Ubuntu Security Notice 5829-1 - It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.
aad823e9a2aa345a90ba89b0bbadac4b45a7aad04940b487e28febdc9f15b3ff
Red Hat Security Advisory 2023-0441-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.
1ef43e0486be0b0305bdb8cfdf52cf102a0385d5854e738957bb3bd2fcc93734
Red Hat Security Advisory 2023-0440-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system.
6d75623fe8f38f20905f3965079441cf9e0ae8889a9f0bcebf5cba22336718cc
Red Hat Security Advisory 2023-0399-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system.
63284cf94e890ed594cb0c8f100abafc4d137cb3943d7cb99a68b986a4e72f64
Red Hat Security Advisory 2023-0404-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.
8c89f5af23a52db2aa4917eb8d0374bdf826764172f0edbab57db3effd87596b
Red Hat Security Advisory 2023-0400-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
268642b2621ea55896ecf2b849998230c27b737e5f55044b2de389e89231051e
Red Hat Security Advisory 2023-0432-01 - Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems. Issues addressed include an out of bounds read vulnerability.
3e3a0b366e2b42cf9eb338b1c1861a10ed5f9565f19a5df98afc59f5dc528ffc
Red Hat Security Advisory 2023-0396-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.
0bfb098f3f7e0bb25a209a1c544f316b74d9e3292093f35d99b3e2e3eb6eb962
Red Hat Security Advisory 2023-0395-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system.
81e2f82868d70a3c953a085f97b8fc784dccff11dc978225a0f18cd3027e8aad
Red Hat Security Advisory 2023-0392-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
dc4638f3b1a3a61d8746a1bef86ca86ce3c2a307cadfb6c2950ccfdb9824f50d
Debian Linux Security Advisory 5324-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
4738a5dd5b6f53a56ab15c9bc642f4b021b4a873119259aea80dd67e167ed354
Red Hat Security Advisory 2023-0334-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow and privilege escalation vulnerabilities.
270a2d5624a45b16560c8e641883158312e61364d19ffad747cdf8e699ae8f52
Red Hat Security Advisory 2023-0300-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include buffer overflow and privilege escalation vulnerabilities.
8d37c7d8ee1ca4cb5709e9609fb377f17f1c4bb3ae3c63a34fc4b21cff595e3b
Red Hat Security Advisory 2023-0348-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include buffer overflow and privilege escalation vulnerabilities.
e864895bb1b66157dffd89917ce2ff48ada4cdb215dc53916ad302cda3d20852
Red Hat Security Advisory 2023-0303-01 - The USBGuard software framework provides system protection against intrusive USB devices by implementing basic whitelisting and blacklisting capabilities based on device attributes. To enforce a user-defined policy, USBGuard uses the Linux kernel USB device authorization feature.
4383c91e9044199890b040e8d2e8f9484bf7b69604be08aa6c6768dcfc1dd2b8
Ubuntu Security Notice 5815-1 - It was discovered that a race condition existed in the Android Binder IPC subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. David Leadbeater discovered that the netfilter IRC protocol tracking implementation in the Linux Kernel incorrectly handled certain message payloads in some situations. A remote attacker could possibly use this to cause a denial of service or bypass firewall filtering.
7f3d477e507b66b0daafcca7953d74f1ea4a8753942924b204034c093c0c71b0
Ubuntu Security Notice 5814-1 - Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service or execute arbitrary code. Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.
dbfe665f3a1513799bf58ebfb34bae00253cc650f33bcb40256da98c77f5d57d
Ubuntu Security Notice 5813-1 - It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.
c8585d9310f20472858a349154e922f465a23afb78b9d227cd2a5767b334c7ee
Ubuntu Security Notice 5809-1 - Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service or execute arbitrary code. Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.
9c7806fd2b27e8bf93c0572476e6a6a7bfd1fc39e41c523db32a80f8b535e96e
Ubuntu Security Notice 5808-1 - It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.
cc4443f00c1b80d3578f83459d2dcc84a73bd15607e61dc8a6a55c30a1f95a47
Red Hat Security Advisory 2023-0187-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system.
d59c0ef9a4a4e6813a61c959c667458d55d1fb7fa508f953ee47de3b38c83110
Ubuntu Security Notice 5804-2 - It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.
432e44d00c7370626def9020ff038a803fee945c7cfa7c1e5694ed4a2e964793
Ubuntu Security Notice 5804-1 - It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Tamas Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.
eaaf2b382821a29f0cd1289ad47e022031258f5e6b7b5ad1a6f618862dfb5a67
On newer macOS/iOS versions, entitlements in binary signature blobs are stored in the DER format. libCoreEntitlements.dylib is the userspace library for parsing and querying such entitlements. The kernel has its own version of this library inside the AppleMobileFileIntegrity module. libCoreEntitlements exposes several functions, such as, for example, to convert entitlements to a dictionary representation (e.g. CEQueryContextToCFDictionary) or to query a specific entitlement (CEContextQuery). Unfortunately, different functions traverse the DER structure in a subtly different way, which allows one API to see one set of entitlements and another API to see a different set of entitlements.
9313c983a56ba7500d8b9861b16b1c103ae3a9454de12a836126f89cec59a1b8
Ubuntu Security Notice 5803-1 - Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service or execute arbitrary code. Tamas Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.
4a901d23fe04ca230ee9b786ae58b58154f66077be0ff2e81efffbae06b991af