[slackware-security] Slackware 15.0 kernel

New kernel packages are available for Slackware 15.0 to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/linux-5.15.160/: Upgraded. These updates fix various bugs and security issues. Be sure to upgrade your initrd after upgrading the kernel packages. ...

Ubuntu: Security Advisory (USN-6743-3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-6743-3: Linux kernel (Azure) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - JFS file system; - BPF subsystem; - Netfilter; CVE-2023-52600, CVE-2024-26589, CVE-2024-26591, CVE-2024-26581,...

Ubuntu 22.04 LTS : Linux kernel vulnerabilities (USN-6742-2)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6742-2 advisory. Daniele Antonioli discovered that the Secure Simple Pairing and Secure Connections pairing in the Bluetooth protocol could allow an unauthenticated user ...

Ubuntu: Security Advisory (USN-6743-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-6742-2: Linux kernel vulnerabilities

Daniele Antonioli discovered that the Secure Simple Pairing and Secure Connections pairing in the Bluetooth protocol could allow an unauthenticated user to complete authentication without pairing credentials. A physically proximate attacker placed between two Bluetooth devices could use this to...

USN-6743-2: Linux kernel (Low Latency) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - JFS file system; - BPF subsystem; - Netfilter; CVE-2023-52600, CVE-2024-26589, CVE-2024-26591, CVE-2024-26581,...

Ubuntu: Security Advisory (USN-6742-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-6743-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-6743-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - JFS file system; - BPF subsystem; - Netfilter; CVE-2023-52600, CVE-2024-26589, CVE-2024-26591, CVE-2024-26581,...

USN-6742-1 linux, linux-aws, linux-aws-5.15, linux-azure-5.15, linux-azure-fde, linux-azure-fde-5.15, linux-gcp, linux-gcp-5.15, linux-gke, linux-gkeop, linux-gkeop-5.15, linux-hwe-5.15, linux-ibm, linux-ibm-5.15, linux-intel-iotg, linux-intel-iotg-5.15, linux-kvm, linux-lowlatency-hwe-5.15, linux-oracle, linux-oracle-5.15, linux-raspi vulnerabilities

Daniele Antonioli discovered that the Secure Simple Pairing and Secure Connections pairing in the Bluetooth protocol could allow an unauthenticated user to complete authentication without pairing credentials. A physically proximate attacker placed between two Bluetooth devices could use this to...

USN-6741-1 linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-bluefield, linux-gcp, linux-gcp-5.4, linux-gkeop, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-iot, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4, linux-xilinx-zynqmp vulnerabilities

Daniele Antonioli discovered that the Secure Simple Pairing and Secure Connections pairing in the Bluetooth protocol could allow an unauthenticated user to complete authentication without pairing credentials. A physically proximate attacker placed between two Bluetooth devices could use this to...

Ubuntu: Security Advisory (USN-6688-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-52600

CVE-2023-52600 affects the Linux kernel JFS component. Root cause: a use-after-free in jfs_evict_inode where, if diMount(ipimap) fails, the released ipimap may be accessed in diFreeSpecial() as rcu_core() asynchronously frees it via jfs_free_node(). The fix ensures sbi->ipimap is not initializ...

CVE-2023-52600

In the Linux kernel, the following vulnerability has been resolved: jfs: fix uaf in jfsevictinode When the execution of diMountipimap fails, the object ipimap that has been released may be accessed in diFreeSpecial. Asynchronous ipimap release occurs when rcucore calls jfsfreenode. Therefore, whe...

CVE-2023-52600 jfs: fix uaf in jfs_evict_inode

In the Linux kernel, the following vulnerability has been resolved: jfs: fix uaf in jfsevictinode When the execution of diMountipimap fails, the object ipimap that has been released may be accessed in diFreeSpecial. Asynchronous ipimap release occurs when rcucore calls jfsfreenode. Therefore, whe...