USN-7506-4 linux-lts-xenial vulnerabilities

Demi Marie Obenour and Simon Gaiser discovered that several Xen para- virtualization device frontends did not properly restrict the access rights of device backends. An attacker could possibly use a malicious Xen backend to gain access to memory pages of a guest VM or cause a denial of service in...

USN-7506-3 linux-fips vulnerabilities

Demi Marie Obenour and Simon Gaiser discovered that several Xen para- virtualization device frontends did not properly restrict the access rights of device backends. An attacker could possibly use a malicious Xen backend to gain access to memory pages of a guest VM or cause a denial of service in...

USN-7506-1 linux, linux-aws, linux-kvm vulnerabilities

Demi Marie Obenour and Simon Gaiser discovered that several Xen para- virtualization device frontends did not properly restrict the access rights of device backends. An attacker could possibly use a malicious Xen backend to gain access to memory pages of a guest VM or cause a denial of service in...

SUSE CVE-2022-49766

In the Linux kernel, the following vulnerability has been resolved: netlink: Bounds-check struct nlmsgerr creation In preparation for FORTIFYSOURCE doing bounds-check on memcpy, switch from nlmsgput to nlmsgput, and explain the bounds check for dealing with the memcpy across a composite flexible...

SUSE CVE-2022-49919

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: release flow rule object from commit path No need to postpone this to the commit release path, since no packets are walking over this object, this is accessed from control plane only. This helped uncovered UA...

libmnl bug fix update

An update is available for libmnl. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list libmnl is a minimalistic user-space library oriented to Netlink developers...

USN-7496-5 linux-azure-fips vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Block layer subsystem; - Character device driver; - Hardware crypto device drivers; - GPU drivers; - Media drivers;...

USN-7496-4 linux-azure vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Block layer subsystem; - Character device driver; - Hardware crypto device drivers; - GPU drivers; - Media drivers;...

USN-7496-2 linux-aws-fips, linux-fips, linux-gcp-fips vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Block layer subsystem; - Character device driver; - Hardware crypto device drivers; - GPU drivers; - Media drivers;...

USN-7496-1 linux, linux-aws, linux-aws-hwe, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Block layer subsystem; - Character device driver; - Hardware crypto device drivers; - GPU drivers; - Media drivers;...

CVE-2023-53141

In the Linux kernel, the following vulnerability has been resolved: ila: do not generate empty messages in ilaxlatnlcmdgetmapping ilaxlatnlcmdgetmapping generates an empty skb, triggerring a recent sanity check 1. Instead, return an error code, so that user space can get it. 1 skbassertlen WARNIN...

UBUNTU-CVE-2023-53141

In the Linux kernel, the following vulnerability has been resolved: ila: do not generate empty messages in ilaxlatnlcmdgetmapping ilaxlatnlcmdgetmapping generates an empty skb, triggerring a recent sanity check 1. Instead, return an error code, so that user space can get it. 1 skbassertlen WARNIN...

SUSE CVE-2025-37789

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix nested key length validation in the set action It's not safe to access nlalenovskey if the data is smaller than the netlink header. Check that the attribute is OK first...

DEBIAN-CVE-2022-49919

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: release flow rule object from commit path No need to postpone this to the commit release path, since no packets are walking over this object, this is accessed from control plane only. This helped uncovered UA...

DEBIAN-CVE-2022-49920

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: netlink notifier might race to release objects commit release path is invoked via callrcu and it runs lockless to release the objects after rcu grace period. The netlink notifier handler might win race to...

CVE-2022-49920

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: netlink notifier might race to release objects commit release path is invoked via callrcu and it runs lockless to release the objects after rcu grace period. The netlink notifier handler might win race to...

DEBIAN-CVE-2022-49863

In the Linux kernel, the following vulnerability has been resolved: can: afcan: fix NULL pointer dereference in canrxregister It causes NULL pointer dereference when testing as following: a use syscallNRsocket, 0x10ul, 3ul, 0 to create netlink socket. b use syscallNRsendmsg, ... to create bond li...

UBUNTU-CVE-2022-49920

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: netlink notifier might race to release objects commit release path is invoked via callrcu and it runs lockless to release the objects after rcu grace period. The netlink notifier handler might win race to...

UBUNTU-CVE-2022-49919

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: release flow rule object from commit path No need to postpone this to the commit release path, since no packets are walking over this object, this is accessed from control plane only. This helped uncovered UA...

AZL-69719 CVE-2022-49766 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: netlink: Bounds-check struct nlmsgerr creation In preparation for FORTIFYSOURCE doing bounds-check on memcpy, switch from nlmsgput to nlmsgput, and explain the bounds check for dealing with the memcpy across a composite flexible...