Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: can: bcm: added locking for bcmop runtime updates. The CAN broadcast manager CAN BCM can send a sequence of CAN frames via hrtimer. The content and length of the sequence can be changed during runtime, after which the ‘currframe’...

SUSE CVE-2023-53344

In the Linux kernel, the following vulnerability has been resolved: can: bcm: bcmtxsetup: fix KMSAN uninit-value in vfswrite Syzkaller reported the following issue: ===================================================== BUG: KMSAN: uninit-value in aiorwdone fs/aio.c:1520 inline BUG: KMSAN:...

CVE-2023-53344 can: bcm: bcm_tx_setup(): fix KMSAN uninit-value in vfs_write

In the Linux kernel, the following vulnerability has been resolved: can: bcm: bcmtxsetup: fix KMSAN uninit-value in vfswrite Syzkaller reported the following issue: ===================================================== BUG: KMSAN: uninit-value in aiorwdone fs/aio.c:1520 inline BUG: KMSAN:...

SUSE CVE-2025-38004

In the Linux kernel, the following vulnerability has been resolved: can: bcm: add locking for bcmop runtime updates The CAN broadcast manager CAN BCM can send a sequence of CAN frames via hrtimer. The content and also the length of the sequence can be changed resp reduced at runtime where the...

CVE-2025-38004

The CVE-2025-38004 entry affects the Linux kernel CAN BCM subsystem. A race allowed by updates to the currframe/count in bcm_can_tx() could enable user-space-triggered modifications from hrtimer context, leading to a KASAN slab-out-of-bounds read. The patch fixes by moving the count variable into...

CLSA-2025-1747725447 kernel: Fix of 35 CVEs

ext4: fix OOB read when checking dotdot dir CVE-2025-37785 - wifi: iwlwifi: limit printed string from FW file CVE-2025-21905 - drm/amdgpu: Fix potential out-of-bounds access in 'amdgpudiscoveryregbaseinit' CVE-2024-27042 - dm-crypt: don't modify the data when using authenticated encryption...

CVE-2021-3609

.A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. This race condition in net/can/bcm.c in the Linux kernel allows for local privilege escalation to root...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2021-2818)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux AMI : kernel (ALAS-2021-1539)

The version of kernel installed on the remote host is prior to 4.14.248-129.473. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2021-1539 advisory. A flaw was found in the Linux kernel. When reusing a socket with an attached dccpshctxccid as a listener, the socke...

Ubuntu: Security Advisory (USN-5082-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-5082-1: Linux kernel (OEM) vulnerabilities

Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel allowed a guest VM to disable restrictions on VMLOAD/VMSAVE in a nested guest. An attacker in a guest VM could use this to read or write portions of the host's physical memory...

SUSE SLES12 / SLES15 Security Update : kernel (Live Patch 16 for SLE 15 SP2) (SUSE-SU-2021:2746-1)

The remote SUSE Linux SLES12 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2746-1 advisory. - An issue was discovered in Linux: KVM through Improper handling of VMIO|VMPFNMAP vmas in KVM can bypass RO checks and can lead to...

openSUSE: Security Advisory for the (openSUSE-SU-2021:2645-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

SUSE SLES15 Security Update : kernel (SUSE-SU-2021:2645-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2645-1 advisory. - An information disclosure vulnerability exists in the ARM SIGPAGE functionality of Linux Kernel v5.4.66 and v5.4.54. The latest version...

Security update for the Linux Kernel (important)

openSUSE Security Update: Security update for the Linux Kernel Announcement ID: openSUSE-SU-2021:2645-1 Rating: important References: 1065729 1085224 1094840 1113295 1152472 1152489 1153274 1154353 1155518 1156395 1170511 1176447 1176940 1179243 1180092 1180814 1183871 1184114 1184350 1184631...

SUSE SLES15 Security Update : kernel (SUSE-SU-2021:2408-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2408-1 advisory. - A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/xtables.c. This allows an attacker to gain...

[SECURITY] [DLA 2713-1] linux security update

Debian LTS Advisory DLA-2713-1 [email protected] https://www.debian.org/lts/security/ Ben Hutchings July 20, 2021 https://wiki.debian.org/LTS Package : linux Version : 4.9.272-2 CVE ID : CVE-2021-3609 CVE-2021-21781 CVE-2021-33909 CVE-2021-34693 Debian Bug : 990072 Brief introduction...

LSN-0078-1: Kernel Live Patch Security Notice

Norbert Slusarek discovered a race condition in the CAN BCM networking protocol of the Linux kernel leading to multiple use-after-free vulnerabilities. A local attacker could use this issue to execute arbitrary code.CVE-2021-3609...

LSN-0078-1 Kernel Live Patch Security Notice

Norbert Slusarek discovered a race condition in the CAN BCM networking protocol of the Linux kernel leading to multiple use-after-free vulnerabilities. A local attacker could use this issue to execute arbitrary code.CVE-2021-3609...

USN-5002-1: Linux kernel (HWE) vulnerability

Norbert Slusarek discovered a race condition in the CAN BCM networking protocol of the Linux kernel leading to multiple use-after-free vulnerabilities. A local attacker could use this issue to execute arbitrary code...