18 matches found
Security update for the Linux Kernel (Live Patch 17 for SUSE Linux Enterprise 15 SP6)
This update for the SUSE Linux Enterprise Kernel 6.4.0-150600.23.78 fixes various security issues The following security issues were fixed: CVE-2025-40309: Bluetooth: SCO: Fix UAF on scoconnfree bsc1255066. CVE-2026-23268: apparmor: fix unprivileged local user can do privileged policy management...
MiracleLinux 8 : kernel-4.18.0-477.10.1.el8_8 (AXSA:2023-5865:16)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5865:16 advisory. use-after-free caused by l2capreassemblesdu in net/bluetooth/l2capcore.c CVE-2022-3564 net/ulp: use-after-free in listening ULP sockets CVE-2023-046...
RHEL 10 : kernel (RHSA-2025:22854)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:22854 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: cifs: Fix oops due to...
RockyLinux 8 : kernel (RLSA-2025:19102)
The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:19102 advisory. kernel: Bluetooth: L2CAP: fix bad unlock balance in l2capdisconnectrsp CVE-2023-53297 kernel: efivarfs: Fix slab-out-of-bounds in efivarfsdcompare...
AlmaLinux 8 : kernel (ALSA-2025:19102)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:19102 advisory. kernel: Bluetooth: L2CAP: fix bad unlock balance in l2capdisconnectrsp CVE-2023-53297 kernel: efivarfs: Fix slab-out-of-bounds in efivarfsdcompare...
AlmaLinux 8 : kernel-rt (ALSA-2025:19103)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:19103 advisory. kernel: Bluetooth: L2CAP: fix bad unlock balance in l2capdisconnectrsp CVE-2023-53297 kernel: efivarfs: Fix slab-out-of-bounds in efivarfsdcompare...
SUSE-SU-2025:3703-1 Security update for the Linux Kernel (Live Patch 71 for SLE 12 SP5)
This update for the Linux Kernel 4.12.14-122269 fixes several issues. The following security issues were fixed: - CVE-2022-50386: Bluetooth: L2CAP: Fix user-after-free bsc1250302. - CVE-2025-38499: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns bsc1248673. -...
RHEL 9 : kernel (RHSA-2025:15227)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:15227 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: mm/hugetlb: fix hugepmdunshar...
Oracle Linux 8 : kernel (ELSA-2025-13960)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-13960 advisory. - i2c/designware: Fix an initialization issue CKI Backport Bot RHEL-106617 CVE-2025-38380 - Bluetooth: hcicore: Fix use-after-free in vhciflush David...
SUSE-SU-2025:20387-1 Security update for kernel-livepatch-MICRO-6-0_Update_4
This update for kernel-livepatch-MICRO-6-0Update4 fixes the following issues: - CVE-2025-21680: pktgen: avoid out-of-bounds access in getimixentries bsc1236701 - CVE-2024-58013: Bluetooth: MGMT: Fix slab-use-after-free Read in mgmtremoveadvmonitorsync bsc1239096 - CVE-2024-57996: netsched: schsfq...
SUSE-SU-2025:20384-1 Security update for kernel-livepatch-MICRO-6-0-RT_Update_3
This update for kernel-livepatch-MICRO-6-0-RTUpdate3 fixes the following issues: - CVE-2024-49855: nbd: fix race between timeout and normal completion bsc1232900 - CVE-2025-21680: pktgen: avoid out-of-bounds access in getimixentries bsc1236701 - CVE-2024-58013: Bluetooth: MGMT: Fix...
USN-6396-1 linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp, linux-gcp-4.15, linux-hwe, linux-oracle vulnerabilities
It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. CVE-2022-27672 Daniel Moghimi discovered that some IntelR Processors...
USN-6388-1 linux, linux-aws, linux-kvm, linux-lts-xenial vulnerabilities
Daniel Moghimi discovered that some IntelR Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. CVE-2022-40982 Yang Lan discovered that the GFS2 file system...
OESA-2023-1585 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel’s IPv6 functionality when a user makes a new kind of SYN flood attack. A user located in the local network or with a high bandwidth connectio...
USN-5926-1 linux, linux-aws, linux-kvm, linux-lts-xenial vulnerabilities
Kirill Tkhai discovered that the XFS file system implementation in the Linux kernel did not calculate size correctly when pre-allocating space in some situations. A local attacker could use this to expose sensitive information. CVE-2021-4155 Lee Jones discovered that a use-after-free vulnerabilit...
USN-5863-1 linux-azure vulnerabilities
It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-43945 Tamás Koczka discovered that th...
USN-5831-1 linux-azure-fde vulnerabilities
Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service system crash or execute arbitrary code. CVE-2022-4378 Tamás Koczka discovered that the Bluetooth L2CAP handshake...
USN-5814-1 linux-azure, linux-gkeop, linux-intel-iotg, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-oracle-5.15 vulnerabilities
Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service system crash or execute arbitrary code. CVE-2022-4378 Tamás Koczka discovered that the Bluetooth L2CAP handshake...