CVE-2023-54074

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Use correct encap attribute during invalidation With introduction of post action infrastructure most of the users of encap attribute had been modified in order to obtain the correct attribute by calling...

CVE-2022-49763

Summary (CVE-2022-49763) In the Linux kernel NTFS code, the use-after-free issue in ntfs_attr_find() stems from missing bounds checks on the attrs_offset field after loading the first MFT record. The vulnerability was exposed by KASAN reports (use-after-free read) during NTFS attribute handling, ...

CVE-2025-21840

CVE-2025-21840 affects the Linux kernel thermal netlink interface. The intel-lpmd tool segfaults because THERMAL_GENL_ATTR_CPU_CAPABILITY’s raw value changed in a commit, while intel_lpmd still used the old value. The documented fix moves THERMAL_GENL_ATTR_TZ_PREV_TEMP to the end of enum thermal_...

Security update for python

This update for python fixes the following issues: CVE-2024-11168: Fixed improper validation of IPv6 and IPvFuture addresses bsc1233307 Other fixes: - Add ipaddress module from https://github.com/phihag/ipaddress - Remove -IVendor/ from python-config bsc1231795 - Stop using %%defattr, it seems...

CVE-2024-40955 ext4: fix slab-out-of-bounds in ext4_mb_find_good_group_avg_frag_lists()

In the Linux kernel, the following vulnerability has been resolved: ext4: fix slab-out-of-bounds in ext4mbfindgoodgroupavgfraglists We can trigger a slab-out-of-bounds with the following commands: mkfs.ext4 -F /dev/$disk 10G mount /dev/$disk /tmp/test echo 2147483647...

OESA-2024-1284 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: f2fs: explicitly null-terminate the xattr list When setting an xattr, explicitly null-terminate the xattr list. This eliminates the fragile assumption that the...