Security update for the Linux Kernel (Live Patch 34 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024144 fixes several issues. The following security issues were fixed: CVE-2024-53146: NFSD: Prevent a potential integer overflow bsc1234854. CVE-2022-49465: blk-throttle: Set BIOTHROTTLED when bio has been throttled bsc1238920. CVE-2024-53214:...

The vulnerability of the smp_processor_id() function in the drivers/vfio/pci/hisilicon/hisi_acc_vfio_pci.c kernel of the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the smpprocessorid function in the drivers/vfio/pci/hisilicon/hisiaccvfiopci.c module of the Linux operating system is related to the assignment of the NUL address value due to incorrect loading of drivers in the guest operating system. Exploiting this vulnerability can allow...

rtnetlink: Allocate vfinfo size for VF GUIDs when supported

...

SUSE CVE-2025-38283

In the Linux kernel, the following vulnerability has been resolved: hisiaccvfiopci: bugfix live migration function without VF device driver If the VF device driver is not loaded in the Guest OS and we attempt to perform device data migration, the address of the migrated data will be NULL. The liv...

AZL-64931 CVE-2025-38283 affecting package kernel for versions less than 6.6.96.1-1

In the Linux kernel, the following vulnerability has been resolved: hisiaccvfiopci: bugfix live migration function without VF device driver If the VF device driver is not loaded in the Guest OS and we attempt to perform device data migration, the address of the migrated data will be NULL. The liv...

DEBIAN-CVE-2025-38283

In the Linux kernel, the following vulnerability has been resolved: hisiaccvfiopci: bugfix live migration function without VF device driver If the VF device driver is not loaded in the Guest OS and we attempt to perform device data migration, the address of the migrated data will be NULL. The liv...

UBUNTU-CVE-2025-38283

In the Linux kernel, the following vulnerability has been resolved: hisiaccvfiopci: bugfix live migration function without VF device driver If the VF device driver is not loaded in the Guest OS and we attempt to perform device data migration, the address of the migrated data will be NULL. The liv...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an attempted device data migration when the VF device driver is not loaded, which could result in null point...

UBUNTU-CVE-2025-38109

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix ECVF vports unload on shutdown flow Fix shutdown flow UAF when a virtual function is created on the embedded chip ECVF of a BlueField device. In such case the vport acl ingress table is not properly destroyed. ECVF...

kernel: ice: Fix deinitializing VF in error path

A use-after-free vulnerability was discovered in the Linux kernel's Ethernet Connection E800 Series driver, which is responsible for managing network connections. This issue occurs when an attacker with local privileges intentionally triggers this error path, causing an error to occur in the...

SUSE CVE-2022-50041

In the Linux kernel, the following vulnerability has been resolved: ice: Fix call trace with null VSI during VF reset During stress test with attaching and detaching VF from KVM and simultaneously changing VFs spoofcheck and trust there was a call trace in iceresetvf that VF's VSI is null...

SUSE CVE-2022-50053

In the Linux kernel, the following vulnerability has been resolved: iavf: Fix reset error handling Do not call iavfclose in iavfresettask error handling. Doing so can lead to double call of napidisable, which can lead to deadlock there. Removing VF would lead to iavfremove task being stuck, becau...

SUSE CVE-2022-50055

In the Linux kernel, the following vulnerability has been resolved: iavf: Fix adminq error handling iavfallocasqbufs/iavfallocarqbufs allocates with dmaalloccoherent memory for VF mailbox. Free DMA regions for both ASQ and ARQ in case error happens during configuration of ASQ/ARQ registers. Witho...

DEBIAN-CVE-2022-50054

In the Linux kernel, the following vulnerability has been resolved: iavf: Fix NULL pointer dereference in iavfgetlinkksettings Fix possible NULL pointer dereference, due to freeing of adapter-vfres in iavfinitgetresources. Previous commit introduced a regression, where receiving...

DEBIAN-CVE-2022-50053

In the Linux kernel, the following vulnerability has been resolved: iavf: Fix reset error handling Do not call iavfclose in iavfresettask error handling. Doing so can lead to double call of napidisable, which can lead to deadlock there. Removing VF would lead to iavfremove task being stuck, becau...

DEBIAN-CVE-2022-50041

In the Linux kernel, the following vulnerability has been resolved: ice: Fix call trace with null VSI during VF reset During stress test with attaching and detaching VF from KVM and simultaneously changing VFs spoofcheck and trust there was a call trace in iceresetvf that VF's VSI is null...

UBUNTU-CVE-2022-50055

In the Linux kernel, the following vulnerability has been resolved: iavf: Fix adminq error handling iavfallocasqbufs/iavfallocarqbufs allocates with dmaalloccoherent memory for VF mailbox. Free DMA regions for both ASQ and ARQ in case error happens during configuration of ASQ/ARQ registers. Witho...

UBUNTU-CVE-2022-50053

In the Linux kernel, the following vulnerability has been resolved: iavf: Fix reset error handling Do not call iavfclose in iavfresettask error handling. Doing so can lead to double call of napidisable, which can lead to deadlock there. Removing VF would lead to iavfremove task being stuck, becau...

UBUNTU-CVE-2022-50041

In the Linux kernel, the following vulnerability has been resolved: ice: Fix call trace with null VSI during VF reset During stress test with attaching and detaching VF from KVM and simultaneously changing VFs spoofcheck and trust there was a call trace in iceresetvf that VF's VSI is null...

CVE-2022-50041

In the Linux kernel, the following vulnerability has been resolved: ice: Fix call trace with null VSI during VF reset During stress test with attaching and detaching VF from KVM and simultaneously changing VFs spoofcheck and trust there was a call trace in iceresetvf that VF's VSI is null...