SUSE-SU-2025:3765-1 Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP7)

This update for the Linux Kernel 6.4.0-15070051 fixes several issues. The following security issues were fixed: - CVE-2025-38678: netfilter: nftables: reject duplicate device on updates bsc1249534. - CVE-2025-38499: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns...

SUSE-SU-2025:3764-1 Security update for the Linux Kernel (Live Patch 13 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506002360 fixes several issues. The following security issues were fixed: - CVE-2025-38678: netfilter: nftables: reject duplicate device on updates bsc1249534. - CVE-2025-38499: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns...

SUSE-SU-2025:3762-1 Security update for the Linux Kernel (Live Patch 10 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506002347 fixes several issues. The following security issues were fixed: - CVE-2025-38678: netfilter: nftables: reject duplicate device on updates bsc1249534. - CVE-2025-38499: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns...

SUSE-SU-2025:3748-1 Security update for the Linux Kernel (Live Patch 6 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506002330 fixes several issues. The following security issues were fixed: - CVE-2025-38678: netfilter: nftables: reject duplicate device on updates bsc1249534. - CVE-2025-38499: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns...

Security update for the Linux Kernel (Live Patch 5 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506002325 fixes several issues. The following security issues were fixed: CVE-2025-38678: netfilter: nftables: reject duplicate device on updates bsc1249534. CVE-2025-38499: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns...

SUSE-SU-2025:3742-1 Security update for the Linux Kernel (Live Patch 4 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506002322 fixes several issues. The following security issues were fixed: - CVE-2025-38678: netfilter: nftables: reject duplicate device on updates bsc1249534. - CVE-2025-38499: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns...

SUSE CVE-2022-50577

In the Linux kernel, the following vulnerability has been resolved: ima: Fix memory leak in imainodehash Commit f3cc6b25dcc5 "ima: always measure and audit files in policy" lets measurement or audit happen even if the file digest cannot be calculated. As a result, iint-imahash could have been...

SUSE CVE-2022-50581

In the Linux kernel, the following vulnerability has been resolved: hfs: fix OOB Read in hfsbrecfind Syzbot reported a OOB read bug: ================================================================== BUG: KASAN: slab-out-of-bounds in hfsstrcmp+0x117/0x190 fs/hfs/string.c:84 Read of size 1 at addr...

Siemens SIMATIC Devices Out-of-bounds Read (CVE-2024-26982)

In the Linux kernel, the following vulnerability has been resolved: Squashfs: check the inode number is not the invalid value of zero This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

EUVD-2022-54801

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on inlinedots inode As Wenqing reported in bugzilla: https://bugzilla.kernel.org/showbug.cgi?id=215765 It will cause a kernel panic with steps: - mkdir mnt - mount tmp40.img mnt - ls mnt...

EUVD-2022-55669

In the Linux kernel, the following vulnerability has been resolved: clk: imx: scu: fix memleak on platformdeviceadd fails No error handling is performed when platformdeviceadd fails. Add error processing before return, and modified the return value...

CVE-2023-53732

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix NULL dereference in niwriteinode Syzbot reports a NULL dereference in niwriteinode. When creating a new inode, if allocation fails in miinit function called in miformatnew function, mi-mrec is set to NULL. In the...

DEBIAN-CVE-2023-53711

In the Linux kernel, the following vulnerability has been resolved: NFS: Fix a potential data corruption We must ensure that the subrequests are joined back into the head before we can retransmit a request. If the head was not on the commit lists, because the server wrote it synchronously, we sti...

DEBIAN-CVE-2023-53695

In the Linux kernel, the following vulnerability has been resolved: udf: Detect system inodes linked into directory hierarchy When UDF filesystem is corrupted, hidden system inodes can be linked into directory hierarchy which is an avenue for further serious corruption of the filesystem and kerne...

DEBIAN-CVE-2022-50581

In the Linux kernel, the following vulnerability has been resolved: hfs: fix OOB Read in hfsbrecfind Syzbot reported a OOB read bug: ================================================================== BUG: KASAN: slab-out-of-bounds in hfsstrcmp+0x117/0x190 fs/hfs/string.c:84 Read of size 1 at addr...

DEBIAN-CVE-2022-50577

In the Linux kernel, the following vulnerability has been resolved: ima: Fix memory leak in imainodehash Commit f3cc6b25dcc5 "ima: always measure and audit files in policy" lets measurement or audit happen even if the file digest cannot be calculated. As a result, iint-imahash could have been...

CVE-2022-50577

In the Linux kernel, the following vulnerability has been resolved: ima: Fix memory leak in imainodehash Commit f3cc6b25dcc5 "ima: always measure and audit files in policy" lets measurement or audit happen even if the file digest cannot be calculated. As a result, iint-imahash could have been...

UBUNTU-CVE-2022-50581

In the Linux kernel, the following vulnerability has been resolved: hfs: fix OOB Read in hfsbrecfind Syzbot reported a OOB read bug: ================================================================== BUG: KASAN: slab-out-of-bounds in hfsstrcmp+0x117/0x190 fs/hfs/string.c:84 Read of size 1 at addr...

UBUNTU-CVE-2023-53711

In the Linux kernel, the following vulnerability has been resolved: NFS: Fix a potential data corruption We must ensure that the subrequests are joined back into the head before we can retransmit a request. If the head was not on the commit lists, because the server wrote it synchronously, we sti...

UBUNTU-CVE-2022-50577

In the Linux kernel, the following vulnerability has been resolved: ima: Fix memory leak in imainodehash Commit f3cc6b25dcc5 "ima: always measure and audit files in policy" lets measurement or audit happen even if the file digest cannot be calculated. As a result, iint-imahash could have been...