MAL-2025-40921 Malicious code in zephyr_5m9t9_qyzkf_plume (npm)

The package zephyr5m9t9qyzkfplume was found to contain malicious code...

Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2025-836)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-836 advisory. In the Linux kernel, the following vulnerability has been resolved: net: sched: schmultiq: fix possible OOB write in multiqtune CVE-2024-36978 In the Linux kernel, the following vulnerability h...

SUSE SLES15 Security Update : kernel RT (Live Patch 0 for SLE 15 SP6) (SUSE-SU-2025:0268-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0268-1 advisory. This update for the Linux Kernel 6.4.0-1506008 fixes several issues. The following security issues were fixed: - CVE-2024-40921: net: bridge:...

SUSE-SU-2025:0269-1 Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-150600105 fixes several issues. The following security issues were fixed: - CVE-2024-40921: net: bridge: mst: pass vlan group directly to brmstvlansetstate bsc1227784. - CVE-2024-40920: net: bridge: mst: fix suspicious rcu usage in brmstsetstate bsc1227781. ...

Security update for the Linux Kernel RT (Live Patch 0 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506008 fixes several issues. The following security issues were fixed: CVE-2024-40921: net: bridge: mst: pass vlan group directly to brmstvlansetstate bsc1227784. CVE-2024-40920: net: bridge: mst: fix suspicious rcu usage in brmstsetstate bsc1227781...

SUSE-SU-2025:0268-1 Security update for the Linux Kernel RT (Live Patch 0 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506008 fixes several issues. The following security issues were fixed: - CVE-2024-40921: net: bridge: mst: pass vlan group directly to brmstvlansetstate bsc1227784. - CVE-2024-40920: net: bridge: mst: fix suspicious rcu usage in brmstsetstate bsc1227781. -...

SUSE SLES15 Security Update : kernel (Live Patch 1 for SLE 15 SP6) (SUSE-SU-2025:0255-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0255-1 advisory. This update for the Linux Kernel 6.4.0-150600237 fixes several issues. The following security issues were fixed: - CVE-2024-40921: net: bridge:...

SUSE SLES15 Security Update : kernel (Live Patch 0 for SLE 15 SP6) (SUSE-SU-2025:0263-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0263-1 advisory. This update for the Linux Kernel 6.4.0-15060021 fixes several issues. The following security issues were fixed: - CVE-2024-40921: net: bridge:...

SUSE SLES15 Security Update : kernel (Live Patch 3 for SLE 15 SP6) (SUSE-SU-2025:0265-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0265-1 advisory. This update for the Linux Kernel 6.4.0-1506002317 fixes several issues. The following security issues were fixed: - CVE-2024-40921: net: bridge...

SUSE SLES15 Security Update : kernel (Live Patch 2 for SLE 15 SP6) (SUSE-SU-2025:0262-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0262-1 advisory. This update for the Linux Kernel 6.4.0-1506002314 fixes several issues. The following security issues were fixed: - CVE-2024-40921: net: bridge...

SUSE-SU-2025:0265-1 Security update for the Linux Kernel (Live Patch 3 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506002317 fixes several issues. The following security issues were fixed: - CVE-2024-40921: net: bridge: mst: pass vlan group directly to brmstvlansetstate bsc1227784. - CVE-2024-40920: net: bridge: mst: fix suspicious rcu usage in brmstsetstate bsc1227781....

SUSE-SU-2025:0263-1 Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-15060021 fixes several issues. The following security issues were fixed: - CVE-2024-40921: net: bridge: mst: pass vlan group directly to brmstvlansetstate bsc1227784. - CVE-2024-40920: net: bridge: mst: fix suspicious rcu usage in brmstsetstate bsc1227781. -...

Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-150600237 fixes several issues. The following security issues were fixed: CVE-2024-40921: net: bridge: mst: pass vlan group directly to brmstvlansetstate bsc1227784. CVE-2024-40920: net: bridge: mst: fix suspicious rcu usage in brmstsetstate bsc1227781...

CVE-2024-40921

In the Linux kernel, the following vulnerability has been resolved: net: bridge: mst: pass vlan group directly to brmstvlansetstate Pass the already obtained vlan group pointer to brmstvlansetstate instead of dereferencing it again. Each caller has already correctly dereferenced it for their...

CVE-2024-40921

In the Linux kernel, the following vulnerability has been resolved: net: bridge: mst: pass vlan group directly to brmstvlansetstate Pass the already obtained vlan group pointer to brmstvlansetstate instead of dereferencing it again. Each caller has already correctly dereferenced it for their...

CVE-2024-40921

In the Linux kernel, the following vulnerability has been resolved: net: bridge: mst: pass vlan group directly to brmstvlansetstate Pass the already obtained vlan group pointer to brmstvlansetstate instead of dereferencing it again. Each caller has already correctly dereferenced it for their...

CVE-2024-40921 net: bridge: mst: pass vlan group directly to br_mst_vlan_set_state

In the Linux kernel, the following vulnerability has been resolved: net: bridge: mst: pass vlan group directly to brmstvlansetstate Pass the already obtained vlan group pointer to brmstvlansetstate instead of dereferencing it again. Each caller has already correctly dereferenced it for their...

CVE-2024-40921 net: bridge: mst: pass vlan group directly to br_mst_vlan_set_state

In the Linux kernel, the following vulnerability has been resolved: net: bridge: mst: pass vlan group directly to brmstvlansetstate Pass the already obtained vlan group pointer to brmstvlansetstate instead of dereferencing it again. Each caller has already correctly dereferenced it for their...

CVE-2024-40921

CVE-2024-40921 impacts the Linux kernel’s networking stack, specifically the bridge/mst path: the change fixes passing a vlan group pointer to br_mst_vlan_set_state by using the already obtained group rather than dereferencing it again. Root cause is a non-functional dereference path related to a...

CVE-2023-40921

creationtimestamp| type| source ---|---|--- 2024-01-10 15:11:47+00:00| seen| https://t.me/ctinow/165845...