Security update for the Linux Kernel (Live Patch 10 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005549 fixes several issues. The following security issues were fixed: CVE-2021-47517: Fix panic when interrupt coaleceing is set via ethtool bsc1225429. CVE-2024-36904: tcp: Use refcountincnotzero in tcptwskunique bsc1225733. CVE-2024-43861: Fix memor...

CVE-2024-53094

In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Add sendpageok check to disable MSGSPLICEPAGES While running ISER over SIW, the initiator machine encounters a warning from skbsplicefromiter indicating that a slab page is being used in sendpage. To address this, it is...

AZL-54598 CVE-2024-53094 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Add sendpageok check to disable MSGSPLICEPAGES While running ISER over SIW, the initiator machine encounters a warning from skbsplicefromiter indicating that a slab page is being used in sendpage. To address this, it is...

CVE-2024-53094

The CVE-2024-53094 entry concerns the Linux kernel, specifically the RDMA/siw path. The connected document UNPATCHED_CVE_2024_53094.NASL provides concrete technical details: when running ISER over SIW, an initiator observes a warning from skb_splice_from_iter() about a slab page being used in sen...

CVE-2024-53094 RDMA/siw: Add sendpage_ok() check to disable MSG_SPLICE_PAGES

In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Add sendpageok check to disable MSGSPLICEPAGES While running ISER over SIW, the initiator machine encounters a warning from skbsplicefromiter indicating that a slab page is being used in sendpage. To address this, it is...

CVE-2024-51330

An issue in UltiMaker Cura v.4.41 and 5.8.1 and before allows a local attacker to execute arbitrary code via Inter-process communication IPC mechanism between Cura application and CuraEngine processes, localhost network stack, printing settings and G-code processing and transmission components,...

net: stmmac: Fix zero-division error when disabling tc cbs

...

DEBIAN-CVE-2024-50186

In the Linux kernel, the following vulnerability has been resolved: net: explicitly clear the sk pointer, when pf-create fails We have recently noticed the exact same KASAN splat as in commit 6cd4a78d962b "net: do not leave a dangling sk pointer, when socket creation fails". The problem is that...

CVE-2024-50145

In the Linux kernel, the following vulnerability has been resolved: octeonep: Add SKB allocation failures handling in octepoqprocessrx buildskb returns NULL in case of a memory allocation failure so handle it inside octepoqprocessrx to avoid NULL pointer dereference. octepoqprocessrx is called...

CVE-2024-50145

CVE-2024-50145 concerns the Linux kernel (octeon_ep driver) and fixes a NULL pointer dereference caused by skb allocation failures during RX processing. The change adds handling for skb allocation failures in __octep_oq_process_rx(), which may be invoked during NAPI polling. When build_skb() retu...

SUSE CVE-2022-48956

In the Linux kernel, the following vulnerability has been resolved: ipv6: avoid use-after-free in ip6fragment Blamed commit claimed rcureadlock was held by ip6fragment callers. It seems to not be always true, at least for UDP stack. syzbot reported: BUG: KASAN: use-after-free in ip6dstidev...

DEBIAN-CVE-2022-48963

In the Linux kernel, the following vulnerability has been resolved: net: wwan: iosm: fix memory leak in ipcmuxinit When failed to alloc ipcmux-uladb.ppqlt in ipcmuxinit, ipcmux is not released...

DEBIAN-CVE-2024-49929

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: avoid NULL pointer dereference iwlmvmtxskbsta and iwlmvmtxmpdu verify that the mvmvsta pointer is not NULL. It retrieves this pointer using iwlmvmstafrommac80211, which is dereferencing the ieee80211sta pointe...

Blackberry QNX Software Development Platform 安全漏洞

The Blackberry QNX Software Development Platform is a suite of QNX software development platforms from Blackberry Canada. The platform is primarily used to develop software based on the QNX platform. A security vulnerability exists in Blackberry QNX Software Development Platform versions 7.1 and...

Exploit for Use After Free in Apple Macos

EN GenEtherExploit is a Proof-of-Concept PoC exploit for t...

kernel: ipv6: prevent NULL dereference in ip6_output()

In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent NULL dereference in ip6output According to syzbot, there is a chance that ip6dstidev returns NULL in ip6output. Most places in IPv6 stack deal with a NULL idev just fine, but not here. syzbot reported: general...

kernel: wifi: mac80211: don't return unset power in ieee80211_get_tx_power()

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: don't return unset power in ieee80211gettxpower We can get a UBSAN warning if ieee80211gettxpower returns the INTMIN value mac80211 internally uses for "unset power level". UBSAN: signed-integer-overflow in...

kernel: net: ena: Fix incorrect descriptor free behavior

This is a vulnerability in the Linux kernel's Elastic Network Adapter ENA driver, which manages network interfaces on certain platforms. The driver utilizes two types of transmit TX queues: one for packets from the network stack and another for packets directed by XDP eXpress Data Path operations...

CVE-2022-48805

CVE-2022-48805 affects the Linux kernel USB driver net: usb: ax88179_178a, specifically the rx_fixup path (ax88179_rx_fixup()). The issue is multiple out-of-bounds accesses in RX fixup that can be triggered by a malicious or defective USB device. Reported problems include: (1) an out-of-bounds me...

How to Validate If XenServer is Using Bridge or vSwitch for the Network Stack

This article describes how to validate if XenServer is using Bridge or vSwitch for the network stack. By default, XenServer 6.x uses vSwitch as the network stack when the host is installed. At some point, the XenServer administrator might have changed the network stack to Bridge. When attempting ...