Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -2 articles for you...
100
security advisoryremote denialSuSESUSE: ruby2.6 High DoS Threat CVE-2024-36222 2025:03214-3
* bsc#1225905 Cross-References: * CVE-2024-35221 . # Security update for ruby2.5 Announcement ID: SUSE-SU-2025:02814-2 Release Date: 2025-09-04T09:16:59Z Rating: moderate References: * bsc#1225905 Cross-References: * CVE-2024-35221 CVSS scores: * CVE-2024-35221 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Proxy 4.3 LTS * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Retail Branch Server 4.3 LTS * SUSE Manager Server 4.3 * SUSE Manager Server 4.3 LTS An update that solves one vulnerability can now be installed. ## Description: This update for ruby2.5 fixes the following issues: * CVE-2024-35221: Fixed remote denial of service via YAML manifest (bsc#1225905) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Retail Branch Server 4.3 LTS zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-LTS-2025-2814=1 * SUSE Manager Server 4.3 LTS zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-LTS-2025-2814=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-2814=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-2814=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2814=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2814=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-2814=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-2814=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-2814=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2814=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-2814=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-2814=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2814=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-2814=1 * SUSE Manager Proxy 4.3 LTS zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-LTS-2025-2814=1 ## Package List: * SUSE Manager Retail Branch Server 4.3 LTS (x86_64) * ruby2.5-devel-extra-2.5.9-150000.4.49.1 * libruby2_5-2_5-debuginfo-2.5.9-150000.4.49.1 *ruby2.5-debuginfo-2.5.9-150000.4.49.1 * ruby2.5-stdlib-2.5.9-150000.4.49.1 * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.49.1 * ruby2.5-devel-2.5.9-150000.4.49.1 * ruby2.5-2.5.9-150000.4.49.1 * libruby2_5-2_5-2.5.9-150000.4.49.1 * ruby2.5-debugsource-2.5.9-150000.4.49.1 * SUSE Manager Server 4.3 LTS (ppc64le s390x x86_64) * ruby2.5-devel-extra-2.5.9-150000.4.49.1 * libruby2_5-2_5-debuginfo-2.5.9-150000.4.49.1 * ruby2.5-debuginfo-2.5.9-150000.4.49.1 * ruby2.5-stdlib-2.5.9-150000.4.49.1 * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.49.1 * ruby2.5-devel-2.5.9-150000.4.49.1 * ruby2.5-2.5.9-150000.4.49.1 * libruby2_5-2_5-2.5.9-150000.4.49.1 * ruby2.5-debugsource-2.5.9-150000.4.49.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * ruby2.5-devel-extra-2.5.9-150000.4.49.1 * libruby2_5-2_5-debuginfo-2.5.9-150000.4.49.1 * ruby2.5-debuginfo-2.5.9-150000.4.49.1 * ruby2.5-stdlib-2.5.9-150000.4.49.1 * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.49.1 * ruby2.5-devel-2.5.9-150000.4.49.1 * ruby2.5-2.5.9-150000.4.49.1 * libruby2_5-2_5-2.5.9-150000.4.49.1 * ruby2.5-debugsource-2.5.9-150000.4.49.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * ruby2.5-devel-extra-2.5.9-150000.4.49.1 * libruby2_5-2_5-debuginfo-2.5.9-150000.4.49.1 * ruby2.5-debuginfo-2.5.9-150000.4.49.1 * ruby2.5-stdlib-2.5.9-150000.4.49.1 * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.49.1 * ruby2.5-devel-2.5.9-150000.4.49.1 * ruby2.5-2.5.9-150000.4.49.1 * libruby2_5-2_5-2.5.9-150000.4.49.1 * ruby2.5-debugsource-2.5.9-150000.4.49.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * ruby2.5-devel-extra-2.5.9-150000.4.49.1 * libruby2_5-2_5-debuginfo-2.5.9-150000.4.49.1 * ruby2.5-debuginfo-2.5.9-150000.4.49.1 * ruby2.5-stdlib-2.5.9-150000.4.49.1 * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.49.1 * ruby2.5-devel-2.5.9-150000.4.49.1 *ruby2.5-2.5.9-150000.4.49.1 * libruby2_5-2_5-2.5.9-150000.4.49.1 * ruby2.5-debugsource-2.5.9-150000.4.49.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * ruby2.5-devel-extra-2.5.9-150000.4.49.1 * libruby2_5-2_5-debuginfo-2.5.9-150000.4.49.1 * ruby2.5-debuginfo-2.5.9-150000.4.49.1 * ruby2.5-stdlib-2.5.9-150000.4.49.1 * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.49.1 * ruby2.5-devel-2.5.9-150000.4.49.1 * ruby2.5-2.5.9-150000.4.49.1 * libruby2_5-2_5-2.5.9-150000.4.49.1 * ruby2.5-debugsource-2.5.9-150000.4.49.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * ruby2.5-devel-extra-2.5.9-150000.4.49.1 * libruby2_5-2_5-debuginfo-2.5.9-150000.4.49.1 * ruby2.5-debuginfo-2.5.9-150000.4.49.1 * ruby2.5-stdlib-2.5.9-150000.4.49.1 * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.49.1 * ruby2.5-devel-2.5.9-150000.4.49.1 * ruby2.5-2.5.9-150000.4.49.1 * libruby2_5-2_5-2.5.9-150000.4.49.1 * ruby2.5-debugsource-2.5.9-150000.4.49.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * ruby2.5-devel-extra-2.5.9-150000.4.49.1 * libruby2_5-2_5-debuginfo-2.5.9-150000.4.49.1 * ruby2.5-debuginfo-2.5.9-150000.4.49.1 * ruby2.5-stdlib-2.5.9-150000.4.49.1 * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.49.1 * ruby2.5-devel-2.5.9-150000.4.49.1 * ruby2.5-2.5.9-150000.4.49.1 * libruby2_5-2_5-2.5.9-150000.4.49.1 * ruby2.5-debugsource-2.5.9-150000.4.49.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * ruby2.5-devel-extra-2.5.9-150000.4.49.1 * libruby2_5-2_5-debuginfo-2.5.9-150000.4.49.1 * ruby2.5-debuginfo-2.5.9-150000.4.49.1 * ruby2.5-stdlib-2.5.9-150000.4.49.1 * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.49.1 * ruby2.5-devel-2.5.9-150000.4.49.1 * ruby2.5-2.5.9-150000.4.49.1 * libruby2_5-2_5-2.5.9-150000.4.49.1 * ruby2.5-debugsource-2.5.9-150000.4.49.1 * SUSE LinuxEnterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * ruby2.5-devel-extra-2.5.9-150000.4.49.1 * libruby2_5-2_5-debuginfo-2.5.9-150000.4.49.1 * ruby2.5-debuginfo-2.5.9-150000.4.49.1 * ruby2.5-stdlib-2.5.9-150000.4.49.1 * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.49.1 * ruby2.5-devel-2.5.9-150000.4.49.1 * ruby2.5-2.5.9-150000.4.49.1 * libruby2_5-2_5-2.5.9-150000.4.49.1 * ruby2.5-debugsource-2.5.9-150000.4.49.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * ruby2.5-devel-extra-2.5.9-150000.4.49.1 * libruby2_5-2_5-debuginfo-2.5.9-150000.4.49.1 * ruby2.5-debuginfo-2.5.9-150000.4.49.1 * ruby2.5-stdlib-2.5.9-150000.4.49.1 * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.49.1 * ruby2.5-devel-2.5.9-150000.4.49.1 * ruby2.5-2.5.9-150000.4.49.1 * libruby2_5-2_5-2.5.9-150000.4.49.1 * ruby2.5-debugsource-2.5.9-150000.4.49.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * ruby2.5-devel-extra-2.5.9-150000.4.49.1 * libruby2_5-2_5-debuginfo-2.5.9-150000.4.49.1 * ruby2.5-debuginfo-2.5.9-150000.4.49.1 * ruby2.5-stdlib-2.5.9-150000.4.49.1 * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.49.1 * ruby2.5-devel-2.5.9-150000.4.49.1 * ruby2.5-2.5.9-150000.4.49.1 * libruby2_5-2_5-2.5.9-150000.4.49.1 * ruby2.5-debugsource-2.5.9-150000.4.49.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * ruby2.5-devel-extra-2.5.9-150000.4.49.1 * libruby2_5-2_5-debuginfo-2.5.9-150000.4.49.1 * ruby2.5-debuginfo-2.5.9-150000.4.49.1 * ruby2.5-stdlib-2.5.9-150000.4.49.1 * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.49.1 * ruby2.5-devel-2.5.9-150000.4.49.1 * ruby2.5-2.5.9-150000.4.49.1 * libruby2_5-2_5-2.5.9-150000.4.49.1 * ruby2.5-debugsource-2.5.9-150000.4.49.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * ruby2.5-devel-extra-2.5.9-150000.4.49.1 * libruby2_5-2_5-debuginfo-2.5.9-150000.4.49.1 * ruby2.5-debuginfo-2.5.9-150000.4.49.1 * ruby2.5-stdlib-2.5.9-150000.4.49.1 * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.49.1 * ruby2.5-devel-2.5.9-150000.4.49.1 * ruby2.5-2.5.9-150000.4.49.1 * libruby2_5-2_5-2.5.9-150000.4.49.1 * ruby2.5-debugsource-2.5.9-150000.4.49.1 * SUSE Manager Proxy 4.3 LTS (x86_64) * ruby2.5-devel-extra-2.5.9-150000.4.49.1 * libruby2_5-2_5-debuginfo-2.5.9-150000.4.49.1 * ruby2.5-debuginfo-2.5.9-150000.4.49.1 * ruby2.5-stdlib-2.5.9-150000.4.49.1 * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.49.1 * ruby2.5-devel-2.5.9-150000.4.49.1 * ruby2.5-2.5.9-150000.4.49.1 * libruby2_5-2_5-2.5.9-150000.4.49.1 * ruby2.5-debugsource-2.5.9-150000.4.49.1 ## References: * https://www.suse.com/security/cve/CVE-2024-35221.html * https://bugzilla.suse.com/show_bug.cgi?id=1225905 . Critical update for ruby2.5 available on SUSE, addressing a potential remote downtime threat to enhance system security. Ensure to implement this fix without delay!. SUSE, ruby2.5, update, security patch, Denial of Service. . LinuxSecurity.com Team
Sep 04, 2025
SuSE
100
security advisoryupdateremote denialSUSE: 2022:3061-1 Important: Kernel Denial and Off-Path Fixes
An update that fixes two vulnerabilities is now available. . SUSE Security Update: Security update for the Linux Kernel (Live Patch 30 for SLE 15 SP1) ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:3061-1 Rating: important References: #1196867 #1201941 Cross-References: CVE-2020-36516 CVE-2022-36946 CVSS scores: CVE-2020-36516 (NVD) : 5.9 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:L CVE-2020-36516 (SUSE): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H CVE-2022-36946 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2022-36946 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: SUSE Linux Enterprise High Performance Computing 15 SUSE Linux Enterprise High Performance Computing 15-SP1 SUSE Linux Enterprise High Performance Computing 15-SP2 SUSE Linux Enterprise High Performance Computing 15-SP3 SUSE Linux Enterprise Live Patching 12-SP4 SUSE Linux Enterprise Live Patching 12-SP5 SUSE Linux Enterprise Micro 5.1 SUSE Linux Enterprise Module for Live Patching 15 SUSE Linux Enterprise Module for Live Patching 15-SP1 SUSE Linux Enterprise Module for Live Patching 15-SP2 SUSE Linux Enterprise Module for Live Patching 15-SP3 SUSE Linux Enterprise Server 15 SUSE Linux Enterprise Server 15-SP1 SUSE Linux Enterprise Server 15-SP2 SUSE Linux Enterprise Server 15-SP3 SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Server for SAP Applications 15-SP1 SUSE Linux Enterprise Server for SAP Applications 15-SP2 SUSE LinuxEnterprise Server for SAP Applications 15-SP3 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for the Linux Kernel 4.12.14-150100_197_111 fixes several issues. The following security issues were fixed: - CVE-2020-36516: Fixed an off-path attack via mixed IPID assignment method with the hash-based IPID assignment policy to inject data into a victim's TCP session or terminate that session (bsc#1196867). - CVE-2022-36946: Fixed a remote denial of service attack inside nfqnl_mangle in net/netfilter/nfnetlink_queue.c, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative length (bsc#1201941). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Live Patching 15-SP3: zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2022-3066=1 SUSE-SLE-Module-Live-Patching-15-SP3-2022-3067=1 SUSE-SLE-Module-Live-Patching-15-SP3-2022-3068=1 SUSE-SLE-Module-Live-Patching-15-SP3-2022-3069=1 SUSE-SLE-Module-Live-Patching-15-SP3-2022-3070=1 SUSE-SLE-Module-Live-Patching-15-SP3-2022-3071=1 SUSE-SLE-Module-Live-Patching-15-SP3-2022-3073=1 SUSE-SLE-Module-Live-Patching-15-SP3-2022-3074=1 SUSE-SLE-Module-Live-Patching-15-SP3-2022-3076=1 SUSE-SLE-Module-Live-Patching-15-SP3-2022-3078=1 SUSE-SLE-Module-Live-Patching-15-SP3-2022-3079=1 SUSE-SLE-Module-Live-Patching-15-SP3-2022-3083=1 SUSE-SLE-Module-Live-Patching-15-SP3-2022-3110=1 SUSE-SLE-Module-Live-Patching-15-SP3-2022-3111=1 SUSE-SLE-Module-Live-Patching-15-SP3-2022-3120=1 - SUSE Linux Enterprise Module for Live Patching 15-SP2: zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP2-2022-3065=1 SUSE-SLE-Module-Live-Patching-15-SP2-2022-3077=1SUSE-SLE-Module-Live-Patching-15-SP2-2022-3081=1 SUSE-SLE-Module-Live-Patching-15-SP2-2022-3082=1 SUSE-SLE-Module-Live-Patching-15-SP2-2022-3084=1 SUSE-SLE-Module-Live-Patching-15-SP2-2022-3085=1 SUSE-SLE-Module-Live-Patching-15-SP2-2022-3090=1 SUSE-SLE-Module-Live-Patching-15-SP2-2022-3104=1 SUSE-SLE-Module-Live-Patching-15-SP2-2022-3109=1 - SUSE Linux Enterprise Module for Live Patching 15-SP1: zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP1-2022-3058=1 SUSE-SLE-Module-Live-Patching-15-SP1-2022-3059=1 SUSE-SLE-Module-Live-Patching-15-SP1-2022-3060=1 SUSE-SLE-Module-Live-Patching-15-SP1-2022-3061=1 SUSE-SLE-Module-Live-Patching-15-SP1-2022-3062=1 SUSE-SLE-Module-Live-Patching-15-SP1-2022-3063=1 - SUSE Linux Enterprise Module for Live Patching 15: zypper in -t patch SUSE-SLE-Module-Live-Patching-15-2022-3052=1 SUSE-SLE-Module-Live-Patching-15-2022-3053=1 SUSE-SLE-Module-Live-Patching-15-2022-3054=1 SUSE-SLE-Module-Live-Patching-15-2022-3055=1 SUSE-SLE-Module-Live-Patching-15-2022-3056=1 SUSE-SLE-Module-Live-Patching-15-2022-3121=1 - SUSE Linux Enterprise Live Patching 12-SP5: zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2022-3040=1 SUSE-SLE-Live-Patching-12-SP5-2022-3041=1 SUSE-SLE-Live-Patching-12-SP5-2022-3042=1 SUSE-SLE-Live-Patching-12-SP5-2022-3043=1 SUSE-SLE-Live-Patching-12-SP5-2022-3044=1 SUSE-SLE-Live-Patching-12-SP5-2022-3045=1 SUSE-SLE-Live-Patching-12-SP5-2022-3046=1 SUSE-SLE-Live-Patching-12-SP5-2022-3047=1 SUSE-SLE-Live-Patching-12-SP5-2022-3048=1 SUSE-SLE-Live-Patching-12-SP5-2022-3049=1 SUSE-SLE-Live-Patching-12-SP5-2022-3050=1 - SUSE Linux Enterprise Live Patching 12-SP4: zypper in -t patch SUSE-SLE-Live-Patching-12-SP4-2022-3033=1 SUSE-SLE-Live-Patching-12-SP4-2022-3034=1 SUSE-SLE-Live-Patching-12-SP4-2022-3035=1 SUSE-SLE-Live-Patching-12-SP4-2022-3036=1 SUSE-SLE-Live-Patching-12-SP4-2022-3037=1 SUSE-SLE-Live-Patching-12-SP4-2022-3038=1 SUSE-SLE-Live-Patching-12-SP4-2022-3039=1 Package List: - SUSE Linux Enterprise Module for LivePatching 15-SP3 (ppc64le s390x x86_64): kernel-livepatch-5_3_18-150300_59_43-default-13-150300.2.2 kernel-livepatch-5_3_18-150300_59_43-default-debuginfo-13-150300.2.2 kernel-livepatch-5_3_18-150300_59_46-default-13-150300.2.2 kernel-livepatch-5_3_18-150300_59_46-default-debuginfo-13-150300.2.2 kernel-livepatch-5_3_18-150300_59_49-default-12-150300.2.2 kernel-livepatch-5_3_18-150300_59_54-default-11-150300.2.2 kernel-livepatch-5_3_18-150300_59_60-default-10-150300.2.2 kernel-livepatch-5_3_18-150300_59_63-default-7-150300.2.2 kernel-livepatch-5_3_18-150300_59_68-default-6-150300.2.2 kernel-livepatch-5_3_18-150300_59_71-default-5-150300.2.1 kernel-livepatch-5_3_18-150300_59_76-default-4-150300.2.1 kernel-livepatch-5_3_18-150300_59_87-default-3-150300.2.1 kernel-livepatch-5_3_18-59_24-default-16-150300.2.2 kernel-livepatch-5_3_18-59_24-default-debuginfo-16-150300.2.2 kernel-livepatch-5_3_18-59_27-default-16-150300.2.2 kernel-livepatch-5_3_18-59_27-default-debuginfo-16-150300.2.2 kernel-livepatch-5_3_18-59_34-default-15-150300.2.2 kernel-livepatch-5_3_18-59_34-default-debuginfo-15-150300.2.2 kernel-livepatch-5_3_18-59_37-default-14-150300.2.2 kernel-livepatch-5_3_18-59_37-default-debuginfo-14-150300.2.2 kernel-livepatch-5_3_18-59_40-default-14-150300.2.2 kernel-livepatch-SLE15-SP3_Update_10-debugsource-14-150300.2.2 kernel-livepatch-SLE15-SP3_Update_6-debugsource-16-150300.2.2 kernel-livepatch-SLE15-SP3_Update_7-debugsource-16-150300.2.2 kernel-livepatch-SLE15-SP3_Update_9-debugsource-15-150300.2.2 - SUSE Linux Enterprise Module for Live Patching 15-SP3 (ppc64le x86_64): kernel-livepatch-5_3_18-59_40-default-debuginfo-14-150300.2.2 - SUSE Linux Enterprise Module for Live Patching 15-SP2 (ppc64le s390x x86_64): kernel-livepatch-5_3_18-150200_24_112-default-7-150200.2.2 kernel-livepatch-5_3_18-150200_24_112-default-debuginfo-7-150200.2.2 kernel-livepatch-5_3_18-150200_24_115-default-5-150200.2.1 kernel-livepatch-5_3_18-150200_24_115-default-debuginfo-5-150200.2.1 kernel-livepatch-5_3_18-24_102-default-12-150200.2.2 kernel-livepatch-5_3_18-24_102-default-debuginfo-12-150200.2.2 kernel-livepatch-5_3_18-24_107-default-11-150200.2.2 kernel-livepatch-5_3_18-24_107-default-debuginfo-11-150200.2.2 kernel-livepatch-5_3_18-24_83-default-16-150200.2.2 kernel-livepatch-5_3_18-24_83-default-debuginfo-16-150200.2.2 kernel-livepatch-5_3_18-24_86-default-16-150200.2.2 kernel-livepatch-5_3_18-24_86-default-debuginfo-16-150200.2.2 kernel-livepatch-5_3_18-24_93-default-15-150200.2.2 kernel-livepatch-5_3_18-24_93-default-debuginfo-15-150200.2.2 kernel-livepatch-5_3_18-24_96-default-14-150200.2.2 kernel-livepatch-5_3_18-24_96-default-debuginfo-14-150200.2.2 kernel-livepatch-5_3_18-24_99-default-13-150200.2.2 kernel-livepatch-5_3_18-24_99-default-debuginfo-13-150200.2.2 kernel-livepatch-SLE15-SP2_Update_19-debugsource-16-150200.2.2 kernel-livepatch-SLE15-SP2_Update_20-debugsource-16-150200.2.2 kernel-livepatch-SLE15-SP2_Update_21-debugsource-15-150200.2.2 kernel-livepatch-SLE15-SP2_Update_22-debugsource-14-150200.2.2 kernel-livepatch-SLE15-SP2_Update_23-debugsource-13-150200.2.2 kernel-livepatch-SLE15-SP2_Update_24-debugsource-12-150200.2.2 kernel-livepatch-SLE15-SP2_Update_26-debugsource-7-150200.2.2 kernel-livepatch-SLE15-SP2_Update_27-debugsource-5-150200.2.1 - SUSE Linux Enterprise Module for Live Patching 15-SP2 (ppc64le x86_64): kernel-livepatch-SLE15-SP2_Update_25-debugsource-11-150200.2.2 - SUSE Linux Enterprise Module for Live Patching 15-SP1 (ppc64le x86_64): kernel-livepatch-4_12_14-150100_197_111-default-7-150100.2.2 kernel-livepatch-4_12_14-150100_197_114-default-4-150100.2.1 kernel-livepatch-4_12_14-150100_197_117-default-2-150100.2.1 kernel-livepatch-4_12_14-197_102-default-13-150100.2.2 kernel-livepatch-4_12_14-197_105-default-9-150100.2.2 kernel-livepatch-4_12_14-197_108-default-8-150100.2.2 - SUSE Linux Enterprise Module for Live Patching 15 (ppc64le x86_64): kernel-livepatch-4_12_14-150000_150_89-default-7-150000.2.2 kernel-livepatch-4_12_14-150000_150_89-default-debuginfo-7-150000.2.2 kernel-livepatch-4_12_14-150000_150_92-default-4-150000.2.1 kernel-livepatch-4_12_14-150000_150_92-default-debuginfo-4-150000.2.1 kernel-livepatch-4_12_14-150000_150_95-default-2-150000.2.1 kernel-livepatch-4_12_14-150000_150_95-default-debuginfo-2-150000.2.1 kernel-livepatch-4_12_14-150_78-default-13-150000.2.2 kernel-livepatch-4_12_14-150_78-default-debuginfo-13-150000.2.2 kernel-livepatch-4_12_14-150_83-default-9-150000.2.2 kernel-livepatch-4_12_14-150_83-default-debuginfo-9-150000.2.2 kernel-livepatch-4_12_14-150_86-default-8-150000.2.2 kernel-livepatch-4_12_14-150_86-default-debuginfo-8-150000.2.2 - SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64): kgraft-patch-4_12_14-122_103-default-14-2.3 kgraft-patch-4_12_14-122_106-default-12-2.3 kgraft-patch-4_12_14-122_110-default-10-2.3 kgraft-patch-4_12_14-122_113-default-9-2.3 kgraft-patch-4_12_14-122_116-default-7-2.3 kgraft-patch-4_12_14-122_121-default-5-2.3 kgraft-patch-4_12_14-122_124-default-4-2.2 kgraft-patch-4_12_14-122_127-default-2-2.2 kgraft-patch-4_12_14-122_88-default-16-2.3 kgraft-patch-4_12_14-122_91-default-16-2.3 kgraft-patch-4_12_14-122_98-default-14-2.3 - SUSE Linux Enterprise Live Patching 12-SP4 (ppc64le s390x x86_64): kgraft-patch-4_12_14-95_102-default-2-2.2 kgraft-patch-4_12_14-95_105-default-2-2.2 kgraft-patch-4_12_14-95_83-default-13-2.3 kgraft-patch-4_12_14-95_88-default-9-2.3 kgraft-patch-4_12_14-95_93-default-8-2.3 kgraft-patch-4_12_14-95_96-default-7-2.3 kgraft-patch-4_12_14-95_99-default-4-2.2 References: https://www.suse.com/security/cve/CVE-2020-36516.html https://www.suse.com/security/cve/CVE-2022-36946.html https://bugzilla.suse.com/1196867 https://bugzilla.suse.com/1201941 . A major SUSE release targeting crucial vulnerabilities within the Linux Kernel, emphasizing improvements in live patching capabilities.. SUSE Linux Enterprise, Live Patching, Kernel Patch. . Severity: Important. LinuxSecurity.com Team
Sep 06, 2022
•Important
SuSE
100
security advisorymoderateremote denialSUSE: 2019:1290-1 Moderate: nmap Remote Denial Of Service Fix
An update that solves one vulnerability and has one errata is now available. . SUSE Security Update: Security update for nmap ______________________________________________________________________________ Announcement ID: SUSE-SU-2019:1290-1 Rating: moderate References: #1104139 #1133512 Cross-References: CVE-2018-15173 Affected Products: SUSE Linux Enterprise Module for Packagehub Subpackages 15 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SUSE Linux Enterprise Module for Basesystem 15 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. Description: This update for nmap fixes the following issues: Security issue fixed: - CVE-2018-15173: Fixed a remote denial of service attack via a crafted TCP-based service (bsc#1104139). Non-security issue fixed: - Add missing runtime dependency python-xml which prevented zenmap from starting (bsc#1133512). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Packagehub Subpackages 15: zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-2019-1290=1 - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15: zypper in -t patch SUSE-SLE-Module-Development-Tools-OBS-15-2019-1290=1 - SUSE Linux Enterprise Module for Basesystem 15: zypper in -t patch SUSE-SLE-Module-Basesystem-15-2019-1290=1 Package List: - SUSE Linux Enterprise Module for Packagehub Subpackages 15 (aarch64 ppc64le s390x x86_64): nmap-debuginfo-7.70-3.5.1 nmap-debugsource-7.70-3.5.1 nping-7.70-3.5.1 nping-debuginfo-7.70-3.5.1 - SUSE Linux Enterprise Module for OpenBuildservice Development Tools 15 (aarch64 ppc64le s390x x86_64): ncat-7.70-3.5.1 ncat-debuginfo-7.70-3.5.1 ndiff-7.70-3.5.1 nmap-debuginfo-7.70-3.5.1 nmap-debugsource-7.70-3.5.1 nping-7.70-3.5.1 nping-debuginfo-7.70-3.5.1 zenmap-7.70-3.5.1 - SUSE Linux Enterprise Module for Basesystem 15 (aarch64 ppc64le s390x x86_64): nmap-7.70-3.5.1 nmap-debuginfo-7.70-3.5.1 nmap-debugsource-7.70-3.5.1 References: https://www.suse.com/security/cve/CVE-2018-15173.html https://bugzilla.suse.com/1104139 https://bugzilla.suse.com/1133512 _______________________________________________ sle-security-updates mailing list
May 20, 2019
SuSE
87
security advisoryremote denialdebianUbuntu: USN-4820-1 Important: Spectre Vulnerability Mitigation
CVE-2018-5391 (FragmentSmack) Juha-Matti Tilli discovered a flaw in the way the Linux kernel handled reassembly of fragmented IPv4 and IPv6 packets. A remote . - ------------------------------------------------------------------------- Debian Security Advisory DSA-4272-1
Aug 14, 2018
•Important
Debian
100
security advisoryremote denialkernel updateSUSE Linux Enterprise 11 SP1: 2010-027 Moderate: Remote DoS Through Kernel
This SUSE Linux Enterprise 11 Service Pack 1 kernel update brings This SUSE Linux Enterprise 11 Service Pack 1 kernel update brings the kernel to 2.6.32.13. It also contains a security fix and lots of the kernel to 2.6.32.13. It also contains a security fix and lots of other bugfixes. Following security issues were fixed: CVE-2010-1173: The sctp_process_unk_param function in net/sctp/sm_make_chun [More...]. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ______________________________________________________________________________ SUSE Security Announcement Package: kernel Announcement ID: SUSE-SA:2010:027 Date: Fri, 02 Jul 2010 08:00:00 +0000 Affected Products: SUSE Linux Enterprise Desktop 11 SP1 SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise High Availability Extension 11 SP1 Vulnerability Type: remote denial of service CVSS v2 Base Score: 7.1 (AV:N/AC:M/Au:N/C:N/I:N/A:C) SUSE Default Package: yes Cross-References: CVE-2010-1173 Content of This Advisory: 1) Security Vulnerability Resolved: Kernel security and bugfix update Problem Description 2) Solution or Work-Around 3) Special Instructions and Notes 4) Package Location and Checksums 5) Pending Vulnerabilities, Solutions, and Work-Arounds: See SUSE Security Summary Report. 6) Authenticity Verification and Additional Information ______________________________________________________________________________ 1) Problem Description and Brief Discussion This SUSE Linux Enterprise 11 Service Pack 1 kernel update brings the kernel to 2.6.32.13. It also contains a security fix and lots of other bugfixes. Following security issues were fixed: CVE-2010-1173: The sctp_process_unk_param function in net/sctp/sm_make_chunk.c when SCTPis enabled, allows remote attackers to cause a denial of service (system crash) via an SCTPChunkInit packet containing multiple invalid parameters that require a large amount of error data. The update from 2.6.32.12 to 2.6.32.13 might also have contained smaller security fixes. The RPM version of this update is 2.6.32.13-0.4.1. 2) Solution or Work-Around There is no known workaround, please install the update packages. 3) Special Instructions and Notes Please reboot the machine after installing the update. 4) Package Location and Checksums The preferred method for installing security updates is to use the YaST Online Update (YOU) tool. YOU detects which updates are required and automatically performs the necessary steps to verify and install them. Alternatively, download the update packages for your distribution manually and verify their integrity by the methods listed in Section 6 of this announcement. Then install the packages using the command rpm -Fhv to apply the update, replacing with the filename of the downloaded RPM package. Our maintenance customers are notified individually. The packages are offered for installation from the maintenance web: SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Desktop 11 SP1 SUSE Linux Enterprise High Availability Extension 11 SP1 ______________________________________________________________________________ 5) Pending Vulnerabilities, Solutions, and Work-Arounds: See SUSE Security Summary Report. ______________________________________________________________________________ 6) Authenticity Verification and Additional Information - Announcement authenticity verification: SUSE security announcements are published via mailing lists and on Web sites. The authenticity and integrity of a SUSE security announcement is guaranteed by a cryptographic signature in each announcement. All SUSE security announcements are published with a valid signature. To verify the signature of the announcement, save it as text into a file and run the command gpg --verify replacing with the name of the file where you saved the announcement. The output for a valid signature looks like: gpg: Signature made using RSA key ID 3D25D3D9 gpg: Good signature from "SuSE Security Team " where is replaced by the date the document was signed. If the security team's key is not contained in your key ring, you can import it from the first installation CD. To import the key, use the command gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc - Package authenticity verification: SUSE update packages are available on many mirror FTP servers all over the world. While this service is considered valuable and important to the free and open source software community, the authenticity and the integrity of a package needs to be verified to ensure that it has not been tampered with. The internal rpm package signatures provide an easy way to verify the authenticity of an RPM package. Use the command rpm -v --checksig to verify the signature of the package, replacing with the filename of the RPM package downloaded. The package is unmodified if it contains a valid signature from
Jul 02, 2010
SuSE
99
security advisoryremote denialslackwareSlackware 9.1: SSA:2003-300-01 Critical: SDDM Remote Denial of Service
GDM is the GNOME Display Manager, and is commonly used to provide a graphical login for local users. Upgraded gdm packages are available for Slackware 9.0, 9.1, and -current. These fix two vulnerabilities which could allow a local . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] gdm security update (SSA:2003-300-01) GDM is the GNOME Display Manager, and is commonly used to provide a graphical login for local users. Upgraded gdm packages are available for Slackware 9.0, 9.1, and -current. These fix two vulnerabilities which could allow a local user to crash or freeze gdm, preventing access to the machine until a reboot. Sites using gdm should upgrade, especially sites such as computer labs that use gdm to provide public or semi-public access. More details about these issues may be found in the Common Vulnerabilities and Exposures (CVE) database: https://www.cve.org/CVERecord?id=CAN-2003-0793 https://www.cve.org/CVERecord?id=CAN-2003-0794 Here are the details from the Slackware 9.1 ChangeLog: +--------------------------+ Wed Oct 22 12:10:11 PDT 2003 patches/packages/gdm-2.4.4.5-i486-1.tgz: Upgraded to gdm-2.4.4.5. This fixes a bug which can allow a local user to crash gdm, preventing access until the machine is rebooted. (* Security fix *) +--------------------------+ WHERE TO FIND THE NEW PACKAGES: +-----------------------------+ Updated package for Slackware 9.0: ftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/gdm-2.4.1.7-i386-1.tgz Updated package for Slackware 9.1: ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/gdm-2.4.4.5-i486-1.tgz Updated package for Slackware -current: MD5 SIGNATURES: +-------------+ Slackware 9.0 package: ba1123ac6d5f56401cd80efcabcd9502 gdm-2.4.1.7-i386-1.tgz Slackware 9.1 package: bb34febec76f6c61f9d3740a95082db8 gdm-2.4.4.5-i486-1.tgz Slackware -current package: bb34febec76f6c61f9d3740a95082db8 gdm-2.4.4.5-i486-1.tgz INSTALLATION INSTRUCTIONS: +------------------------+ First, stopgdm. If you're using runlevel 4 to start gdm, issue the command to change to a console-based runlevel: # telinit 3 Next, upgrade gdm as root: # upgradepkg gdm-2.4.4.5-i486-1.tgz Finally, restart gdm: # telinit 4 +-----+ . GDM has released an urgent security patch for Slackware, addressing local access vulnerabilities. Crucial for every gdm user to implement.. GDM Security Update, Slackware Upgrade, Local Access Fix. . Severity: Critical. LinuxSecurity.com Team
Oct 27, 2003
•Critical
Slackware
98
security advisoryred hatremote denialRed Hat: BSA-2022:408-01 Urgent: Remote DoS and Local Privilege Fixes
Updated kernel packages that fix a remote denial of service vulnerability in the TCP/IP stack, and a local privilege vulnerability, are now available.. ` --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Updated 2.4 kernel fixes security vulnerabilities and various bugs Advisory ID: RHSA-2003:172-00 Issue date: 2003-05-14 Updated on: 2003-05-14 Product: Red Hat Linux Keywords: dos Cross references: RHSA-2003-098 RHBA-2003-135 Obsoletes: RHSA-2003-098 RHBA-2003-135 CVE Names: CAN-2003-0244 CAN-2003-0246 --------------------------------------------------------------------- 1. Topic: Updated kernel packages that fix a remote denial of service vulnerability in the TCP/IP stack, and a local privilege vulnerability, are now available. 2. Relevant releases/architectures: Red Hat Linux 7.1 - athlon, i386, i586, i686 Red Hat Linux 7.2 - athlon, i386, i586, i686 Red Hat Linux 7.3 - athlon, i386, i586, i686 Red Hat Linux 8.0 - athlon, i386, i586, i686 Red Hat Linux 9 - athlon, i386, i586, i686 3. Problem description: The Linux kernel handles the basic functions of the operating system. A flaw has been found in several hash table implementations in the kernel networking code. A remote attacker could send packets with carefully chosen, forged source addresses in such a way as to make every routing cache entry get hashed into the same hash chain. The result would be that the kernel would use a disproportionate amount of processor time to deal with new packets, resulting in a remote denial of service attack. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0244 to this issue. A flaw has been found in the "ioperm" system call, which fails to properly restrict privileges. This flaw can allow an unprivileged local user to gain read and write access to I/O ports on the system. The Common Vulnerabilities and Exposures project(cve.mitre.org) has assigned the name CAN-2003-0246 to this issue. All users should upgrade to these updated packages, which are not vulnerable to these issues. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. To use Red Hat Network to upgrade the kernel, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. Note that you need to select the kernel explicitly if you are using the default configuration of up2date. To install kernel packages manually, use "rpm -ivh " and modify system settings to boot the kernel you have installed. To do this, edit /boot/grub/grub.conf and change the default entry to "default=0" (or, if you have chosen to use LILO as your boot loader, edit /etc/lilo.conf and run lilo) Do not use "rpm -Uvh" as that will remove your running kernel binaries from your system. You may use "rpm -e" to remove old kernels after determining that the new kernel functions properly on your system. 5. Bug IDs fixed ( for more info): 89743 - usb-uhci Kernel freeze with one-shot interrupt transfers81282 - No pcmcia devices found (HP OmniBook XT6050) after upgrade. 89686 - V.110 doesn't work with HFC_PCI cards. 89049 - ALi M5451 doesn't work 89732 - Installer hangs when loading aic7xxx module 89554 - Kernel needs dell inspiron 8500 support 88847 - Sound card AZT1008 not initialized by ad1848.o 86180 - orinoco_cs periodically drops connection with linksys wpc11v3 88550 - Acer 351tev fails loading trident.o module 88047 - /proc/ /cmdline is empty 90276 - Some drivers are missing a copy_from_user() function call 6. RPMs required: Red Hat Linux 7.1: SRPMS: athlon: i386: i586: i686: Red Hat Linux 7.2: SRPMS: athlon: i386: i586: i686: Red Hat Linux 7.3: SRPMS: athlon: i386: i586: i686: Red Hat Linux 8.0: SRPMS: athlon: i386: i586: i686: Red Hat Linux 9: SRPMS: athlon: i386: i586: i686: 7. Verification: MD5 sum Package Name -------------------------------------------------------------------------- d1799a2701cd94e64dd7217fd4d1e666 7.1/en/os/SRPMS/kernel-2.4.20-13.7.src.rpm 1ed2234cddcf1a5eb18f8dd9abd2585b 7.1/en/os/athlon/kernel-2.4.20-13.7.athlon.rpm 4ec891edbd9340da904fd6a8d1d98043 7.1/en/os/athlon/kernel-smp-2.4.20-13.7.athlon.rpm 02347832231e93183581c3dbb8e46c4a 7.1/en/os/i386/kernel-2.4.20-13.7.i386.rpm 49c156feaa21c6b847813f3a087b5ae3 7.1/en/os/i386/kernel-BOOT-2.4.20-13.7.i386.rpm 702f8a04e66fdfd8f41a4319fe604e0a 7.1/en/os/i386/kernel-doc-2.4.20-13.7.i386.rpm 36437fe4edf013dc89aa9d226f20fd01 7.1/en/os/i386/kernel-source-2.4.20-13.7.i386.rpm b5533475a0fd9b383f56945d64dea185 7.1/en/os/i586/kernel-2.4.20-13.7.i586.rpm 592733320530871511e9c5d636563533 7.1/en/os/i586/kernel-smp-2.4.20-13.7.i586.rpm 77316b8f05f6fd1e352679f56b9992f6 7.1/en/os/i686/kernel-2.4.20-13.7.i686.rpm 408d19fa437c5e452167f2c8c1f362ce 7.1/en/os/i686/kernel-bigmem-2.4.20-13.7.i686.rpm 24168061d6bffb12a1fc150eaea6b1b9 7.1/en/os/i686/kernel-smp-2.4.20-13.7.i686.rpm d1799a2701cd94e64dd7217fd4d1e666 7.2/en/os/SRPMS/kernel-2.4.20-13.7.src.rpm 1ed2234cddcf1a5eb18f8dd9abd2585b 7.2/en/os/athlon/kernel-2.4.20-13.7.athlon.rpm 4ec891edbd9340da904fd6a8d1d98043 7.2/en/os/athlon/kernel-smp-2.4.20-13.7.athlon.rpm 02347832231e93183581c3dbb8e46c4a 7.2/en/os/i386/kernel-2.4.20-13.7.i386.rpm 49c156feaa21c6b847813f3a087b5ae3 7.2/en/os/i386/kernel-BOOT-2.4.20-13.7.i386.rpm 702f8a04e66fdfd8f41a4319fe604e0a 7.2/en/os/i386/kernel-doc-2.4.20-13.7.i386.rpm 36437fe4edf013dc89aa9d226f20fd01 7.2/en/os/i386/kernel-source-2.4.20-13.7.i386.rpm b5533475a0fd9b383f56945d64dea185 7.2/en/os/i586/kernel-2.4.20-13.7.i586.rpm 592733320530871511e9c5d636563533 7.2/en/os/i586/kernel-smp-2.4.20-13.7.i586.rpm 77316b8f05f6fd1e352679f56b9992f67.2/en/os/i686/kernel-2.4.20-13.7.i686.rpm 408d19fa437c5e452167f2c8c1f362ce 7.2/en/os/i686/kernel-bigmem-2.4.20-13.7.i686.rpm 24168061d6bffb12a1fc150eaea6b1b9 7.2/en/os/i686/kernel-smp-2.4.20-13.7.i686.rpm d1799a2701cd94e64dd7217fd4d1e666 7.3/en/os/SRPMS/kernel-2.4.20-13.7.src.rpm 1ed2234cddcf1a5eb18f8dd9abd2585b 7.3/en/os/athlon/kernel-2.4.20-13.7.athlon.rpm 4ec891edbd9340da904fd6a8d1d98043 7.3/en/os/athlon/kernel-smp-2.4.20-13.7.athlon.rpm 02347832231e93183581c3dbb8e46c4a 7.3/en/os/i386/kernel-2.4.20-13.7.i386.rpm 49c156feaa21c6b847813f3a087b5ae3 7.3/en/os/i386/kernel-BOOT-2.4.20-13.7.i386.rpm 702f8a04e66fdfd8f41a4319fe604e0a 7.3/en/os/i386/kernel-doc-2.4.20-13.7.i386.rpm 36437fe4edf013dc89aa9d226f20fd01 7.3/en/os/i386/kernel-source-2.4.20-13.7.i386.rpm b5533475a0fd9b383f56945d64dea185 7.3/en/os/i586/kernel-2.4.20-13.7.i586.rpm 592733320530871511e9c5d636563533 7.3/en/os/i586/kernel-smp-2.4.20-13.7.i586.rpm 77316b8f05f6fd1e352679f56b9992f6 7.3/en/os/i686/kernel-2.4.20-13.7.i686.rpm 408d19fa437c5e452167f2c8c1f362ce 7.3/en/os/i686/kernel-bigmem-2.4.20-13.7.i686.rpm 24168061d6bffb12a1fc150eaea6b1b9 7.3/en/os/i686/kernel-smp-2.4.20-13.7.i686.rpm 1eac6e546a88e479821b0c64fafd076c 8.0/en/os/SRPMS/kernel-2.4.20-13.8.src.rpm 5cdd690b2c0b8b275a4d048a95d8bf8b 8.0/en/os/SRPMS/oprofile-0.4-44.8.1.src.rpm 20f2ec3996100d5c4b5a5cf609cbf96c 8.0/en/os/athlon/kernel-2.4.20-13.8.athlon.rpm bcdbbbe42fee19a74d993c9eb0b5c2e0 8.0/en/os/athlon/kernel-smp-2.4.20-13.8.athlon.rpm 04a3edfdf82d73de6e58fcf2254b7fd4 8.0/en/os/i386/kernel-2.4.20-13.8.i386.rpm cbc978d4e686f0e2f8d4bb91a527ee59 8.0/en/os/i386/kernel-BOOT-2.4.20-13.8.i386.rpm 7061fe2b7d9a9e04d7d799590871d2fc 8.0/en/os/i386/kernel-doc-2.4.20-13.8.i386.rpm 96429c0d8185bb1672ed3530877e9e9c 8.0/en/os/i386/kernel-source-2.4.20-13.8.i386.rpm 88440b86e921dce49f05b0c1a0344cc9 8.0/en/os/i386/oprofile-0.4-44.8.1.i386.rpm be7d58a03d9a28db072b99c57fe80f0b 8.0/en/os/i586/kernel-2.4.20-13.8.i586.rpm 23fb8e7b7c895205314be4abd10b04748.0/en/os/i586/kernel-smp-2.4.20-13.8.i586.rpm 08584687dae702a02c9603fb95f5275c 8.0/en/os/i686/kernel-2.4.20-13.8.i686.rpm d336ee0403d4d8ffccdbed5fd460693f 8.0/en/os/i686/kernel-bigmem-2.4.20-13.8.i686.rpm f4f693c588d9519b26ec912e1e58419b 8.0/en/os/i686/kernel-smp-2.4.20-13.8.i686.rpm 5a39e35dfea5b4b79c8be444bf49dcc5 9/en/os/SRPMS/kernel-2.4.20-13.9.src.rpm 6b3e0a56fb8977818b0802f64a91dbb3 9/en/os/athlon/kernel-2.4.20-13.9.athlon.rpm 0460a0cc4bf91467fc3b26a979a8d658 9/en/os/athlon/kernel-smp-2.4.20-13.9.athlon.rpm b46c026c49d52da7b9f971f4a8a13908 9/en/os/i386/kernel-2.4.20-13.9.i386.rpm 794415512835127e0a7c7a99e56aa986 9/en/os/i386/kernel-BOOT-2.4.20-13.9.i386.rpm 5a1e0fd284dc69896c25f8c31bea6513 9/en/os/i386/kernel-doc-2.4.20-13.9.i386.rpm 9367405b84ff5bb55cef17c879cf9ce0 9/en/os/i386/kernel-source-2.4.20-13.9.i386.rpm c0957a0fe3c04594c9b5489877a7c570 9/en/os/i586/kernel-2.4.20-13.9.i586.rpm 6d9a641dadcc0abce2584f9f92f20552 9/en/os/i586/kernel-smp-2.4.20-13.9.i586.rpm ac8410ce50e12268cc07e6dfb80a08f0 9/en/os/i686/kernel-2.4.20-13.9.i686.rpm 21ca6ca4b4d4aada6ce90dbb700145b3 9/en/os/i686/kernel-bigmem-2.4.20-13.9.i686.rpm bac56b09e64cbe6befa0f134f9c7ab53 9/en/os/i686/kernel-smp-2.4.20-13.9.i686.rpm These packages are GPG signed by Red Hat for security. Our key is available at All Red Hat products You can verify each package with the following command: rpm --checksig -v If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: md5sum 8. References: http://marc.theaimsgroup.com/?l=bk-commits-24&m=105217616607144&w=2 703 – Security vulnerability in "ioperm" system call CVE -CVE-2003-0244 CVE -CVE-2003-0246 9. Contact: The Red Hat security contact is . More contact details at All Red Hat products Copyright 2003 Red Hat, Inc. `. Attention Red Hat users: the latest kernel updates have been issued to fix security flaws concerning remote DoS attacks and local privilege elevation..Kernel Update, Red Hat Security, Remote Denial Service, Local Privilege. . Severity: Critical. LinuxSecurity.com Team
May 14, 2003
•Critical
Red Hat
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!