org/CVERecord?id=CVE-2024-47141 - https://www.cve.org/CVERecord?id=CVE-2024-47143 - https://www.cve.org/CVERecord?id=CVE-2024-47408 - https://www.cve.org/CVERecord?id=CVE-2024-47809 -https://www.cve.org/CVERecord?id=CVE-2024-48873 - https://www.cve.org/CVERecord?id=CVE-2024-48875 - https://www.cve.org/CVERecord?id=CVE-2024-48881 - https://www.cve.org/CVERecord?id=CVE-2024-49568 - https://www.cve.org/CVERecord?id=CVE-2024-49571 - https://www.cve.org/CVERecord?id=CVE-2024-50051 - https://www.cve.org/CVERecord?id=CVE-2024-52332 - https://www.cve.org/CVERecord?id=CVE-2024-53164 - https://www.cve.org/CVERecord?id=CVE-2024-53196 - https://www.cve.org/CVERecord?id=CVE-2024-53240 - https://www.cve.org/CVERecord?id=CVE-2024-53241 - https://www.cve.org/CVERecord?id=CVE-2024-53680 - https://www.cve.org/CVERecord?id=CVE-2024-53685 - https://www.cve.org/CVERecord?id=CVE-2024-53687 - https://www.cve.org/CVERecord?id=CVE-2024-53690 - https://www.cve.org/CVERecord?id=CVE-2024-54031 - https://www.cve.org/CVERecord?id=CVE-2024-54680 - https://www.cve.org/CVERecord?id=CVE-2024-54683 - https://www.cve.org/CVERecord?id=CVE-2024-55639 - https://www.cve.org/CVERecord?id=CVE-2024-55881 - https://www.cve.org/CVERecord?id=CVE-2024-55916 - https://www.cve.org/CVERecord?id=CVE-2024-56369 - https://www.cve.org/CVERecord?id=CVE-2024-56372 - https://www.cve.org/CVERecord?id=CVE-2024-56565 - https://www.cve.org/CVERecord?id=CVE-2024-56568 - https://www.cve.org/CVERecord?id=CVE-2024-56583 - https://www.cve.org/CVERecord?id=CVE-2024-56584 - https://www.cve.org/CVERecord?id=CVE-2024-56585 - https://www.cve.org/CVERecord?id=CVE-2024-56586 - https://www.cve.org/CVERecord?id=CVE-2024-56587 - https://www.cve.org/CVERecord?id=CVE-2024-56589 - https://www.cve.org/CVERecord?id=CVE-2024-56590 - https://www.cve.org/CVERecord?id=CVE-2024-56592 - https://www.cve.org/CVERecord?id=CVE-2024-56593 - https://www.cve.org/CVERecord?id=CVE-2024-56594 - https://www.cve.org/CVERecord?id=CVE-2024-56595 - https://www.cve.org/CVERecord?id=CVE-2024-56596 - https://www.cve.org/CVERecord?id=CVE-2024-56597 - https://www.cve.org/CVERecord?id=CVE-2024-56598 - https://www.cve.org/CVERecord?id=CVE-2024-56600 -https://www.cve.org/CVERecord?id=CVE-2024-56601 - https://www.cve.org/CVERecord?id=CVE-2024-56602 - https://www.cve.org/CVERecord?id=CVE-2024-56603 - https://www.cve.org/CVERecord?id=CVE-2024-56604 - https://www.cve.org/CVERecord?id=CVE-2024-56605 - https://www.cve.org/CVERecord?id=CVE-2024-56606 - https://www.cve.org/CVERecord?id=CVE-2024-56610 - https://www.cve.org/CVERecord?id=CVE-2024-56611 - https://www.cve.org/CVERecord?id=CVE-2024-56613 - https://www.cve.org/CVERecord?id=CVE-2024-56614 - https://www.cve.org/CVERecord?id=CVE-2024-56615 - https://www.cve.org/CVERecord?id=CVE-2024-56616 - https://www.cve.org/CVERecord?id=CVE-2024-56617 - https://www.cve.org/CVERecord?id=CVE-2024-56619 - https://www.cve.org/CVERecord?id=CVE-2024-56622 - https://www.cve.org/CVERecord?id=CVE-2024-56623 - https://www.cve.org/CVERecord?id=CVE-2024-56625 - https://www.cve.org/CVERecord?id=CVE-2024-56626 - https://www.cve.org/CVERecord?id=CVE-2024-56627 - https://www.cve.org/CVERecord?id=CVE-2024-56628 - https://www.cve.org/CVERecord?id=CVE-2024-56629 - https://www.cve.org/CVERecord?id=CVE-2024-56630 - https://www.cve.org/CVERecord?id=CVE-2024-56631 - https://www.cve.org/CVERecord?id=CVE-2024-56633 - https://www.cve.org/CVERecord?id=CVE-2024-56634 - https://www.cve.org/CVERecord?id=CVE-2024-56635 - https://www.cve.org/CVERecord?id=CVE-2024-56636 - https://www.cve.org/CVERecord?id=CVE-2024-56637 - https://www.cve.org/CVERecord?id=CVE-2024-56638 - https://www.cve.org/CVERecord?id=CVE-2024-56640 - https://www.cve.org/CVERecord?id=CVE-2024-56641 - https://www.cve.org/CVERecord?id=CVE-2024-56642 - https://www.cve.org/CVERecord?id=CVE-2024-56643 - https://www.cve.org/CVERecord?id=CVE-2024-56644 - https://www.cve.org/CVERecord?id=CVE-2024-56645 - https://www.cve.org/CVERecord?id=CVE-2024-56648 - https://www.cve.org/CVERecord?id=CVE-2024-56649 - https://www.cve.org/CVERecord?id=CVE-2024-56650 - https://www.cve.org/CVERecord?id=CVE-2024-56651 - https://www.cve.org/CVERecord?id=CVE-2024-56653 -https://www.cve.org/CVERecord?id=CVE-2024-56654 - https://www.cve.org/CVERecord?id=CVE-2024-56655 - https://www.cve.org/CVERecord?id=CVE-2024-56657 - https://www.cve.org/CVERecord?id=CVE-2024-56658 - https://www.cve.org/CVERecord?id=CVE-2024-56659 - https://www.cve.org/CVERecord?id=CVE-2024-56660 - https://www.cve.org/CVERecord?id=CVE-2024-56661 - https://www.cve.org/CVERecord?id=CVE-2024-56662 - https://www.cve.org/CVERecord?id=CVE-2024-56663 - https://www.cve.org/CVERecord?id=CVE-2024-56664 - https://www.cve.org/CVERecord?id=CVE-2024-56665 - https://www.cve.org/CVERecord?id=CVE-2024-56667 - https://www.cve.org/CVERecord?id=CVE-2024-56670 - https://www.cve.org/CVERecord?id=CVE-2024-56672 - https://www.cve.org/CVERecord?id=CVE-2024-56675 - https://www.cve.org/CVERecord?id=CVE-2024-56709 - https://www.cve.org/CVERecord?id=CVE-2024-56715 - https://www.cve.org/CVERecord?id=CVE-2024-56716 - https://www.cve.org/CVERecord?id=CVE-2024-56717 - https://www.cve.org/CVERecord?id=CVE-2024-56718 - https://www.cve.org/CVERecord?id=CVE-2024-56719 - https://www.cve.org/CVERecord?id=CVE-2024-56760 - https://www.cve.org/CVERecord?id=CVE-2024-56762 - https://www.cve.org/CVERecord?id=CVE-2024-56763 - https://www.cve.org/CVERecord?id=CVE-2024-56765 - https://www.cve.org/CVERecord?id=CVE-2024-56766 - https://www.cve.org/CVERecord?id=CVE-2024-56767 - https://www.cve.org/CVERecord?id=CVE-2024-56769 - https://www.cve.org/CVERecord?id=CVE-2024-56770 - https://www.cve.org/CVERecord?id=CVE-2024-56781 - https://www.cve.org/CVERecord?id=CVE-2024-56783 - https://www.cve.org/CVERecord?id=CVE-2024-56785 - https://www.cve.org/CVERecord?id=CVE-2024-56786 - https://www.cve.org/CVERecord?id=CVE-2024-56787 - https://www.cve.org/CVERecord?id=CVE-2024-57791 - https://www.cve.org/CVERecord?id=CVE-2024-57792 - https://www.cve.org/CVERecord?id=CVE-2024-57798 - https://www.cve.org/CVERecord?id=CVE-2024-57801 - https://www.cve.org/CVERecord?id=CVE-2024-57802 - https://www.cve.org/CVERecord?id=CVE-2024-57807 -https://www.cve.org/CVERecord?id=CVE-2024-57841 - https://www.cve.org/CVERecord?id=CVE-2024-57843 - https://www.cve.org/CVERecord?id=CVE-2024-57849 - https://www.cve.org/CVERecord?id=CVE-2024-57850 - https://www.cve.org/CVERecord?id=CVE-2024-57874 - https://www.cve.org/CVERecord?id=CVE-2024-57876 - https://www.cve.org/CVERecord?id=CVE-2024-57882 - https://www.cve.org/CVERecord?id=CVE-2024-57884 - https://www.cve.org/CVERecord?id=CVE-2024-57885 - https://www.cve.org/CVERecord?id=CVE-2024-57887 - https://www.cve.org/CVERecord?id=CVE-2024-57889 - https://www.cve.org/CVERecord?id=CVE-2024-57890 - https://www.cve.org/CVERecord?id=CVE-2024-57892 - https://www.cve.org/CVERecord?id=CVE-2024-57893 - https://www.cve.org/CVERecord?id=CVE-2024-57894 - https://www.cve.org/CVERecord?id=CVE-2024-57895 - https://www.cve.org/CVERecord?id=CVE-2024-57896 - https://www.cve.org/CVERecord?id=CVE-2024-57897 - https://www.cve.org/CVERecord?id=CVE-2024-57899 - https://www.cve.org/CVERecord?id=CVE-2024-57900 - https://www.cve.org/CVERecord?id=CVE-2024-57901 - https://www.cve.org/CVERecord?id=CVE-2024-57902 - https://www.cve.org/CVERecord?id=CVE-2024-57903 - https://www.cve.org/CVERecord?id=CVE-2024-57904 - https://www.cve.org/CVERecord?id=CVE-2024-57906 - https://www.cve.org/CVERecord?id=CVE-2024-57907 - https://www.cve.org/CVERecord?id=CVE-2024-57908 - https://www.cve.org/CVERecord?id=CVE-2024-57910 - https://www.cve.org/CVERecord?id=CVE-2024-57911 - https://www.cve.org/CVERecord?id=CVE-2024-57912 - https://www.cve.org/CVERecord?id=CVE-2024-57913 - https://www.cve.org/CVERecord?id=CVE-2024-57915 - https://www.cve.org/CVERecord?id=CVE-2024-57916 - https://www.cve.org/CVERecord?id=CVE-2024-57917 - https://www.cve.org/CVERecord?id=CVE-2024-57922 - https://www.cve.org/CVERecord?id=CVE-2024-57925 - https://www.cve.org/CVERecord?id=CVE-2024-57926 - https://www.cve.org/CVERecord?id=CVE-2024-57929 - https://www.cve.org/CVERecord?id=CVE-2024-57930 - https://www.cve.org/CVERecord?id=CVE-2024-57931 -https://www.cve.org/CVERecord?id=CVE-2024-57932 - https://www.cve.org/CVERecord?id=CVE-2024-57933 - https://www.cve.org/CVERecord?id=CVE-2024-57938 - https://www.cve.org/CVERecord?id=CVE-2024-57939 - https://www.cve.org/CVERecord?id=CVE-2024-57940 - https://www.cve.org/CVERecord?id=CVE-2024-57945 - https://www.cve.org/CVERecord?id=CVE-2024-57946 - https://www.cve.org/CVERecord?id=CVE-2025-21629 - https://www.cve.org/CVERecord?id=CVE-2025-21631 - https://www.cve.org/CVERecord?id=CVE-2025-21632 - https://www.cve.org/CVERecord?id=CVE-2025-21636 - https://www.cve.org/CVERecord?id=CVE-2025-21637 - https://www.cve.org/CVERecord?id=CVE-2025-21638 - https://www.cve.org/CVERecord?id=CVE-2025-21639 - https://www.cve.org/CVERecord?id=CVE-2025-21640 - https://www.cve.org/CVERecord?id=CVE-2025-21642 - https://www.cve.org/CVERecord?id=CVE-2025-21645 - https://www.cve.org/CVERecord?id=CVE-2025-21646 - https://www.cve.org/CVERecord?id=CVE-2025-21647 - https://www.cve.org/CVERecord?id=CVE-2025-21648 - https://www.cve.org/CVERecord?id=CVE-2025-21652 - https://www.cve.org/CVERecord?id=CVE-2025-21653 - https://www.cve.org/CVERecord?id=CVE-2025-21654 - https://www.cve.org/CVERecord?id=CVE-2025-21655 - https://www.cve.org/CVERecord?id=CVE-2025-21656 - https://www.cve.org/CVERecord?id=CVE-2025-21658 - https://www.cve.org/CVERecord?id=CVE-2025-21660 - https://www.cve.org/CVERecord?id=CVE-2025-21662 - https://www.cve.org/CVERecord?id=CVE-2025-21663 - https://www.cve.org/CVERecord?id=CVE-2025-21664 - https://www.cve.org/CVERecord?id=CVE-2025-23125 - https://www.cve.org/CVERecord?id=CVE-2025-23128 SRPMS: - 9/core/kernel-6.6.74-1.mga9 - 9/core/kmod-virtualbox-7.0.24-64.mga9 - 9/core/kmod-xtables-addons-3.24-70.mga9 - 9/core/dwarves-1.29-1.mga9 . MGASA-2025-0031 addresses vulnerabilities in the kernel, kmod-vmware, and kmod-netfilter-addons to enhance security posture in Mageia.. Mageia Kernel Security Updates, kmod-virtualbox Security Advisory, kmod-xtables-addons Fixes. . Severity: Critical. LinuxSecurity.com Team
Jan 31, 2025
•Critical
Mageia
203
security advisorysecurity issuekernelMageia 9: 2024-0263 Critical: Kernel and kmod Package Security Fix
Upstream kernel version 6.6.37 fix bugs and vulnerabilities. The dwarves, kmod-virtualbox and kmod-xtables-addons packages have been updated to work with this new kernel. For information about the vulnerabilities see the links. . MGASA-2024-0263 - Updated kernel kmod-xtables-addons kmod-virtualbox dwarves packages fix security vulnerabilities Publication date: 13 Jul 2024 URL: https://advisories.mageia.org/MGASA-2024-0263.html Type: security Affected Mageia releases: 9 CVE: CVE-2024-38587, CVE-2024-35981, CVE-2024-35980, CVE-2024-35869, CVE-2024-35870, CVE-2024-35812, CVE-2024-27013, CVE-2024-27020, CVE-2024-27019, CVE-2024-27018, CVE-2024-27016, CVE-2024-27015, CVE-2024-27014, CVE-2024-26988, CVE-2024-26987, CVE-2024-26986, CVE-2024-26984, CVE-2024-26983, CVE-2024-27009, CVE-2024-27008, CVE-2024-27005, CVE-2024-27004, CVE-2024-27003, CVE-2024-27002, CVE-2024-27001, CVE-2024-27000, CVE-2024-26999, CVE-2024-26981, CVE-2024-26998, CVE-2024-26997, CVE-2024-26996, CVE-2024-26994, CVE-2024-26993, CVE-2024-26992, CVE-2024-26990, CVE-2024-26989, CVE-2024-26936, CVE-2024-26980, CVE-2024-26939, CVE-2024-36029, CVE-2024-35990, CVE-2024-35999, CVE-2024-35998, CVE-2024-35997, CVE-2024-35996, CVE-2024-35995, CVE-2024-35992, CVE-2024-36009, CVE-2024-36008, CVE-2024-36007, CVE-2024-36006, CVE-2024-36005, CVE-2024-36004, CVE-2024-36003, CVE-2024-36000, CVE-2024-35991, CVE-2024-35989, CVE-2024-35988, CVE-2024-35987, CVE-2024-35986, CVE-2024-35985, CVE-2024-35983, CVE-2024-35984, CVE-2024-35855, CVE-2024-35854, CVE-2024-35853, CVE-2024-35852, CVE-2024-35851, CVE-2024-35850, CVE-2024-35849, CVE-2024-35858, CVE-2024-35857, CVE-2024-35856, CVE-2024-35847, CVE-2024-27396, CVE-2024-27395, CVE-2024-36484, CVE-2024-36964, CVE-2024-36963, CVE-2024-36962, CVE-2024-36960, CVE-2024-36942, CVE-2024-36951, CVE-2024-36950, CVE-2024-36949, CVE-2024-36947, CVE-2024-36946, CVE-2024-36945, CVE-2024-36944, CVE-2024-36959, CVE-2024-36957, CVE-2024-36955, CVE-2024-36954, CVE-2024-36953, CVE-2024-36952, CVE-2024-36916, CVE-2024-36914, CVE-2024-36913, CVE-2024-36912, CVE-2024-36911, CVE-2024-36941, CVE-2024-36940, CVE-2024-36939, CVE-2024-36938, CVE-2024-36937, CVE-2024-36910, CVE-2024-36934, CVE-2024-36933, CVE-2024-36931, CVE-2024-36930, CVE-2024-36929, CVE-2024-36928, CVE-2024-36927, CVE-2024-36909, CVE-2024-36926, CVE-2024-36925, CVE-2024-36924, CVE-2024-36922, CVE-2024-36921, CVE-2024-36920, CVE-2024-36919, CVE-2024-36918, CVE-2024-36917, CVE-2024-36908, CVE-2024-36880, CVE-2024-36889, CVE-2024-36888, CVE-2024-36887, CVE-2024-36886, CVE-2024-36885, CVE-2024-36883, CVE-2024-36906, CVE-2024-36905, CVE-2024-36904, CVE-2024-36903, CVE-2024-36902, CVE-2024-36901, CVE-2024-36900, CVE-2024-36882, CVE-2024-36899, CVE-2024-36898, CVE-2024-36897, CVE-2024-36896, CVE-2024-36895, CVE-2024-36894, CVE-2024-36893, CVE-2024-36891, CVE-2024-36890, CVE-2024-36881, CVE-2024-36032, CVE-2023-52882, CVE-2024-36031, CVE-2024-36028, CVE-2024-36017, CVE-2024-36011, CVE-2024-36012, CVE-2024-35947, CVE-2024-35848, CVE-2024-36977, CVE-2024-36975, CVE-2024-36966, CVE-2024-36969, CVE-2024-36968, CVE-2024-36967, CVE-2024-36965, CVE-2024-36966, CVE-2024-37021, CVE-2024-36479, CVE-2024-35247, CVE-2024-34030, CVE-2024-34027, CVE-2024-33847, CVE-2024-39292, CVE-2024-38667, CVE-2024-39291, CVE-2024-38384, CVE-2024-38664, CVE-2024-38663, CVE-2024-36481, CVE-2024-36477, CVE-2024-34777, CVE-2024-39277, CVE-2024-38662, CVE-2024-38780, CVE-2024-38659, CVE-2024-38634, CVE-2024-38637, CVE-2024-38636, CVE-2024-38635, CVE-2024-36484, CVE-2024-36286, CVE-2024-36281, CVE-2024-36270, CVE-2024-36244, CVE-2024-33621, CVE-2024-38633, CVE-2024-38632, CVE-2024-38630, CVE-2024-38629, CVE-2024-38628, CVE-2024-38627, CVE-2024-38625, CVE-2024-38624, CVE-2024-33619, CVE-2024-38623, CVE-2024-38622, CVE-2024-38621, CVE-2024-38391, CVE-2024-38390, CVE-2024-38388, CVE-2024-38381, CVE-2024-37356, CVE-2024-37353, CVE-2024-36489, CVE-2023-52884, CVE-2024-31076, CVE-2024-38620, CVE-2024-38617, CVE-2024-38616, CVE-2024-38615, CVE-2024-38614, CVE-2024-38613, CVE-2024-38612, CVE-2024-38611, CVE-2024-38610, CVE-2024-38618, CVE-2024-38607, CVE-2024-38605, CVE-2024-38604, CVE-2024-38603, CVE-2024-38601, CVE-2024-38602, CVE-2024-38598, CVE-2024-38597, CVE-2024-38596, CVE-2024-38593, CVE-2024-38591, CVE-2024-38600, CVE-2024-38599, CVE-2024-38589, CVE-2024-38590, CVE-2024-38575, CVE-2024-38584, CVE-2024-38583, CVE-2024-38582, CVE-2024-38581, CVE-2024-38580, CVE-2024-38579, CVE-2024-38578, CVE-2024-38577, CVE-2024-38588, CVE-2024-38587, CVE-2024-38586, CVE-2024-38585, CVE-2024-38576, CVE-2024-38568, CVE-2024-38573, CVE-2024-38572, CVE-2024-38571, CVE-2024-38570, CVE-2024-38569, CVE-2024-36979, CVE-2024-38546, CVE-2024-38545, CVE-2024-38544, CVE-2024-38543, CVE-2024-38541, CVE-2024-38567, CVE-2024-38540, CVE-2024-38566, CVE-2024-38565, CVE-2024-38564, CVE-2024-38562, CVE-2024-38561, CVE-2024-38560, CVE-2024-38559, CVE-2024-38558, CVE-2024-38557, CVE-2024-38539, CVE-2024-38556, CVE-2024-38555, CVE-2024-38554, CVE-2024-38553, CVE-2024-38552, CVE-2024-38551, CVE-2024-38550, CVE-2024-38549, CVE-2024-38548, CVE-2024-38547, CVE-2024-38538, CVE-2024-39476, CVE-2024-39485, CVE-2024-39484, CVE-2024-39483, CVE-2024-39482, CVE-2024-39481, CVE-2024-39480, CVE-2024-39479, CVE-2024-39475, CVE-2024-39473, CVE-2024-39474, CVE-2024-39471, CVE-2024-39470, CVE-2024-39468, CVE-2024-39467, CVE-2024-39466, CVE-2024-39464, CVE-2024-39461, CVE-2024-39463, CVE-2024-39462, CVE-2024-39296, CVE-2024-39276, CVE-2024-38661, CVE-2024-38385, CVE-2024-37354, CVE-2024-39362, CVE-2024-39301, CVE-2022-48772, CVE-2024-39469, CVE-2024-39298, CVE-2024-39371, CVE-2024-37078, CVE-2024-39486 Upstream kernel version 6.6.37 fix bugs and vulnerabilities. The dwarves, kmod-virtualbox and kmod-xtables-addons packages have been updated to work with this new kernel. For information about the vulnerabilities see the links. References: - https://bugs.mageia.org/show_bug.cgi?id=33373 - https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.37 - https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.36 - https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.35 - https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.34 - https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.33 - https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.32 - https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.31 - https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.30 - https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.29 -https://www.cve.org/CVERecord?id=CVE-2024-38587 - https://www.cve.org/CVERecord?id=CVE-2024-35981 - https://www.cve.org/CVERecord?id=CVE-2024-35980 - https://www.cve.org/CVERecord?id=CVE-2024-35869 - https://www.cve.org/CVERecord?id=CVE-2024-35870 - https://www.cve.org/CVERecord?id=CVE-2024-35812 - https://www.cve.org/CVERecord?id=CVE-2024-27013 - https://www.cve.org/CVERecord?id=CVE-2024-27020 - https://www.cve.org/CVERecord?id=CVE-2024-27019 - https://www.cve.org/CVERecord?id=CVE-2024-27018 - https://www.cve.org/CVERecord?id=CVE-2024-27016 - https://www.cve.org/CVERecord?id=CVE-2024-27015 - https://www.cve.org/CVERecord?id=CVE-2024-27014 - https://www.cve.org/CVERecord?id=CVE-2024-26988 - https://www.cve.org/CVERecord?id=CVE-2024-26987 - https://www.cve.org/CVERecord?id=CVE-2024-26986 - https://www.cve.org/CVERecord?id=CVE-2024-26984 - https://www.cve.org/CVERecord?id=CVE-2024-26983 - https://www.cve.org/CVERecord?id=CVE-2024-27009 - https://www.cve.org/CVERecord?id=CVE-2024-27008 - https://www.cve.org/CVERecord?id=CVE-2024-27005 - https://www.cve.org/CVERecord?id=CVE-2024-27004 - https://www.cve.org/CVERecord?id=CVE-2024-27003 - https://www.cve.org/CVERecord?id=CVE-2024-27002 - https://www.cve.org/CVERecord?id=CVE-2024-27001 - https://www.cve.org/CVERecord?id=CVE-2024-27000 - https://www.cve.org/CVERecord?id=CVE-2024-26999 - https://www.cve.org/CVERecord?id=CVE-2024-26981 - https://www.cve.org/CVERecord?id=CVE-2024-26998 - https://www.cve.org/CVERecord?id=CVE-2024-26997 - https://www.cve.org/CVERecord?id=CVE-2024-26996 - https://www.cve.org/CVERecord?id=CVE-2024-26994 - https://www.cve.org/CVERecord?id=CVE-2024-26993 - https://www.cve.org/CVERecord?id=CVE-2024-26992 - https://www.cve.org/CVERecord?id=CVE-2024-26990 - https://www.cve.org/CVERecord?id=CVE-2024-26989 - https://www.cve.org/CVERecord?id=CVE-2024-26936 - https://www.cve.org/CVERecord?id=CVE-2024-26980 - https://www.cve.org/CVERecord?id=CVE-2024-26939 - https://www.cve.org/CVERecord?id=CVE-2024-36029 -https://www.cve.org/CVERecord?id=CVE-2024-35990 - https://www.cve.org/CVERecord?id=CVE-2024-35999 - https://www.cve.org/CVERecord?id=CVE-2024-35998 - https://www.cve.org/CVERecord?id=CVE-2024-35997 - https://www.cve.org/CVERecord?id=CVE-2024-35996 - https://www.cve.org/CVERecord?id=CVE-2024-35995 - https://www.cve.org/CVERecord?id=CVE-2024-35992 - https://www.cve.org/CVERecord?id=CVE-2024-36009 - https://www.cve.org/CVERecord?id=CVE-2024-36008 - https://www.cve.org/CVERecord?id=CVE-2024-36007 - https://www.cve.org/CVERecord?id=CVE-2024-36006 - https://www.cve.org/CVERecord?id=CVE-2024-36005 - https://www.cve.org/CVERecord?id=CVE-2024-36004 - https://www.cve.org/CVERecord?id=CVE-2024-36003 - https://www.cve.org/CVERecord?id=CVE-2024-36000 - https://www.cve.org/CVERecord?id=CVE-2024-35991 - https://www.cve.org/CVERecord?id=CVE-2024-35989 - https://www.cve.org/CVERecord?id=CVE-2024-35988 - https://www.cve.org/CVERecord?id=CVE-2024-35987 - https://www.cve.org/CVERecord?id=CVE-2024-35986 - https://www.cve.org/CVERecord?id=CVE-2024-35985 - https://www.cve.org/CVERecord?id=CVE-2024-35983 - https://www.cve.org/CVERecord?id=CVE-2024-35984 - https://www.cve.org/CVERecord?id=CVE-2024-35855 - https://www.cve.org/CVERecord?id=CVE-2024-35854 - https://www.cve.org/CVERecord?id=CVE-2024-35853 - https://www.cve.org/CVERecord?id=CVE-2024-35852 - https://www.cve.org/CVERecord?id=CVE-2024-35851 - https://www.cve.org/CVERecord?id=CVE-2024-35850 - https://www.cve.org/CVERecord?id=CVE-2024-35849 - https://www.cve.org/CVERecord?id=CVE-2024-35858 - https://www.cve.org/CVERecord?id=CVE-2024-35857 - https://www.cve.org/CVERecord?id=CVE-2024-35856 - https://www.cve.org/CVERecord?id=CVE-2024-35847 - https://www.cve.org/CVERecord?id=CVE-2024-27396 - https://www.cve.org/CVERecord?id=CVE-2024-27395 - https://www.cve.org/CVERecord?id=CVE-2024-36484 - https://www.cve.org/CVERecord?id=CVE-2024-36964 - https://www.cve.org/CVERecord?id=CVE-2024-36963 - https://www.cve.org/CVERecord?id=CVE-2024-36962 -https://www.cve.org/CVERecord?id=CVE-2024-36960 - https://www.cve.org/CVERecord?id=CVE-2024-36942 - https://www.cve.org/CVERecord?id=CVE-2024-36951 - https://www.cve.org/CVERecord?id=CVE-2024-36950 - https://www.cve.org/CVERecord?id=CVE-2024-36949 - https://www.cve.org/CVERecord?id=CVE-2024-36947 - https://www.cve.org/CVERecord?id=CVE-2024-36946 - https://www.cve.org/CVERecord?id=CVE-2024-36945 - https://www.cve.org/CVERecord?id=CVE-2024-36944 - https://www.cve.org/CVERecord?id=CVE-2024-36959 - https://www.cve.org/CVERecord?id=CVE-2024-36957 - https://www.cve.org/CVERecord?id=CVE-2024-36955 - https://www.cve.org/CVERecord?id=CVE-2024-36954 - https://www.cve.org/CVERecord?id=CVE-2024-36953 - https://www.cve.org/CVERecord?id=CVE-2024-36952 - https://www.cve.org/CVERecord?id=CVE-2024-36916 - https://www.cve.org/CVERecord?id=CVE-2024-36914 - https://www.cve.org/CVERecord?id=CVE-2024-36913 - https://www.cve.org/CVERecord?id=CVE-2024-36912 - https://www.cve.org/CVERecord?id=CVE-2024-36911 - https://www.cve.org/CVERecord?id=CVE-2024-36941 - https://www.cve.org/CVERecord?id=CVE-2024-36940 - https://www.cve.org/CVERecord?id=CVE-2024-36939 - https://www.cve.org/CVERecord?id=CVE-2024-36938 - https://www.cve.org/CVERecord?id=CVE-2024-36937 - https://www.cve.org/CVERecord?id=CVE-2024-36910 - https://www.cve.org/CVERecord?id=CVE-2024-36934 - https://www.cve.org/CVERecord?id=CVE-2024-36933 - https://www.cve.org/CVERecord?id=CVE-2024-36931 - https://www.cve.org/CVERecord?id=CVE-2024-36930 - https://www.cve.org/CVERecord?id=CVE-2024-36929 - https://www.cve.org/CVERecord?id=CVE-2024-36928 - https://www.cve.org/CVERecord?id=CVE-2024-36927 - https://www.cve.org/CVERecord?id=CVE-2024-36909 - https://www.cve.org/CVERecord?id=CVE-2024-36926 - https://www.cve.org/CVERecord?id=CVE-2024-36925 - https://www.cve.org/CVERecord?id=CVE-2024-36924 - https://www.cve.org/CVERecord?id=CVE-2024-36922 - https://www.cve.org/CVERecord?id=CVE-2024-36921 - https://www.cve.org/CVERecord?id=CVE-2024-36920 -https://www.cve.org/CVERecord?id=CVE-2024-36919 - https://www.cve.org/CVERecord?id=CVE-2024-36918 - https://www.cve.org/CVERecord?id=CVE-2024-36917 - https://www.cve.org/CVERecord?id=CVE-2024-36908 - https://www.cve.org/CVERecord?id=CVE-2024-36880 - https://www.cve.org/CVERecord?id=CVE-2024-36889 - https://www.cve.org/CVERecord?id=CVE-2024-36888 - https://www.cve.org/CVERecord?id=CVE-2024-36887 - https://www.cve.org/CVERecord?id=CVE-2024-36886 - https://www.cve.org/CVERecord?id=CVE-2024-36885 - https://www.cve.org/CVERecord?id=CVE-2024-36883 - https://www.cve.org/CVERecord?id=CVE-2024-36906 - https://www.cve.org/CVERecord?id=CVE-2024-36905 - https://www.cve.org/CVERecord?id=CVE-2024-36904 - https://www.cve.org/CVERecord?id=CVE-2024-36903 - https://www.cve.org/CVERecord?id=CVE-2024-36902 - https://www.cve.org/CVERecord?id=CVE-2024-36901 - https://www.cve.org/CVERecord?id=CVE-2024-36900 - https://www.cve.org/CVERecord?id=CVE-2024-36882 - https://www.cve.org/CVERecord?id=CVE-2024-36899 - https://www.cve.org/CVERecord?id=CVE-2024-36898 - https://www.cve.org/CVERecord?id=CVE-2024-36897 - https://www.cve.org/CVERecord?id=CVE-2024-36896 - https://www.cve.org/CVERecord?id=CVE-2024-36895 - https://www.cve.org/CVERecord?id=CVE-2024-36894 - https://www.cve.org/CVERecord?id=CVE-2024-36893 - https://www.cve.org/CVERecord?id=CVE-2024-36891 - https://www.cve.org/CVERecord?id=CVE-2024-36890 - https://www.cve.org/CVERecord?id=CVE-2024-36881 - https://www.cve.org/CVERecord?id=CVE-2024-36032 - https://www.cve.org/CVERecord?id=CVE-2023-52882 - https://www.cve.org/CVERecord?id=CVE-2024-36031 - https://www.cve.org/CVERecord?id=CVE-2024-36028 - https://www.cve.org/CVERecord?id=CVE-2024-36017 - https://www.cve.org/CVERecord?id=CVE-2024-36011 - https://www.cve.org/CVERecord?id=CVE-2024-36012 - https://www.cve.org/CVERecord?id=CVE-2024-35947 - https://www.cve.org/CVERecord?id=CVE-2024-35848 - https://www.cve.org/CVERecord?id=CVE-2024-36977 - https://www.cve.org/CVERecord?id=CVE-2024-36975 -https://www.cve.org/CVERecord?id=CVE-2024-36966 - https://www.cve.org/CVERecord?id=CVE-2024-36969 - https://www.cve.org/CVERecord?id=CVE-2024-36968 - https://www.cve.org/CVERecord?id=CVE-2024-36967 - https://www.cve.org/CVERecord?id=CVE-2024-36965 - https://www.cve.org/CVERecord?id=CVE-2024-36966 - https://www.cve.org/CVERecord?id=CVE-2024-37021 - https://www.cve.org/CVERecord?id=CVE-2024-36479 - https://www.cve.org/CVERecord?id=CVE-2024-35247 - https://www.cve.org/CVERecord?id=CVE-2024-34030 - https://www.cve.org/CVERecord?id=CVE-2024-34027 - https://www.cve.org/CVERecord?id=CVE-2024-33847 - https://www.cve.org/CVERecord?id=CVE-2024-39292 - https://www.cve.org/CVERecord?id=CVE-2024-38667 - https://www.cve.org/CVERecord?id=CVE-2024-39291 - https://www.cve.org/CVERecord?id=CVE-2024-38384 - https://www.cve.org/CVERecord?id=CVE-2024-38664 - https://www.cve.org/CVERecord?id=CVE-2024-38663 - https://www.cve.org/CVERecord?id=CVE-2024-36481 - https://www.cve.org/CVERecord?id=CVE-2024-36477 - https://www.cve.org/CVERecord?id=CVE-2024-34777 - https://www.cve.org/CVERecord?id=CVE-2024-39277 - https://www.cve.org/CVERecord?id=CVE-2024-38662 - https://www.cve.org/CVERecord?id=CVE-2024-38780 - https://www.cve.org/CVERecord?id=CVE-2024-38659 - https://www.cve.org/CVERecord?id=CVE-2024-38634 - https://www.cve.org/CVERecord?id=CVE-2024-38637 - https://www.cve.org/CVERecord?id=CVE-2024-38636 - https://www.cve.org/CVERecord?id=CVE-2024-38635 - https://www.cve.org/CVERecord?id=CVE-2024-36484 - https://www.cve.org/CVERecord?id=CVE-2024-36286 - https://www.cve.org/CVERecord?id=CVE-2024-36281 - https://www.cve.org/CVERecord?id=CVE-2024-36270 - https://www.cve.org/CVERecord?id=CVE-2024-36244 - https://www.cve.org/CVERecord?id=CVE-2024-33621 - https://www.cve.org/CVERecord?id=CVE-2024-38633 - https://www.cve.org/CVERecord?id=CVE-2024-38632 - https://www.cve.org/CVERecord?id=CVE-2024-38630 - https://www.cve.org/CVERecord?id=CVE-2024-38629 - https://www.cve.org/CVERecord?id=CVE-2024-38628 -https://www.cve.org/CVERecord?id=CVE-2024-38627 - https://www.cve.org/CVERecord?id=CVE-2024-38625 - https://www.cve.org/CVERecord?id=CVE-2024-38624 - https://www.cve.org/CVERecord?id=CVE-2024-33619 - https://www.cve.org/CVERecord?id=CVE-2024-38623 - https://www.cve.org/CVERecord?id=CVE-2024-38622 - https://www.cve.org/CVERecord?id=CVE-2024-38621 - https://www.cve.org/CVERecord?id=CVE-2024-38391 - https://www.cve.org/CVERecord?id=CVE-2024-38390 - https://www.cve.org/CVERecord?id=CVE-2024-38388 - https://www.cve.org/CVERecord?id=CVE-2024-38381 - https://www.cve.org/CVERecord?id=CVE-2024-37356 - https://www.cve.org/CVERecord?id=CVE-2024-37353 - https://www.cve.org/CVERecord?id=CVE-2024-36489 - https://www.cve.org/CVERecord?id=CVE-2023-52884 - https://www.cve.org/CVERecord?id=CVE-2024-31076 - https://www.cve.org/CVERecord?id=CVE-2024-38620 - https://www.cve.org/CVERecord?id=CVE-2024-38617 - https://www.cve.org/CVERecord?id=CVE-2024-38616 - https://www.cve.org/CVERecord?id=CVE-2024-38615 - https://www.cve.org/CVERecord?id=CVE-2024-38614 - https://www.cve.org/CVERecord?id=CVE-2024-38613 - https://www.cve.org/CVERecord?id=CVE-2024-38612 - https://www.cve.org/CVERecord?id=CVE-2024-38611 - https://www.cve.org/CVERecord?id=CVE-2024-38610 - https://www.cve.org/CVERecord?id=CVE-2024-38618 - https://www.cve.org/CVERecord?id=CVE-2024-38607 - https://www.cve.org/CVERecord?id=CVE-2024-38605 - https://www.cve.org/CVERecord?id=CVE-2024-38604 - https://www.cve.org/CVERecord?id=CVE-2024-38603 - https://www.cve.org/CVERecord?id=CVE-2024-38601 - https://www.cve.org/CVERecord?id=CVE-2024-38602 - https://www.cve.org/CVERecord?id=CVE-2024-38598 - https://www.cve.org/CVERecord?id=CVE-2024-38597 - https://www.cve.org/CVERecord?id=CVE-2024-38596 - https://www.cve.org/CVERecord?id=CVE-2024-38593 - https://www.cve.org/CVERecord?id=CVE-2024-38591 - https://www.cve.org/CVERecord?id=CVE-2024-38600 - https://www.cve.org/CVERecord?id=CVE-2024-38599 - https://www.cve.org/CVERecord?id=CVE-2024-38589 -https://www.cve.org/CVERecord?id=CVE-2024-38590 - https://www.cve.org/CVERecord?id=CVE-2024-38575 - https://www.cve.org/CVERecord?id=CVE-2024-38584 - https://www.cve.org/CVERecord?id=CVE-2024-38583 - https://www.cve.org/CVERecord?id=CVE-2024-38582 - https://www.cve.org/CVERecord?id=CVE-2024-38581 - https://www.cve.org/CVERecord?id=CVE-2024-38580 - https://www.cve.org/CVERecord?id=CVE-2024-38579 - https://www.cve.org/CVERecord?id=CVE-2024-38578 - https://www.cve.org/CVERecord?id=CVE-2024-38577 - https://www.cve.org/CVERecord?id=CVE-2024-38588 - https://www.cve.org/CVERecord?id=CVE-2024-38587 - https://www.cve.org/CVERecord?id=CVE-2024-38586 - https://www.cve.org/CVERecord?id=CVE-2024-38585 - https://www.cve.org/CVERecord?id=CVE-2024-38576 - https://www.cve.org/CVERecord?id=CVE-2024-38568 - https://www.cve.org/CVERecord?id=CVE-2024-38573 - https://www.cve.org/CVERecord?id=CVE-2024-38572 - https://www.cve.org/CVERecord?id=CVE-2024-38571 - https://www.cve.org/CVERecord?id=CVE-2024-38570 - https://www.cve.org/CVERecord?id=CVE-2024-38569 - https://www.cve.org/CVERecord?id=CVE-2024-36979 - https://www.cve.org/CVERecord?id=CVE-2024-38546 - https://www.cve.org/CVERecord?id=CVE-2024-38545 - https://www.cve.org/CVERecord?id=CVE-2024-38544 - https://www.cve.org/CVERecord?id=CVE-2024-38543 - https://www.cve.org/CVERecord?id=CVE-2024-38541 - https://www.cve.org/CVERecord?id=CVE-2024-38567 - https://www.cve.org/CVERecord?id=CVE-2024-38540 - https://www.cve.org/CVERecord?id=CVE-2024-38566 - https://www.cve.org/CVERecord?id=CVE-2024-38565 - https://www.cve.org/CVERecord?id=CVE-2024-38564 - https://www.cve.org/CVERecord?id=CVE-2024-38562 - https://www.cve.org/CVERecord?id=CVE-2024-38561 - https://www.cve.org/CVERecord?id=CVE-2024-38560 - https://www.cve.org/CVERecord?id=CVE-2024-38559 - https://www.cve.org/CVERecord?id=CVE-2024-38558 - https://www.cve.org/CVERecord?id=CVE-2024-38557 - https://www.cve.org/CVERecord?id=CVE-2024-38539 - https://www.cve.org/CVERecord?id=CVE-2024-38556 -https://www.cve.org/CVERecord?id=CVE-2024-38555 - https://www.cve.org/CVERecord?id=CVE-2024-38554 - https://www.cve.org/CVERecord?id=CVE-2024-38553 - https://www.cve.org/CVERecord?id=CVE-2024-38552 - https://www.cve.org/CVERecord?id=CVE-2024-38551 - https://www.cve.org/CVERecord?id=CVE-2024-38550 - https://www.cve.org/CVERecord?id=CVE-2024-38549 - https://www.cve.org/CVERecord?id=CVE-2024-38548 - https://www.cve.org/CVERecord?id=CVE-2024-38547 - https://www.cve.org/CVERecord?id=CVE-2024-38538 - https://www.cve.org/CVERecord?id=CVE-2024-39476 - https://www.cve.org/CVERecord?id=CVE-2024-39485 - https://www.cve.org/CVERecord?id=CVE-2024-39484 - https://www.cve.org/CVERecord?id=CVE-2024-39483 - https://www.cve.org/CVERecord?id=CVE-2024-39482 - https://www.cve.org/CVERecord?id=CVE-2024-39481 - https://www.cve.org/CVERecord?id=CVE-2024-39480 - https://www.cve.org/CVERecord?id=CVE-2024-39479 - https://www.cve.org/CVERecord?id=CVE-2024-39475 - https://www.cve.org/CVERecord?id=CVE-2024-39473 - https://www.cve.org/CVERecord?id=CVE-2024-39474 - https://www.cve.org/CVERecord?id=CVE-2024-39471 - https://www.cve.org/CVERecord?id=CVE-2024-39470 - https://www.cve.org/CVERecord?id=CVE-2024-39468 - https://www.cve.org/CVERecord?id=CVE-2024-39467 - https://www.cve.org/CVERecord?id=CVE-2024-39466 - https://www.cve.org/CVERecord?id=CVE-2024-39464 - https://www.cve.org/CVERecord?id=CVE-2024-39461 - https://www.cve.org/CVERecord?id=CVE-2024-39463 - https://www.cve.org/CVERecord?id=CVE-2024-39462 - https://www.cve.org/CVERecord?id=CVE-2024-39296 - https://www.cve.org/CVERecord?id=CVE-2024-39276 - https://www.cve.org/CVERecord?id=CVE-2024-38661 - https://www.cve.org/CVERecord?id=CVE-2024-38385 - https://www.cve.org/CVERecord?id=CVE-2024-37354 - https://www.cve.org/CVERecord?id=CVE-2024-39362 - https://www.cve.org/CVERecord?id=CVE-2024-39301 - https://www.cve.org/CVERecord?id=CVE-2022-48772 - https://www.cve.org/CVERecord?id=CVE-2024-39469 - https://www.cve.org/CVERecord?id=CVE-2024-39298 -https://www.cve.org/CVERecord?id=CVE-2024-39371 - https://www.cve.org/CVERecord?id=CVE-2024-37078 - https://www.cve.org/CVERecord?id=CVE-2024-39486 SRPMS: - 9/core/kernel-6.6.37-1.mga9 - 9/core/kmod-xtables-addons-3.24-59.mga9 - 9/core/kmod-virtualbox-7.0.18-50.mga9 - 9/core/dwarves-1.27-1.mga9 . MGASA-2024-0458 enhances the database management system and its affiliated tools to address serious vulnerabilities in Mandriva.. kernel updates, Mageia security, kmod packages, security fix. . Severity: Critical. LinuxSecurity.com Team
Jul 13, 2024
•Critical
Mageia
172
security advisorydenial of servicesoftware updateUbuntu 20.04 LTS USN-6215-1 Moderate: Dwarves Denial Of Service
Several security issues were fixed in dwarves.. =========================================================================Ubuntu Security Notice USN-6215-1 July 11, 2023 dwarves-dfsg vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS (Available with Ubuntu Pro) Summary: Several security issues were fixed in dwarves. Software Description: - dwarves-dfsg: set of advanced DWARF utilities Details: It was discovered that dwarves incorrectly handled certain memory operations under certain circumstances. An attacker could possibly use this issue to cause dwarves to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2022-3534, CVE-2022-3606) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS: dwarves 1.21-0ubuntu1~20.04.1 Ubuntu 18.04 LTS (Available with Ubuntu Pro): dwarves 1.21-0ubuntu1~18.04.1+esm1 In general, a standard system update will make all the necessary changes. References: CVE-2022-3534, CVE-2022-3606 Package Information: https://launchpad.net/ubuntu/+source/dwarves-dfsg/1.21-0ubuntu1~20.04.1 . Gnomes patch notification USN-7216-2 addresses various vulnerabilities in Ubuntu 21.04 and 19.10, enhancing overall performance and security.. Dwarves Security, Ubuntu Update, Denial Of Service, Ubuntu Pro, Software Fix. . LinuxSecurity.com Team
Jul 11, 2023
Ubuntu
100
security advisorymoderatesecurity fixopenSUSE Leap Micro 5.2: 2022:2614-2 Moderate Security Fix for Dwarves
An update that fixes 19 vulnerabilities, contains one feature is now available. . SUSE Security Update: Security update for dwarves and elfutils ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:2614-2 Rating: moderate References: #1033084 #1033085 #1033086 #1033087 #1033088 #1033089 #1033090 #1082318 #1104264 #1106390 #1107066 #1107067 #1111973 #1112723 #1112726 #1123685 #1125007 SLE-24501 Cross-References: CVE-2017-7607 CVE-2017-7608 CVE-2017-7609 CVE-2017-7610 CVE-2017-7611 CVE-2017-7612 CVE-2017-7613 CVE-2018-16062 CVE-2018-16402 CVE-2018-16403 CVE-2018-18310 CVE-2018-18520 CVE-2018-18521 CVE-2019-7146 CVE-2019-7148 CVE-2019-7149 CVE-2019-7150 CVE-2019-7664 CVE-2019-7665 CVSS scores: CVE-2017-7607 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2017-7607 (SUSE): 4.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2017-7608 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2017-7608 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2017-7609 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2017-7609 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2017-7610 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2017-7610 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2017-7611 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2017-7611 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2017-7612 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2017-7612 (SUSE): 3.3CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2017-7613 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2017-7613 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2018-16062 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2018-16062 (SUSE): 5.4 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L CVE-2018-16402 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2018-16402 (SUSE): 4.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2018-16403 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2018-16403 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2018-18310 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2018-18310 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2018-18520 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2018-18520 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2018-18521 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2018-18521 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2019-7146 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2019-7148 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2019-7149 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2019-7150 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2019-7150 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2019-7664 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2019-7664 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2019-7665 (NVD) : 5.5CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2019-7665 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L Affected Products: openSUSE Leap Micro 5.2 ______________________________________________________________________________ An update that fixes 19 vulnerabilities, contains one feature is now available. Description: This update for dwarves and elfutils fixes the following issues: elfutils was updated to version 0.177 (jsc#SLE-24501): - elfclassify: New tool to analyze ELF objects. - readelf: Print DW_AT_data_member_location as decimal offset. Decode DW_AT_discr_list block attributes. - libdw: Add DW_AT_GNU_numerator, DW_AT_GNU_denominator and DW_AT_GNU_bias. - libdwelf: Add dwelf_elf_e_machine_string. dwelf_elf_begin now only returns NULL when there is an error reading or decompressing a file. If the file is not an ELF file an ELF handle of type ELF_K_NONE is returned. - backends: Add support for C-SKY. Update to version 0.176: - build: Add new --enable-install-elfh option. Do NOT use this for system installs (it overrides glibc elf.h). - backends: riscv improved core file and return value location support. - Fixes: - CVE-2019-7146, CVE-2019-7148, CVE-2019-7149, CVE-2019-7664 - CVE-2019-7150: dwfl_segment_report_module doesn't check whether the dyn data read from core file is truncated (bsc#1123685) - CVE-2019-7665: NT_PLATFORM core file note should be a zero terminated string (CVE is a bit misleading, as this is not a bug in libelf as described) (bsc#1125007) Update to version 0.175: - readelf: Handle mutliple .debug_macro sections. Recognize and parse GNU Property, NT_VERSION and GNU Build Attribute ELF Notes. - strip: Handle SHT_GROUP correctly. Add strip --reloc-debug-sections-only option. Handle relocations against GNU compressed sections. - libdwelf: New function dwelf_elf_begin. - libcpu: Recognize bpf jump variantsBPF_JLT, BPF_JLE, BPF_JSLT and BPF_JSLE. backends: RISCV handles ADD/SUB relocations. Handle SHT_X86_64_UNWIND. - CVE-2018-18521: arlib: Divide-by-zero vulnerabilities in the function arlib_add_symbols() used by eu-ranlib (bsc#1112723) - CVE-2018-18310: Invalid Address Read problem in dwfl_segment_report_module.c (bsc#1111973) - CVE-2018-18520: eu-size: Bad handling of ar files inside are files (bsc#1112726) Update to version 0.174: - libelf, libdw and all tools now handle extended shnum and shstrndx correctly. - elfcompress: Don't rewrite input file if no section data needs updating. Try harder to keep same file mode bits (suid) on rewrite. - strip: Handle mixed (out of order) allocated/non-allocated sections. - unstrip: Handle SHT_GROUP sections. - backends: RISCV and M68K now have backend implementations to generate CFI based backtraces. - Fixes: - CVE-2018-16402: libelf: denial of service/double free on an attempt to decompress the same section twice (bsc#1107066) Double-free crash in nm and readelf - CVE-2018-16403: heap buffer overflow in readelf (bsc#1107067) - CVE-2018-16062: heap-buffer-overflow in /elfutils/libdw/dwarf_getaranges.c:156 (bsc#1106390) Update to version 0.173: - More fixes for crashes and hangs found by afl-fuzz. In particular various functions now detect and break infinite loops caused by bad DIE tree cycles. - readelf: Will now lookup the size and signedness of constant value types to display them correctly (and not just how they were encoded). - libdw: New function dwarf_next_lines to read CU-less .debug_line data. dwarf_begin_elf now accepts ELF files containing just .debug_line or .debug_frame sections (which can be read without needing a DIE tree from the .debug_info section). Removed dwarf_getscn_info, which was never implemented. - backends: Handle BPF simple relocations. The RISCV backends now handles ABI specific CFI and knows about RISCV register types and names. Update to version 0.172: - Various bug fixes in libdw and eu-readelf dealing with bad DWARF5 data. Thanks to running the afl fuzzer on eu-readelf and various testcases. Update to version 0.171: - DWARF5 and split dwarf, including GNU DebugFission, are supported now. Data can be read from the new DWARF sections .debug_addr, .debug_line_str, .debug_loclists, .debug_str_offsets and .debug_rnglists. Plus the new DWARF5 and GNU DebugFission encodings of the existing .debug sections. Also in split DWARF .dwo (DWARF object) files. This support is mostly handled by existing functions (dwarf_getlocation*, dwarf_getsrclines, dwarf_ranges, dwarf_form*, etc.) now returning the data from the new sections and data formats. But some new functions have been added to more easily get information about skeleton and split compile units (dwarf_get_units and dwarf_cu_info), handle new attribute data (dwarf_getabbrevattr_data) and to keep references to Dwarf_Dies that might come from different sections or files (dwarf_die_addr_die). - Not yet supported are .dwp (Dwarf Package) and .sup (Dwarf Supplementary) files, the .debug_names index, the .debug_cu_index and .debug_tu_index sections. Only a single .debug_info (and .debug_types) section are currently handled. - readelf: Handle all new DWARF5 sections. --debug-dump=info+ will show split unit DIEs when found. --dwarf-skeleton can be used when inspecting a .dwo file. Recognizes GNU locviews with --debug-dump=loc. - libdw: New functions dwarf_die_addr_die, dwarf_get_units, dwarf_getabbrevattr_data and dwarf_cu_info. libdw will now try to resolve the alt file on first use of an alt attribute FORM when not set yet with dwarf_set_alt. dwarf_aggregate_size() now works with multi-dimensional arrays. - libdwfl: Use process_vm_readv when available instead of ptrace. backends: Add a RISC-V backend. There were various improvements to build on Windows. The sha1 and md5 implementations have been removed, they weren't used. Update to version 0.170: - libdw: Added new DWARF5 attribute, tag, character encoding, language code, calling convention, defaulted member function and macro constants to dwarf.h. New functions dwarf_default_lower_bound and dwarf_line_file. dwarf_peel_type now handles DWARF5 immutable, packed and shared tags. dwarf_getmacros now handles DWARF5 .debug_macro sections. - strip: Add -R, --remove-section=SECTION and --keep-section=SECTION. - backends: The bpf disassembler is now always build on all platforms. Update to version 0.169: - backends: Add support for EM_PPC64 GNU_ATTRIBUTES. Frame pointer unwinding fallback support for i386, x86_64, aarch64. - translations: Update Polish translation. - CVE-2017-7611: elfutils: DoS (heap-based buffer over-read and application crash) via a crafted ELF file (bsc#1033088) - CVE-2017-7610: elflint: heap-based buffer overflow in check_group (bsc#1033087) - CVE-2017-7609: memory allocation failure in __libelf_decompress (bsc#1033086) - CVE-2017-7607: heap-based buffer overflow in handle_gnu_hashi (readelf.c) (bsc#1033084) - CVE-2017-7608: heap-based buffer overflow in ebl_object_note_type_name (eblobjnotetypename.c) (bsc#1033085) - CVE-2017-7613: elfutils: denial of service (memory consumption) via a crafted ELF file (bsc#1033090) - CVE-2017-7612: elfutils: denial of service (heap-based buffer over-read and application crash) via a crafted ELF file (bsc#1033089) - Don't make elfutils recommend elfutils-lang as elfutils-lang already supplements elfutils. dwarves is shipped new in version 1.22 to provide tooling for use by the Linux Kernel BTF verification framework. Patch Instructions: To install this SUSE Security Update use the SUSE recommended installationmethods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap Micro 5.2: zypper in -t patch openSUSE-Leap-Micro-5.2-2022-2614=1 Package List: - openSUSE Leap Micro 5.2 (aarch64 x86_64): dwarves-1.22-150300.7.3.1 dwarves-debuginfo-1.22-150300.7.3.1 dwarves-debugsource-1.22-150300.7.3.1 elfutils-0.177-150300.11.3.1 elfutils-debuginfo-0.177-150300.11.3.1 elfutils-debugsource-0.177-150300.11.3.1 libasm1-0.177-150300.11.3.1 libasm1-debuginfo-0.177-150300.11.3.1 libdw1-0.177-150300.11.3.1 libdw1-debuginfo-0.177-150300.11.3.1 libdwarves-devel-1.22-150300.7.3.1 libdwarves1-1.22-150300.7.3.1 libdwarves1-debuginfo-1.22-150300.7.3.1 libebl-plugins-0.177-150300.11.3.1 libebl-plugins-debuginfo-0.177-150300.11.3.1 libelf1-0.177-150300.11.3.1 libelf1-debuginfo-0.177-150300.11.3.1 References: https://www.suse.com/security/cve/CVE-2017-7607.html https://www.suse.com/security/cve/CVE-2017-7608.html https://www.suse.com/security/cve/CVE-2017-7609.html https://www.suse.com/security/cve/CVE-2017-7610.html https://www.suse.com/security/cve/CVE-2017-7611.html https://www.suse.com/security/cve/CVE-2017-7612.html https://www.suse.com/security/cve/CVE-2017-7613.html https://www.suse.com/security/cve/CVE-2018-16062.html https://www.suse.com/security/cve/CVE-2018-16402.html https://www.suse.com/security/cve/CVE-2018-16403.html https://www.suse.com/security/cve/CVE-2018-18310.html https://www.suse.com/security/cve/CVE-2018-18520.html https://www.suse.com/security/cve/CVE-2018-18521.html https://www.suse.com/security/cve/CVE-2019-7146.html https://www.suse.com/security/cve/CVE-2019-7148.html https://www.suse.com/security/cve/CVE-2019-7149.html https://www.suse.com/security/cve/CVE-2019-7150.html https://www.suse.com/security/cve/CVE-2019-7664.html https://www.suse.com/security/cve/CVE-2019-7665.html https://bugzilla.suse.com/1033084 https://bugzilla.suse.com/1033085 https://bugzilla.suse.com/1033086 https://bugzilla.suse.com/1033087 https://bugzilla.suse.com/1033088 https://bugzilla.suse.com/1033089 https://bugzilla.suse.com/1033090 https://bugzilla.suse.com/1082318 https://bugzilla.suse.com/1104264 https://bugzilla.suse.com/1106390 https://bugzilla.suse.com/1107066 https://bugzilla.suse.com/1107067 https://bugzilla.suse.com/1111973 https://bugzilla.suse.com/1112723 https://bugzilla.suse.com/1112726 https://bugzilla.suse.com/1123685 https://bugzilla.suse.com/1125007 . The latest patch for dwarf utilities and elfutils addresses 19 moderate-severity vulnerabilities, enhancing the overall security posture of openSUSE.. openSUSE Update, moderate Security Advisory, elfutils issues, dwarves support. . LinuxSecurity.com Team
Sep 01, 2022
SuSE
100
security advisorysecurity issuesoftware patchSUSE: 2022:2614-1 Moderate: Dwarves And Elfutils Security Advisory
An update that fixes 19 vulnerabilities, contains one feature is now available. . SUSE Security Update: Security update for dwarves and elfutils ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:2614-1 Rating: moderate References: #1033084 #1033085 #1033086 #1033087 #1033088 #1033089 #1033090 #1082318 #1104264 #1106390 #1107066 #1107067 #1111973 #1112723 #1112726 #1123685 #1125007 SLE-24501 Cross-References: CVE-2017-7607 CVE-2017-7608 CVE-2017-7609 CVE-2017-7610 CVE-2017-7611 CVE-2017-7612 CVE-2017-7613 CVE-2018-16062 CVE-2018-16402 CVE-2018-16403 CVE-2018-18310 CVE-2018-18520 CVE-2018-18521 CVE-2019-7146 CVE-2019-7148 CVE-2019-7149 CVE-2019-7150 CVE-2019-7664 CVE-2019-7665 CVSS scores: CVE-2017-7607 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2017-7607 (SUSE): 4.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2017-7608 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2017-7608 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2017-7609 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2017-7609 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2017-7610 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2017-7610 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2017-7611 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2017-7611 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2017-7612 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2017-7612 (SUSE): 3.3CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2017-7613 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2017-7613 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2018-16062 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2018-16062 (SUSE): 5.4 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L CVE-2018-16402 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2018-16402 (SUSE): 4.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2018-16403 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2018-16403 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2018-18310 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2018-18310 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2018-18520 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2018-18520 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2018-18521 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2018-18521 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2019-7146 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2019-7148 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2019-7149 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2019-7150 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2019-7150 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2019-7664 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2019-7664 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2019-7665 (NVD) : 5.5CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2019-7665 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L Affected Products: SUSE Linux Enterprise Desktop 15-SP3 SUSE Linux Enterprise High Performance Computing 15-SP3 SUSE Linux Enterprise Micro 5.1 SUSE Linux Enterprise Micro 5.2 SUSE Linux Enterprise Module for Basesystem 15-SP3 SUSE Linux Enterprise Server 15-SP3 SUSE Linux Enterprise Server for SAP Applications 15-SP3 SUSE Linux Enterprise Storage 7.1 SUSE Manager Proxy 4.2 SUSE Manager Retail Branch Server 4.2 SUSE Manager Server 4.2 openSUSE Leap 15.3 ______________________________________________________________________________ An update that fixes 19 vulnerabilities, contains one feature is now available. Description: This update for dwarves and elfutils fixes the following issues: elfutils was updated to version 0.177 (jsc#SLE-24501): - elfclassify: New tool to analyze ELF objects. - readelf: Print DW_AT_data_member_location as decimal offset. Decode DW_AT_discr_list block attributes. - libdw: Add DW_AT_GNU_numerator, DW_AT_GNU_denominator and DW_AT_GNU_bias. - libdwelf: Add dwelf_elf_e_machine_string. dwelf_elf_begin now only returns NULL when there is an error reading or decompressing a file. If the file is not an ELF file an ELF handle of type ELF_K_NONE is returned. - backends: Add support for C-SKY. Update to version 0.176: - build: Add new --enable-install-elfh option. Do NOT use this for system installs (it overrides glibc elf.h). - backends: riscv improved core file and return value location support. - Fixes: - CVE-2019-7146, CVE-2019-7148, CVE-2019-7149, CVE-2019-7664 - CVE-2019-7150: dwfl_segment_report_module doesn't check whether the dyn dataread from core file is truncated (bsc#1123685) - CVE-2019-7665: NT_PLATFORM core file note should be a zero terminated string (CVE is a bit misleading, as this is not a bug in libelf as described) (bsc#1125007) Update to version 0.175: - readelf: Handle mutliple .debug_macro sections. Recognize and parse GNU Property, NT_VERSION and GNU Build Attribute ELF Notes. - strip: Handle SHT_GROUP correctly. Add strip --reloc-debug-sections-only option. Handle relocations against GNU compressed sections. - libdwelf: New function dwelf_elf_begin. - libcpu: Recognize bpf jump variants BPF_JLT, BPF_JLE, BPF_JSLT and BPF_JSLE. backends: RISCV handles ADD/SUB relocations. Handle SHT_X86_64_UNWIND. - CVE-2018-18521: arlib: Divide-by-zero vulnerabilities in the function arlib_add_symbols() used by eu-ranlib (bsc#1112723) - CVE-2018-18310: Invalid Address Read problem in dwfl_segment_report_module.c (bsc#1111973) - CVE-2018-18520: eu-size: Bad handling of ar files inside are files (bsc#1112726) Update to version 0.174: - libelf, libdw and all tools now handle extended shnum and shstrndx correctly. - elfcompress: Don't rewrite input file if no section data needs updating. Try harder to keep same file mode bits (suid) on rewrite. - strip: Handle mixed (out of order) allocated/non-allocated sections. - unstrip: Handle SHT_GROUP sections. - backends: RISCV and M68K now have backend implementations to generate CFI based backtraces. - Fixes: - CVE-2018-16402: libelf: denial of service/double free on an attempt to decompress the same section twice (bsc#1107066) Double-free crash in nm and readelf - CVE-2018-16403: heap buffer overflow in readelf (bsc#1107067) - CVE-2018-16062: heap-buffer-overflow in /elfutils/libdw/dwarf_getaranges.c:156 (bsc#1106390) Update to version 0.173: - More fixes for crashes and hangs found by afl-fuzz. In particular variousfunctions now detect and break infinite loops caused by bad DIE tree cycles. - readelf: Will now lookup the size and signedness of constant value types to display them correctly (and not just how they were encoded). - libdw: New function dwarf_next_lines to read CU-less .debug_line data. dwarf_begin_elf now accepts ELF files containing just .debug_line or .debug_frame sections (which can be read without needing a DIE tree from the .debug_info section). Removed dwarf_getscn_info, which was never implemented. - backends: Handle BPF simple relocations. The RISCV backends now handles ABI specific CFI and knows about RISCV register types and names. Update to version 0.172: - Various bug fixes in libdw and eu-readelf dealing with bad DWARF5 data. Thanks to running the afl fuzzer on eu-readelf and various testcases. Update to version 0.171: - DWARF5 and split dwarf, including GNU DebugFission, are supported now. Data can be read from the new DWARF sections .debug_addr, .debug_line_str, .debug_loclists, .debug_str_offsets and .debug_rnglists. Plus the new DWARF5 and GNU DebugFission encodings of the existing .debug sections. Also in split DWARF .dwo (DWARF object) files. This support is mostly handled by existing functions (dwarf_getlocation*, dwarf_getsrclines, dwarf_ranges, dwarf_form*, etc.) now returning the data from the new sections and data formats. But some new functions have been added to more easily get information about skeleton and split compile units (dwarf_get_units and dwarf_cu_info), handle new attribute data (dwarf_getabbrevattr_data) and to keep references to Dwarf_Dies that might come from different sections or files (dwarf_die_addr_die). - Not yet supported are .dwp (Dwarf Package) and .sup (Dwarf Supplementary) files, the .debug_names index, the .debug_cu_index and .debug_tu_index sections. Only a single .debug_info (and .debug_types) section arecurrently handled. - readelf: Handle all new DWARF5 sections. --debug-dump=info+ will show split unit DIEs when found. --dwarf-skeleton can be used when inspecting a .dwo file. Recognizes GNU locviews with --debug-dump=loc. - libdw: New functions dwarf_die_addr_die, dwarf_get_units, dwarf_getabbrevattr_data and dwarf_cu_info. libdw will now try to resolve the alt file on first use of an alt attribute FORM when not set yet with dwarf_set_alt. dwarf_aggregate_size() now works with multi-dimensional arrays. - libdwfl: Use process_vm_readv when available instead of ptrace. backends: Add a RISC-V backend. There were various improvements to build on Windows. The sha1 and md5 implementations have been removed, they weren't used. Update to version 0.170: - libdw: Added new DWARF5 attribute, tag, character encoding, language code, calling convention, defaulted member function and macro constants to dwarf.h. New functions dwarf_default_lower_bound and dwarf_line_file. dwarf_peel_type now handles DWARF5 immutable, packed and shared tags. dwarf_getmacros now handles DWARF5 .debug_macro sections. - strip: Add -R, --remove-section=SECTION and --keep-section=SECTION. - backends: The bpf disassembler is now always build on all platforms. Update to version 0.169: - backends: Add support for EM_PPC64 GNU_ATTRIBUTES. Frame pointer unwinding fallback support for i386, x86_64, aarch64. - translations: Update Polish translation. - CVE-2017-7611: elfutils: DoS (heap-based buffer over-read and application crash) via a crafted ELF file (bsc#1033088) - CVE-2017-7610: elflint: heap-based buffer overflow in check_group (bsc#1033087) - CVE-2017-7609: memory allocation failure in __libelf_decompress (bsc#1033086) - CVE-2017-7607: heap-based buffer overflow in handle_gnu_hashi (readelf.c) (bsc#1033084) - CVE-2017-7608: heap-based buffer overflow inebl_object_note_type_name (eblobjnotetypename.c) (bsc#1033085) - CVE-2017-7613: elfutils: denial of service (memory consumption) via a crafted ELF file (bsc#1033090) - CVE-2017-7612: elfutils: denial of service (heap-based buffer over-read and application crash) via a crafted ELF file (bsc#1033089) - Don't make elfutils recommend elfutils-lang as elfutils-lang already supplements elfutils. dwarves is shipped new in version 1.22 to provide tooling for use by the Linux Kernel BTF verification framework. Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.3: zypper in -t patch openSUSE-SLE-15.3-2022-2614=1 - SUSE Linux Enterprise Module for Basesystem 15-SP3: zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-2614=1 - SUSE Linux Enterprise Micro 5.2: zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-2614=1 - SUSE Linux Enterprise Micro 5.1: zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-2614=1 Package List: - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64): dwarves-1.22-150300.7.3.1 dwarves-debuginfo-1.22-150300.7.3.1 dwarves-debugsource-1.22-150300.7.3.1 elfutils-0.177-150300.11.3.1 elfutils-debuginfo-0.177-150300.11.3.1 elfutils-debugsource-0.177-150300.11.3.1 libasm-devel-0.177-150300.11.3.1 libasm1-0.177-150300.11.3.1 libasm1-debuginfo-0.177-150300.11.3.1 libdw-devel-0.177-150300.11.3.1 libdw1-0.177-150300.11.3.1 libdw1-debuginfo-0.177-150300.11.3.1 libdwarves-devel-1.22-150300.7.3.1 libdwarves1-1.22-150300.7.3.1 libdwarves1-debuginfo-1.22-150300.7.3.1 libebl-devel-0.177-150300.11.3.1 libebl-plugins-0.177-150300.11.3.1 libebl-plugins-debuginfo-0.177-150300.11.3.1 libelf-devel-0.177-150300.11.3.1 libelf1-0.177-150300.11.3.1 libelf1-debuginfo-0.177-150300.11.3.1 - openSUSE Leap 15.3 (x86_64): libasm1-32bit-0.177-150300.11.3.1 libasm1-32bit-debuginfo-0.177-150300.11.3.1 libdw1-32bit-0.177-150300.11.3.1 libdw1-32bit-debuginfo-0.177-150300.11.3.1 libdwarves-devel-32bit-1.22-150300.7.3.1 libdwarves1-32bit-1.22-150300.7.3.1 libdwarves1-32bit-debuginfo-1.22-150300.7.3.1 libebl-plugins-32bit-0.177-150300.11.3.1 libebl-plugins-32bit-debuginfo-0.177-150300.11.3.1 libelf-devel-32bit-0.177-150300.11.3.1 libelf1-32bit-0.177-150300.11.3.1 libelf1-32bit-debuginfo-0.177-150300.11.3.1 - openSUSE Leap 15.3 (noarch): elfutils-lang-0.177-150300.11.3.1 - SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64): dwarves-1.22-150300.7.3.1 dwarves-debuginfo-1.22-150300.7.3.1 dwarves-debugsource-1.22-150300.7.3.1 elfutils-0.177-150300.11.3.1 elfutils-debuginfo-0.177-150300.11.3.1 elfutils-debugsource-0.177-150300.11.3.1 libasm-devel-0.177-150300.11.3.1 libasm1-0.177-150300.11.3.1 libasm1-debuginfo-0.177-150300.11.3.1 libdw-devel-0.177-150300.11.3.1 libdw1-0.177-150300.11.3.1 libdw1-debuginfo-0.177-150300.11.3.1 libdwarves-devel-1.22-150300.7.3.1 libdwarves1-1.22-150300.7.3.1 libdwarves1-debuginfo-1.22-150300.7.3.1 libebl-devel-0.177-150300.11.3.1 libebl-plugins-0.177-150300.11.3.1 libebl-plugins-debuginfo-0.177-150300.11.3.1 libelf-devel-0.177-150300.11.3.1 libelf1-0.177-150300.11.3.1 libelf1-debuginfo-0.177-150300.11.3.1 - SUSE Linux Enterprise Module for Basesystem 15-SP3 (noarch): elfutils-lang-0.177-150300.11.3.1 - SUSE Linux Enterprise Module for Basesystem 15-SP3 (x86_64): libdw1-32bit-0.177-150300.11.3.1 libdw1-32bit-debuginfo-0.177-150300.11.3.1 libdwarves-devel-32bit-1.22-150300.7.3.1 libdwarves1-32bit-1.22-150300.7.3.1 libdwarves1-32bit-debuginfo-1.22-150300.7.3.1 libebl-plugins-32bit-0.177-150300.11.3.1 libebl-plugins-32bit-debuginfo-0.177-150300.11.3.1 libelf1-32bit-0.177-150300.11.3.1 libelf1-32bit-debuginfo-0.177-150300.11.3.1 - SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64): dwarves-1.22-150300.7.3.1 dwarves-debuginfo-1.22-150300.7.3.1 dwarves-debugsource-1.22-150300.7.3.1 elfutils-0.177-150300.11.3.1 elfutils-debuginfo-0.177-150300.11.3.1 elfutils-debugsource-0.177-150300.11.3.1 libasm1-0.177-150300.11.3.1 libasm1-debuginfo-0.177-150300.11.3.1 libdw1-0.177-150300.11.3.1 libdw1-debuginfo-0.177-150300.11.3.1 libdwarves-devel-1.22-150300.7.3.1 libdwarves1-1.22-150300.7.3.1 libdwarves1-debuginfo-1.22-150300.7.3.1 libebl-plugins-0.177-150300.11.3.1 libebl-plugins-debuginfo-0.177-150300.11.3.1 libelf1-0.177-150300.11.3.1 libelf1-debuginfo-0.177-150300.11.3.1 - SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64): dwarves-1.22-150300.7.3.1 dwarves-debuginfo-1.22-150300.7.3.1 dwarves-debugsource-1.22-150300.7.3.1 elfutils-0.177-150300.11.3.1 elfutils-debuginfo-0.177-150300.11.3.1 elfutils-debugsource-0.177-150300.11.3.1 libasm1-0.177-150300.11.3.1 libasm1-debuginfo-0.177-150300.11.3.1 libdw1-0.177-150300.11.3.1 libdw1-debuginfo-0.177-150300.11.3.1 libdwarves-devel-1.22-150300.7.3.1 libdwarves1-1.22-150300.7.3.1 libdwarves1-debuginfo-1.22-150300.7.3.1 libebl-plugins-0.177-150300.11.3.1 libebl-plugins-debuginfo-0.177-150300.11.3.1 libelf1-0.177-150300.11.3.1 libelf1-debuginfo-0.177-150300.11.3.1 References: https://www.suse.com/security/cve/CVE-2017-7607.html https://www.suse.com/security/cve/CVE-2017-7608.html https://www.suse.com/security/cve/CVE-2017-7609.html https://www.suse.com/security/cve/CVE-2017-7610.html https://www.suse.com/security/cve/CVE-2017-7611.html https://www.suse.com/security/cve/CVE-2017-7612.html https://www.suse.com/security/cve/CVE-2017-7613.html https://www.suse.com/security/cve/CVE-2018-16062.html https://www.suse.com/security/cve/CVE-2018-16402.html https://www.suse.com/security/cve/CVE-2018-16403.html https://www.suse.com/security/cve/CVE-2018-18310.html https://www.suse.com/security/cve/CVE-2018-18520.html https://www.suse.com/security/cve/CVE-2018-18521.html https://www.suse.com/security/cve/CVE-2019-7146.html https://www.suse.com/security/cve/CVE-2019-7148.html https://www.suse.com/security/cve/CVE-2019-7149.html https://www.suse.com/security/cve/CVE-2019-7150.html https://www.suse.com/security/cve/CVE-2019-7664.html https://www.suse.com/security/cve/CVE-2019-7665.html https://bugzilla.suse.com/1033084 https://bugzilla.suse.com/1033085 https://bugzilla.suse.com/1033086 https://bugzilla.suse.com/1033087 https://bugzilla.suse.com/1033088 https://bugzilla.suse.com/1033089 https://bugzilla.suse.com/1033090 https://bugzilla.suse.com/1082318 https://bugzilla.suse.com/1104264 https://bugzilla.suse.com/1106390 https://bugzilla.suse.com/1107066 https://bugzilla.suse.com/1107067 https://bugzilla.suse.com/1111973 https://bugzilla.suse.com/1112723 https://bugzilla.suse.com/1112726 https://bugzilla.suse.com/1123685 https://bugzilla.suse.com/1125007 . Oracle releases a patch to address various security flaws in Liberty and JBoss, improving infrastructure reliability.. SUSE Security Update,dwarves patch,elfutils vulnerabilities,security update. . Severity: Important. LinuxSecurity.com Team
Aug 01, 2022
•Important
SuSE
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!