Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-49138: Bluetooth: hcievent: Fix checking conn for leconncompleteevt bsc1238160. CVE-2023-52923: netfilter: nftables: split async and sync catchall in two...

SUSE-SU-2025:02849-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-49138: Bluetooth: hcievent: Fix checking conn for leconncompleteevt bsc1238160. - CVE-2023-52923: netfilter: nftables: split async and sync catchall in two...

Linux Distros Unpatched Vulnerability : CVE-2025-37883

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - s390/sclp: Add check for getzeroedpage Add check for the return value of getzeroedpage in sclpconsoleinit to prevent null pointer dereference. Furthermore, to...

Linux Distros Unpatched Vulnerability : CVE-2024-27009

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: s390/cio: fix race condition during online processing A race condition exists in...

Linux Distros Unpatched Vulnerability : CVE-2025-37974

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: s390/pci: Fix missing check for zpcicreatedevice error return The zpcicreatedevice function...

AZL-64871 CVE-2025-38257 affecting package kernel for versions less than 6.6.96.1-1

In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Prevent overflow in size calculation for memdupuser Number of apqn target list entries contained in 'nrapqns' variable is determined by userspace via an ioctl call so the result of the product in calculation of size...

UBUNTU-CVE-2025-38257

In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Prevent overflow in size calculation for memdupuser Number of apqn target list entries contained in 'nrapqns' variable is determined by userspace via an ioctl call so the result of the product in calculation of size...

Approach to mainframe penetration testing on z/OS. Deep dive into RACF

In our previous article we dissected penetration testing techniques for IBM z/OS mainframes protected by the Resource Access Control Facility RACF security package. In this second part of our research, we delve deeper into RACF by examining its decision-making logic, database structure, and the...

kernel: s390/dcssblk: fix kernel crash with list_add corruption

A kernel crash vulnerability was found in the Linux kernel's s390 dcssblk driver. Missing daxremovehost calls in the device removal path, combined with broken error handling in the device add path, cause stale xarray entries and listadd corruption. When a previously used gendisk pointer is reused...

Trend Micro & IBM Team Up To Boost Mainframe Security

Trend Micro Deep Security adds security for mainframe enterprise integration...

The vulnerabilities of the s390/mm kernel components of the Linux operating system, which allow a hacker to cause a service failure

The vulnerability of the s390/mm kernel components in the Linux operating system is related to improper error handling. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerabilities of the s390/cio components of Linux kernel, which allow a hacker to trigger a service failure

The vulnerability of the s390/cio components of Linux operating system kernels is related to improper control of resource identifiers. Exploiting this vulnerability can allow an attacker to cause service failures...

s390/iucv: MSG_PEEK causes memory leak in iucv_sock_destruct()

...

SUSE CVE-2024-56706

In the Linux kernel, the following vulnerability has been resolved: s390/cpumsf: Fix and protect memory allocation of SDBs with mutex Reservation of the PMU hardware is done at first event creation and is protected by a pair of mutexlock and mutexunlock. After reservation of the PMU hardware the...

PT-2024-29551 · Ibm · Ibm Cics Tx Standard

Name of the Vulnerable Software and Affected Versions: IBM CICS TX Standard affected versions not specified Description: The issue allows an unauthenticated attacker to embed arbitrary JavaScript code in the Web UI, potentially altering the intended functionality and leading to credentials...

Modernizing Data Security: Imperva and IBM Z in Action

As data security continues to evolve, businesses require solutions that scale to modern environments. Imperva and IBM Z have partnered to deliver a comprehensive approach to securing data within IBM z/OS environments while supporting the agility, resource availability, and cost-efficiency that...

CVE-2024-45005

...

CVE-2024-45026

...

s390/cio: fix race condition during online processing

...

SUSE CVE-2024-44969

In the Linux kernel, the following vulnerability has been resolved: s390/sclp: Prevent release of buffer in I/O When a task waiting for completion of a Store Data operation is interrupted, an attempt is made to halt this operation. If this attempt fails due to a hardware or firmware problem, ther...