159 matches found
CLSA-2025-1742471200 kernel: Fix of 19 CVEs
net: defer final 'struct net' free in netns dismantle CVE-2024-56658 - smb: client: fix potential deadlock when releasing mids CVE-2023-52757 - tcp/dccp: Don't use timerpending in reqskqueueunlink. CVE-2024-50154 - ALSA: 6fire: Release resources at card release CVE-2024-53239 - smb: client: fix...
Security update for the Linux Kernel (Live Patch 35 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-15040024147 fixes one issue. The following security issue was fixed: CVE-2024-56648: net: hsr: avoid potential out-of-bound access in fillframeinfo bsc1235452. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods li...
CLSA-2025-1738592614 kernel: Fix of 26 CVEs
xsk: fix OOB map writes when deleting elements CVE-2024-56614 - hvsock: Initializing vsk-trans to NULL to prevent a dangling pointer CVE-2024-53103 - scsi: sg: Fix slab-use-after-free read in sgrelease CVE-2024-56631 - net: inet: do not leave a dangling sk pointer in inetcreate CVE-2024-56601 -...
DEBIAN-CVE-2024-56372
In the Linux kernel, the following vulnerability has been resolved: net: tun: fix tunnapiallocfrags syzbot reported the following crash 1 Issue came with the blamed commit. Instead of going through all the iov components, we keep using the first one and end up with a malformed skb. 1 kernel BUG a...
USN-7185-2 linux-azure, linux-azure-4.15 vulnerabilities
Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an integer overflow vulnerability. A local attacker could use this to cause a denial of service system crash. CVE-2022-36402 Zheng Wang discovered a use-after-free in the Renesas Ethernet AVB driver in th...
net: avoid potential underflow in qdisc_pkt_len_init() with UFO
...
PT-2024-37030
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved, specifically in the net/smc component. The issue arises when "link down" work is scheduled before lgr is freed but executes after l...
PT-2024-36949
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.74 Description A use-after-free issue was encountered in the Linux kernel, specifically in the net/smc component. This issue manifested as the LGR/link refcnt reaching 0 early and entering the clear process,...
SUSE CVE-2024-50293
In the Linux kernel, the following vulnerability has been resolved: net/smc: do not leave a dangling sk pointer in smccreate Thanks to commit 4bbd360a5084 "socket: Print pf-create when it does not clear sock-sk on failure.", syzbot found an issue with AFSMC: smccreate must clear sock-sk on failur...
CLSA-2024-1731431756 kernel: Fix of 30 CVEs
tty: ngsm: Fix use-after-free in gsmcleanupmux CVE-2024-50073 - drm/amdkfd: amdkfdfreegttmem clear the correct pointer CVE-2024-49991 - ext4: fix timer use-after-free on failed mount CVE-2024-49960 - ext4: avoid use-after-free in ext4extshowleaf CVE-2024-49889 - ext4: fix slab-use-after-free in...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an inconsistent lock state issue in the pppchannelbridgeinput function in the ppp subsystem...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from improper handling of the dsa driver in the net subsystem during shutdown, which could lead to a race conditi...
Important: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: ima: Fix use-after-free on a dentry's dname.name CVE-2024-39494 In the Linux kernel, the following vulnerability has been resolved: net, sunrpc: Remap EPERM in case of connection failure in xstcpsetupsocket...
kernel: net: fix possible store tearing in neigh_periodic_work()
A flaw was found in the Linux kernel that allows for potential store tearing within the neighperiodicwork function, meaning a write operation on a value is not protected properly and could result in inconsistencies if another process or thread reads from that value before the operation is complet...
CLSA-2024-1726655093 kernel: Fix of 8 CVEs
blktrace: fix dereference after null check CVE-2019-19768 - blktrace: Protect q-blktrace with RCU CVE-2019-19768 - blktrace: fix unlocked access to init/start-stop/teardown - blktrace: Fix potential deadlock between delete & sysfs ops - net: fix out-of-bounds access in opsinit CVE-2024-36883 -...
net: phy: fix phy_get_internal_delay accessing an empty array
...
DEBIAN-CVE-2024-44988
In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: Fix out-of-bound access If an ATU violation was caused by a CPU Load operation, the SPID could be larger than DSAMAXPORTS the size of mv88e6xxxchip.ports array...
DEBIAN-CVE-2024-44971
In the Linux kernel, the following vulnerability has been resolved: net: dsa: bcmsf2: Fix a possible memory leak in bcmsf2mdioregister bcmsf2mdioregister calls ofphyfinddevice and then phydeviceremove in a loop to remove existing PHY devices. ofphyfinddevice eventually calls busfinddevice, which...
net: dsa: mv88e6xxx: Correct check for empty list
...
CLSA-2024-1723622869 Fix of 29 CVEs
CVE-url: https://ubuntu.com/security/CVE-2024-42236 - usb: gadget: configfs: Prevent OOB read/write in usbstringcopy CVE-url: https://ubuntu.com/security/CVE-2024-41095 - drm/nouveau/dispnv04: fix null pointer dereference in nv17tvgetldmodes CVE-url: https://ubuntu.com/security/CVE-2024-41098 -...