9 matches found
Siemens SIMATIC Devices Memory Allocation with Excessive Size Value (CVE-2025-21648)
In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: clamp maximum hashtable size to INTMAX Use INTMAX as maximum size for the conntrack hashtable. Otherwise, it is possible to hit WARNONONCE in kvmallocnodenoprof when resizing hashtable because GFPNOWARN is...
SUSE-SU-2025:02000-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP6 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-28956: x86/ibt: Keep IBT disabled during alternative patching bsc1242006. - CVE-2024-46713: kabi fix for perf/aux: Fix AUX buffer serialization bsc1230581. ...
SUSE-SU-2025:01964-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP6 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-28956: x86/ibt: Keep IBT disabled during alternative patching bsc1242006. - CVE-2024-35840: mptcp: use OPTIONMPTCPMPJSYNACK in subflowfinishconnect...
EulerOS 2.0 SP12 : kernel (EulerOS-SA-2025-1421)
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : filemap: avoid truncating 64-bit offset to 32 bitsCVE-2025-21665 iomap: avoid avoid truncating 64-bit offset to 32 bitsCVE-2025-21667 fs/proc: fix...
Linux Distros Unpatched Vulnerability : CVE-2025-21648
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netfilter: conntrack: clamp maximum hashtable size to INTMAX Use INTMAX as maximum size for the conntrack hashtable. Otherwise, it is possible to hit WARNONONCE...
BELL-CVE-2025-21648
Bulletin has no description...
CVE-2025-21648
In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: clamp maximum hashtable size to INTMAX Use INTMAX as maximum size for the conntrack hashtable. Otherwise, it is possible to hit WARNONONCE in kvmallocnodenoprof when resizing hashtable because GFPNOWARN is...
CVE-2025-21648 netfilter: conntrack: clamp maximum hashtable size to INT_MAX
In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: clamp maximum hashtable size to INTMAX Use INTMAX as maximum size for the conntrack hashtable. Otherwise, it is possible to hit WARNONONCE in kvmallocnodenoprof when resizing hashtable because GFPNOWARN is...
CVE-2025-21648
CVE-2025-21648 affects the Linux kernel netfilter conntrack code. The vulnerability arises from the hashtable resize path where the maximum size could exceed practical limits, risking a WARN_ON_ONCE in __kvmalloc_node_noprof() when __GFP_NOWARN is unset. The fix clamps the conntrack hashtable siz...