Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -5 articles for you...
219
security advisorykernel updateprivilege escalationRocky Linux 8 RLSA-2023:4517 Important Kernel Update for Security Fixes
Important: kernel security and bug fix update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2023:4517", "synopsis": "Important: kernel security and bug fix update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for kernel.\nThis update affects Rocky Linux 8.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "The kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* kernel: use-after-free in l2cap_connect and l2cap_le_connect_req in net/bluetooth/l2cap_core.c (CVE-2022-42896)\n\n* kernel: tcindex: use-after-free vulnerability in traffic control index filter allows privilege escalation (CVE-2023-1281)\n\n* kernel: Use-after-free vulnerability in the Linux Kernel traffic control index filter (CVE-2023-1829)\n\n* kernel: use-after-free vulnerability in the perf_group_detach function of the Linux Kernel Performance Events (CVE-2023-2235)\n\n* kernel: OOB access in the Linux kernel's XFS subsystem (CVE-2023-2124)\n\n* kernel: i2c: out-of-bounds write in xgene_slimpro_i2c_xfer() (CVE-2023-2194)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* simultaneous writes to a page on xfs can result in zero-byte data (BZ#2184101)\n\n* Rocky Linux 8.4 - kernel: fix __clear_user() inline assembly constraints (BZ#2192602)\n\n* LPAR is crashed by Phyp when doing DLPAR CPU operations (BZ#2193375)\n\n* ice: ptp4l cpu usage spikes (BZ#2203285)\n\n* Kernel - Significant performance drop for getrandom system call when FIPS is enabled (compared to Rocky Linux 8.x for all x < 6.z) (BZ#2208127)\n\n* macvlan: backports from upstream (BZ#2209686)\n\n* Intel 8.9 BUG VROC: Pull VMD secondary bus reset patch (BZ#2211198)\n\n* Incorrect target abort handling causes iscsi deadlock(BZ#2211494)\n\n* swap deadlock when attempt to charge a page to a cgroup stalls waiting on I/O plugged on another task in swap code (BZ#2211513)\n\n* BUG_ON \"kernel BUG at mm/rmap.c:1041!\" in __page_set_anon_rmap() when vma-> anon_vma==NULL (BZ#2211658)\n\n* Rocky Linux 8.9: IPMI updates and bug fixes (BZ#2211667)\n\n* Rocky Linux 8.6 opening console with mkvterm on novalink terminal fails due to drmgr reporting failure (L3:) (BZ#2212373)\n\n* Rocky Linux 8.8 - P10 DD2.0: Wrong numa_node is assigned to vpmem device (BZ#2212451)\n\n* Rocky Linux 8.8 beta: Occasional stall during initialization of ipmi_msghandler (BZ#2213189)\n\n* ESXi Rocky Linux 8: Haswell generation CPU are impacted with performance due to IBRS (BZ#2213366)\n\n* xen: fix section mismatch error with xen_callback_vector() and alloc_intr_gate() (BZ#2214281)\n\n* jitter: Fix RCT/APT health test during initialization (BZ#2215079)\n\n* aacraid misses interrupts when a CPU is disabled resulting in scsi timeouts and the adapter being unusable until reboot. (BZ#2216498)\n\n* Hyper-V Rocky Linux 8: Fix VM crash/hang Issues due to fast VF add/remove events (BZ#2216543)\n\n* rbd: avoid fast-diff corruption in snapshot-based mirroring [8.9] (BZ#2216769)\n\n* Regression of 3b8cc6298724 (\"blk-cgroup: Optimize blkcg_rstat_flush()\") (BZ#2220810)", "solution": null, "affectedProducts": ["Rocky Linux 8"], "fixes": [{"ticket": "2147364", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2147364", "description": ""}, {"ticket": "2181847", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2181847", "description": ""}, {"ticket": "2187439", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2187439", "description": ""}, {"ticket": "2188396", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2188396", "description": ""}, {"ticket": "2188470", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2188470","description": ""}, {"ticket": "2192589", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2192589", "description": ""}], "cves": [{"name": "CVE-2022-42896", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2022-42896", "cvss3ScoringVector": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "cvss3BaseScore": "8.1", "cwe": "CWE-416"}, {"name": "CVE-2023-1281", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2023-1281", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.8", "cwe": "CWE-416"}, {"name": "CVE-2023-1829", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2023-1829", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.4", "cwe": "CWE-119"}, {"name": "CVE-2023-2124", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2023-2124", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.0", "cwe": "CWE-125"}, {"name": "CVE-2023-2194", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2023-2194", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "cvss3BaseScore": "6.7", "cwe": "CWE-787"}, {"name": "CVE-2023-2235", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2023-2235", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.8", "cwe": "CWE-416"}], "references": [], "publishedAt": "2023-10-06T23:10:01.903350Z", "rpms": {"Rocky Linux 8": {"nvras": ["bpftool-0:4.18.0-477.21.1.el8_8.aarch64.rpm", "bpftool-debuginfo-0:4.18.0-477.21.1.el8_8.aarch64.rpm", "kernel-0:4.18.0-477.21.1.el8_8.aarch64.rpm", "kernel-0:4.18.0-477.21.1.el8_8.src.rpm", "kernel-abi-stablelists-0:4.18.0-477.21.1.el8_8.noarch.rpm", "kernel-core-0:4.18.0-477.21.1.el8_8.aarch64.rpm", "kernel-cross-headers-0:4.18.0-477.21.1.el8_8.aarch64.rpm", "kernel-debug-0:4.18.0-477.21.1.el8_8.aarch64.rpm","kernel-debug-core-0:4.18.0-477.21.1.el8_8.aarch64.rpm", "kernel-debug-debuginfo-0:4.18.0-477.21.1.el8_8.aarch64.rpm", "kernel-debug-devel-0:4.18.0-477.21.1.el8_8.aarch64.rpm", "kernel-debuginfo-0:4.18.0-477.21.1.el8_8.aarch64.rpm", "kernel-debuginfo-common-aarch64-0:4.18.0-477.21.1.el8_8.aarch64.rpm", "kernel-debug-modules-0:4.18.0-477.21.1.el8_8.aarch64.rpm", "kernel-debug-modules-extra-0:4.18.0-477.21.1.el8_8.aarch64.rpm", "kernel-devel-0:4.18.0-477.21.1.el8_8.aarch64.rpm", "kernel-doc-0:4.18.0-477.21.1.el8_8.noarch.rpm", "kernel-headers-0:4.18.0-477.21.1.el8_8.aarch64.rpm", "kernel-modules-0:4.18.0-477.21.1.el8_8.aarch64.rpm", "kernel-modules-extra-0:4.18.0-477.21.1.el8_8.aarch64.rpm", "kernel-tools-0:4.18.0-477.21.1.el8_8.aarch64.rpm", "kernel-tools-debuginfo-0:4.18.0-477.21.1.el8_8.aarch64.rpm", "kernel-tools-libs-0:4.18.0-477.21.1.el8_8.aarch64.rpm", "kernel-tools-libs-devel-0:4.18.0-477.21.1.el8_8.aarch64.rpm", "perf-0:4.18.0-477.21.1.el8_8.aarch64.rpm", "perf-debuginfo-0:4.18.0-477.21.1.el8_8.aarch64.rpm", "python3-perf-0:4.18.0-477.21.1.el8_8.aarch64.rpm", "python3-perf-debuginfo-0:4.18.0-477.21.1.el8_8.aarch64.rpm", "bpftool-0:4.18.0-477.21.1.el8_8.x86_64.rpm", "bpftool-debuginfo-0:4.18.0-477.21.1.el8_8.x86_64.rpm", "kernel-0:4.18.0-477.21.1.el8_8.x86_64.rpm", "kernel-core-0:4.18.0-477.21.1.el8_8.x86_64.rpm", "kernel-cross-headers-0:4.18.0-477.21.1.el8_8.x86_64.rpm", "kernel-debug-0:4.18.0-477.21.1.el8_8.x86_64.rpm", "kernel-debug-core-0:4.18.0-477.21.1.el8_8.x86_64.rpm", "kernel-debug-debuginfo-0:4.18.0-477.21.1.el8_8.x86_64.rpm", "kernel-debug-devel-0:4.18.0-477.21.1.el8_8.x86_64.rpm", "kernel-debuginfo-0:4.18.0-477.21.1.el8_8.x86_64.rpm", "kernel-debuginfo-common-x86_64-0:4.18.0-477.21.1.el8_8.x86_64.rpm", "kernel-debug-modules-0:4.18.0-477.21.1.el8_8.x86_64.rpm", "kernel-debug-modules-extra-0:4.18.0-477.21.1.el8_8.x86_64.rpm", "kernel-devel-0:4.18.0-477.21.1.el8_8.x86_64.rpm", "kernel-headers-0:4.18.0-477.21.1.el8_8.x86_64.rpm", "kernel-modules-0:4.18.0-477.21.1.el8_8.x86_64.rpm","kernel-modules-extra-0:4.18.0-477.21.1.el8_8.x86_64.rpm", "kernel-tools-0:4.18.0-477.21.1.el8_8.x86_64.rpm", "kernel-tools-debuginfo-0:4.18.0-477.21.1.el8_8.x86_64.rpm", "kernel-tools-libs-0:4.18.0-477.21.1.el8_8.x86_64.rpm", "kernel-tools-libs-devel-0:4.18.0-477.21.1.el8_8.x86_64.rpm", "perf-0:4.18.0-477.21.1.el8_8.x86_64.rpm", "perf-debuginfo-0:4.18.0-477.21.1.el8_8.x86_64.rpm", "python3-perf-0:4.18.0-477.21.1.el8_8.x86_64.rpm", "python3-perf-debuginfo-0:4.18.0-477.21.1.el8_8.x86_64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. An essential kernel security and bug resolution update has been released for Rocky Linux 8, tackling several vulnerabilities and problems.. Rocky Linux Kernel Security, Kernel Update, Bug Fix, Security Improvement. . Severity: Important. LinuxSecurity.com Team
Oct 06, 2023
•Important
Rocky Linux
89
security advisoryFedoraupdate informationFedora 38: 2023-4bcfd9a839 Significant: Firefox 109.0 Upgrade
- New upstream release (108.0). --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-3ae298b728 2022-12-16 01:55:45.826560 --------------------------------------------------------------------------------Name : firefox Product : Fedora 37 Version : 108.0 Release : 2.fc37 URL : https://www.firefox.com/en-US/?redirect_source=mozilla-org Summary : Mozilla Firefox Web browser Description : Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. --------------------------------------------------------------------------------Update Information: - New upstream release (108.0) --------------------------------------------------------------------------------ChangeLog: * Wed Dec 14 2022 Martin Stransky - 108.0-2 - Update to 108.0 Build 2 - Added fix for rhbz#2149821 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-3ae298b728' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Dec 16, 2022
Fedora
89
security advisoryFedoraDoSFedora 22: 2015-c1c2f5e168 Critical: DoS & Permission Bypass Overview
The 4.2.8 stable kernel update contains a number of important fixes across the tree.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2015-c1c2f5e168 2015-12-22 07:00:25.108269 -------------------------------------------------------------------------------- Name : kernel Product : Fedora 22 Version : 4.2.8 Release : 200.fc22 URL : https://www.kernel.org/ Summary : The Linux kernel Description : The kernel meta package -------------------------------------------------------------------------------- Update Information: The 4.2.8 stable kernel update contains a number of important fixes across the tree. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1282688 - CVE-2013-7446 kernel: Unix sockets use after free - peer_wait_queue prematurely freed https://bugzilla.redhat.com/show_bug.cgi?id=1282688 [ 2 ] Bug #1291329 - kernel: Permission bypass on overlayfs during copy_up https://bugzilla.redhat.com/show_bug.cgi?id=1291329 [ 3 ] Bug #1291197 - CVE-2015-7550 kernel: User triggerable crash from race between key read and rey revoke https://bugzilla.redhat.com/show_bug.cgi?id=1291197 [ 4 ] Bug #1290475 - CVE-2015-8543 kernel: IPv6 connect causes DoS via NULL pointer dereference https://bugzilla.redhat.com/show_bug.cgi?id=1290475 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update kernel' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at -------------------------------------------------------------------------------- _______________________________________________ package-announce mailinglist
Dec 22, 2015
•Critical
Fedora
87
security advisoryMySQLremote accessDebian: DSA-2667-1 Upgrade MySQL 5.5.31 For Remote Issues
Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to a new upstream version, 5.5.31, which includes additional changes, such as performance improvements and corrections for data loss defects. . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2667-1
May 12, 2013
•Critical
Debian
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!