72 matches found
SUSE-SU-2026:20889-1 Security update for the Linux Kernel (Live Patch 14 for SUSE Linux Enterprise Micro 6.0)
This update for the SUSE Linux Enterprise Kernel 6.4.0-38.1 fixes various security issues The following security issues were fixed: - CVE-2025-40258: mptcp: fix race condition in mptcpschedulework bsc1255053. - CVE-2025-40284: Bluetooth: MGMT: cancel mesh send timer when hdev removed bsc1257669. ...
SUSE-SU-2026:20863-1 Security update for the Linux Kernel (Live Patch 11 for SUSE Linux Enterprise Micro 6.0)
This update for the SUSE Linux Enterprise Kernel 6.4.0-34.1 fixes various security issues The following security issues were fixed: - CVE-2025-38488: smb: client: fix use-after-free in cryptmessage when using async crypto bsc1247240. - CVE-2025-40258: mptcp: fix race condition in mptcpschedulewor...
SUSE-SU-2026:20854-1 Security update for the Linux Kernel RT (Live Patch 12 for SUSE Linux Enterprise Micro 6.0)
This update for the SUSE Linux Enterprise Kernel 6.4.0-36.1 fixes various security issues The following security issues were fixed: - CVE-2025-38488: smb: client: fix use-after-free in cryptmessage when using async crypto bsc1247240. - CVE-2025-40258: mptcp: fix race condition in mptcpschedulewor...
SUSE-SU-2026:20851-1 Security update for the Linux Kernel RT (Live Patch 9 for SUSE Linux Enterprise Micro 6.0)
This update for the SUSE Linux Enterprise Kernel 6.4.0-33.1 fixes various security issues The following security issues were fixed: - CVE-2025-38488: smb: client: fix use-after-free in cryptmessage when using async crypto bsc1247240. - CVE-2025-40258: mptcp: fix race condition in mptcpschedulewor...
SUSE-SU-2026:0951-1 Security update for the Linux Kernel (Live Patch 2 for SUSE Linux Enterprise 15 SP7 RT)
This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.7.8 fixes various security issues The following security issues were fixed: - CVE-2025-38488: smb: client: fix use-after-free in cryptmessage when using async crypto bsc1247240. - CVE-2025-40258: mptcp: fix race condition in...
Security update for
This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.7.13 fixes various security issues The following security issues were fixed: CVE-2025-38488: smb: client: fix use-after-free in cryptmessage when using async crypto bsc1247240. CVE-2025-40258: mptcp: fix race condition in...
Security update for
This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.7.3 fixes various security issues The following security issues were fixed: CVE-2025-38159: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds bsc1257629. CVE-2025-38488: smb: client: fix use-after-free in...
Important: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: RDMA/restrack: Release MR restrack when delete CVE-2022-50822 In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: reject duplicate device on updates CVE-2025-38678 In the Linux...
SUSE-SU-2026:0352-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 11 SP4 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2023-54168: RDMA/mlx4: Prevent shift wrapping in setusersqsize bsc1256053. - CVE-2025-40018: ipvs: Defer ipvsftp unregister during netns cleanup bsc1253291 bsc1253292...
Azure Linux 3.0 Security Update: kernel (CVE-2025-37961)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37961 advisory. - In the Linux kernel, the following vulnerability has been resolved: ipvs: fix uninit-value for saddr in...
UBUNTU-CVE-2025-68813
In the Linux kernel, the following vulnerability has been resolved: ipvs: fix ipv4 null-ptr-deref in route error path The IPv4 code path in ipvsgetoutrt calls dstlinkfailure without ensuring skb-dev is set, leading to a NULL pointer dereference in fibcomputespecdst when ipv4linkfailure attempts t...
ROS-20260112-7370
A vulnerability in the ipvs component of the Linux operating system kernel is related to pointer dereferencing errors. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ipvs: Defer ip_vs_ftp unregister during netns cleanup
...
AZL-68769 CVE-2025-40018 affecting package kernel for versions less than 6.6.112.1-2
In the Linux kernel, the following vulnerability has been resolved: ipvs: Defer ipvsftp unregister during netns cleanup On the netns cleanup path, ipvsftpexit may unregister ipvsftp before connections with valid cp-app pointers are flushed, leading to a use-after-free. Fix this by introducing a...
DEBIAN-CVE-2025-40018
In the Linux kernel, the following vulnerability has been resolved: ipvs: Defer ipvsftp unregister during netns cleanup On the netns cleanup path, ipvsftpexit may unregister ipvsftp before connections with valid cp-app pointers are flushed, leading to a use-after-free. Fix this by introducing a...
CVE-2025-40018
In the Linux kernel, the following vulnerability has been resolved: ipvs: Defer ipvsftp unregister during netns cleanup On the netns cleanup path, ipvsftpexit may unregister ipvsftp before connections with valid cp-app pointers are flushed, leading to a use-after-free. Fix this by introducing a...
CVE-2025-40018
The CVE-2025-40018 issue in the Linux kernel’s ipvs code (ip_vs_ftp) arose from unregistering ip_vs_ftp during netns cleanup before flushing connections, which could lead to use-after-free. The fix introduces a global exiting_module flag: ip_vs_ftp_exit() sets it true before unregistering the per...
EUVD-2016-10060
Malware in sbrugna...
OESA-2025-1726 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: kcm: close race conditions on skreceivequeue sk-skreceivequeue is protected by skb queue lock, but for KCM sockets its RX path takes mux-rxlock to protect more...
SUSE CVE-2025-37961
In the Linux kernel, the following vulnerability has been resolved: ipvs: fix uninit-value for saddr in dooutputroute4 syzbot reports for uninit-value for the saddr argument 1. commit 4754957f04f5 "ipvs: do not use random local source address for tunnels" already implies that the input value of...