PT-2025-38392

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists when using the debugfs lookup function in the USB ULPI subsystem. The result of calling debugfs lookup requires dput to be called on it to prevent memory leaks over...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2023:4375-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4375-1 advisory. - Incorrect verifier pruning in BPF in Linux Kernel =5.4 leads to unsafe code paths being...

Fedora 39 : kernel (2023-c3bb819677)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-c3bb819677 advisory. The 6.5.6 stable kernel update contains a number of important fixes across the tree. Tenable has extracted the preceding description block directly...

PT-2024-14720 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A bounds checking issue in the Linux kernel's scheduling subsystem has been identified, where the priority index used to access clpriop was not explicitly bounds checked...

A use-after-free vulnerability was found in the Netfilter subsystem of the Linux kernel when processing batch requests to update nf_tables configuration. (CVE-2023-32233)

In the Linux kernel through 6.3.1, a use-after-free in Netfilter nftables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users can obtain root privileges. This occurs because anonymous sets are mishandled...

SUSE SLES12 Security Update : kernel (SUSE-SU-2023:4359-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4359-1 advisory. - An issue was discovered in drivers/mtd/ubi/cdev.c in the Linux kernel 6.2. There is a divide-by-zero error in dodivsz,mtd-erasesize, used...

SUSE SLES12 Security Update : kernel (SUSE-SU-2023:4346-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4346-1 advisory. - An issue was discovered in drivers/mtd/ubi/cdev.c in the Linux kernel 6.2. There is a divide-by-zero error in...

SUSE: Security Advisory (SUSE-SU-2023:4346-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-6454-4 linux-starfive vulnerabilities

Kyle Zeng discovered that the netfilter subsystem in the Linux kernel contained a race condition in IP set operations in certain situations. A local attacker could use this to cause a denial of service system crash. CVE-2023-42756 Alex Birnberg discovered that the netfilter subsystem in the Linux...

CVE-2023-1192

A use-after-free flaw was found in smb2isstatusiotimeout in CIFS in the Linux Kernel. After CIFS transfers response data to a system call, there are still local variable points to the memory region, and if the system call frees it faster than CIFS uses it, CIFS will access a free memory region,...

SUSE SLES15 Security Update : kernel (Live Patch 0 for SLE 15 SP5) (SUSE-SU-2023:4326-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4326-1 advisory. - A use-after-free vulnerability was found in the Linux kernel's netfilter subsystem in net/netfilter/nftablesapi.c. Mishandled error handling...

Ubuntu: Security Advisory (USN-6460-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Medium: kernel

Issue Overview: An issue was discovered in drivers/mtd/ubi/cdev.c in the Linux kernel 6.2. There is a divide-by-zero error in dodivsz,mtd-erasesize, used indirectly by ctrlcdevioctl, when mtd-erasesize is 0. CVE-2023-31085 A flaw in the kernel Xen event handler can cause a deadlock with Xen conso...

Ubuntu 22.04 LTS : Linux kernel (Raspberry Pi) vulnerabilities (USN-6465-2)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6465-2 advisory. Yu Hao and Weiteng Chen discovered that the Bluetooth HCI UART driver in the Linux kernel contained a race condition, leading to a null pointer dereferen...

SUSE-SU-2023:4326-1 Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-15050053 fixes several issues. The following security issues were fixed: - CVE-2023-4147: Fixed use-after-free in nftablesnewrule bsc1215118. - CVE-2023-4623: Fixed a use-after-free issue in the HFSC network scheduler which could be exploited to achieve...

USN-6461-1: Linux kernel (OEM) vulnerabilities

Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service system crash. CVE-2023-31085 Marek Marczykowski-Górecki discovered that the Xen event...

USN-6461-1 linux-oem-6.1 vulnerabilities

Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service system crash. CVE-2023-31085 Marek Marczykowski-Górecki discovered that the Xen event...

Ubuntu 22.04 LTS : Linux kernel (NVIDIA) vulnerabilities (USN-6466-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6466-1 advisory. Hyunwoo Kim discovered that the DVB Core driver in the Linux kernel contained a race condition during device removal, leading to a use-after- free...

Ubuntu 18.04 ESM / 20.04 LTS : Linux kernel vulnerabilities (USN-6462-1)

The remote Ubuntu 18.04 ESM / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6462-1 advisory. Seth Jenkins discovered that the Linux kernel did not properly perform address randomization for a per-cpu memory management structure. A loc...

Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-6465-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6465-1 advisory. Yu Hao and Weiteng Chen discovered that the Bluetooth HCI UART driver in the Linux kernel contained a race condition, leading to a null point...