Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -7 articles for you...
203
security advisorykernel updatecritical fixMageia 8 - 2023-0088 Critical: Kernel-Linus Fixes Spectre Attacks
This kernel-linus update is based on upstream 5.15.98 and fixes atleast the following security issues: A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2 attacks on L1 . MGASA-2023-0088 - Updated kernel-linus packages fix security vulnerabilities Publication date: 11 Mar 2023 URL: https://advisories.mageia.org/MGASA-2023-0088.html Type: security Affected Mageia releases: 8 CVE: CVE-2022-2196, CVE-2022-3707, CVE-2022-4129, CVE-2022-4382, CVE-2022-4842, CVE-2022-27672, CVE-2023-0179, CVE-2023-0394, CVE-2023-1073, CVE-2023-1074, CVE-2023-1078, CVE-2023-23559, CVE-2023-26545 This kernel-linus update is based on upstream 5.15.98 and fixes atleast the following security issues: A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2 attacks on L1 due to L1 thinking it doesn't need retpolines or IBPB after running L2 due to KVM (L0) advertising eIBRS support to L1. An attacker at L2 with code execution can execute code on an indirect branch on the host machine (CVE-2022-2196). A double-free memory flaw was found in the Linux kernel. The Intel GVT-g graphics driver triggers VGA card system resource overload, causing a fail in the intel_gvt_dma_map_guest_page function. This issue could allow a local user to crash the system (CVE-2022-3707). A flaw was found in the Linux kernel's Layer 2 Tunneling Protocol (L2TP). A missing lock when clearing sk_user_data can lead to a race condition and NULL pointer dereference. A local user could use this flaw to potentially crash the system causing a denial of service (CVE-2022-4129). A use-after-free flaw caused by a race among the superblock operations in the gadgetfs Linux driver was found. It could be triggered by yanking out a device that is running the gadgetfs side (CVE-2022-4382). A flaw NULL Pointer Dereference in the Linux kernel NTFS3 driverfunction attr_punch_hole() was found. A local user could use this flaw to crash the system (CVE-2022-4842). When SMT is enabled, certain AMD processors may speculatively execute instructions using a target from the sibling thread after an SMT mode switch potentially resulting in information disclosure (CVE-2022-27672). A buffer overflow vulnerability was found in the Netfilter subsystem in the Linux Kernel. This issue could allow the leakage of both stack and heap addresses, and potentially allow Local Privilege Escalation to the root user via arbitrary code execution (CVE-2023-0179). A NULL pointer dereference flaw was found in rawv6_push_pending_frames in net/ipv6/raw.c in the network subcomponent in the Linux kernel. This flaw causes the system to crash (CVE-2023-0394). A memory corruption flaw was found in the Linux kernelâs human interface device (HID) subsystem in how a user inserts a malicious USB device. This flaw allows a local user to crash or potentially escalate their privileges on the system (CVE-2023-1073). A memory leak flaw was found in the Linux kernel's Stream Control Transmission Protocol. This issue may occur when a user starts a malicious networking service and someone connects to this service. This could allow a local user to starve resources, causing a denial of service (CVE-2023-1074). rds: rds_rm_zerocopy_callback() use list_first_entry() (CVE-2023-1078). An integer overflow flaw was found in the Linux kernelâs wireless RNDIS USB device driver in how a user installs a malicious USB device. This flaw allows a local user to crash or potentially escalate their privileges on the system (CVE-2023-23559). There is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl table under a new location) during the renaming of a device (CVE-2023-26545). For other upstream fixes in this update, see the referenced changelogs. References: - https://bugs.mageia.org/show_bug.cgi?id=31632 -https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.89 - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.90 - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.91 - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.92 - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.93 - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.94 - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.95 - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.96 - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.97 - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.98 - https://www.cve.org/CVERecord?id=CVE-2022-2196 - https://www.cve.org/CVERecord?id=CVE-2022-3707 - https://www.cve.org/CVERecord?id=CVE-2022-4129 - https://www.cve.org/CVERecord?id=CVE-2022-4382 - https://www.cve.org/CVERecord?id=CVE-2022-4842 - https://www.cve.org/CVERecord?id=CVE-2022-27672 - https://www.cve.org/CVERecord?id=CVE-2023-0179 - https://www.cve.org/CVERecord?id=CVE-2023-0394 - https://www.cve.org/CVERecord?id=CVE-2023-1073 - https://www.cve.org/CVERecord?id=CVE-2023-1074 - https://www.cve.org/CVERecord?id=CVE-2023-1078 - https://www.cve.org/CVERecord?id=CVE-2023-23559 - https://www.cve.org/CVERecord?id=CVE-2023-26545 SRPMS: - 8/core/kernel-linus-5.15.98-1.mga8 . The latest kernel update for Mageia tackles several vulnerabilities, including risks associated with Spectre and various memory-related bugs. It is recommended to upgrade immediately.. Mageia Kernel Update, Security Fixes, Memory Flaw Mitigation, Linux Kernel Security. . Severity: Critical. LinuxSecurity.com Team
Mar 11, 2023
•Critical
Mageia
100
security advisoryimportantkernel fixSUSE: 2019:0450-1 Critical: Updates for Meltdown Vulnerabilities
An update that fixes two vulnerabilities is now available.. SUSE Security Update: Security update for the Linux Kernel ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:0171-1 Rating: important References: #1068032 Cross-References: CVE-2017-5715 CVE-2017-5753 Affected Products: SUSE Linux Enterprise Server 11-SP3-LTSS SUSE Linux Enterprise Server 11-EXTRA SUSE Linux Enterprise Debuginfo 11-SP3 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: The SUSE Linux Enterprise 11 SP3 LTSS kernel was updated to receive various security and bugfixes. This update is only provided as a fix update for IBM Z platform. - CVE-2017-5753 / "Spectre Attack": IBM Z fixes were included but not enabled in the previous update. This update enables those fixes. - CVE-2017-5715 / "Spectre Attack": IBM Z fixes were already included in the previous update. A bugfix for the patches has been applied on top. - CVE-2017-5754: The IBM Z architecture is not affected by the "Meltdown" attack. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11-SP3-LTSS: zypper in -t patch slessp3-kernel-20180111-13427=1 - SUSE Linux Enterprise Server 11-EXTRA: zypper in -t patch slexsp3-kernel-20180111-13427=1 - SUSE Linux Enterprise Debuginfo 11-SP3: zypper in -t patch dbgsp3-kernel-20180111-13427=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11-SP3-LTSS (s390x): kernel-default-3.0.101-0.47.106.14.1 kernel-default-base-3.0.101-0.47.106.14.1 kernel-default-devel-3.0.101-0.47.106.14.1 kernel-default-man-3.0.101-0.47.106.14.1 kernel-source-3.0.101-0.47.106.14.1 kernel-syms-3.0.101-0.47.106.14.1 kernel-trace-3.0.101-0.47.106.14.1 kernel-trace-base-3.0.101-0.47.106.14.1 kernel-trace-devel-3.0.101-0.47.106.14.1 - SUSE Linux Enterprise Server 11-EXTRA (s390x): kernel-default-extra-3.0.101-0.47.106.14.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (s390x): kernel-default-debuginfo-3.0.101-0.47.106.14.1 kernel-default-debugsource-3.0.101-0.47.106.14.1 kernel-trace-debuginfo-3.0.101-0.47.106.14.1 kernel-trace-debugsource-3.0.101-0.47.106.14.1 References: https://www.suse.com/security/cve/CVE-2017-5715.html https://www.suse.com/security/cve/CVE-2017-5753.html https://bugzilla.suse.com/1068032 -- . The SUSE Security Patch delivers critical updates for the Linux Kernel, mitigating Spectre vulnerabilities specifically for the IBM Z architecture.. SUSE Linux Enterprise, Kernel Patch, Security Update, Spectre Attack, Bug Fix. . Severity: Critical. LinuxSecurity.com Team
Jan 22, 2018
•Critical
SuSE
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!