Amazon Linux 2023 : bpftool6.12, kernel6.12, kernel6.12-devel (ALAS2023-2026-1646)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1646 advisory. In the Linux kernel, the following vulnerability has been resolved: landlock: Fix handling of disconnected directories CVE-2025-68736 In the Linux kernel, the following vulnerability has been...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987312)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987312 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: serialize hash resizes and cleanups Syzbot was able to trigger the followin...

CVE-2022-48974

In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: fix using thiscpuadd in preemptible Currently in nfconntrackhashcheckinsert, when it fails in nfctextvalidpre/post, NFCTSTATINC will be called in the preemptible context, a call trace can be triggered: BUG:...

AZL-51423 CVE-2024-50038 affecting package kernel for versions less than 5.15.173.1-1

In the Linux kernel, the following vulnerability has been resolved: netfilter: xtables: avoid NFPROTOUNSPEC where needed syzbot managed to call xtcluster match via ebtables: WARNING: CPU: 0 PID: 11 at net/netfilter/xtcluster.c:72 xtclustermt+0x196/0x780 .. ebtdotable+0x174b/0x2a40 Module register...

CVE-2022-48974

In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: fix using thiscpuadd in preemptible Currently in nfconntrackhashcheckinsert, when it fails in nfctextvalidpre/post, NFCTSTATINC will be called in the preemptible context, a call trace can be triggered: BUG:...

DEBIAN-CVE-2022-48974

In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: fix using thiscpuadd in preemptible Currently in nfconntrackhashcheckinsert, when it fails in nfctextvalidpre/post, NFCTSTATINC will be called in the preemptible context, a call trace can be triggered: BUG:...

kernel security and bug fix update

3.10.0-1160.99.1.0.1.OL7 - debug: lock down kgdb Orabug: 34270798 CVE-2022-21499 3.10.0-1160.99.1.OL7 - Update Oracle Linux certificates Ilya Okomin - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug: 2481767...

Unbreakable Enterprise kernel security update

5.4.17-2136.321.4 - tick/common: Align tick period during schedtimer setup Thomas Gleixner Orabug: 35520079 - net/rds: Fix endless rdssendxmit loop if cpindex 0 Gerd Rausch Orabug: 35510149 5.4.17-2136.321.3 - selinux: don't use make's grouped targets feature yet Paul Moore - lib: cpurmap: Fix...