SUSE CVE-2022-48758

In the Linux kernel, the following vulnerability has been resolved: scsi: bnx2fc: Flush destroywork queue before calling bnx2fcinterfaceput The bnx2fcdestroy functions are removing the interface before calling destroywork. This results multiple WARNings from sysfsremovegroup as the controller rpo...

SUSE CVE-2024-38573

In the Linux kernel, the following vulnerability has been resolved: cppccpufreq: Fix possible null pointer dereference cppccpufreqgetrate and hisicppccpufreqgetrate can be called from different places with various parameters. So cpufreqcpuget can return null as 'policy' in some circumstances. Fix...

SUSE-SU-2024:2145-1 Security update for the Linux Kernel (Live Patch 39 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059144 fixes several issues. The following security issues were fixed: - CVE-2021-46955: Fixed an out-of-bounds read with openvswitch, when fragmenting IPv4 packets bsc1220537. - CVE-2023-6931: Fixed an out of bounds write in the Performance Events...

CLSA-2024-1718973794 Fix of 21 CVEs

CVE-url: https://ubuntu.com/security/CVE-2024-26777 - fbdev: sis: Error out if pixclock equals zero CVE-url: https://ubuntu.com/security/CVE-2021-47542 - net: qlogic: qlcnic: Fix a NULL pointer dereference in qlcnic83xxaddrings CVE-url: https://ubuntu.com/security/CVE-2021-47518 - nfc: fix...

CLSA-2024-1718950178 Fix of 22 CVEs

CVE-url: https://ubuntu.com/security/CVE-2024-26764 - aio: remove an outdated BUGON and comment in aiocomplete - aio: remove the extra getfile/fput pair in iosubmitone - aio: refactor read/write iocb setup - fs/aio: Restrict kiocbsetcancelfn to I/O submitted via libaio CVE-url:...

DEBIAN-CVE-2022-48739

In the Linux kernel, the following vulnerability has been resolved: ASoC: hdmi-codec: Fix OOB memory accesses Correct size of iecstatus array by changing it to the size of status array of the struct sndaesiec958. This fixes out-of-bounds slab read accesses made by memcpy of the hdmi-codec driver...

DEBIAN-CVE-2022-48738

In the Linux kernel, the following vulnerability has been resolved: ASoC: ops: Reject out of bounds values in sndsocputvolsw We don't currently validate that the values being set are within the range we advertised to userspace as being valid, do so and reject any values that are out of range...

UBUNTU-CVE-2022-48738

In the Linux kernel, the following vulnerability has been resolved: ASoC: ops: Reject out of bounds values in sndsocputvolsw We don't currently validate that the values being set are within the range we advertised to userspace as being valid, do so and reject any values that are out of range...

UBUNTU-CVE-2024-38612

In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix invalid unregister error path The error path of seg6init is wrong in case CONFIGIPV6SEG6LWTUNNEL is not defined. In that case if seg6hmacinit fails, the genlunregisterfamily isn't called. This issue exist since comm...

UBUNTU-CVE-2024-38551

In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: Assign dummy when codec not specified for a DAI link MediaTek sound card drivers are checking whether a DAI link is present and used on a board to assign the correct parameters and this is done by checking the cod...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a possible index out-of-bounds issue in drm/amd/display...

USN-6818-4: Linux kernel (HWE) vulnerabilities

Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service system crash. CVE-2023-6356, CVE-2023-6535, CVE-2023-6536 It was...

USN-6818-4 linux-hwe-6.5 vulnerabilities

Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service system crash. CVE-2023-6356, CVE-2023-6535, CVE-2023-6536 It was...

PT-2024-5458 · Nuvoton · Nuvoton Npcm7Xx Bmc Subsystem

Name of the Vulnerable Software and Affected Versions: Nuvoton NPCM7xx BMC subsystem affected versions not specified Description: The issue is related to an authentication bypass weakness in the Nuvoton BootBlock reference code used in the Nuvoton NPCM7xx BMC subsystem. An attacker with write...

USN-6817-3: Linux kernel vulnerabilities

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. CVE-2022-38096 Zheng Wang discovered that the Broadc...

USN-6818-3 linux-nvidia-6.5 vulnerabilities

Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service system crash. CVE-2023-6356, CVE-2023-6535, CVE-2023-6536 It was...

OESA-2024-1705 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: net: cdceem: fix tx fixup skb leak when usbnet transmit a skb, eem fixup it in eemtxfixup, if skbcopyexpand failed, it return NULL, usbnetstartxmit will have no...

Ubuntu 22.04 LTS : Linux kernel (NVIDIA) vulnerabilities (USN-6818-3)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6818-3 advisory. Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference...

Ubuntu 22.04 LTS : Linux kernel (Azure) vulnerabilities (USN-6821-4)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6821-4 advisory. It was discovered that the ATA over Ethernet AoE driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An...

Ubuntu 24.04 LTS : Linux kernel vulnerabilities (USN-6817-3)

The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6817-3 advisory. Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereferenc...