Security update for the Linux Kernel (Live Patch 46 for SLE 15 SP2)

This update for the Linux Kernel 5.3.18-15020024183 fixes several issues. The following security issues were fixed: CVE-2024-36904: tcp: Use refcountincnotzero in tcptwskunique bsc1225733. CVE-2024-43861: Fix memory leak for not ip packets bsc1229553. CVE-2021-47600: dm btree remove: fix use afte...

kernel: inet: inet_defrag: prevent sk release while still in use

In the Linux kernel, the following vulnerability has been resolved: inet: inetdefrag: prevent sk release while still in use iplocalout and other functions can pass skb-sk as function argument. If the skb is a fragment and reassembly happens before such function call returns, the sk must not be...

kernel: net: openvswitch: Fix Use-After-Free in ovs_ct_exit

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: Fix Use-After-Free in ovsctexit The Linux kernel CVE team has assigned CVE-2024-27395 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024050836-CVE-2024-27395-573e@gregkh/T...

RHEL 7 : openvswitch (RHSA-2016:0537)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2016:0537 advisory. Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Security Fixe...

SUSE-SU-2024:3820-1 Security update for the Linux Kernel (Live Patch 54 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122201 fixes several issues. The following security issues were fixed: - CVE-2024-35863: Fixed potential UAF in isvalidoplockbreak bsc1225011. - CVE-2023-52752: smb: client: fix use-after-free bug in cifsdebugdataprocshow bsc1225819. - CVE-2024-35862: Fixe...

Exploit for Incorrect Conversion between Numeric Types in Linux Linux_Kernel

CVE-2022-2639 using pipe primitive CVE-2022-2639https://...

SUSE SLES12 Security Update : kernel (Live Patch 56 for SLE 12 SP5) (SUSE-SU-2024:3663-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3663-1 advisory. This update for the Linux Kernel 4.12.14-122216 fixes several issues. The following security issues were fixed: - CVE-2024-41059: hfsplus: fix...

SUSE-SU-2024:3652-1 Security update for the Linux Kernel (Live Patch 43 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059158 fixes several issues. The following security issues were fixed: - CVE-2024-35861: Fixed potential UAF in cifssignalcifsdforreconnect bsc1225312. - CVE-2021-47291: ipv6: fix another slab-out-of-bounds in fib6nhflushexceptions bsc1227651. -...

Security update for the Linux Kernel (Live Patch 47 for SLE 15 SP2)

This update for the Linux Kernel 5.3.18-15020024188 fixes several issues. The following security issues were fixed: CVE-2024-35861: Fixed potential UAF in cifssignalcifsdforreconnect bsc1225312. CVE-2021-47291: ipv6: fix another slab-out-of-bounds in fib6nhflushexceptions bsc1227651...

Security update for the Linux Kernel (Live Patch 46 for SLE 15 SP2)

This update for the Linux Kernel 5.3.18-15020024183 fixes several issues. The following security issues were fixed: CVE-2024-35861: Fixed potential UAF in cifssignalcifsdforreconnect bsc1225312. CVE-2021-47291: ipv6: fix another slab-out-of-bounds in fib6nhflushexceptions bsc1227651...

SUSE-SU-2024:3642-1 Security update for the Linux Kernel (Live Patch 46 for SLE 15 SP2)

This update for the Linux Kernel 5.3.18-15020024183 fixes several issues. The following security issues were fixed: - CVE-2024-35861: Fixed potential UAF in cifssignalcifsdforreconnect bsc1225312. - CVE-2021-47291: ipv6: fix another slab-out-of-bounds in fib6nhflushexceptions bsc1227651. -...

Moderate: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

RHEL 8 : kernel (RHSA-2024:8107)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:8107 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: ovl: fix use after free in...

CLSA-2024-1728935304 kernel: Fix of 12 CVEs

xfs: don't walk off the end of a directory data block CVE-2024-41013 - net/sched: clsu32: fix netns refcount changes in u32change CVE-2022-29581 - net/packet: fix slab-out-of-bounds access in packetrecvmsg CVE-2022-20368 - openvswitch: fix OOB access in reservesfasize CVE-2022-2639 - net: sched:...

Moderate: Red Hat Security Advisory: kernel-rt security update

An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...

kernel: net: openvswitch: fix overwriting ct original tuple for ICMPv6

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix overwriting ct original tuple for ICMPv6 OVSPACKETCMDEXECUTE has 3 main attributes: - OVSPACKETATTRKEY - Packet metadata in a netlink format. - OVSPACKETATTRPACKET - Binary packet content. -...

RHEL 9 : kernel-rt (RHSA-2024:7490)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:7490 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...

RHEL 9 : kernel (RHSA-2024:7489)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:7489 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: netfilter: bridge: confirm...

Oracle Linux 8 : kernel (ELSA-2024-7000)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-7000 advisory. - wifi: mac80211: Avoid address calculations via out of bounds array indexing Michal Schmidt RHEL-51278 CVE-2024-41071 - protect the fetch of -fdfd in...

EulerOS 2.0 SP8 : kernel (EulerOS-SA-2024-2476)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : IB/ipoib: Fix mcast list lockingCVE-2023-52587 netfilter: nftables: avoid overflows in nfthashbucketsCVE-2021-46992 SUNRPC: Fix a suspicious RCU...