SUSE-SU-2025:03362-1 Security update for the Linux Kernel (Live Patch 58 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059207 fixes several issues. The following security issues were fixed: - CVE-2025-38177: schhfsc: make hfscqlennotify idempotent bsc1246356. - CVE-2025-38181: calipso: Fix null-ptr-deref in calipsoreqset,delattr bsc1246001. - CVE-2025-38498:...

SUSE-SU-2025:03337-1 Security update for the Linux Kernel (Live Patch 60 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122228 fixes several issues. The following security issues were fixed: - CVE-2024-49860: ACPI: sysfs: validate return type of STR method bsc1231862. - CVE-2025-38177: schhfsc: make hfscqlennotify idempotent bsc1246356. - CVE-2025-38181: calipso: Fix...

PT-2025-44384

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw related to USB gadget functionality, specifically within the f acm module. A NULL pointer dereference can occur after a bind/unbind cycle, potentially...

PT-2025-44385

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s USB gadget functionality, specifically within the f rndis component. After a bind/unbind cycle, the rndis-notify req pointer can become stale. A...

kernel security update

3.10.0-1160.119.1.0.11.el7.OL7 - kernel: media: uvcvideo: Fix double free in error path CVE-2024-57980 - kernel: HID: intel-ish-hid: Fix use-after-free issue in ishtphidremove CVE-2025-21928 - kernel: ext4: fix off-by-one error in dosplit CVE-2025-23150 - kernel: misc/vmwvmci: fix an infoleak in...

SUSE CVE-2023-53259

In the Linux kernel, the following vulnerability has been resolved: VMCI: check context-notifypage after call to getuserpagesfast to avoid GPF The call to getuserpagesfast in vmcihostsetupnotify can return NULL context-notifypage causing a GPF. To avoid GPF check if context-notifypage == NULL and...

SUSE CVE-2023-53267

In the Linux kernel, the following vulnerability has been resolved: driver: soc: xilinx: fix memory leak in xlnxaddcbfornotifyevent The kfree should be called when memory fails to be allocated for cbdata in xlnxaddcbfornotifyevent, otherwise there will be a memory leak, so add kfree to fix it...

CVE-2023-53267

In the Linux kernel, the following vulnerability has been resolved: driver: soc: xilinx: fix memory leak in xlnxaddcbfornotifyevent The kfree should be called when memory fails to be allocated for cbdata in xlnxaddcbfornotifyevent, otherwise there will be a memory leak, so add kfree to fix it...

UBUNTU-CVE-2023-53267

In the Linux kernel, the following vulnerability has been resolved: driver: soc: xilinx: fix memory leak in xlnxaddcbfornotifyevent The kfree should be called when memory fails to be allocated for cbdata in xlnxaddcbfornotifyevent, otherwise there will be a memory leak, so add kfree to fix it...

kernel: Fix of 3 CVEs

posix-cpu-timers: fix race between handleposixcputimers and posixcputimerdel CVE-2025-38352 - schqfq: make qfqqlennotify idempotent CVE-2025-38177 - schhfsc: make hfscqlennotify idempotent CVE-2025-38177 - schdrr: make drrqlennotify idempotent CVE-2025-38177 - schhtb: make htbqlennotify...

CLSA-2025-1758010245 kernel: Fix of 3 CVEs

posix-cpu-timers: fix race between handleposixcputimers and posixcputimerdel CVE-2025-38352 - schqfq: make qfqqlennotify idempotent CVE-2025-38177 - schhfsc: make hfscqlennotify idempotent CVE-2025-38177 - schdrr: make drrqlennotify idempotent CVE-2025-38177 - schhtb: make htbqlennotify...

CVE-2023-53267

The CVE-2023-53267 issue affects the Linux kernel driver for Xilinx SoC where memory allocated for cb_data in xlnx_add_cb_for_notify_event() could leak if kfree() is not invoked on allocation failure. The connected documents confirm a fix was applied to ensure kfree() is called to prevent leaks. ...

CVE-2023-53267 driver: soc: xilinx: fix memory leak in xlnx_add_cb_for_notify_event()

In the Linux kernel, the following vulnerability has been resolved: driver: soc: xilinx: fix memory leak in xlnxaddcbfornotifyevent The kfree should be called when memory fails to be allocated for cbdata in xlnxaddcbfornotifyevent, otherwise there will be a memory leak, so add kfree to fix it...

CVE-2023-53267 driver: soc: xilinx: fix memory leak in xlnx_add_cb_for_notify_event()

In the Linux kernel, the following vulnerability has been resolved: driver: soc: xilinx: fix memory leak in xlnxaddcbfornotifyevent The kfree should be called when memory fails to be allocated for cbdata in xlnxaddcbfornotifyevent, otherwise there will be a memory leak, so add kfree to fix it...

CVE-2023-53267

In the Linux kernel, the following vulnerability has been resolved: driver: soc: xilinx: fix memory leak in xlnxaddcbfornotifyevent The kfree should be called when memory fails to be allocated for cbdata in xlnxaddcbfornotifyevent, otherwise there will be a memory leak, so add kfree to fix it...

CVE-2023-53267 driver: soc: xilinx: fix memory leak in xlnx_add_cb_for_notify_event()

In the Linux kernel, the following vulnerability has been resolved: driver: soc: xilinx: fix memory leak in xlnxaddcbfornotifyevent The kfree should be called when memory fails to be allocated for cbdata in xlnxaddcbfornotifyevent, otherwise there will be a memory leak, so add kfree to fix it...

PT-2025-37872

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the xlnx add cb for notify event function within the Xilinx SoC driver. The kfree function was not called when memory allocation for cb data failed, leading to a...

CLSA-2025-1757962152 libreswan: Fix of CVE-2023-38712

CVE-2023-38712: fix a NULL pointer dereference caused by a duplicated Delete/Notify message which causes the pluto daemon to crash and restart...

CLSA-2025-1757961506 kernel: Fix of 26 CVEs

posix-cpu-timers: fix race between handleposixcputimers and posixcputimerdel CVE-2025-38352 - xfrm: state: fix out-of-bounds read during lookup CVE-2024-57982 - nfsd: fix race between laundromat and freestateid CVE-2024-50106 - nfsd: split scstatus out of sctype CVE-2024-50106 - nfsd: avoid race...

CVE-2023-53259

In the Linux kernel, the following vulnerability has been resolved: VMCI: check context-notifypage after call to getuserpagesfast to avoid GPF The call to getuserpagesfast in vmcihostsetupnotify can return NULL context-notifypage causing a GPF. To avoid GPF check if context-notifypage == NULL and...