Security update for the Linux Kernel (Live Patch 6 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506002330 fixes one issue. The following security issue was fixed: CVE-2024-56600: net: inet6: do not leave a dangling sk pointer in inet6create bsc1235218. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like...

kernel: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans

A dangling pointer can be created in vsk-trans, potentially leading to a Use-After-Free condition...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2021-47633: ath5k: fix OOB in ath5keepromreadpcalinfo5111 bsc1237768. CVE-2022-49080: mm/mempolicy: fix mpolnew leak in sharedpolicyreplace bsc1238033...

AlmaLinux 9 : kernel (ALSA-2025:2627)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:2627 advisory. kernel: ACPI: extlog: fix NULL pointer dereference check CVE-2023-52605 kernel: vsock/virtio: Initialization of the dangling pointer occurring in vsk-tran...

ocfs2: fix slab-use-after-free due to dangling pointer dqi_priv

...

Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc()

...

kernel: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans

A dangling pointer can be created in vsk-trans, potentially leading to a Use-After-Free condition...

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: ACPI: extlog: fix NULL pointer dereference check CVE-2023-52605 kernel: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans CVE-2024-50264 kernel: HID: core:...

net: ieee802154: do not leave a dangling sk pointer in ieee802154_create()

...

Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create()

...

net: af_can: do not leave a dangling sk pointer in can_create()

...

net: inet: do not leave a dangling sk pointer in inet_create()

...

net: inet6: do not leave a dangling sk pointer in inet6_create()

...

Linux Distros Unpatched Vulnerability : CVE-2024-50264

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans During loopback...

Linux Distros Unpatched Vulnerability : CVE-2024-53103

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: hvsock: Initializing vsk-trans to NULL to prevent a dangling pointer When hvs is released,...

Linux Distros Unpatched Vulnerability : CVE-2010-0176

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2; Thunderbird before 3.0.4; and SeaMonkey before 2.0.4 do not properly manage reference...

Linux Distros Unpatched Vulnerability : CVE-2011-0084

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The SVGTextElement.getCharNumAtPosition function in Mozilla Firefox before 3.6.20, and 4.x through 5; Thunderbird 3.x before 3.1.12 and other versions before 6;...

CVE-2022-49238

CVE-2022-49238 concerns the Linux kernel ath11k driver for QCA6390/WCN6855. The issue arises when disconnecting from an AP: a commit sequence intended to fix a firmware crash ended up skipping all peer deletion, leaving peer->sta set and then used, causing a use-after-free. The log shows a use...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-35863: Fixed potential UAF in isvalidoplockbreak bsc1224763. CVE-2024-50199: mm/swapfile: skip HugeTLB pages for unusevma bsc1233112. CVE-2024-53104: media:...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net: sched: schmultiq: fix possible OOB write in multiqtune CVE-2024-36978 In the Linux kernel, the following vulnerability has been resolved: usb-storage: alauda: Check whether the media is initialized...