72 matches found
SUSE-SU-2025:03529-1 Security update for the Linux Kernel (Live Patch 55 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-15030059198 fixes several issues. The following security issues were fixed: - CVE-2024-53168: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket bsc1243650. - CVE-2025-38477: net/sched: schqfq: Fix race condition on qfqaggregate bsc1247315. -...
Security update for the Linux Kernel (Live Patch 51 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-15030059185 fixes several issues. The following security issues were fixed: CVE-2024-53168: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket bsc1243650. CVE-2025-38477: net/sched: schqfq: Fix race condition on qfqaggregate bsc1247315...
SUSE-SU-2025:03482-1 Security update for the Linux Kernel (Live Patch 60 for SLE 12 SP5)
This update for the Linux Kernel 4.12.14-122228 fixes several issues. The following security issues were fixed: - CVE-2024-53168: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket bsc1243650. - CVE-2024-50154: tcp/dccp: Do not use timerpending in reqskqueueunlink bsc1233072. -...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_3
This update for kernel-livepatch-MICRO-6-0-RTUpdate3 fixes the following issues: CVE-2024-50154: tcp/dccp: Don't use timerpending in reqskqueueunlink bsc1233072 CVE-2025-21692: net: sched: fix ets qdisc OOB Indexing bsc1237048 CVE-2025-21791: vrf: use RCU protection in l3mdevl3out bsc1240744...
SUSE-SU-2025:20841-1 Security update for kernel-livepatch-MICRO-6-0-RT_Update_3
This update for kernel-livepatch-MICRO-6-0-RTUpdate3 fixes the following issues: - CVE-2024-50154: tcp/dccp: Don't use timerpending in reqskqueueunlink bsc1233072 - CVE-2025-21692: net: sched: fix ets qdisc OOB Indexing bsc1237048 - CVE-2025-21791: vrf: use RCU protection in l3mdevl3out bsc124074...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_2
This update for kernel-livepatch-MICRO-6-0-RTUpdate2 fixes the following issues: CVE-2024-50154: tcp/dccp: Don't use timerpending in reqskqueueunlink bsc1233072 CVE-2025-21692: net: sched: fix ets qdisc OOB Indexing bsc1237048 CVE-2025-21791: vrf: use RCU protection in l3mdevl3out bsc1240744...
SUSE-SU-2025:20819-1 Security update for kernel-livepatch-MICRO-6-0-RT_Update_2
This update for kernel-livepatch-MICRO-6-0-RTUpdate2 fixes the following issues: - CVE-2024-50154: tcp/dccp: Don't use timerpending in reqskqueueunlink bsc1233072 - CVE-2025-21692: net: sched: fix ets qdisc OOB Indexing bsc1237048 - CVE-2025-21791: vrf: use RCU protection in l3mdevl3out bsc124074...
SUSE-SU-2025:20840-1 Security update for kernel-livepatch-MICRO-6-0-RT_Update_2
This update for kernel-livepatch-MICRO-6-0-RTUpdate2 fixes the following issues: - CVE-2024-50154: tcp/dccp: Don't use timerpending in reqskqueueunlink bsc1233072 - CVE-2025-21692: net: sched: fix ets qdisc OOB Indexing bsc1237048 - CVE-2025-21791: vrf: use RCU protection in l3mdevl3out bsc124074...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_5
This update for kernel-livepatch-MICRO-6-0-RTUpdate5 fixes the following issues: CVE-2025-21692: net: sched: fix ets qdisc OOB Indexing bsc1237048 CVE-2025-21791: vrf: use RCU protection in l3mdevl3out bsc1240744 CVE-2025-38089: sunrpc: handle SVCGARBAGE during svc auth processing as auth error...
Security update for kernel-livepatch-MICRO-6-0_Update_4
This update for kernel-livepatch-MICRO-6-0Update4 fixes the following issues: CVE-2025-21692: net: sched: fix ets qdisc OOB Indexing bsc1237048 CVE-2025-21791: vrf: use RCU protection in l3mdevl3out bsc1240744 CVE-2024-53168: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket bsc1243650...
Security update for kernel-livepatch-MICRO-6-0_Update_5
This update for kernel-livepatch-MICRO-6-0Update5 fixes the following issues: CVE-2025-21692: net: sched: fix ets qdisc OOB Indexing bsc1237048 CVE-2025-21791: vrf: use RCU protection in l3mdevl3out bsc1240744 CVE-2025-38089: sunrpc: handle SVCGARBAGE during svc auth processing as auth error...
SUSE-SU-2025:20808-1 Security update for kernel-livepatch-MICRO-6-0_Update_5
This update for kernel-livepatch-MICRO-6-0Update5 fixes the following issues: - CVE-2025-21692: net: sched: fix ets qdisc OOB Indexing bsc1237048 - CVE-2025-21791: vrf: use RCU protection in l3mdevl3out bsc1240744 - CVE-2025-38089: sunrpc: handle SVCGARBAGE during svc auth processing as auth erro...
SUSE-SU-2025:03476-1 Security update for the Linux Kernel RT (Live Patch 9 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506001029 fixes several issues. The following security issues were fixed: - CVE-2025-38477: net/sched: schqfq: Fix race condition on qfqaggregate bsc1247315. - CVE-2025-21791: vrf: use RCU protection in l3mdevl3out bsc1240744. - CVE-2025-38089: sunrpc: hand...
Juniper Junos OS Vulnerability (JSA100060)
The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA100060 advisory. - A Missing Authorization vulnerability in the internal virtual routing and forwarding VRF of Juniper Networks Junos OS Evolved allows a local, low-privileged user to gain...
CVE-2025-52954 Junos OS Evolved: A low-privileged user can execute arbitrary Junos commands and modify the configuration, thereby compromising the system
A Missing Authorization vulnerability in the internal virtual routing and forwarding VRF of Juniper Networks Junos OS Evolved allows a local, low-privileged user to gain root privileges, leading to a system compromise. Any low-privileged user with the capability to send packets over the internal...
Juniper Networks Junos OS Evolved 安全漏洞
Juniper Networks Junos OS Evolved is an upgraded system for Juniper Networks' Junos OS. A security vulnerability exists in Juniper Networks Junos OS Evolved that stems from a missing internal VRF authorization that could lead to elevated privileges...
vrf: use RCU protection in l3mdev_l3_out()
...
AZL-58566 CVE-2025-21791 affecting package kernel for versions less than 6.6.82.1-1
In the Linux kernel, the following vulnerability has been resolved: vrf: use RCU protection in l3mdevl3out l3mdevl3out can be called without RCU being held: rawsendmsg ippushpendingframes ipsendskb iplocalout iplocalout l3mdevipout Add rcureadlock / rcureadunlock pair to avoid a potential UAF...
vrf: revert "vrf: Remove unnecessary RCU-bh critical section"
...
SUSE CVE-2024-49980
In the Linux kernel, the following vulnerability has been resolved: vrf: revert "vrf: Remove unnecessary RCU-bh critical section" This reverts commit 504fc6f4f7f681d2a03aa5f68aad549d90eab853. devqueuexmitnit is expected to be called with BH disabled. devqueuexmit has the following: / Disable soft...