Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 8 articles for you...
197
security advisorydenial of servicedebianDebian 11 DLA-4170-1 critical: intel-microcode update for vulnerabilities
Microcode updates has been released for Intel(R) processors, addressing multiple potential vulnerabilties that may allow denial of service or information disclosure. . ------------------------------------------------------------------------- Debian LTS Advisory DLA-4170-1
May 18, 2025
•Critical
Debian LTS
89
security advisoryfedoracriticalFedora 41: Critical Firmware Updates for Intel and Bluetooth Devices
Update to upstream 20241210 Update firmware file for Intel BlazarU core amdgpu: numerous firmware updates upstream amdnpu firmware QCA: Add Bluetooth nvm files for WCN785x. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-516b214c25 2024-12-13 01:33:43.480316+00:00 -------------------------------------------------------------------------------- Name : linux-firmware Product : Fedora 41 Version : 20241210 Release : 1.fc41 URL : http://www.kernel.org/ Summary : Firmware files used by the Linux kernel Description : This package includes firmware files required for some devices to operate. -------------------------------------------------------------------------------- Update Information: Update to upstream 20241210 Update firmware file for Intel BlazarU core amdgpu: numerous firmware updates upstream amdnpu firmware QCA: Add Bluetooth nvm files for WCN785x i915: Update Xe2LPD DMC to v2.24 cirrus: cs35l56: Add firmware for Cirrus CS35L56 for various Dell laptops iwlwifi: add Bz-gf FW for core89-91 release QCA: Update Bluetooth WCN785x firmware to 2.0.0-00515-2 ice: update ice DDP wireless_edge package to 1.3.20.0 ice: update ice DDP comms package to 1.3.52.0 ice: update ice DDP package to ice-1.3.41.0 amdgpu: update DMCUB to v9.0.10.0 for DCN314/DCN351 Update AMD cpu microcode xe: Update GUC to v70.36.0 for BMG, LNL i915: Update GUC to v70.36.0 for ADL-P, DG1, DG2, MTL, TGL iwlwifi: add Bz-gf FW for core91-69 release qcom: venus-5.4: add venus firmware file for qcs615 qcom: update venus firmware file for SC7280 QCA: Add 22 bluetooth firmware nvm files for QCA2066 mediatek MT7921/MT7922: update bluetooth firmware update for MT7921/MT7922 WiFi device qcom: Add QDU100 firmware image files. qcom: Update aic100 firmware files -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 10 2024 Peter Robinson - 20241210-1 -Update to upstream 20241210 - Update firmware file for Intel BlazarU core - amdgpu: numerous firmware updates - upstream amdnpu firmware - QCA: Add Bluetooth nvm files for WCN785x - i915: Update Xe2LPD DMC to v2.24 - cirrus: cs35l56: Add firmware for Cirrus CS35L56 for various Dell laptops - iwlwifi: add Bz-gf FW for core89-91 release - QCA: Update Bluetooth WCN785x firmware to 2.0.0-00515-2 - ice: update ice DDP wireless_edge package to 1.3.20.0 - ice: update ice DDP comms package to 1.3.52.0 - ice: update ice DDP package to ice-1.3.41.0 - amdgpu: update DMCUB to v9.0.10.0 for DCN314/DCN351 - Update AMD cpu microcode - xe: Update GUC to v70.36.0 for BMG, LNL - i915: Update GUC to v70.36.0 for ADL-P, DG1, DG2, MTL, TGL - iwlwifi: add Bz-gf FW for core91-69 release - qcom: venus-5.4: add venus firmware file for qcs615 - qcom: update venus firmware file for SC7280 - QCA: Add 22 bluetooth firmware nvm files for QCA2066 - mediatek MT7921/MT7922: update bluetooth firmware - update for MT7921/MT7922 WiFi device - qcom: Add QDU100 firmware image files. - qcom: Update aic100 firmware files -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-516b214c25' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Dec 13, 2024
•Critical
Fedora
89
security advisoryupdateFedoraFedora 41: FEDORA-2024-d6726b5d75 High: Microcode Update
Update to upstream 2.1-45. 20240910 Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode from revision 0x35 up to 0x36; Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in intel-ucode/06-97-02) from revision 0x35 up to 0x36;. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-d6726b5d75 2024-09-19 00:16:03.025097 -------------------------------------------------------------------------------- Name : microcode_ctl Product : Fedora 41 Version : 2.1 Release : 65.fc41 URL : https://pagure.io/microcode_ctl Summary : Tool to transform and deploy CPU microcode update for x86 Description : The microcode_ctl utility is a companion to the microcode driver written by Tigran Aivazian . The microcode update is volatile and needs to be uploaded on each system boot i.e. it doesn't reflash your cpu permanently, reboot and it reverts back to the old microcode. -------------------------------------------------------------------------------- Update Information: Update to upstream 2.1-45. 20240910 Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode from revision 0x35 up to 0x36; Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in intel-ucode/06-97-02) from revision 0x35 up to 0x36; Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-97-02) from revision 0x35 up to 0x36; Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-97-02) from revision 0x35 up to 0x36; Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in intel-ucode/06-97-05) from revision 0x35 up to 0x36; Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode from revision 0x35 up to 0x36; Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-97-05) from revision 0x35 up to 0x36; Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-97-05) from revision 0x35 up to 0x36; Update of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode from revision 0x433 up to0x434; Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode (in intel-ucode/06-9a-03) from revision 0x433 up to 0x434; Update of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in intel-ucode/06-9a-04) from revision 0x433 up to 0x434; Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode from revision 0x433 up to 0x434; Update of 06-aa-04/0xe6 (MTL-H/U C0) microcode from revision 0x1e up to 0x1f; Update of 06-b7-01/0x32 (RPL-S B0) microcode from revision 0x123 up to 0x129; Update of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode from revision 0x4121 up to 0x4122; Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode (in intel-ucode/06-ba-02) from revision 0x4121 up to 0x4122; Update of 06-ba-08/0xe0 microcode (in intel-ucode/06-ba-02) from revision 0x4121 up to 0x4122; Update of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in intel-ucode/06-ba-03) from revision 0x4121 up to 0x4122; Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode from revision 0x4121 up to 0x4122; Update of 06-ba-08/0xe0 microcode (in intel-ucode/06-ba-03) from revision 0x4121 up to 0x4122; Update of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in intel-ucode/06-ba-08) from revision 0x4121 up to 0x4122; Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode (in intel-ucode/06-ba-08) from revision 0x4121 up to 0x4122; Update of 06-ba-08/0xe0 microcode from revision 0x4121 up to 0x4122; Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in intel-ucode/06-bf-02) from revision 0x35 up to 0x36; Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in intel-ucode/06-bf-02) from revision 0x35 up to 0x36; Update of 06-bf-02/0x07 (ADL C0) microcode from revision 0x35 up to 0x36; Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-bf-02) from revision 0x35 up to 0x36; Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in intel-ucode/06-bf-05) from revision 0x35 up to 0x36; Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in intel-ucode/06-bf-05) fromrevision 0x35 up to 0x36; Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-bf-05) from revision 0x35 up to 0x36; Update of 06-bf-05/0x07 (ADL C0) microcode from revision 0x35 up to 0x36; Update of 06-be-00/0x19 (ADL-N A0) microcode from revision 0x17 up to 0x1a (old pf 0x11). Addresses CVE-2024-23984, CVE-2024-24968 Added the documentation directory to the list of files owned by the package -------------------------------------------------------------------------------- ChangeLog: * Fri Sep 13 2024 Eugene Syromiatnikov 2:2.1-65 - Update to upstream 2.1-45. 20240910 - Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode from revision 0x35 up to 0x36; - Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in intel-ucode/06-97-02) from revision 0x35 up to 0x36; - Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-97-02) from revision 0x35 up to 0x36; - Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-97-02) from revision 0x35 up to 0x36; - Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in intel-ucode/06-97-05) from revision 0x35 up to 0x36; - Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode from revision 0x35 up to 0x36; - Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-97-05) from revision 0x35 up to 0x36; - Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-97-05) from revision 0x35 up to 0x36; - Update of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode from revision 0x433 up to 0x434; - Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode (in intel-ucode/06-9a-03) from revision 0x433 up to 0x434; - Update of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in intel-ucode/06-9a-04) from revision 0x433 up to 0x434; - Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode from revision 0x433 up to 0x434; - Update of 06-aa-04/0xe6 (MTL-H/U C0) microcode from revision 0x1e up to 0x1f; - Update of 06-b7-01/0x32 (RPL-S B0) microcodefrom revision 0x123 up to 0x129; - Update of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode from revision 0x4121 up to 0x4122; - Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode (in intel-ucode/06-ba-02) from revision 0x4121 up to 0x4122; - Update of 06-ba-08/0xe0 microcode (in intel-ucode/06-ba-02) from revision 0x4121 up to 0x4122; - Update of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in intel-ucode/06-ba-03) from revision 0x4121 up to 0x4122; - Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode from revision 0x4121 up to 0x4122; - Update of 06-ba-08/0xe0 microcode (in intel-ucode/06-ba-03) from revision 0x4121 up to 0x4122; - Update of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in intel-ucode/06-ba-08) from revision 0x4121 up to 0x4122; - Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode (in intel-ucode/06-ba-08) from revision 0x4121 up to 0x4122; - Update of 06-ba-08/0xe0 microcode from revision 0x4121 up to 0x4122; - Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in intel-ucode/06-bf-02) from revision 0x35 up to 0x36; - Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in intel-ucode/06-bf-02) from revision 0x35 up to 0x36; - Update of 06-bf-02/0x07 (ADL C0) microcode from revision 0x35 up to 0x36; - Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-bf-02) from revision 0x35 up to 0x36; - Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in intel-ucode/06-bf-05) from revision 0x35 up to 0x36; - Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in intel-ucode/06-bf-05) from revision 0x35 up to 0x36; - Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-bf-05) from revision 0x35 up to 0x36; - Update of 06-bf-05/0x07 (ADL C0) microcode from revision 0x35 up to 0x36; - Update of 06-be-00/0x19 (ADL-N A0) microcode from revision 0x17 up to 0x1a (old pf 0x11). - Addresses CVE-2024-23984, CVE-2024-24968 - Added the documentation directoryto the list of files owned by the package - Resolves RHBZ#2283214, RHBZ#2311299 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2283214 - The directory /usr/share/doc/microcode_ctl/ is not in the RPM database. https://bugzilla.redhat.com/show_bug.cgi?id=2283214 [ 2 ] Bug #2311299 - 20240910 is available https://bugzilla.redhat.com/show_bug.cgi?id=2311299 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-d6726b5d75' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Sep 19, 2024
Fedora
172
security advisorydenial of servicecode executionUbuntu 20.04 LTS USN-6628-2 Critical: Kernel Flaws Cause DoS
Several security issues were fixed in the Linux kernel.. ========================================================================== Ubuntu Security Notice USN-6628-2 February 15, 2024 linux-intel-iotg-5.15 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux-intel-iotg-5.15: Linux kernel for Intel IoT platforms Details: Quentin Minster discovered that a race condition existed in the KSMBD implementation in the Linux kernel when handling sessions operations. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-32250, CVE-2023-32252, CVE-2023-32257) Marek Marczykowski-Górecki discovered that the Xen event channel infrastructure implementation in the Linux kernel contained a race condition. An attacker in a guest VM could possibly use this to cause a denial of service (paravirtualized device unavailability). (CVE-2023-34324) Zheng Wang discovered a use-after-free in the Renesas Ethernet AVB driver in the Linux kernel during device removal. A privileged attacker could use this to cause a denial of service (system crash). (CVE-2023-35827) Tom Dohrmann discovered that the Secure Encrypted Virtualization (SEV) implementation for AMD processors in the Linux kernel contained a race condition when accessing MMIO registers. A local attacker in a SEV guest VM could possibly use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-46813) It was discovered that the Microchip USB Ethernet driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2023-6039) Lin Ma discovered thatthe netfilter subsystem in the Linux kernel did not properly validate network family support while creating a new netfilter table. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2023-6040) It was discovered that the TLS subsystem in the Linux kernel did not properly perform cryptographic operations in some situations, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-6176) It was discovered that the CIFS network file system implementation in the Linux kernel did not properly validate the server frame size in certain situation, leading to an out-of-bounds read vulnerability. An attacker could use this to construct a malicious CIFS image that, when operated on, could cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-6606) Xingyuan Mo discovered that the netfilter subsystem in the Linux kernel did not properly handle dynset expressions passed from userspace, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-6622) Xingyuan Mo discovered that the netfilter subsystem in the Linux kernel did not properly handle inactive elements in its PIPAPO data structure, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-6817) Budimir Markovic, Lucas De Marchi, and Pengfei Xu discovered that the perf subsystem in the Linux kernel did not properly validate all event sizes when attaching new events, leading to an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-6931) It was discovered that the IGMP protocol implementation in the Linux kernel contained a racecondition, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-6932) Kevin Rich discovered that the netfilter subsystem in the Linux kernel did not properly check deactivated elements in certain situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-0193) It was discovered that the TIPC protocol implementation in the Linux kernel did not properly handle locking during tipc_crypto_key_revoke() operations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2024-0641) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS: linux-image-5.15.0-1048-intel-iotg 5.15.0-1048.54~20.04.1 linux-image-intel 5.15.0.1048.54~20.04.38 linux-image-intel-iotg 5.15.0.1048.54~20.04.38 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-6628-2 https://ubuntu.com/security/notices/USN-6628-1 CVE-2023-32250, CVE-2023-32252, CVE-2023-32257, CVE-2023-34324, CVE-2023-35827, CVE-2023-46813, CVE-2023-46813, CVE-2023-6039, CVE-2023-6040, CVE-2023-6176, CVE-2023-6606, CVE-2023-6622, CVE-2023-6817, CVE-2023-6931, CVE-2023-6932, CVE-2024-0193, CVE-2024-0641 Package Information: https://launchpad.net/ubuntu/+source/linux-intel-iotg-5.15/5.15.0-1048.54~20.04.1 . Ubuntu 20.04 LTS has released critical updates addressing vulnerabilities in the kernel that could potentially allow for denial of service and code execution threats if not addressed promptly.. Denial of Service, Kernel Updates, Security Fixes, Intel IoT, Ubuntu Issues. . Severity: Critical. LinuxSecurity.com Team
Feb 15, 2024
•Critical
Ubuntu
197
security advisorydenial of servicedebianDebian 10 DLA-3596-1 Moderate: Intel Firmware Privilege Escalation
Intel® released the INTEL-SA-00766 advisory about potential security vulnerabilities in some Intel® PROSet/Wireless WiFi and Killer⢠WiFi products may allow escalation of privilege or denial of service. The full advisory is available at [1] . ------------------------------------------------------------------------- Debian LTS Advisory DLA-3596-1
Sep 30, 2023
Debian LTS
172
security advisorykernelubuntuUbuntu 20.04 LTS USN-6397-1 Moderate: Kernel Security Issues
Several security issues were fixed in the Linux kernel.. ========================================================================== Ubuntu Security Notice USN-6397-1 September 26, 2023 linux-bluefield vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux-bluefield: Linux kernel for NVIDIA BlueField platforms Details: Daniel Moghimi discovered that some Intel(R) Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. (CVE-2022-40982) Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service (bluetooth communication). (CVE-2023-2002) Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information. (CVE-2023-20593) Zi Fan Tan discovered that the binder IPC implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-21255) Juan Jose Lopez Jaimez, Meador Inge, Simon Scannell, and Nenad Stojanovski discovered that the BPF verifier in the Linux kernel did not properly mark registers for precision tracking in certain situations, leading to an out- of-bounds access vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-2163) Zheng Zhang discovered that the device-mapper implementation in the Linux kerneldid not properly handle locking during table_clear() operations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2023-2269) It was discovered that the DVB Core driver in the Linux kernel did not properly handle locking events in certain situations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2023-31084) It was discovered that the kernel-> user space relay implementation in the Linux kernel did not properly perform certain buffer calculations, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2023-3268) It was discovered that the video4linux driver for Philips based TV cards in the Linux kernel contained a race condition during device removal, leading to a use-after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35823) It was discovered that the SDMC DM1105 PCI device driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35824) It was discovered that the Renesas USB controller driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35828) It was discovered that the universal 32bit network packet classifier implementation in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.(CVE-2023-3609) It was discovered that the Quick Fair Queueing network scheduler implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3611) It was discovered that the network packet classifier with netfilter/firewall marks implementation in the Linux kernel did not properly handle reference counting, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3776) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS: linux-image-5.4.0-1070-bluefield 5.4.0-1070.76 linux-image-bluefield 5.4.0.1070.65 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-6397-1 CVE-2022-40982, CVE-2023-2002, CVE-2023-20593, CVE-2023-21255, CVE-2023-2163, CVE-2023-2269, CVE-2023-31084, CVE-2023-3268, CVE-2023-35823, CVE-2023-35824, CVE-2023-35828, CVE-2023-3609, CVE-2023-3611, CVE-2023-3776 Package Information: https://launchpad.net/ubuntu/+source/linux-bluefield/5.4.0-1070.76 . Ubuntu 20.04 LTS has rolled out vital updates tackling several security vulnerabilities within the kernel and mitigating denial of service risks.. Kernel Security, Ubuntu 20.04 Updates, Denial of Service Risks. . Severity: Important.LinuxSecurity.com Team
Sep 26, 2023
•Important
Ubuntu
172
security advisorydenial of serviceprivilege escalationUbuntu 22.04 LTS: USN-6057-1 Moderate Kernel Advisory on Intel IoT
Several security issues were fixed in the Linux kernel.. =========================================================================Ubuntu Security Notice USN-6057-1 May 05, 2023 linux-intel-iotg vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux-intel-iotg: Linux kernel for Intel IoT platforms Details: It was discovered that the Traffic-Control Index (TCINDEX) implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-1281) It was discovered that the OverlayFS implementation in the Linux kernel did not properly handle copy up operation in some conditions. A local attacker could possibly use this to gain elevated privileges. (CVE-2023-0386) Haowei Yan discovered that a race condition existed in the Layer 2 Tunneling Protocol (L2TP) implementation in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-4129) It was discovered that the network queuing discipline implementation in the Linux kernel contained a null pointer dereference in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-47929) It was discovered that the NTFS file system implementation in the Linux kernel contained a null pointer dereference in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-4842) Kyle Zeng discovered that the IPv6 implementation in the Linux kernel contained a NULL pointer dereference vulnerability in certain situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-0394) It was discovered that the HumanInterface Device (HID) support driver in the Linux kernel contained a type confusion vulnerability in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-1073) It was discovered that a memory leak existed in the SCTP protocol implementation in the Linux kernel. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2023-1074) It was discovered that the NFS implementation in the Linux kernel did not properly handle pending tasks in some situations. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2023-1652) Lianhui Tang discovered that the MPLS implementation in the Linux kernel did not properly handle certain sysctl allocation failure conditions, leading to a double-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2023-26545) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS: linux-image-5.15.0-1028-intel-iotg 5.15.0-1028.33 linux-image-intel-iotg 5.15.0.1028.27 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-6057-1 CVE-2022-4129, CVE-2022-47929, CVE-2022-4842, CVE-2023-0386, CVE-2023-0394, CVE-2023-1073, CVE-2023-1074, CVE-2023-1281, CVE-2023-1652, CVE-2023-26545 Package Information: https://launchpad.net/ubuntu/+source/linux-intel-iotg/5.15.0-1028.33 . Ubuntu tackles major kernel flaws impacting Intel IoT, implementing essential updates to ensure system safety.. Intel IoT Threats, Ubuntu Kernel Security, System Updates. . Severity: Important. LinuxSecurity.com Team
May 05, 2023
•Important
Ubuntu
100
security advisorypatchimportantSUSE Linux 12-SP4: 2022:0575-1 Important: Ucode-Intel Escalation Fix
An update that fixes four vulnerabilities is now available. . SUSE Security Update: Security update for ucode-intel ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:0575-1 Rating: important References: #1192615 #1195779 #1195780 #1195781 Cross-References: CVE-2021-0127 CVE-2021-0145 CVE-2021-0146 CVE-2021-33120 CVSS scores: CVE-2021-0127 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2021-0127 (SUSE): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H CVE-2021-0145 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVE-2021-0145 (SUSE): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N CVE-2021-0146 (NVD) : 6.8 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2021-0146 (SUSE): 7.1 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H CVE-2021-33120 (NVD) : 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L CVE-2021-33120 (SUSE): 3.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:L Affected Products: HPE Helion Openstack 8 SUSE Linux Enterprise Server 12-SP2-BCL SUSE Linux Enterprise Server 12-SP3-BCL SUSE Linux Enterprise Server 12-SP3-LTSS SUSE Linux Enterprise Server 12-SP4-LTSS SUSE Linux Enterprise Server for SAP 12-SP3 SUSE Linux Enterprise Server for SAP 12-SP4 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 ______________________________________________________________________________ An update that fixes four vulnerabilities is now available. Description: This update for ucode-intel fixes the followingissues: Updated to Intel CPU Microcode 20220207 release. - CVE-2021-0146: Fixed a potential security vulnerability in some Intel Processors may allow escalation of privilege (bsc#1192615) - CVE-2021-0127: Intel Processor Breakpoint Control Flow (bsc#1195779) - CVE-2021-0145: Fast store forward predictor - Cross Domain Training (bsc#1195780) - CVE-2021-33120: Out of bounds read for some Intel Atom processors (bsc#1195781) - Security updates for [INTEL-SA-00528](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00528.html) - Security updates for [INTEL-SA-00532]() Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud Crowbar 9: zypper in -t patch SUSE-OpenStack-Cloud-Crowbar-9-2022-575=1 - SUSE OpenStack Cloud Crowbar 8: zypper in -t patch SUSE-OpenStack-Cloud-Crowbar-8-2022-575=1 - SUSE OpenStack Cloud 9: zypper in -t patch SUSE-OpenStack-Cloud-9-2022-575=1 - SUSE OpenStack Cloud 8: zypper in -t patch SUSE-OpenStack-Cloud-8-2022-575=1 - SUSE Linux Enterprise Server for SAP 12-SP4: zypper in -t patch SUSE-SLE-SAP-12-SP4-2022-575=1 - SUSE Linux Enterprise Server for SAP 12-SP3: zypper in -t patch SUSE-SLE-SAP-12-SP3-2022-575=1 - SUSE Linux Enterprise Server 12-SP4-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-SP4-LTSS-2022-575=1 - SUSE Linux Enterprise Server 12-SP3-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-SP3-2022-575=1 - SUSE Linux Enterprise Server 12-SP3-BCL: zypper in -t patch SUSE-SLE-SERVER-12-SP3-BCL-2022-575=1 - SUSE Linux Enterprise Server 12-SP2-BCL: zypper in -t patch SUSE-SLE-SERVER-12-SP2-BCL-2022-575=1 - HPE Helion Openstack 8: zypper in -t patchHPE-Helion-OpenStack-8-2022-575=1 Package List: - SUSE OpenStack Cloud Crowbar 9 (x86_64): ucode-intel-20220207-13.93.1 ucode-intel-debuginfo-20220207-13.93.1 ucode-intel-debugsource-20220207-13.93.1 - SUSE OpenStack Cloud Crowbar 8 (x86_64): ucode-intel-20220207-13.93.1 ucode-intel-debuginfo-20220207-13.93.1 ucode-intel-debugsource-20220207-13.93.1 - SUSE OpenStack Cloud 9 (x86_64): ucode-intel-20220207-13.93.1 ucode-intel-debuginfo-20220207-13.93.1 ucode-intel-debugsource-20220207-13.93.1 - SUSE OpenStack Cloud 8 (x86_64): ucode-intel-20220207-13.93.1 ucode-intel-debuginfo-20220207-13.93.1 ucode-intel-debugsource-20220207-13.93.1 - SUSE Linux Enterprise Server for SAP 12-SP4 (x86_64): ucode-intel-20220207-13.93.1 ucode-intel-debuginfo-20220207-13.93.1 ucode-intel-debugsource-20220207-13.93.1 - SUSE Linux Enterprise Server for SAP 12-SP3 (x86_64): ucode-intel-20220207-13.93.1 ucode-intel-debuginfo-20220207-13.93.1 ucode-intel-debugsource-20220207-13.93.1 - SUSE Linux Enterprise Server 12-SP4-LTSS (x86_64): ucode-intel-20220207-13.93.1 ucode-intel-debuginfo-20220207-13.93.1 ucode-intel-debugsource-20220207-13.93.1 - SUSE Linux Enterprise Server 12-SP3-LTSS (x86_64): ucode-intel-20220207-13.93.1 ucode-intel-debuginfo-20220207-13.93.1 ucode-intel-debugsource-20220207-13.93.1 - SUSE Linux Enterprise Server 12-SP3-BCL (x86_64): ucode-intel-20220207-13.93.1 ucode-intel-debuginfo-20220207-13.93.1 ucode-intel-debugsource-20220207-13.93.1 - SUSE Linux Enterprise Server 12-SP2-BCL (x86_64): ucode-intel-20220207-13.93.1 ucode-intel-debuginfo-20220207-13.93.1 ucode-intel-debugsource-20220207-13.93.1 - HPE Helion Openstack 8 (x86_64): ucode-intel-20220207-13.93.1 ucode-intel-debuginfo-20220207-13.93.1 ucode-intel-debugsource-20220207-13.93.1 References: https://www.suse.com/security/cve/CVE-2021-0127.html https://www.suse.com/security/cve/CVE-2021-0145.html https://www.suse.com/security/cve/CVE-2021-0146.html https://www.suse.com/security/cve/CVE-2021-33120.html https://bugzilla.suse.com/1192615 https://bugzilla.suse.com/1195779 https://bugzilla.suse.com/1195780 https://bugzilla.suse.com/1195781 . An important update for ucode-intel has been released, fixing several critical security issues to protect the system.. SUSE Linux Intel Update, Security Patch, Ucode-Intel Fix, Escalation Privilege Fix. . Severity: Important. LinuxSecurity.com Team
Feb 25, 2022
•Important
SuSE
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!