Unspecified vulnerability in Linux kernel (CNVD-2025-02111)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an inaccessible ibsge list. No details of the vulnerability are provided at this time...

SUSE-SU-2025:0150-1 Security update for the Linux Kernel (Live Patch 25 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024116 fixes several issues. The following security issues were fixed: - CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. - CVE-2022-48956: ipv6: avoid use-after-free in ip6fragment bsc1232637. -...

SUSE-SU-2025:0138-1 Security update for the Linux Kernel (Live Patch 15 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005568 fixes several issues. The following security issues were fixed: - CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. - CVE-2022-48956: ipv6: avoid use-after-free in ip6fragment bsc1232637. -...

SUSE-SU-2025:0136-1 Security update for the Linux Kernel (Live Patch 39 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059144 fixes several issues. The following security issues were fixed: - CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. - CVE-2022-48956: ipv6: avoid use-after-free in ip6fragment bsc1232637...

CVE-2024-57891

In the Linux kernel, the following vulnerability has been resolved: schedext: Fix invalid irq restore in scxopsbypass While adding outer irqsave/restore locking, 0e7ffff1b811 "scx: Fix raciness in scxopsbypass" forgot to convert an inner rqunlockirqrestore to rqunlock which could re-enable IRQ...

CVE-2024-54031

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsethash: unaligned atomic read on struct nftsetext Access to genmask field in struct nftsetext results in unaligned atomic read: 72.130109 Unable to handle kernel paging request at virtual address ffff0000c2bb708c...

CVE-2024-57857 RDMA/siw: Remove direct link to net_device

In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Remove direct link to netdevice Do not manage a per device direct link to netdevice. Rely on associated ibdevices netdevice management, not doubling the effort locally. A badly managed local link to netdevice was causin...

CVE-2024-57801

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Skip restore TC rules for vport rep without loaded flag During driver unload, unregisternetdev is called after unloading vport rep. So, the mlx5ereppriv is already freed while trying to get rpriv-netdev, or walk...

CVE-2024-57891 sched_ext: Fix invalid irq restore in scx_ops_bypass()

In the Linux kernel, the following vulnerability has been resolved: schedext: Fix invalid irq restore in scxopsbypass While adding outer irqsave/restore locking, 0e7ffff1b811 "scx: Fix raciness in scxopsbypass" forgot to convert an inner rqunlockirqrestore to rqunlock which could re-enable IRQ...

SUSE-SU-2025:0110-1 Security update for the Linux Kernel (Live Patch 27 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024122 fixes several issues. The following security issues were fixed: - CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. - CVE-2022-48956: ipv6: avoid use-after-free in ip6fragment bsc1232637. -...

CVE-2024-55881

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Play nice with protected guests in completehypercallexit Use is64bithypercall instead of is64bitmode to detect a 64-bit hypercall when completing said hypercall. For guests with protected state, e.g. SEV-ES and SEV-SNP,...

CVE-2024-57876 drm/dp_mst: Fix resetting msg rx state after topology removal

In the Linux kernel, the following vulnerability has been resolved: drm/dpmst: Fix resetting msg rx state after topology removal If the MST topology is removed during the reception of an MST down reply or MST up request sideband message, the drmdpmsttopologymgr::upreqrecv/downreprecv states could...

CVE-2024-49573

In the Linux kernel, the following vulnerability has been resolved: sched/fair: Fix NEXTBUDDY Adam reports that enabling NEXTBUDDY insta triggers a WARN in picknextentity. Moving clearbuddies up before the delayed dequeue bits ensures no -next buddy becomes delayed. Further ensure no new -next...

CVE-2024-57807 scsi: megaraid_sas: Fix for a potential deadlock

In the Linux kernel, the following vulnerability has been resolved: scsi: megaraidsas: Fix for a potential deadlock This fixes a 'possible circular locking dependency detected' warning CPU0 CPU1 ---- ---- lock&instance-resetmutex; lock&shost-scanmutex; lock&instance-resetmutex;...

CVE-2024-52332

CVE-2024-52332: Linux kernel igb driver fix for potential invalid memory access during module init. When pci_register_driver() can fail, the dca_notifier must be unregistered; otherwise, if igb fails to install, dca_notifier may be invoked and access memory that is no longer valid. The connected ...

CVE-2024-49569 nvme-rdma: unquiesce admin_q before destroy it

In the Linux kernel, the following vulnerability has been resolved: nvme-rdma: unquiesce adminq before destroy it Kernel will hang on destroy adminq while we create ctrl failed, such as following calltrace: PID: 23644 TASK: ff2d52b40f439fc0 CPU: 2 COMMAND: "nvme" 0 ff61d23de260fb78 schedule at...

CVE-2024-47141 pinmux: Use sequential access to access desc->pinmux data

In the Linux kernel, the following vulnerability has been resolved: pinmux: Use sequential access to access desc-pinmux data When two client of the same gpio call pinctrlselectstate for the same functionality, we are seeing NULL pointer issue while accessing desc-muxowner. Let's say two processes...

USN-7169-4: Linux kernel (Azure) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Ext4 file system; - Network traffic control; - VMware vSockets driver; CVE-2024-49967, CVE-2024-53057, CVE-2024-502...

USN-7194-1: Linux kernel (Azure) vulnerabilities

Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. A physically proximate remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2020-12351 Andy Nguyen discovered that the...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : Linux kernel (Azure) vulnerabilities (USN-7185-2)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7185-2 advisory. Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an integer overflow vulnerability. A...