1339 matches found
Azure Linux 3.0 Security Update: kernel (CVE-2024-53096)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-53096 advisory. - In the Linux kernel, the following vulnerability has been resolved: mm: resolve faulty mmapregion error path...
Important: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: HID: core: zero-initialize the report buffer CVE-2024-50302 kernel: ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices CVE-2024-53197 kernel: scsi:...
CVE-2025-21836 io_uring/kbuf: reallocate buf lists on upgrade
In the Linux kernel, the following vulnerability has been resolved: iouring/kbuf: reallocate buf lists on upgrade IORINGREGISTERPBUFRING can reuse an old struct iobufferlist if it was created for legacy selected buffer and has been emptied. It violates the requirement that most of the field shoul...
CVE-2024-58083 KVM: Explicitly verify target vCPU is online in kvm_get_vcpu()
In the Linux kernel, the following vulnerability has been resolved: KVM: Explicitly verify target vCPU is online in kvmgetvcpu Explicitly verify the target vCPU is fully online prior to clamping the index in kvmgetvcpu. If the index is "bad", the nospec clamping will generate '0', i.e. KVM will...
CVE-2025-21828
CVE-2025-21828 relates to the Linux kernel wifi/mac80211 subsystem. The issue arises when a station (STA) has not been uploaded to the driver (e.g., STA state pre-moved to AUTHORIZED in IBSS scenarios) and a failed insertion leads to a premature STA free, causing the driver to attempt flushing an...
Linux Distros Unpatched Vulnerability : CVE-2024-53062
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: media: mgb4: protect driver against spectre Frequency range is set from sysfs via...
Linux Distros Unpatched Vulnerability : CVE-2024-53196
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - KVM: arm64: Don't retire aborted MMIO instruction Returning an abort to the guest for an unsupported MMIO access is a documented feature of the KVM UAPI...
Linux Distros Unpatched Vulnerability : CVE-2024-50000
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix NULL deref in mlx5etirbuilderalloc In mlx5etirbuilderalloc kvzalloc may retur...
Linux Distros Unpatched Vulnerability : CVE-2025-21832
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - block: don't revert iter for -EIOCBQUEUED blkdevreaditer has a few odd checks, like gating the position and count adjustment on whether or not the result is...
Linux Distros Unpatched Vulnerability : CVE-2024-58001
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ocfs2: handle a symlink read error correctly Patch series Convert ocfs2 to use folios. Mark did a conversion of ocfs2 to use folios and sent it to me as a giant...
Linux Distros Unpatched Vulnerability : CVE-2024-53236
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: xsk: Free skb when TX metadata options are invalid When a new skb is allocated for...
SUSE-SU-2025:0784-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP6 Confidential Computing kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-26708: mptcp: fastopen and PM-trigger subflow shutdown can race bsc1222672. - CVE-2024-44974: mptcp: pm: avoid possible UaF when...
Linux kernel panfrost module memory misreference vulnerability
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel suffers from a memory misreference vulnerability that originates from the panfrost module's job structure referencing panfrostpriv to obtain the MMU environment,...
Linux Distros Unpatched Vulnerability : CVE-2021-47576
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scsi: scsidebug: Sanity check block descriptor length in respmodeselect In respmodeselect sanity check the block descriptor len to avoid UAF. BUG: KASAN:...
Linux Distros Unpatched Vulnerability : CVE-2024-41075
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cachefiles: add consistency check for copen/cread This prevents malicious processes from completing random copen/cread requests and crashing the system. Added...
Linux Distros Unpatched Vulnerability : CVE-2024-35892
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net/sched: fix lockdep splat in qdisctreereducebacklog qdisctreereducebacklog is called with...
Linux Distros Unpatched Vulnerability : CVE-2022-49454
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: PCI: mediatek: Fix refcount leak in mtkpciesubsyspowerup The offindcompatiblenode function...
Linux Distros Unpatched Vulnerability : CVE-2024-26869
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - f2fs: fix to truncate meta inode pages forcely Below race case can cause data corruption: Thread A GC thread - gcdatasegment - radatablock - locked metainode pa...
Linux Distros Unpatched Vulnerability : CVE-2023-52755
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ksmbd: fix slab out of bounds write in smbinheritdacl slab out-of-bounds write is caused by that offsets is bigger than pntsd allocation size. This patch add th...
Linux Distros Unpatched Vulnerability : CVE-2022-49469
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - btrfs: fix anondev leak in createsubvol When btrfsqgroupinherit, btrfsalloctreeblock, or btrfsinsertroot fail in createsubvol, we return without freeing anondev...