Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -6 articles for you...
200
security advisorybuffer overflowkernel updateScientific Linux 7 SLSA-2021-0856-1 Important Security Issues
kernel: Local buffer overflow in ctnetlink_parse_tuple_filter in net/netfilter/nf_conntrack_netlink.c (CVE-2020-25211) * kernel: SCSI target (LIO) write to any block on ILO backstore (CVE-2020-28374) * kernel: locking issue in drivers/tty/tty_jobctrl.c can lead to an use- after-free (CVE-2020-29661) * kernel: malicious USB devices can lead to multiple out-of-bounds write (CVE-2019-19532) [More...]. Synopsis: Important: kernel security and bug fix update Advisory ID: SLSA-2021:0856-1 Issue Date: 2021-03-16 CVE Numbers: CVE-2020-28374 CVE-2020-29661 CVE-2019-19532 CVE-2020-7053 CVE-2020-14351 CVE-2020-25211 CVE-2020-25645 CVE-2020-25656 CVE-2020-25705 CVE-2021-20265 CVE-2020-0427 -- Security Fix(es): * kernel: Local buffer overflow in ctnetlink_parse_tuple_filter in net/netfilter/nf_conntrack_netlink.c (CVE-2020-25211) * kernel: SCSI target (LIO) write to any block on ILO backstore (CVE-2020-28374) * kernel: locking issue in drivers/tty/tty_jobctrl.c can lead to an use- after-free (CVE-2020-29661) * kernel: malicious USB devices can lead to multiple out-of-bounds write (CVE-2019-19532) * kernel: out-of-bounds reads in pinctrl subsystem. (CVE-2020-0427) * kernel: use-after-free in i915_ppgtt_close in drivers/gpu/drm/i915/i915_gem_gtt.c (CVE-2020-7053) * kernel: performance counters race condition use-after-free (CVE-2020-14351) * kernel: Geneve/IPsec traffic may be unencrypted between two Geneve endpoints (CVE-2020-25645) * kernel: use-after-free in read in vt_do_kdgkb_ioctl (CVE-2020-25656) * kernel: ICMP rate limiting can be used for DNS poisoning attack (CVE-2020-25705) * kernel: increase slab leak leads to DoS (CVE-2021-20265) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE BugFix(es): * BUG: scheduling while atomic: memory allocation under spinlock in scsi_register_device_handler() * WARNING in __iscsit_free_cmd during recovery Abort * lpfc does not issue adisc to fcp-2 devices, does not respond to nvme targer that send an adisc. * Panic in semctl_nolock.constprop.15+0x25b * [SL 7.7][md]Crash due to invalid pool workqueue pointer, work queue race * Guest crash on intel CPU with -cpu host,-spec-ctrl,+ibpb * SL7.9 - kernel/uv: handle length extension properly * Commit b144f013fc16a06d7a4b9a4be668a3583fafeda2 'i40e: don't report link up for a VF who hasn't enabled queues' introducing issues with VM using DPDK * writing to /sys/devices/(...)/net/eno49/queues/tx-16/xps_cpus triggerskernel panic * [Hyper-V][SL-7.9]video: hyperv_fb: Fix the cache type when mapping the VRAM Edit * kvm-rhel7.9 [AMD] - system crash observed while powering on virtual machine with attached VF interfaces. * kernel: nvme nvme7: Connect command failed, error wo/DNR bit: 2 * dm-mirror crashes from assuming underlying storage will have a non-NULL merge_bvec_fn * watchdog: use nmi registers snapshot in hardlockup handler * [DELL EMC 7.9 BUG] - Intel E810 NIC interfaces are not functional in SL 7.9 on system with AMD Rome CPUs * [DELL EMC BUG] SL system log shows AMD-Vi error when system connected with Gen 4 NVMe drives. -- SL7 x86_64 bpftool-3.10.0-1160.21.1.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1160.21.1.el7.x86_64.rpm kernel-3.10.0-1160.21.1.el7.x86_64.rpm kernel-debug-3.10.0-1160.21.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.21.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-1160.21.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.21.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.21.1.el7.x86_64.rpm kernel-devel-3.10.0-1160.21.1.el7.x86_64.rpm kernel-headers-3.10.0-1160.21.1.el7.x86_64.rpm kernel-tools-3.10.0-1160.21.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.21.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-1160.21.1.el7.x86_64.rpm perf-3.10.0-1160.21.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.21.1.el7.x86_64.rpm python-perf-3.10.0-1160.21.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.21.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1160.21.1.el7.x86_64.rpm noarch kernel-abi-whitelists-3.10.0-1160.21.1.el7.noarch.rpm kernel-doc-3.10.0-1160.21.1.el7.noarch.rpm - Scientific Linux Development Team . The latest system security and patch report featuring advisory ID SLSA-2021:0856-1 outlines critical vulnerabilities and their corresponding remediation steps.. Important Kernel Security, Bug Fixes, Scientific Linux Updates, Security Advisory. . Severity: Important. LinuxSecurity.com Team
Mar 17, 2021
•Important
Scientific Linux
98
security advisoryRed Hatkernel updateRed Hat 3.9: RHSA-2010:0330-01 Moderate: GFS Lock Issue
Updated GFS packages that fix one security issue are now available for Red Hat Enterprise Linux 3.9, kernel release 2.4.21-63.EL. The Red Hat Security Response Team has rated this update as having moderate [More...]. ==================================================================== Red Hat Security Advisory Synopsis: Moderate: GFS security and bug fix update Advisory ID: RHSA-2010:0330-01 Product: Red Hat Global File System Advisory URL: https://access.redhat.com/errata/RHSA-2010:0330.html Issue date: 2010-03-30 CVE Names: CVE-2010-0727 ==================================================================== 1. Summary: Updated GFS packages that fix one security issue are now available for Red Hat Enterprise Linux 3.9, kernel release 2.4.21-63.EL. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Global File System 3AS - i386, ia64, x86_64 Red Hat Global File System 3ES - i386, ia64, x86_64 Red Hat Global File System 3WS - i386, ia64, x86_64 3. Description: The Red Hat Global File System (GFS) allows a cluster of Linux servers to share data in a common pool of storage. A flaw was found in the gfs_lock() implementation. The GFS locking code could skip the lock operation for files that have the S_ISGID bit (set-group-ID on execution) in their mode set. A local, unprivileged user on a system that has a GFS file system mounted could use this flaw to cause a kernel panic. (CVE-2010-0727) As well, these updated GFS packages are in sync with the latest kernel (2.4.21-63.EL). The modules in earlier GFS packages fail to load because they do not match the running kernel. It is possible to force-load the modules; however, with this update, force-loading the modules is not required. (BZ#525198) Users are advisedto upgrade to these latest GFS packages, which resolve this issue and are updated for use with the 2.4.21-63.EL kernel. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at 5. Bugs fixed (http://bugzilla.redhat.com/): 525198 - Need rebuild for 2.4.21-63.EL kernel 570863 - CVE-2010-0727 bug in GFS/GFS2 locking code leads to dos 6. Package List: Red Hat Global File System 3AS: Source: i386: GFS-6.0.2.36-13.i386.rpm GFS-6.0.2.36-13.i686.rpm GFS-debuginfo-6.0.2.36-13.i386.rpm GFS-debuginfo-6.0.2.36-13.i686.rpm GFS-devel-6.0.2.36-13.i386.rpm GFS-devel-6.0.2.36-13.i686.rpm GFS-modules-6.0.2.36-13.i386.rpm GFS-modules-6.0.2.36-13.i686.rpm GFS-modules-hugemem-6.0.2.36-13.i686.rpm GFS-modules-smp-6.0.2.36-13.i686.rpm ia64: GFS-6.0.2.36-13.ia64.rpm GFS-debuginfo-6.0.2.36-13.ia64.rpm GFS-devel-6.0.2.36-13.ia64.rpm GFS-modules-6.0.2.36-13.ia64.rpm x86_64: GFS-6.0.2.36-13.ia32e.rpm GFS-6.0.2.36-13.x86_64.rpm GFS-debuginfo-6.0.2.36-13.ia32e.rpm GFS-debuginfo-6.0.2.36-13.x86_64.rpm GFS-devel-6.0.2.36-13.ia32e.rpm GFS-devel-6.0.2.36-13.x86_64.rpm GFS-modules-6.0.2.36-13.ia32e.rpm GFS-modules-6.0.2.36-13.x86_64.rpm GFS-modules-smp-6.0.2.36-13.x86_64.rpm Red Hat Global File System3ES: Source: i386: GFS-6.0.2.36-13.i386.rpm GFS-6.0.2.36-13.i686.rpm GFS-debuginfo-6.0.2.36-13.i386.rpm GFS-debuginfo-6.0.2.36-13.i686.rpm GFS-devel-6.0.2.36-13.i386.rpm GFS-devel-6.0.2.36-13.i686.rpm GFS-modules-6.0.2.36-13.i386.rpm GFS-modules-6.0.2.36-13.i686.rpm GFS-modules-hugemem-6.0.2.36-13.i686.rpm GFS-modules-smp-6.0.2.36-13.i686.rpm ia64: GFS-6.0.2.36-13.ia64.rpm GFS-debuginfo-6.0.2.36-13.ia64.rpm GFS-devel-6.0.2.36-13.ia64.rpm GFS-modules-6.0.2.36-13.ia64.rpm x86_64: GFS-6.0.2.36-13.ia32e.rpm GFS-6.0.2.36-13.x86_64.rpm GFS-debuginfo-6.0.2.36-13.ia32e.rpm GFS-debuginfo-6.0.2.36-13.x86_64.rpm GFS-devel-6.0.2.36-13.ia32e.rpm GFS-devel-6.0.2.36-13.x86_64.rpm GFS-modules-6.0.2.36-13.ia32e.rpm GFS-modules-6.0.2.36-13.x86_64.rpm GFS-modules-smp-6.0.2.36-13.x86_64.rpm Red Hat Global File System 3WS: Source: i386: GFS-6.0.2.36-13.i386.rpm GFS-6.0.2.36-13.i686.rpm GFS-debuginfo-6.0.2.36-13.i386.rpm GFS-debuginfo-6.0.2.36-13.i686.rpm GFS-devel-6.0.2.36-13.i386.rpm GFS-devel-6.0.2.36-13.i686.rpm GFS-modules-6.0.2.36-13.i386.rpm GFS-modules-6.0.2.36-13.i686.rpm GFS-modules-hugemem-6.0.2.36-13.i686.rpm GFS-modules-smp-6.0.2.36-13.i686.rpm ia64: GFS-6.0.2.36-13.ia64.rpm GFS-debuginfo-6.0.2.36-13.ia64.rpm GFS-devel-6.0.2.36-13.ia64.rpm GFS-modules-6.0.2.36-13.ia64.rpm x86_64: GFS-6.0.2.36-13.ia32e.rpm GFS-6.0.2.36-13.x86_64.rpm GFS-debuginfo-6.0.2.36-13.ia32e.rpm GFS-debuginfo-6.0.2.36-13.x86_64.rpm GFS-devel-6.0.2.36-13.ia32e.rpm GFS-devel-6.0.2.36-13.x86_64.rpm GFS-modules-6.0.2.36-13.ia32e.rpm GFS-modules-6.0.2.36-13.x86_64.rpm GFS-modules-smp-6.0.2.36-13.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package 7. References: https://access.redhat.com/security/cve/CVE-2010-0727 https://access.redhat.com/security/updates/classification#moderate 8. Contact: The Red Hat security contact is . More contact details athttps://access.redhat.com/security/team/contact/ Copyright 2010 Red Hat, Inc. . Important notice regarding new GFS package releases that resolve a significant locking problem in Red Hat Enterprise Linux.. GFS Security Advisory, Red Hat Global File System, Linux Kernel Updates. . LinuxSecurity.com Team
Mar 30, 2010
Red Hat
98
security advisorysecurity issueRed Hat Enterprise LinuxRed Hat Enterprise Linux 3 RHSA-2006:0576-01 Moderate: kdebase Lock Issue
Updated kdebase packages that resolve a security issue are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team.. - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: kdebase security fix Advisory ID: RHSA-2006:0576-01 Advisory URL: https://access.redhat.com/errata/RHSA-2006:0576.html Issue date: 2006-07-25 Updated on: 2006-07-25 Product: Red Hat Enterprise Linux CVE Names: CVE-2006-2933 - ---------------------------------------------------------------------1. Summary: Updated kdebase packages that resolve a security issue are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 3. Problem description: The kdebase packages provide the core applications for KDE, the K Desktop Environment. A flaw was found in KDE where the kdesktop_lock process sometimes failed to terminate properly. This issue could either block the user's ability to manually lock the desktop or prevent the screensaver to activate, both of which could have a security impact for users who rely on these functionalities. (CVE-2006-2933) Please note that this issue only affected Red Hat Enterprise Linux 3. All users of kdebase should upgrade to these updated packages, which contain a patch to resolve this issue. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the followingcommand: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 177755 - CVE-2006-2933 occasionally KDE screensaver fails to start 6. RPMs required: Red Hat Enterprise Linux AS version 3: SRPMS: 6aa3d3f78de7c533e3e6da39794180b2 kdebase-3.1.3-5.11.src.rpm i386: 118df2b4ac6ab1a4676aa14142f98a09 kdebase-3.1.3-5.11.i386.rpm a7867ecf99c15ece76eddba8638db7f8 kdebase-debuginfo-3.1.3-5.11.i386.rpm 2ac5719bfa079d8b71371fc90db9f3a9 kdebase-devel-3.1.3-5.11.i386.rpm ia64: 118df2b4ac6ab1a4676aa14142f98a09 kdebase-3.1.3-5.11.i386.rpm c720754146a4aa60a4560deb5f6d5eb9 kdebase-3.1.3-5.11.ia64.rpm a7867ecf99c15ece76eddba8638db7f8 kdebase-debuginfo-3.1.3-5.11.i386.rpm 1cd0f69d9747fbe6c7215e4dabf0a900 kdebase-debuginfo-3.1.3-5.11.ia64.rpm 7266920d22b20b1464ffc37967877ff3 kdebase-devel-3.1.3-5.11.ia64.rpm ppc: 3420be20d8e4b4570accf770e7905571 kdebase-3.1.3-5.11.ppc.rpm e239a86189994c13fd353b979267ff36 kdebase-3.1.3-5.11.ppc64.rpm fa912974f196e8b380aefeb5f101909b kdebase-debuginfo-3.1.3-5.11.ppc.rpm 0fd6a138fbec5a56c34f1d1464657791 kdebase-debuginfo-3.1.3-5.11.ppc64.rpm d3647bcc06b9b910a0c4fada87d890be kdebase-devel-3.1.3-5.11.ppc.rpm s390: fcdf461eb6d600e1f948a3b92ba6a950 kdebase-3.1.3-5.11.s390.rpm b0b87ea5d1a66b74eb2a56420f54af0f kdebase-debuginfo-3.1.3-5.11.s390.rpm ab4603381ccf4debd2751a8b8a19c1b9 kdebase-devel-3.1.3-5.11.s390.rpm s390x: fcdf461eb6d600e1f948a3b92ba6a950 kdebase-3.1.3-5.11.s390.rpm 3d4f0c441b88e6252cd0b586087b8bb5 kdebase-3.1.3-5.11.s390x.rpm b0b87ea5d1a66b74eb2a56420f54af0f kdebase-debuginfo-3.1.3-5.11.s390.rpm d16ac48faa1d513de50d7e8fe1a4c3a4 kdebase-debuginfo-3.1.3-5.11.s390x.rpm a8423c6093ddab102a593e4e655fea16 kdebase-devel-3.1.3-5.11.s390x.rpm x86_64: 118df2b4ac6ab1a4676aa14142f98a09 kdebase-3.1.3-5.11.i386.rpm de315cd2a571e45b4d3e9e4b20f817fd kdebase-3.1.3-5.11.x86_64.rpm a7867ecf99c15ece76eddba8638db7f8 kdebase-debuginfo-3.1.3-5.11.i386.rpm e0f0717146bc051a55425ddd812a023e kdebase-debuginfo-3.1.3-5.11.x86_64.rpm 6b940119787351acbd6ef2ea470f4d13 kdebase-devel-3.1.3-5.11.x86_64.rpm Red Hat Desktop version 3: SRPMS: 6aa3d3f78de7c533e3e6da39794180b2 kdebase-3.1.3-5.11.src.rpm i386: 118df2b4ac6ab1a4676aa14142f98a09 kdebase-3.1.3-5.11.i386.rpm a7867ecf99c15ece76eddba8638db7f8 kdebase-debuginfo-3.1.3-5.11.i386.rpm 2ac5719bfa079d8b71371fc90db9f3a9 kdebase-devel-3.1.3-5.11.i386.rpm x86_64: 118df2b4ac6ab1a4676aa14142f98a09 kdebase-3.1.3-5.11.i386.rpm de315cd2a571e45b4d3e9e4b20f817fd kdebase-3.1.3-5.11.x86_64.rpm a7867ecf99c15ece76eddba8638db7f8 kdebase-debuginfo-3.1.3-5.11.i386.rpm e0f0717146bc051a55425ddd812a023e kdebase-debuginfo-3.1.3-5.11.x86_64.rpm 6b940119787351acbd6ef2ea470f4d13 kdebase-devel-3.1.3-5.11.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: 6aa3d3f78de7c533e3e6da39794180b2 kdebase-3.1.3-5.11.src.rpm i386: 118df2b4ac6ab1a4676aa14142f98a09 kdebase-3.1.3-5.11.i386.rpm a7867ecf99c15ece76eddba8638db7f8 kdebase-debuginfo-3.1.3-5.11.i386.rpm 2ac5719bfa079d8b71371fc90db9f3a9 kdebase-devel-3.1.3-5.11.i386.rpm ia64: 118df2b4ac6ab1a4676aa14142f98a09 kdebase-3.1.3-5.11.i386.rpm c720754146a4aa60a4560deb5f6d5eb9 kdebase-3.1.3-5.11.ia64.rpm a7867ecf99c15ece76eddba8638db7f8 kdebase-debuginfo-3.1.3-5.11.i386.rpm 1cd0f69d9747fbe6c7215e4dabf0a900 kdebase-debuginfo-3.1.3-5.11.ia64.rpm 7266920d22b20b1464ffc37967877ff3 kdebase-devel-3.1.3-5.11.ia64.rpm x86_64: 118df2b4ac6ab1a4676aa14142f98a09 kdebase-3.1.3-5.11.i386.rpm de315cd2a571e45b4d3e9e4b20f817fd kdebase-3.1.3-5.11.x86_64.rpm a7867ecf99c15ece76eddba8638db7f8 kdebase-debuginfo-3.1.3-5.11.i386.rpm e0f0717146bc051a55425ddd812a023e kdebase-debuginfo-3.1.3-5.11.x86_64.rpm 6b940119787351acbd6ef2ea470f4d13 kdebase-devel-3.1.3-5.11.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: 6aa3d3f78de7c533e3e6da39794180b2 kdebase-3.1.3-5.11.src.rpm i386: 118df2b4ac6ab1a4676aa14142f98a09 kdebase-3.1.3-5.11.i386.rpm a7867ecf99c15ece76eddba8638db7f8 kdebase-debuginfo-3.1.3-5.11.i386.rpm 2ac5719bfa079d8b71371fc90db9f3a9 kdebase-devel-3.1.3-5.11.i386.rpm ia64: 118df2b4ac6ab1a4676aa14142f98a09 kdebase-3.1.3-5.11.i386.rpm c720754146a4aa60a4560deb5f6d5eb9 kdebase-3.1.3-5.11.ia64.rpm a7867ecf99c15ece76eddba8638db7f8 kdebase-debuginfo-3.1.3-5.11.i386.rpm 1cd0f69d9747fbe6c7215e4dabf0a900 kdebase-debuginfo-3.1.3-5.11.ia64.rpm 7266920d22b20b1464ffc37967877ff3 kdebase-devel-3.1.3-5.11.ia64.rpm x86_64: 118df2b4ac6ab1a4676aa14142f98a09 kdebase-3.1.3-5.11.i386.rpm de315cd2a571e45b4d3e9e4b20f817fd kdebase-3.1.3-5.11.x86_64.rpm a7867ecf99c15ece76eddba8638db7f8 kdebase-debuginfo-3.1.3-5.11.i386.rpm e0f0717146bc051a55425ddd812a023e kdebase-debuginfo-3.1.3-5.11.x86_64.rpm 6b940119787351acbd6ef2ea470f4d13 kdebase-devel-3.1.3-5.11.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package 7. References: https://www.cve.org/CVERecord?id=CVE-2006-2933 https://access.redhat.com/security/updates/classification#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2006 Red Hat, Inc. . Debian releases a security update for gnome-shell in a critical advisory to address a serious vulnerability affecting GNOME desktop components.. KDE Security Patch, Red Hat Fix, Desktop Lock Security, Enterprise Linux Advisory, KDE Security Update. . LinuxSecurity.com Team
Jul 25, 2006
Red Hat
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!