Red Hat Security Advisory 2022-4644-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a privilege escalation vulnerability.
9238f3f09ee24112c543f2a4c26934610307752a7f760bd4cacb97f776229c6dRed Hat Security Advisory 2022-4655-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a privilege escalation vulnerability.
b32cf1f12c90d2ce3d018e88504d2caf637f62d925d714e143765869229bb073Red Hat Security Advisory 2022-4642-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include null pointer and privilege escalation vulnerabilities.
3c0b32f3c90145a54c8cbc784710b71ce7588da50abb4986999bafbde5c9bdc5Ubuntu Security Notice 5417-1 - Ke Sun, Alyssa Milburn, Henrique Kawakami, Emma Benoit, Igor Chervatyuk, Lisa Aichele, and Thais Moreira Hamasaki discovered that the Spectre Variant 2 mitigations for AMD processors on Linux were insufficient in some situations. A local attacker could possibly use this to expose sensitive information. It was discovered that the MMC/SD subsystem in the Linux kernel did not properly handle read errors from SD cards in certain situations. An attacker could possibly use this to expose sensitive information.
337688d78bd8984c56f452e4bee794482d878f55146f535c4c249b641b2b5f51Ubuntu Security Notice 5416-1 - Qiuhao Li, Gaoning Pan and Yongkang Jia discovered that the KVM implementation in the Linux kernel did not properly perform guest page table updates in some situations. An attacker in a guest vm could possibly use this to crash the host OS. It was discovered that the implementation of X.25 network protocols in the Linux kernel did not terminate link layer sessions properly. A local attacker could possibly use this to cause a denial of service.
7fdbee8afc9e35d51c815cc5cf37dff16b83556969d0fb1ee6bfdc2a05f5d92cUbuntu Security Notice 5415-1 - Jeremy Cline discovered a use-after-free in the nouveau graphics driver of the Linux kernel during device removal. A privileged or physically proximate attacker could use this to cause a denial of service. Ke Sun, Alyssa Milburn, Henrique Kawakami, Emma Benoit, Igor Chervatyuk, Lisa Aichele, and Thais Moreira Hamasaki discovered that the Spectre Variant 2 mitigations for AMD processors on Linux were insufficient in some situations. A local attacker could possibly use this to expose sensitive information.
691a35428f308c736b0b1c54fe6cb68b24805afc0173f36b49281af792f6943aUbuntu Security Notice 5413-1 - Jeremy Cline discovered a use-after-free in the nouveau graphics driver of the Linux kernel during device removal. A privileged or physically proximate attacker could use this to cause a denial of service. It was discovered that a race condition existed in the network scheduling subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
91244b1f084946d306199917a00cb07c4faa804148fb749c2918a68baf634f4cRed Hat Security Advisory 2022-2186-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include privilege escalation and use-after-free vulnerabilities.
a847e5c70c5289c712f0df28eb12a731d4e74f077f18cf417aae88f5d9d94fefRed Hat Security Advisory 2022-2211-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include privilege escalation and use-after-free vulnerabilities.
71372bb43a888c8330bd51534a8b3948c81aa048f2576873cb1617edaf6cc742Red Hat Security Advisory 2022-2189-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include privilege escalation and use-after-free vulnerabilities.
fd1c2dd2553ad38432826289b02c39ffabff76be6059f360d709310e87bcf72fRed Hat Security Advisory 2022-2188-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a use-after-free vulnerability.
9bbf685731b3508d2628ffb1e44ff1e0c9d38ec323cc91a7a1326e8acb56d274Red Hat Security Advisory 2022-1988-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow, denial of service, information leakage, integer overflow, memory leak, out of bounds read, out of bounds write, privilege escalation, and use-after-free vulnerabilities.
37a2bc5df5427ed04000a8d10823bd2aed8f25a960acdbe741e5cfa028d617dfRed Hat Security Advisory 2022-1759-01 - Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems. Issues addressed include buffer overflow, integer overflow, null pointer, out of bounds access, out of bounds read, and use-after-free vulnerabilities.
cf2c26724e7650e1aeb0964cd78478438588a1ed37ddff36eb738dc4866cc442Red Hat Security Advisory 2022-2110-01 - The grub2 packages provide version 2 of the Grand Unified Boot Loader, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices.
78a5d3eabf050e4cfed97bbd2723a1ba8f9280371bd305e134463c7ed7c9afb2Red Hat Security Advisory 2022-1930-01 - The keepalived utility provides simple and robust facilities for load balancing and high availability. The load balancing framework relies on the well-known and widely used IP Virtual Server kernel module providing layer-4 load balancing. Keepalived implements a set of checkers to dynamically and adaptively maintain and manage a load balanced server pool according to the health of the servers. Keepalived also implements the Virtual Router Redundancy Protocol to achieve high availability with director failover. Issues addressed include a bypass vulnerability.
76947cf8d24f0cc01edc970c03b76ca139059d4c8da0b51ff3856d60cefacc15Red Hat Security Advisory 2022-1975-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include buffer overflow, denial of service, information leakage, integer overflow, out of bounds read, out of bounds write, privilege escalation, and use-after-free vulnerabilities.
76e7a83f67a9594d044f0555940c9cdc95fcacfd7cb6fe3ce07a4e4115106e22Red Hat Security Advisory 2022-1898-01 - Fapolicyd implements application whitelisting to decide file access rights. Applications that are known via a reputation source are allowed access while unknown applications are not. The daemon makes use of the kernel's fanotify interface to determine file access rights.
a252bd45c61063768ab945b7836fb27e06018af31f730c386bdbc8dcc9a9b38fUbuntu Security Notice 5390-2 - David Bouman discovered that the netfilter subsystem in the Linux kernel did not properly validate passed user register indices. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. David Bouman discovered that the netfilter subsystem in the Linux kernel did not initialize memory in some situations. A local attacker could use this to expose sensitive information.
360e866dc51e067344a3c2f5e702ffdd692299bf8bc29ec6c987ef25420ab7d1Red Hat Security Advisory 2022-1619-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a denial of service vulnerability.
507d396b68d53e2d0e4f376f9b0e14170cb7ccfa44aa7a787645d2e575356f85Ubuntu Security Notice 5390-1 - David Bouman discovered that the netfilter subsystem in the Linux kernel did not properly validate passed user register indices. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. David Bouman discovered that the netfilter subsystem in the Linux kernel did not initialize memory in some situations. A local attacker could use this to expose sensitive information.
bd2b4d4639a914ae1841189b40c77de561ecd56241b089b07005172c05226dffRed Hat Security Advisory 2022-1550-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include out of bounds write and use-after-free vulnerabilities.
7f5aa485e823f76744d9d8d8570200a07bf6a3de3fa6401208421b9e31d6cd66Red Hat Security Advisory 2022-1555-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include out of bounds write and use-after-free vulnerabilities.
2405f540dc3324b152e07b104bc6ceae75b5eec8cc4e8bf6ce105d0f3d3becefRed Hat Security Advisory 2022-1535-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include out of bounds write and use-after-free vulnerabilities.
a815dc253992667616fe38b0712ff8ddb6e1b2c7d4b9c30e5be9a4891dea1316Red Hat Security Advisory 2022-1589-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a denial of service vulnerability.
ce6b750fab40b7a2799f13acf00fe0f6df54023a781e844323752cc299701d2fThis Metasploit module exploits a vulnerability in the Linux Kernel's watch_queue event notification system. It relies on a heap out-of-bounds write in kernel memory. The exploit may fail on the first attempt so multiple attempts may be needed. Note that the exploit can potentially cause a denial of service if multiple failed attempts occur, however this is unlikely.
b59181d9b536ad31ebdc6b3f83985c65e49fbe3242468f7709e7bb7a2d4b1e5f
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed