Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 1 articles for you...
219
security advisorycritical issuekernel updateRocky Linux SIG Cloud 9 RXSA-2025:1262 critical: kernel security update
Important: kernel security update. {"type": "TYPE_SECURITY", "shortCode": "RX", "name": "RXSA-2025:1262", "synopsis": "Important: kernel security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for kernel.\nThis update affects Rocky Linux SIG Cloud 9.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "The kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* kernel: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format (CVE-2024-53104)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux SIG Cloud 9"], "fixes": [{"ticket": "2329817", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2329817", "description": ""}], "cves": [{"name": "CVE-2024-53104", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2024-53104", "cvss3ScoringVector": "UNKNOWN", "cvss3BaseScore": "UNKNOWN", "cwe": "UNKNOWN"}], "references": [], "publishedAt": "2025-02-13T20:37:52.150245Z", "rpms": {"Rocky Linux SIG Cloud 9": {"nvras": ["bpftool-0:7.4.0-503.23.2.el9_5.cloud.1.0.aarch64.rpm", "bpftool-0:7.4.0-503.23.2.el9_5.cloud.1.0.x86_64.rpm", "bpftool-debuginfo-0:7.4.0-503.23.2.el9_5.cloud.1.0.aarch64.rpm", "bpftool-debuginfo-0:7.4.0-503.23.2.el9_5.cloud.1.0.x86_64.rpm", "kernel-0:5.14.0-503.23.2.el9_5.cloud.1.0.aarch64.rpm", "kernel-0:5.14.0-503.23.2.el9_5.cloud.1.0.src.rpm", "kernel-0:5.14.0-503.23.2.el9_5.cloud.1.0.x86_64.rpm", "kernel-abi-stablelists-0:5.14.0-503.23.2.el9_5.cloud.1.0.noarch.rpm", "kernel-core-0:5.14.0-503.23.2.el9_5.cloud.1.0.aarch64.rpm", "kernel-core-0:5.14.0-503.23.2.el9_5.cloud.1.0.x86_64.rpm","kernel-cross-headers-0:5.14.0-503.23.2.el9_5.cloud.1.0.aarch64.rpm", "kernel-cross-headers-0:5.14.0-503.23.2.el9_5.cloud.1.0.x86_64.rpm", "kernel-debug-0:5.14.0-503.23.2.el9_5.cloud.1.0.aarch64.rpm", "kernel-debug-0:5.14.0-503.23.2.el9_5.cloud.1.0.x86_64.rpm", "kernel-debug-core-0:5.14.0-503.23.2.el9_5.cloud.1.0.aarch64.rpm", "kernel-debug-core-0:5.14.0-503.23.2.el9_5.cloud.1.0.x86_64.rpm", "kernel-debug-debuginfo-0:5.14.0-503.23.2.el9_5.cloud.1.0.aarch64.rpm", "kernel-debug-debuginfo-0:5.14.0-503.23.2.el9_5.cloud.1.0.x86_64.rpm", "kernel-debug-devel-0:5.14.0-503.23.2.el9_5.cloud.1.0.aarch64.rpm", "kernel-debug-devel-0:5.14.0-503.23.2.el9_5.cloud.1.0.x86_64.rpm", "kernel-debug-devel-matched-0:5.14.0-503.23.2.el9_5.cloud.1.0.aarch64.rpm", "kernel-debug-devel-matched-0:5.14.0-503.23.2.el9_5.cloud.1.0.x86_64.rpm", "kernel-debuginfo-0:5.14.0-503.23.2.el9_5.cloud.1.0.aarch64.rpm", "kernel-debuginfo-0:5.14.0-503.23.2.el9_5.cloud.1.0.x86_64.rpm", "kernel-debug-modules-0:5.14.0-503.23.2.el9_5.cloud.1.0.aarch64.rpm", "kernel-debug-modules-0:5.14.0-503.23.2.el9_5.cloud.1.0.x86_64.rpm", "kernel-debug-modules-core-0:5.14.0-503.23.2.el9_5.cloud.1.0.aarch64.rpm", "kernel-debug-modules-core-0:5.14.0-503.23.2.el9_5.cloud.1.0.x86_64.rpm", "kernel-debug-modules-extra-0:5.14.0-503.23.2.el9_5.cloud.1.0.aarch64.rpm", "kernel-debug-modules-extra-0:5.14.0-503.23.2.el9_5.cloud.1.0.x86_64.rpm", "kernel-devel-0:5.14.0-503.23.2.el9_5.cloud.1.0.aarch64.rpm", "kernel-devel-0:5.14.0-503.23.2.el9_5.cloud.1.0.x86_64.rpm", "kernel-devel-matched-0:5.14.0-503.23.2.el9_5.cloud.1.0.aarch64.rpm", "kernel-devel-matched-0:5.14.0-503.23.2.el9_5.cloud.1.0.x86_64.rpm", "kernel-doc-0:5.14.0-503.23.2.el9_5.cloud.1.0.noarch.rpm", "kernel-headers-0:5.14.0-503.23.2.el9_5.cloud.1.0.aarch64.rpm", "kernel-headers-0:5.14.0-503.23.2.el9_5.cloud.1.0.x86_64.rpm", "kernel-modules-0:5.14.0-503.23.2.el9_5.cloud.1.0.aarch64.rpm", "kernel-modules-0:5.14.0-503.23.2.el9_5.cloud.1.0.x86_64.rpm", "kernel-modules-core-0:5.14.0-503.23.2.el9_5.cloud.1.0.aarch64.rpm","kernel-modules-core-0:5.14.0-503.23.2.el9_5.cloud.1.0.x86_64.rpm", "kernel-modules-extra-0:5.14.0-503.23.2.el9_5.cloud.1.0.aarch64.rpm", "kernel-modules-extra-0:5.14.0-503.23.2.el9_5.cloud.1.0.x86_64.rpm", "kernel-tools-0:5.14.0-503.23.2.el9_5.cloud.1.0.aarch64.rpm", "kernel-tools-0:5.14.0-503.23.2.el9_5.cloud.1.0.x86_64.rpm", "kernel-tools-debuginfo-0:5.14.0-503.23.2.el9_5.cloud.1.0.aarch64.rpm", "kernel-tools-debuginfo-0:5.14.0-503.23.2.el9_5.cloud.1.0.x86_64.rpm", "kernel-tools-libs-0:5.14.0-503.23.2.el9_5.cloud.1.0.aarch64.rpm", "kernel-tools-libs-0:5.14.0-503.23.2.el9_5.cloud.1.0.x86_64.rpm", "kernel-tools-libs-devel-0:5.14.0-503.23.2.el9_5.cloud.1.0.aarch64.rpm", "kernel-tools-libs-devel-0:5.14.0-503.23.2.el9_5.cloud.1.0.x86_64.rpm", "perf-0:5.14.0-503.23.2.el9_5.cloud.1.0.aarch64.rpm", "perf-0:5.14.0-503.23.2.el9_5.cloud.1.0.x86_64.rpm", "perf-debuginfo-0:5.14.0-503.23.2.el9_5.cloud.1.0.aarch64.rpm", "perf-debuginfo-0:5.14.0-503.23.2.el9_5.cloud.1.0.x86_64.rpm", "python3-perf-0:5.14.0-503.23.2.el9_5.cloud.1.0.aarch64.rpm", "python3-perf-0:5.14.0-503.23.2.el9_5.cloud.1.0.x86_64.rpm", "python3-perf-debuginfo-0:5.14.0-503.23.2.el9_5.cloud.1.0.aarch64.rpm", "python3-perf-debuginfo-0:5.14.0-503.23.2.el9_5.cloud.1.0.x86_64.rpm", "rtla-0:5.14.0-503.23.2.el9_5.cloud.1.0.aarch64.rpm", "rtla-0:5.14.0-503.23.2.el9_5.cloud.1.0.x86_64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. An important announcement has been made concerning Rocky Linux SIG Cloud 9 regarding significant security flaws found within its kernel.. Rocky Linux update, kernel security patch, crucial kernel fix. . Severity: Important. LinuxSecurity.com Team
Feb 13, 2025
•Important
Rocky Linux
219
security advisorykernel updatebug fixRocky Linux 8 RLSA-2022:5819 Important Kernel Update for Critical Issues
Important: kernel security and bug fix update. \{'type': 'Security', 'shortCode': 'RL', 'name': 'RLSA-2022:5819', 'synopsis': 'Important: kernel security and bug fix update', 'severity': 'Important', 'topic': 'An update for kernel is now available for Rocky Linux 8.\nRocky Linux Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.', 'description': 'The kernel packages contain the Linux kernel, the core of any Linux operating system.\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.', 'solution': None, 'affectedProducts': ['Rocky Linux 8'], 'fixes': ['2064604', '2092427'], 'cves': ['Red Hat:::https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32250.json:::CVE-2022-32250'], 'references': [], 'publishedAt': '2022-08-15T21:03:25.235634Z', 'rpms': ['bpftool-4.18.0-372.19.1.el8_6.aarch64.rpm', 'bpftool-4.18.0-372.19.1.el8_6.x86_64.rpm', 'bpftool-debuginfo-4.18.0-372.19.1.el8_6.aarch64.rpm', 'bpftool-debuginfo-4.18.0-372.19.1.el8_6.x86_64.rpm', 'kernel-4.18.0-372.19.1.el8_6.aarch64.rpm', 'kernel-4.18.0-372.19.1.el8_6.src.rpm', 'kernel-4.18.0-372.19.1.el8_6.x86_64.rpm', 'kernel-abi-stablelists-4.18.0-372.19.1.el8_6.noarch.rpm', 'kernel-core-4.18.0-372.19.1.el8_6.aarch64.rpm', 'kernel-core-4.18.0-372.19.1.el8_6.x86_64.rpm', 'kernel-cross-headers-4.18.0-372.19.1.el8_6.aarch64.rpm', 'kernel-cross-headers-4.18.0-372.19.1.el8_6.x86_64.rpm', 'kernel-debug-4.18.0-372.19.1.el8_6.aarch64.rpm', 'kernel-debug-4.18.0-372.19.1.el8_6.x86_64.rpm', 'kernel-debug-core-4.18.0-372.19.1.el8_6.aarch64.rpm', 'kernel-debug-core-4.18.0-372.19.1.el8_6.x86_64.rpm', 'kernel-debug-debuginfo-4.18.0-372.19.1.el8_6.aarch64.rpm', 'kernel-debug-debuginfo-4.18.0-372.19.1.el8_6.x86_64.rpm','kernel-debug-devel-4.18.0-372.19.1.el8_6.aarch64.rpm', 'kernel-debug-devel-4.18.0-372.19.1.el8_6.x86_64.rpm', 'kernel-debuginfo-4.18.0-372.19.1.el8_6.aarch64.rpm', 'kernel-debuginfo-4.18.0-372.19.1.el8_6.x86_64.rpm', 'kernel-debuginfo-common-aarch64-4.18.0-372.19.1.el8_6.aarch64.rpm', 'kernel-debuginfo-common-x86_64-4.18.0-372.19.1.el8_6.x86_64.rpm', 'kernel-debug-modules-4.18.0-372.19.1.el8_6.aarch64.rpm', 'kernel-debug-modules-4.18.0-372.19.1.el8_6.x86_64.rpm', 'kernel-debug-modules-extra-4.18.0-372.19.1.el8_6.aarch64.rpm', 'kernel-debug-modules-extra-4.18.0-372.19.1.el8_6.x86_64.rpm', 'kernel-devel-4.18.0-372.19.1.el8_6.aarch64.rpm', 'kernel-devel-4.18.0-372.19.1.el8_6.x86_64.rpm', 'kernel-doc-4.18.0-372.19.1.el8_6.noarch.rpm', 'kernel-headers-4.18.0-372.19.1.el8_6.aarch64.rpm', 'kernel-headers-4.18.0-372.19.1.el8_6.x86_64.rpm', 'kernel-modules-4.18.0-372.19.1.el8_6.aarch64.rpm', 'kernel-modules-4.18.0-372.19.1.el8_6.x86_64.rpm', 'kernel-modules-extra-4.18.0-372.19.1.el8_6.aarch64.rpm', 'kernel-modules-extra-4.18.0-372.19.1.el8_6.x86_64.rpm', 'kernel-rt-4.18.0-372.19.1.rt7.176.el8_6.src.rpm', 'kernel-rt-4.18.0-372.19.1.rt7.176.el8_6.x86_64.rpm', 'kernel-rt-core-4.18.0-372.19.1.rt7.176.el8_6.x86_64.rpm', 'kernel-rt-debug-4.18.0-372.19.1.rt7.176.el8_6.x86_64.rpm', 'kernel-rt-debug-core-4.18.0-372.19.1.rt7.176.el8_6.x86_64.rpm', 'kernel-rt-debug-debuginfo-4.18.0-372.19.1.rt7.176.el8_6.x86_64.rpm', 'kernel-rt-debug-devel-4.18.0-372.19.1.rt7.176.el8_6.x86_64.rpm', 'kernel-rt-debuginfo-4.18.0-372.19.1.rt7.176.el8_6.x86_64.rpm', 'kernel-rt-debuginfo-common-x86_64-4.18.0-372.19.1.rt7.176.el8_6.x86_64.rpm', 'kernel-rt-debug-kvm-4.18.0-372.19.1.rt7.176.el8_6.x86_64.rpm', 'kernel-rt-debug-modules-4.18.0-372.19.1.rt7.176.el8_6.x86_64.rpm', 'kernel-rt-debug-modules-extra-4.18.0-372.19.1.rt7.176.el8_6.x86_64.rpm', 'kernel-rt-devel-4.18.0-372.19.1.rt7.176.el8_6.x86_64.rpm', 'kernel-rt-kvm-4.18.0-372.19.1.rt7.176.el8_6.x86_64.rpm', 'kernel-rt-modules-4.18.0-372.19.1.rt7.176.el8_6.x86_64.rpm','kernel-rt-modules-extra-4.18.0-372.19.1.rt7.176.el8_6.x86_64.rpm', 'kernel-tools-4.18.0-372.19.1.el8_6.aarch64.rpm', 'kernel-tools-4.18.0-372.19.1.el8_6.x86_64.rpm', 'kernel-tools-debuginfo-4.18.0-372.19.1.el8_6.aarch64.rpm', 'kernel-tools-debuginfo-4.18.0-372.19.1.el8_6.x86_64.rpm', 'kernel-tools-libs-4.18.0-372.19.1.el8_6.aarch64.rpm', 'kernel-tools-libs-4.18.0-372.19.1.el8_6.x86_64.rpm', 'kernel-tools-libs-devel-4.18.0-372.19.1.el8_6.aarch64.rpm', 'kernel-tools-libs-devel-4.18.0-372.19.1.el8_6.x86_64.rpm', 'perf-4.18.0-372.19.1.el8_6.aarch64.rpm', 'perf-4.18.0-372.19.1.el8_6.x86_64.rpm', 'perf-debuginfo-4.18.0-372.19.1.el8_6.aarch64.rpm', 'perf-debuginfo-4.18.0-372.19.1.el8_6.x86_64.rpm', 'python3-perf-4.18.0-372.19.1.el8_6.aarch64.rpm', 'python3-perf-4.18.0-372.19.1.el8_6.x86_64.rpm', 'python3-perf-debuginfo-4.18.0-372.19.1.el8_6.aarch64.rpm', 'python3-perf-debuginfo-4.18.0-372.19.1.el8_6.x86_64.rpm']}\. Essential patch rollout for Rocky Linux enhances security and resolves existing issues. Ensure your systems are secure and stay updated.. Rocky Linux,Kernel Update,System Security,Security Patch. . Severity: Important. LinuxSecurity.com Team
Sep 02, 2022
•Important
Rocky Linux
217
security advisorysecurity issueDoSOracle: ELSA-2021-9534 Critical Update for Kernel Package and DoS Threat
The following updated rpms for Oracle Linux 6 Extended Lifecycle Support (ELS) have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2021-9534 https://linux.oracle.com/errata/ELSA-2021-9534.html The following updated rpms for Oracle Linux 6 Extended Lifecycle Support (ELS) have been uploaded to the Unbreakable Linux Network: x86_64: kernel-uek-doc-4.1.12-124.57.1.el6uek.noarch.rpm kernel-uek-firmware-4.1.12-124.57.1.el6uek.noarch.rpm kernel-uek-4.1.12-124.57.1.el6uek.x86_64.rpm kernel-uek-devel-4.1.12-124.57.1.el6uek.x86_64.rpm kernel-uek-debug-4.1.12-124.57.1.el6uek.x86_64.rpm kernel-uek-debug-devel-4.1.12-124.57.1.el6uek.x86_64.rpm Related CVEs: CVE-2018-1000026 CVE-2019-10207 CVE-2019-19813 CVE-2021-3564 Description of changes: [4.1.12-124.57.1.el6uek] - target; fix print statement warning (John Donnelly) [Orabug: 33495661] - enic;: fix warning on module_param disable_vlan0, (John Donnelly) [Orabug: 33495661] - bnx2fc: correct BNX2FC_TM_TIMEOUT to be 60 sec (John Donnelly) [Orabug: 33495661] - target: Fix linux-4.1.y specific compile warning (Nicholas Bellinger) [Orabug: 33495661] - net/mlx4: Fixing warning in mlx4_get_module_info() (John Donnelly) [Orabug: 33495661] - rds: Avoid compiler warning in ib_send.c: opcode (John Donnelly) [Orabug: 33495661] - RDMA/mad: correct build warning (John Donnelly) [Orabug: 33495661] - dtrace: Fix warning in dtrace_sync() (Tomas Jedlicka) [Orabug: 33495661] - virtio: Silence uninitialized variable warning (Dan Carpenter) [Orabug: 33495661] - scsi: correct uninitialized variable (John Donnelly) [Orabug: 33495661] - media: smsusb: better handle optional alignment (Mauro Carvalho Chehab) [Orabug: 33495661] - media: usb: siano: Fix false-positive "uninitialized variable" warning (Alan Stern) [Orabug: 33495661] - toshiba_acpi: correct build warning (John Donnelly) [Orabug: 33495661] - RDS/IB: corrects build warning (John Donnelly) [Orabug: 33495661] - x86/mce: correct return warning (John Donnelly) [Orabug:33495661] - x86/asm/msr: Make wrmsrl_safe() a function (Andy Lutomirski) [Orabug: 33495661] - x86/mitigations: fix warnings in taa_select_mitigation() (John Donnelly) [Orabug: 33495661] - mm: correct build warning with pgprot (John Donnelly) [Orabug: 33495661] - Thermal: remove unused variable (John Donnelly) [Orabug: 33495661] - ixgbe: remove unused variables and functions (John Donnelly) [Orabug: 33495661] - i40e: remove unused variables and functions (John Donnelly) [Orabug: 33495661] - mlx4: remove unused variables and functions, (John Donnelly) [Orabug: 33495661] - nvme: remove unused variables and functions (John Donnelly) [Orabug: 33495661] - ocfs2: remove unused function: ocfs2_prepare_inode_for_refcount() (John Donnelly) [Orabug: 33495661] - ipv6: remove unused variable: payload_len (John Donnelly) [Orabug: 33495661] - Revert "efi: Fix out-of-bounds read in variable_matches()" (John Donnelly) [Orabug: 33495661] - dtrace: remove unused variable "iph" (John Donnelly) [Orabug: 33495661] - ext4: remove unused function ext4_init_inode_bitmap() (John Donnelly) [Orabug: 33495661] - cpuidle: remove unused function: call_cpuidle() (John Donnelly) [Orabug: 33495661] - cifs: remove unused label (John Donnelly) [Orabug: 33495661] - block: remove unused out: label (John Donnelly) [Orabug: 33495661] - Bluetooth: hci_uart: check for missing tty operations (Vladis Dronov) [Orabug: 30244627] {CVE-2019-10207} {CVE-2019-10207} - Bluetooth: hci_uart: Add basic support for Intel Lightning Peak devices (Loic Poulain) [Orabug: 30244627] {CVE-2019-10207} - Bluetooth: hci_uart: Add new line discipline enhancements (Ilya Faenson) [Orabug: 30244627] {CVE-2019-10207} - Bluetooth: hci_uart: Support operational speed during setup (Frederic Danis) [Orabug: 30244627] {CVE-2019-10207} [4.1.12-124.56.2.el6uek] - btrfs: fix return value mixup in btrfs_get_extent (Pavel Machek) [Orabug: 31864610] {CVE-2019-19813} - btrfs: inode: Verify inode mode to avoid NULL pointer dereference (Qu Wenruo) [Orabug: 31864610] {CVE-2019-19813} - net: create skb_gso_validate_mac_len() (Daniel Axtens) [Orabug: 28094432] {CVE-2018-1000026} - bnx2x: disable GSO where gso_size is too big for hardware (Daniel Axtens) [Orabug: 28094432] {CVE-2018-1000026} - Bluetooth: fix the erroneous flush_work() order (Lin Ma) [Orabug: 33014035] {CVE-2021-3564} {CVE-2021-3564} - l2tp: Avoid schedule while atomic in exit_net (Ridge Kennedy) [Orabug: 33360013] - l2tp: remove skb_dst_set() from l2tp_xmit_skb() (Xin Long) [Orabug: 33360013] - dtrace: remove unused variables (John Donnelly) [Orabug: 33387203] - scsi: treat lun as 64-bit in scsi_report_lun_scan() error message (Henry Willard) [Orabug: 33387203] _______________________________________________ El-errata mailing list
Nov 02, 2021
•Critical
Oracle
99
security advisorysecurity issuekernel updateSlackware 14.2: 2019-202-01 Critical: Kernel Security Update
New kernel packages are available for Slackware 14.2 to fix security issues. . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] Slackware 14.2 kernel (SSA:2019-202-01) New kernel packages are available for Slackware 14.2 to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/linux-4.4.182/*: Upgraded. These updates fix various bugs and many minor security issues. Be sure to upgrade your initrd after upgrading the kernel packages. If you use lilo to boot your machine, be sure lilo.conf points to the correct kernel and initrd and run lilo as root to update the bootloader. If you use elilo to boot your machine, you should run eliloconfig to copy the kernel and initrd to the EFI System Partition. For more information, see: Fixed in 4.4.183: https://www.cve.org/CVERecord?id=CVE-2019-11599 https://www.cve.org/CVERecord?id=CVE-2019-3892 Fixed in 4.4.185: https://www.cve.org/CVERecord?id=CVE-2019-13272 https://www.cve.org/CVERecord?id=CVE-2018-16597 Fixed in 4.4.186: https://www.cve.org/CVERecord?id=CVE-2019-10126 https://www.cve.org/CVERecord?id=CVE-2019-3846 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (https://osuosl.org/) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you. Updated packages for Slackware 14.2: Updated packages for Slackware x86_64 14.2: MD5 signatures: +-------------+ Slackware 14.2 packages: 01138ebc336b6e6d692697570bb32920 kernel-firmware-20190717_bf13a71-noarch-1.txz d7e0b9ffdc4265b45d4de39d49d52616 kernel-generic-4.4.186-i586-1.txz c1131f8dd16f7113cc8b1e14c402a9b7 kernel-generic-smp-4.4.186_smp-i686-1.txz ca4630c4ee7056c51f3262152bfb9213 kernel-headers-4.4.186_smp-x86-1.txz 61b95e68756fe9741ddbdc52f397fe49 kernel-huge-4.4.186-i586-1.txz ff981138513726a502d57f9e2aecad36 kernel-huge-smp-4.4.186_smp-i686-1.txz ca8f6fb5fc378d16e5afcee31dd032dc kernel-modules-4.4.186-i586-1.txz 25fc2f1280f1a706705ef4535f4efd1c kernel-modules-smp-4.4.186_smp-i686-1.txz 2d299723d6f910df1e8c21d18070b9ef kernel-source-4.4.186_smp-noarch-1.txz Slackware x86_64 14.2 packages: 01138ebc336b6e6d692697570bb32920 kernel-firmware-20190717_bf13a71-noarch-1.txz 80caffb238022225afe93b957fecbff2 kernel-generic-4.4.186-x86_64-1.txz f72e4543e3489d18604f33a901e04551 kernel-headers-4.4.186-x86-1.txz 0765db332a94cfedcacd987871903e56 kernel-huge-4.4.186-x86_64-1.txz 8d565a7b223b9444731796e6147116eb kernel-modules-4.4.186-x86_64-1.txz 0254fdbb4430362ea373b47584d8eb30 kernel-source-4.4.186-noarch-1.txz Installation instructions: +------------------------+ Upgrade the packages as root: # upgradepkg kernel-*.txz If you are using an initrd, you'll need to rebuild it. For a 32-bit SMP machine, use this command (substitute the appropriate kernel version if you are not running Slackware 14.2): # /usr/share/mkinitrd/mkinitrd_command_generator.sh -k 4.4.186-smp | bash For a 64-bit machine, or a 32-bit uniprocessor machine, use this command (substitute the appropriate kernel version if you are not running Slackware 14.2): # /usr/share/mkinitrd/mkinitrd_command_generator.sh -k 4.4.186 | bash Please note that "uniprocessor" has to do with the kernel you are running, not with the CPU. Most systems should run the SMP kernel (if they can) regardless of the number of cores the CPU has. If you aren't sure which kernel you are running, run "uname -a". If you see SMP there, you are running the SMP kernel and should use the 4.4.186-smp version when running mkinitrd_command_generator. Note that this is only for 32-bit -- 64-bit systems should always use 4.4.186 as the version. If you are using lilo or elilo to boot the machine, you'll need to ensure that the machine is properly preparedbefore rebooting. If using LILO: By default, lilo.conf contains an image= line that references a symlink that always points to the correct kernel. No editing should be required unless your machine uses a custom lilo.conf. If that is the case, be sure that the image= line references the correct kernel file. Either way, you'll need to run "lilo" as root to reinstall the boot loader. If using elilo: Ensure that the /boot/vmlinuz symlink is pointing to the kernel you wish to use, and then run eliloconfig to update the EFI System Partition. +-----+ . Kernel updates for Slackware 14.2 have been released to address urgent security vulnerabilities, guaranteeing that your system remains secure and up to date.. Kernel Update, Slackware 14.2, Security Fix, Security Update, Package Upgrade. . Severity: Critical. LinuxSecurity.com Team
Jul 22, 2019
•Critical
Slackware
198
security advisoryprivilege escalationmedium severityArch Linux: ASA-201701-32 Medium Risk of Privilege Escalation in Kernel
The package linux before version 4.9.5-1 is vulnerable to privilege escalation. . Arch Linux Security Advisory ASA-201701-32 ========================================= Severity: Medium Date : 2017-01-27 CVE-ID : CVE-2017-2583 Package : linux Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-149 Summary ====== The package linux before version 4.9.5-1 is vulnerable to privilege escalation. Resolution ========= Upgrade to 4.9.5-1. # pacman -Syu "linux> =4.9.5-1" The problem has been fixed upstream in version 4.9.5. Workaround ========= None. Description ========== The Linux kernel > 3.6-rc1, when built with Kernel-based Virtual Machine (CONFIG_KVM) support, is vulnerable to an incorrect segment selector (SS) value error. It could occur loading values into SS register in long mode. A user/process inside a guest host could use this flaw to crash the guest, resulting in denial of service, or potentially escalate their privileges inside the guest system on an AMD processor. Impact ===== A local attacker in a guest host is able to crash the system or escalate privileges inside the guest on an AMD processor. References ========= https://seclists.org/oss-sec/2017/q1/137 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/ https://security.archlinux.org/CVE-2017-2583 . Arch Linux Advisory ASA-202303-10: low severity security flaw discovered necessitates updating glibc package.. Arch Linux, Privilege Escalation, Linux Kernel. . Severity: Medium. LinuxSecurity.com Team
Jan 27, 2017
•Medium
ArchLinux
98
security advisorysecurity updatered hatRed Hat: RHSA-2015:0674-01 Important: Kernel Security and Bug Fix
Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security [More...]. ==================================================================== Red Hat Security Advisory Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2015:0674-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2015:0674.html Issue date: 2015-03-11 CVE Names: CVE-2014-7822 CVE-2014-8159 CVE-2014-8160 CVE-2014-8369 ==================================================================== 1. Summary: Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - noarch, x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, noarch, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. * It was found that the Linux kernel's Infiniband subsystem did not properly sanitize input parameters while registering memory regions from user space via the (u)verbs API. A local user with access to a /dev/infiniband/uverbsXdevice could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-8159, Important) * A flaw was found in the way the Linux kernel's splice() system call validated its parameters. On certain file systems, a local, unprivileged user could use this flaw to write past the maximum file size, and thus crash the system. (CVE-2014-7822, Moderate) * A flaw was found in the way the Linux kernel's netfilter subsystem handled generic protocol tracking. As demonstrated in the Stream Control Transmission Protocol (SCTP) case, a remote attacker could use this flaw to bypass intended iptables rule restrictions when the associated connection tracking module was not loaded on the system. (CVE-2014-8160, Moderate) * It was found that the fix for CVE-2014-3601 was incomplete: the Linux kernel's kvm_iommu_map_pages() function still handled IOMMU mapping failures incorrectly. A privileged user in a guest with an assigned host device could use this flaw to crash the host. (CVE-2014-8369, Moderate) Red Hat would like to thank Mellanox for reporting CVE-2014-8159, and Akira Fujita of NEC for reporting CVE-2014-7822. Bug fixes: * The maximum amount of entries in the IPv6 route table (net.ipv6.route.max_size) was 4096, and every route towards this maximum size limit was counted. Communication to more systems was impossible when the limit was exceeded. Now, only cached routes are counted, which guarantees that the kernel does not run out of memory, but the user can now install as many routes as the memory allows until the kernel indicates it can no longer handle the amount of memory and returns an error message. In addition, the default "net.ipv6.route.max_size" value has been increased to 16384 for performance improvement reasons. (BZ#1177581) * When the user attempted to scan for an FCOE-served Logical Unit Number (LUN), after an initial LUN scan, a kernel panic occurred in bnx2fc_init_task. System scanning for LUNs is now stable after LUNs have been added. (BZ#1179098) * Undercertain conditions, such as when attempting to scan the network for LUNs, a race condition in the bnx2fc driver could trigger a kernel panic in bnx2fc_init_task. A patch fixing a locking issue that caused the race condition has been applied, and scanning the network for LUNs no longer leads to a kernel panic. (BZ#1179098) * Previously, it was not possible to boot the kernel on Xen hypervisor in PVHVM mode if more than 32 vCPUs were specified in the guest configuration. Support for more than 32 vCPUs has been added, and the kernel now boots successfully in the described situation. (BZ#1179343) * When the NVMe driver allocated a namespace queue, it indicated that it was a request-based driver when it was actually a block I/O-based driver. Consequently, when NVMe driver was loaded along with a request-based dm device, the system could terminate unexpectedly or become unresponsive when attempting to access data. The NVMe driver no longer sets the QUEUE_FLAG_STACKABLE bit when allocating a namespace queue and device-mapper no longer perceives NVMe driver as request-based; system hangs or crashes no longer occur. (BZ#1180555) * If a user attempted to apply an NVRAM firmware update when running the tg3 module provided with Red Hat Enterprise Linux 6.6 kernels, the update could fail. As a consequence, the Network Interface Card (NIC) could stay in an unusable state and this could prevent the entire system from booting. The tg3 module has been updated to correctly apply firmware updates. (BZ#1182903) * Support for key sizes of 256 and 192 bits has been added to AES-NI. (BZ#1184332) 4. Solution: All kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect. Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed(https://bugzilla.redhat.com/): 1156518 - CVE-2014-8369 kernel: kvm: excessive pages un-pinning in kvm_iommu_map error path 1163792 - CVE-2014-7822 kernel: splice: lack of generic write checks 1181166 - CVE-2014-8159 kernel: infiniband: uverbs: unprotected physical memory access 1182059 - CVE-2014-8160 kernel: iptables restriction bypass if a protocol handler kernel module not loaded 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: kernel-2.6.32-504.12.2.el6.src.rpm i386: kernel-2.6.32-504.12.2.el6.i686.rpm kernel-debug-2.6.32-504.12.2.el6.i686.rpm kernel-debug-debuginfo-2.6.32-504.12.2.el6.i686.rpm kernel-debug-devel-2.6.32-504.12.2.el6.i686.rpm kernel-debuginfo-2.6.32-504.12.2.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-504.12.2.el6.i686.rpm kernel-devel-2.6.32-504.12.2.el6.i686.rpm kernel-headers-2.6.32-504.12.2.el6.i686.rpm perf-2.6.32-504.12.2.el6.i686.rpm perf-debuginfo-2.6.32-504.12.2.el6.i686.rpm python-perf-debuginfo-2.6.32-504.12.2.el6.i686.rpm noarch: kernel-abi-whitelists-2.6.32-504.12.2.el6.noarch.rpm kernel-doc-2.6.32-504.12.2.el6.noarch.rpm kernel-firmware-2.6.32-504.12.2.el6.noarch.rpm x86_64: kernel-2.6.32-504.12.2.el6.x86_64.rpm kernel-debug-2.6.32-504.12.2.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-504.12.2.el6.x86_64.rpm kernel-debug-devel-2.6.32-504.12.2.el6.x86_64.rpm kernel-debuginfo-2.6.32-504.12.2.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-504.12.2.el6.x86_64.rpm kernel-devel-2.6.32-504.12.2.el6.x86_64.rpm kernel-headers-2.6.32-504.12.2.el6.x86_64.rpm perf-2.6.32-504.12.2.el6.x86_64.rpm perf-debuginfo-2.6.32-504.12.2.el6.x86_64.rpm python-perf-debuginfo-2.6.32-504.12.2.el6.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v.6): i386: kernel-debug-debuginfo-2.6.32-504.12.2.el6.i686.rpm kernel-debuginfo-2.6.32-504.12.2.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-504.12.2.el6.i686.rpm perf-debuginfo-2.6.32-504.12.2.el6.i686.rpm python-perf-2.6.32-504.12.2.el6.i686.rpm python-perf-debuginfo-2.6.32-504.12.2.el6.i686.rpm x86_64: kernel-debug-debuginfo-2.6.32-504.12.2.el6.x86_64.rpm kernel-debuginfo-2.6.32-504.12.2.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-504.12.2.el6.x86_64.rpm perf-debuginfo-2.6.32-504.12.2.el6.x86_64.rpm python-perf-2.6.32-504.12.2.el6.x86_64.rpm python-perf-debuginfo-2.6.32-504.12.2.el6.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: kernel-2.6.32-504.12.2.el6.src.rpm noarch: kernel-abi-whitelists-2.6.32-504.12.2.el6.noarch.rpm kernel-doc-2.6.32-504.12.2.el6.noarch.rpm kernel-firmware-2.6.32-504.12.2.el6.noarch.rpm x86_64: kernel-2.6.32-504.12.2.el6.x86_64.rpm kernel-debug-2.6.32-504.12.2.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-504.12.2.el6.x86_64.rpm kernel-debug-devel-2.6.32-504.12.2.el6.x86_64.rpm kernel-debuginfo-2.6.32-504.12.2.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-504.12.2.el6.x86_64.rpm kernel-devel-2.6.32-504.12.2.el6.x86_64.rpm kernel-headers-2.6.32-504.12.2.el6.x86_64.rpm perf-2.6.32-504.12.2.el6.x86_64.rpm perf-debuginfo-2.6.32-504.12.2.el6.x86_64.rpm python-perf-debuginfo-2.6.32-504.12.2.el6.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): x86_64: kernel-debug-debuginfo-2.6.32-504.12.2.el6.x86_64.rpm kernel-debuginfo-2.6.32-504.12.2.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-504.12.2.el6.x86_64.rpm perf-debuginfo-2.6.32-504.12.2.el6.x86_64.rpm python-perf-2.6.32-504.12.2.el6.x86_64.rpm python-perf-debuginfo-2.6.32-504.12.2.el6.x86_64.rpm Red Hat Enterprise Linux Server (v.6): Source: kernel-2.6.32-504.12.2.el6.src.rpm i386: kernel-2.6.32-504.12.2.el6.i686.rpm kernel-debug-2.6.32-504.12.2.el6.i686.rpm kernel-debug-debuginfo-2.6.32-504.12.2.el6.i686.rpm kernel-debug-devel-2.6.32-504.12.2.el6.i686.rpm kernel-debuginfo-2.6.32-504.12.2.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-504.12.2.el6.i686.rpm kernel-devel-2.6.32-504.12.2.el6.i686.rpm kernel-headers-2.6.32-504.12.2.el6.i686.rpm perf-2.6.32-504.12.2.el6.i686.rpm perf-debuginfo-2.6.32-504.12.2.el6.i686.rpm python-perf-debuginfo-2.6.32-504.12.2.el6.i686.rpm noarch: kernel-abi-whitelists-2.6.32-504.12.2.el6.noarch.rpm kernel-doc-2.6.32-504.12.2.el6.noarch.rpm kernel-firmware-2.6.32-504.12.2.el6.noarch.rpm ppc64: kernel-2.6.32-504.12.2.el6.ppc64.rpm kernel-bootwrapper-2.6.32-504.12.2.el6.ppc64.rpm kernel-debug-2.6.32-504.12.2.el6.ppc64.rpm kernel-debug-debuginfo-2.6.32-504.12.2.el6.ppc64.rpm kernel-debug-devel-2.6.32-504.12.2.el6.ppc64.rpm kernel-debuginfo-2.6.32-504.12.2.el6.ppc64.rpm kernel-debuginfo-common-ppc64-2.6.32-504.12.2.el6.ppc64.rpm kernel-devel-2.6.32-504.12.2.el6.ppc64.rpm kernel-headers-2.6.32-504.12.2.el6.ppc64.rpm perf-2.6.32-504.12.2.el6.ppc64.rpm perf-debuginfo-2.6.32-504.12.2.el6.ppc64.rpm python-perf-debuginfo-2.6.32-504.12.2.el6.ppc64.rpm s390x: kernel-2.6.32-504.12.2.el6.s390x.rpm kernel-debug-2.6.32-504.12.2.el6.s390x.rpm kernel-debug-debuginfo-2.6.32-504.12.2.el6.s390x.rpm kernel-debug-devel-2.6.32-504.12.2.el6.s390x.rpm kernel-debuginfo-2.6.32-504.12.2.el6.s390x.rpm kernel-debuginfo-common-s390x-2.6.32-504.12.2.el6.s390x.rpm kernel-devel-2.6.32-504.12.2.el6.s390x.rpm kernel-headers-2.6.32-504.12.2.el6.s390x.rpm kernel-kdump-2.6.32-504.12.2.el6.s390x.rpm kernel-kdump-debuginfo-2.6.32-504.12.2.el6.s390x.rpm kernel-kdump-devel-2.6.32-504.12.2.el6.s390x.rpm perf-2.6.32-504.12.2.el6.s390x.rpm perf-debuginfo-2.6.32-504.12.2.el6.s390x.rpm python-perf-debuginfo-2.6.32-504.12.2.el6.s390x.rpm x86_64: kernel-2.6.32-504.12.2.el6.x86_64.rpm kernel-debug-2.6.32-504.12.2.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-504.12.2.el6.x86_64.rpm kernel-debug-devel-2.6.32-504.12.2.el6.x86_64.rpm kernel-debuginfo-2.6.32-504.12.2.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-504.12.2.el6.x86_64.rpm kernel-devel-2.6.32-504.12.2.el6.x86_64.rpm kernel-headers-2.6.32-504.12.2.el6.x86_64.rpm perf-2.6.32-504.12.2.el6.x86_64.rpm perf-debuginfo-2.6.32-504.12.2.el6.x86_64.rpm python-perf-debuginfo-2.6.32-504.12.2.el6.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): i386: kernel-debug-debuginfo-2.6.32-504.12.2.el6.i686.rpm kernel-debuginfo-2.6.32-504.12.2.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-504.12.2.el6.i686.rpm perf-debuginfo-2.6.32-504.12.2.el6.i686.rpm python-perf-2.6.32-504.12.2.el6.i686.rpm python-perf-debuginfo-2.6.32-504.12.2.el6.i686.rpm ppc64: kernel-debug-debuginfo-2.6.32-504.12.2.el6.ppc64.rpm kernel-debuginfo-2.6.32-504.12.2.el6.ppc64.rpm kernel-debuginfo-common-ppc64-2.6.32-504.12.2.el6.ppc64.rpm perf-debuginfo-2.6.32-504.12.2.el6.ppc64.rpm python-perf-2.6.32-504.12.2.el6.ppc64.rpm python-perf-debuginfo-2.6.32-504.12.2.el6.ppc64.rpm s390x: kernel-debug-debuginfo-2.6.32-504.12.2.el6.s390x.rpm kernel-debuginfo-2.6.32-504.12.2.el6.s390x.rpm kernel-debuginfo-common-s390x-2.6.32-504.12.2.el6.s390x.rpm kernel-kdump-debuginfo-2.6.32-504.12.2.el6.s390x.rpm perf-debuginfo-2.6.32-504.12.2.el6.s390x.rpm python-perf-2.6.32-504.12.2.el6.s390x.rpm python-perf-debuginfo-2.6.32-504.12.2.el6.s390x.rpm x86_64: kernel-debug-debuginfo-2.6.32-504.12.2.el6.x86_64.rpm kernel-debuginfo-2.6.32-504.12.2.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-504.12.2.el6.x86_64.rpm perf-debuginfo-2.6.32-504.12.2.el6.x86_64.rpm python-perf-2.6.32-504.12.2.el6.x86_64.rpm python-perf-debuginfo-2.6.32-504.12.2.el6.x86_64.rpm Red Hat Enterprise Linux Workstation (v.6): Source: kernel-2.6.32-504.12.2.el6.src.rpm i386: kernel-2.6.32-504.12.2.el6.i686.rpm kernel-debug-2.6.32-504.12.2.el6.i686.rpm kernel-debug-debuginfo-2.6.32-504.12.2.el6.i686.rpm kernel-debug-devel-2.6.32-504.12.2.el6.i686.rpm kernel-debuginfo-2.6.32-504.12.2.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-504.12.2.el6.i686.rpm kernel-devel-2.6.32-504.12.2.el6.i686.rpm kernel-headers-2.6.32-504.12.2.el6.i686.rpm perf-2.6.32-504.12.2.el6.i686.rpm perf-debuginfo-2.6.32-504.12.2.el6.i686.rpm python-perf-debuginfo-2.6.32-504.12.2.el6.i686.rpm noarch: kernel-abi-whitelists-2.6.32-504.12.2.el6.noarch.rpm kernel-doc-2.6.32-504.12.2.el6.noarch.rpm kernel-firmware-2.6.32-504.12.2.el6.noarch.rpm x86_64: kernel-2.6.32-504.12.2.el6.x86_64.rpm kernel-debug-2.6.32-504.12.2.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-504.12.2.el6.x86_64.rpm kernel-debug-devel-2.6.32-504.12.2.el6.x86_64.rpm kernel-debuginfo-2.6.32-504.12.2.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-504.12.2.el6.x86_64.rpm kernel-devel-2.6.32-504.12.2.el6.x86_64.rpm kernel-headers-2.6.32-504.12.2.el6.x86_64.rpm perf-2.6.32-504.12.2.el6.x86_64.rpm perf-debuginfo-2.6.32-504.12.2.el6.x86_64.rpm python-perf-debuginfo-2.6.32-504.12.2.el6.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): i386: kernel-debug-debuginfo-2.6.32-504.12.2.el6.i686.rpm kernel-debuginfo-2.6.32-504.12.2.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-504.12.2.el6.i686.rpm perf-debuginfo-2.6.32-504.12.2.el6.i686.rpm python-perf-2.6.32-504.12.2.el6.i686.rpm python-perf-debuginfo-2.6.32-504.12.2.el6.i686.rpm x86_64: kernel-debug-debuginfo-2.6.32-504.12.2.el6.x86_64.rpm kernel-debuginfo-2.6.32-504.12.2.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-504.12.2.el6.x86_64.rpm perf-debuginfo-2.6.32-504.12.2.el6.x86_64.rpm python-perf-2.6.32-504.12.2.el6.x86_64.rpm python-perf-debuginfo-2.6.32-504.12.2.el6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are availablefrom https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2014-7822 https://access.redhat.com/security/cve/CVE-2014-8159 https://access.redhat.com/security/cve/CVE-2014-8160 https://access.redhat.com/security/cve/CVE-2014-8369 https://access.redhat.com/security/updates/classification#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2015 Red Hat, Inc. . A kernel revision for Red Hat Enterprise Linux 6 enhances security measures and resolves issues classified as significant by Red Hat.. Kernel Update, Red Hat Advisory, Security Updates, Package Upgrade. . Severity: Important. LinuxSecurity.com Team
Mar 11, 2015
•Important
Red Hat
217
security advisorysecurity issuekernel updateOracle Linux 5 ELSA-2012-1445 Low Severity Kernel Update
The following updated rpms for Oracle Linux 5 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2012-1445 https://access.redhat.com/errata/RHSA-2012:1445.html The following updated rpms for Oracle Linux 5 have been uploaded to the Unbreakable Linux Network: i386: kernel-2.6.18-308.20.1.el5.i686.rpm kernel-PAE-2.6.18-308.20.1.el5.i686.rpm kernel-PAE-devel-2.6.18-308.20.1.el5.i686.rpm kernel-debug-2.6.18-308.20.1.el5.i686.rpm kernel-debug-devel-2.6.18-308.20.1.el5.i686.rpm kernel-devel-2.6.18-308.20.1.el5.i686.rpm kernel-doc-2.6.18-308.20.1.el5.noarch.rpm kernel-headers-2.6.18-308.20.1.el5.i386.rpm kernel-xen-2.6.18-308.20.1.el5.i686.rpm kernel-xen-devel-2.6.18-308.20.1.el5.i686.rpm x86_64: kernel-2.6.18-308.20.1.el5.x86_64.rpm kernel-debug-2.6.18-308.20.1.el5.x86_64.rpm kernel-debug-devel-2.6.18-308.20.1.el5.x86_64.rpm kernel-devel-2.6.18-308.20.1.el5.x86_64.rpm kernel-doc-2.6.18-308.20.1.el5.noarch.rpm kernel-headers-2.6.18-308.20.1.el5.x86_64.rpm kernel-xen-2.6.18-308.20.1.el5.x86_64.rpm kernel-xen-devel-2.6.18-308.20.1.el5.x86_64.rpm ia64: kernel-2.6.18-308.20.1.el5.ia64.rpm kernel-debug-2.6.18-308.20.1.el5.ia64.rpm kernel-debug-devel-2.6.18-308.20.1.el5.ia64.rpm kernel-devel-2.6.18-308.20.1.el5.ia64.rpm kernel-doc-2.6.18-308.20.1.el5.noarch.rpm kernel-headers-2.6.18-308.20.1.el5.ia64.rpm kernel-xen-2.6.18-308.20.1.el5.ia64.rpm kernel-xen-devel-2.6.18-308.20.1.el5.ia64.rpm SRPMS: https://oss.oracle.com:443/ol5/SRPMS-updates/kernel-2.6.18-308.20.1.el5.src.rpm The following packages were rebuilt to be in sync with the updated kernel version (no changes other than updating the versionnumber): i386: oracleasm-2.6.18-308.20.1.el5-2.0.5-1.el5.i686.rpm oracleasm-2.6.18-308.20.1.el5PAE-2.0.5-1.el5.i686.rpm oracleasm-2.6.18-308.20.1.el5xen-2.0.5-1.el5.i686.rpm oracleasm-2.6.18-308.20.1.el5debug-2.0.5-1.el5.i686.rpm ocfs2-2.6.18-308.20.1.el5-1.4.10-1.el5.i686.rpm ocfs2-2.6.18-308.20.1.el5PAE-1.4.10-1.el5.i686.rpm ocfs2-2.6.18-308.20.1.el5xen-1.4.10-1.el5.i686.rpm ocfs2-2.6.18-308.20.1.el5debug-1.4.10-1.el5.i686.rpm x86_64: oracleasm-2.6.18-308.20.1.el5-2.0.5-1.el5.x86_64.rpm oracleasm-2.6.18-308.20.1.el5xen-2.0.5-1.el5.x86_64.rpm oracleasm-2.6.18-308.20.1.el5debug-2.0.5-1.el5.x86_64.rpm ocfs2-2.6.18-308.20.1.el5-1.4.10-1.el5.x86_64.rpm ocfs2-2.6.18-308.20.1.el5xen-1.4.10-1.el5.x86_64.rpm ocfs2-2.6.18-308.20.1.el5debug-1.4.10-1.el5.x86_64.rpm ia64: oracleasm-2.6.18-308.20.1.el5-2.0.5-1.el5.ia64.rpm oracleasm-2.6.18-308.20.1.el5xen-2.0.5-1.el5.ia64.rpm oracleasm-2.6.18-308.20.1.el5debug-2.0.5-1.el5.ia64.rpm ocfs2-2.6.18-308.20.1.el5-1.4.10-1.el5.ia64.rpm ocfs2-2.6.18-308.20.1.el5xen-1.4.10-1.el5.ia64.rpm ocfs2-2.6.18-308.20.1.el5debug-1.4.10-1.el5.ia64.rpm SRPMS: https://oss.oracle.com:443/el5/SRPMS-updates/oracleasm-2.6.18-308.20.1.el5-2.0.5-1.el5.src.rpm https://oss.oracle.com:443/el5/SRPMS-updates/ocfs2-2.6.18-308.20.1.el5-1.4.10-1.el5.src.rpm Description of changes: [2.6.18-308.20.1.el5] - Revert: [x86] mm: randomize SHLIB_BASE (Dave Anderson) [804953 804954] {CVE-2012-1568} [2.6.18-308.19.1.el5] - [net] be2net: Remove code that stops further access to BE NIC based on UE bits (Alexander Gordeev) [867896 862811] - [net] netpoll: fix an incorrect check for NULL pointer (Alexander Gordeev) [856079 848098] - [net] mlx4: Add support for EEH error recovery (Alexander Gordeev) [847404 798048] - [fs] ext4: fix undefined bit shift result in ext4_fill_flex_info (Eric Sandeen) [809688 809689] {CVE-2012-2100} - [fs] ext4: fix undefined behavior in ext4_fill_flex_info (Eric Sandeen) [809688 809689] {CVE-2012-2100} - [fs] fix crash if block {device|size} read & changed at sametime (MikulasPatocka) [864823 756506] - [x86] mm: randomize SHLIB_BASE (Dave Anderson) [804953 804954] {CVE-2012-1568} - [net] ipv6: Fix fib6_dump_table walker leak (Jiri Benc) [861387 819830] - [fs] cifs: update cifs_dfs_d_automount caller path (Sachin Prabhu) [858774 857448] - [xen] x86: change the default behaviour of CVE-2012-2934 fix (Petr Matousek) [859946 858724] - [net] ipvs: allow transmit of GRO aggregated skbs (Jesper Brouer) [857966 854067] - [scsi] isci: fixup linkspeed definitions (David Milburn) [854986 833000] - [fs] nfs: nfs_d_automount update caller path after do_add_mount (Carlos Maiolino) [857552 834379] - [fs] vfs: Fix vfsmount overput on simultaneous automount (Carlos Maiolino) [857552 834379] [2.6.18-308.18.1.el5] - [fs] autofs4: Merge the remaining dentry ops tables (Ian Kent) [857558 850977] [2.6.18-308.17.1.el5] - [fs] cifs: Invalidate file cache in case of posix open (Sachin Prabhu) [857964 852526] . Oracle Linux Security Advisory ELSA-2012-1446 introduces critical patches for the kernel to mitigate minor vulnerability concerns.. Oracle Linux,Kernels,Security Update,Kernel Vulnerability,Patch Management. . Severity: Low. LinuxSecurity.com Team
Nov 15, 2012
•Low
Oracle
98
security advisorysecurity updateRed Hat Enterprise LinuxRed Hat 6.1 EUS RHSA-2012:0116-01 Moderate: Kernel Security Flaws
Updated kernel packages that fix various security issues and several bugs are now available for Red Hat Enterprise Linux 6.1 Extended Update Support. The Red Hat Security Response Team has rated this update as having moderate [More...]. ==================================================================== Red Hat Security Advisory Synopsis: Moderate: kernel security and bug fix update Advisory ID: RHSA-2012:0116-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2012:0116.html Issue date: 2012-02-14 CVE Names: CVE-2011-1020 CVE-2011-3347 CVE-2011-3637 CVE-2011-3638 CVE-2011-4110 ==================================================================== 1. Summary: Updated kernel packages that fix various security issues and several bugs are now available for Red Hat Enterprise Linux 6.1 Extended Update Support. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Server EUS (v. 6.1) - i386, noarch, ppc64, s390x, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: * The proc file system could allow a local, unprivileged user to obtain sensitive information or possibly cause integrity issues. (CVE-2011-1020, Moderate) * Non-member VLAN (virtual LAN) packet handling for interfaces in promiscuous mode and also using the be2net driver could allow an attacker on the local network to cause a denial of service. (CVE-2011-3347, Moderate) * A missing validation flaw was found in the Linux kernel's m_stop() implementation. A local, unprivileged user could use this flaw to trigger a denial of service. (CVE-2011-3637,Moderate) * A flaw was found in the Linux kernel in the way splitting two extents in ext4_ext_convert_to_initialized() worked. A local, unprivileged user with the ability to mount and unmount ext4 file systems could use this flaw to cause a denial of service. (CVE-2011-3638, Moderate) * A NULL pointer dereference flaw was found in the way the Linux kernel's key management facility handled user-defined key types. A local, unprivileged user could use the keyctl utility to cause a denial of service. (CVE-2011-4110, Moderate) Red Hat would like to thank Kees Cook for reporting CVE-2011-1020; Somnath Kotur for reporting CVE-2011-3347; and Zheng Liu for reporting CVE-2011-3638. This update also fixes several bugs. Documentation for these changes will be available shortly from the Technical Notes document linked to in the References section. Users should upgrade to these updated packages, which contain backported patches to correct these issues, and fix the bugs noted in the Technical Notes. The system must be rebooted for this update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/kb/docs/DOC-11259 To install kernel packages manually, use "rpm -ivh [package]". Do not use "rpm -Uvh" as that will remove the running kernel binaries from your system. You may use "rpm -e" to remove old kernels after determining that the new kernel functions properly on your system. 5. Bugs fixed (http://bugzilla.redhat.com/): 680358 - CVE-2011-1020 kernel: no access restrictions of /proc/pid/* after setuid program exec 736425 - CVE-2011-3347 kernel: be2net: promiscuous mode and non-member VLAN packets DoS 747848 - CVE-2011-3637 kernel: proc: fix oops on invalid /proc/ /maps access 747942 - CVE-2011-3638 kernel: ext4: ext4_ext_insert_extent() kernel oops 751297 - CVE-2011-4110 kernel:keys: NULL pointer deref in the user-defined key type 6. Package List: Red Hat Enterprise Linux Server EUS (v.6.1): Source: kernel-2.6.32-131.25.1.el6.src.rpm i386: kernel-2.6.32-131.25.1.el6.i686.rpm kernel-debug-2.6.32-131.25.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-131.25.1.el6.i686.rpm kernel-debug-devel-2.6.32-131.25.1.el6.i686.rpm kernel-debuginfo-2.6.32-131.25.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-131.25.1.el6.i686.rpm kernel-devel-2.6.32-131.25.1.el6.i686.rpm kernel-headers-2.6.32-131.25.1.el6.i686.rpm perf-2.6.32-131.25.1.el6.i686.rpm perf-debuginfo-2.6.32-131.25.1.el6.i686.rpm noarch: kernel-doc-2.6.32-131.25.1.el6.noarch.rpm kernel-firmware-2.6.32-131.25.1.el6.noarch.rpm ppc64: kernel-2.6.32-131.25.1.el6.ppc64.rpm kernel-bootwrapper-2.6.32-131.25.1.el6.ppc64.rpm kernel-debug-2.6.32-131.25.1.el6.ppc64.rpm kernel-debug-debuginfo-2.6.32-131.25.1.el6.ppc64.rpm kernel-debug-devel-2.6.32-131.25.1.el6.ppc64.rpm kernel-debuginfo-2.6.32-131.25.1.el6.ppc64.rpm kernel-debuginfo-common-ppc64-2.6.32-131.25.1.el6.ppc64.rpm kernel-devel-2.6.32-131.25.1.el6.ppc64.rpm kernel-headers-2.6.32-131.25.1.el6.ppc64.rpm perf-2.6.32-131.25.1.el6.ppc64.rpm perf-debuginfo-2.6.32-131.25.1.el6.ppc64.rpm s390x: kernel-2.6.32-131.25.1.el6.s390x.rpm kernel-debug-2.6.32-131.25.1.el6.s390x.rpm kernel-debug-debuginfo-2.6.32-131.25.1.el6.s390x.rpm kernel-debug-devel-2.6.32-131.25.1.el6.s390x.rpm kernel-debuginfo-2.6.32-131.25.1.el6.s390x.rpm kernel-debuginfo-common-s390x-2.6.32-131.25.1.el6.s390x.rpm kernel-devel-2.6.32-131.25.1.el6.s390x.rpm kernel-headers-2.6.32-131.25.1.el6.s390x.rpm kernel-kdump-2.6.32-131.25.1.el6.s390x.rpm kernel-kdump-debuginfo-2.6.32-131.25.1.el6.s390x.rpm kernel-kdump-devel-2.6.32-131.25.1.el6.s390x.rpm perf-2.6.32-131.25.1.el6.s390x.rpm perf-debuginfo-2.6.32-131.25.1.el6.s390x.rpm x86_64: kernel-2.6.32-131.25.1.el6.x86_64.rpm kernel-debug-2.6.32-131.25.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-131.25.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-131.25.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-131.25.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-131.25.1.el6.x86_64.rpm kernel-devel-2.6.32-131.25.1.el6.x86_64.rpm kernel-headers-2.6.32-131.25.1.el6.x86_64.rpm perf-2.6.32-131.25.1.el6.x86_64.rpm perf-debuginfo-2.6.32-131.25.1.el6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package 7. References: https://access.redhat.com/security/cve/CVE-2011-1020 https://access.redhat.com/security/cve/CVE-2011-3347 https://access.redhat.com/security/cve/CVE-2011-3637 https://access.redhat.com/security/cve/CVE-2011-3638 https://access.redhat.com/security/cve/CVE-2011-4110 https://access.redhat.com/security/updates/classification#moderate https://access.redhat.com/search/ 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2012 Red Hat, Inc. . The latest kernel revision addresses multiple vulnerabilities and minor bugs in Red Hat Enterprise Linux 6.1 EUS, classified as moderate.. Linux Kernel Update, Red Hat Security Advisory, EUS Bug Fix, System Security Update. . LinuxSecurity.com Team
Feb 14, 2012
Red Hat
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!