SUSE-SU-2023:0562-1 Security update for the Linux Kernel (Live Patch 25 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-1503005998 fixes several issues. The following security issues were fixed: - CVE-2022-3564: Fixed use-after-free in l2capcore.c of the Bluetooth component bsc1206314. - CVE-2023-0179: Fixed incorrect arithmetics when fetching VLAN header bits bsc1207139...

PT-2023-34936 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.1.11 Description: A potential security issue exists in the Linux Kernel. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prior to v6.1.11, update...

PT-2023-35101 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.93 Description: The issue is related to out-of-bounds reads in the wifi brcmfmac driver. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prior...

PT-2023-34941 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.1.11 Description: A potential security issue exists due to a crash during cgroup migration in the multi-gen LRU. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux...

SUSE-SU-2023:0320-1 Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-150400155 fixes one issue. The following security issue was fixed: - CVE-2022-4379: Fixed a use-after-free vulnerability in nfs4file.c:nfs42sscopen bsc1206209...

SUSE-SU-2023:0267-1 Security update for the Linux Kernel (Live Patch 25 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-1503005998 fixes several issues. The following security issues were fixed: - CVE-2022-3424: Fixed use-after-free in grusetcontextoption, grufault and gruhandleusercallos that could lead to kernel panic bsc1204167. - CVE-2022-2602: Fixed a local privilege...

SUSE-SU-2023:0250-1 Security update for the Linux Kernel (Live Patch 32 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122124 fixes several issues. The following security issues were fixed: - CVE-2022-3424: Fixed use-after-free in grusetcontextoption, grufault and gruhandleusercallos that could lead to kernel panic bsc1204167. - CVE-2022-3565: Fixed use-after-free in...

GSD-2023-1001723 drm/msm/dp: do not complete dp_aux_cmd_fifo_tx() if irq is not for aux transfer

drm/msm/dp: do not complete dpauxcmdfifotx if irq is not for aux transfer This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.1.7 by commit...

GSD-2023-1001312 clk: st: Fix memory leak in st_of_quadfs_setup()

clk: st: Fix memory leak in stofquadfssetup This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.163 by commit...

GSD-2023-1001299 eventpoll: add EPOLL_URING_WAKE poll wakeup flag

eventpoll: add EPOLLURINGWAKE poll wakeup flag This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.162 by commit...

PT-2023-33957 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.87 Description: The issue concerns the ext4 file system. It involves checking and asserting if marking a no delete evicting inode dirty can lead to potential security vulnerabilities. The actual impact and...

DEBIAN-CVE-2022-2196

A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2 attacks on L1 due to L1 thinking it doesn't need retpolines or IBPB after running L2 due to KVM L0 advertising eIBRS support to L1. An attacker at L2 with code...

OESA-2022-2147 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In l2capchanput of l2capcore, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

SUSE-SU-2022:4617-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-4378: Fixed stack overflow in doprocdointvec bsc1206207. - CVE-2022-42328: Guests could trigger denial of service via the netback driver bsc1206114. ...

CVE-2022-47939

An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. fs/ksmbd/smb2pdu.c has a use-after-free and OOPS for SMB2TREEDISCONNECT...

SUSE-SU-2022:4580-1 Security update for the Linux Kernel (Live Patch 26 for SLE 15 SP2)

This update for the Linux Kernel 5.3.18-15020024112 fixes several issues. The following security issues were fixed: - CVE-2022-43945: Fixed a buffer overflow in the NFSD implementation bsc1205128. - CVE-2022-4378: Fixed stack overflow in doprocdointvec bsc1206207. - CVE-2022-4139: Fixed an issue...

SUSE-SU-2022:4561-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-3635: Fixed a use-after-free in the tsttimer of the file drivers/atm/idt77252.c bsc1204631. - CVE-2022-3424: Fixed use-after-free in grusetcontextoption...

CVE-2022-47521

An issue was discovered in the Linux kernel before 6.0.11. Missing validation of IEEE80211P2PATTRCHANNELLIST in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver can trigger a heap-based buffer overflow when parsing the operating channel attribute from Wi-Fi...

SUSE-SU-2022:4546-1 Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122136 fixes several issues. The following security issues were fixed: - CVE-2022-43945: Fixed a buffer overflow in the NFSD implementation bsc1205128. - CVE-2022-4378: Fixed stack overflow in doprocdointvec bsc1206207. - CVE-2022-3586: Fixed use-after-fre...

SUSE-SU-2022:4533-1 Security update for the Linux Kernel (Live Patch 33 for SLE 15 SP1)

This update for the Linux Kernel 4.12.14-150100197120 fixes several issues. The following security issues were fixed: - CVE-2022-43945: Fixed a buffer overflow in the NFSD implementation bsc1205128. - CVE-2022-4378: Fixed stack overflow in doprocdointvec bsc1206207. - CVE-2022-3586: Fixed...