CLSA-2025-1738671431 kernel: Fix of 43 CVEs

smb: client: fix use-after-free of signing key CVE-2024-53179 - smb: client: stop flooding dmesg in smb2calcsignature CVE-2024-53179 - smb3: fix oops in calculating shashsetkey CVE-2024-53179 - cifs: return correct error in -calcsignature CVE-2024-53179 - cifs: secmech: use shashdesc directly,...

nvmet-auth: assign dh_key to NULL after kfree_sensitive

...

SUSE-SU-2025:0266-1 Security update for the Linux Kernel (Live Patch 10 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005549 fixes several issues. The following security issues were fixed: - CVE-2024-41057: cachefiles: fix slab-use-after-free in cachefileswithdrawcookie bsc1229275. - CVE-2024-36971: Fixed dstnegativeadvice race bsc1226324. - CVE-2024-50264:...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a pointer not being nulled, resulting in memory being reused after being freed...

Security update for the Linux Kernel (Live Patch 5 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506002325 fixes one issue. The following security issue was fixed: CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. Patch Instructions: To install this SUSE update use the SUSE recommended installation...

In Qt 6.5.4, 6.5.5, and 6.6.2, QNetworkReply header data might be accessed via a dangling pointer in Qt for WebAssembly (wasm). (Earlier and later versions are unaffected.)

...

SUSE-SU-2025:0184-1 Security update for the Linux Kernel (Live Patch 5 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506002325 fixes one issue. The following security issue was fixed: - CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712...

SUSE SLES12 / SLES15 Security Update : kernel (Live Patch 0 for SLE 15 SP6) (SUSE-SU-2025:0173-1)

The remote SUSE Linux SLES12 / SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:0173-1 advisory. This update for the Linux Kernel 4.12.14-122234 fixes one issue. The following security issue was fixed: - CVE-2024-50264: vsock/virtio:...

SUSE SLES15 Security Update : kernel (Live Patch 4 for SLE 15 SP6) (SUSE-SU-2025:0179-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0179-1 advisory. This update for the Linux Kernel 6.4.0-1506002322 fixes several issues. The following security issues were fixed: - CVE-2024-50264: vsock/virti...

SUSE-SU-2025:0180-1 Security update for the Linux Kernel (Live Patch 48 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059174 fixes several issues. The following security issues were fixed: - CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. - CVE-2022-48956: ipv6: avoid use-after-free in ip6fragment bsc1232637...

Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-15060021 fixes one issue. The following security issue was fixed: CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. Patch Instructions: To install this SUSE update use the SUSE recommended installation...

SUSE-SU-2025:0173-1 Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-15060021 fixes one issue. The following security issue was fixed: - CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712...

Security update for the Linux Kernel (Live Patch 29 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024128 fixes several issues. The following security issues were fixed: CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. CVE-2022-48956: ipv6: avoid use-after-free in ip6fragment bsc1232637...

SUSE-SU-2025:0168-1 Security update for the Linux Kernel (Live Patch 3 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506002317 fixes several issues. The following security issues were fixed: - CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. - CVE-2024-43861: Fix memory leak for not ip packets bsc1229553. -...

Security update for the Linux Kernel (Live Patch 14 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005565 fixes several issues. The following security issues were fixed: CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. CVE-2022-48956: ipv6: avoid use-after-free in ip6fragment bsc1232637...

SUSE-SU-2025:0164-1 Security update for the Linux Kernel (Live Patch 14 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005565 fixes several issues. The following security issues were fixed: - CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. - CVE-2022-48956: ipv6: avoid use-after-free in ip6fragment bsc1232637. -...

SUSE-SU-2025:0150-1 Security update for the Linux Kernel (Live Patch 25 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024116 fixes several issues. The following security issues were fixed: - CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. - CVE-2022-48956: ipv6: avoid use-after-free in ip6fragment bsc1232637. -...

SUSE-SU-2025:0146-1 Security update for the Linux Kernel (Live Patch 13 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005562 fixes several issues. The following security issues were fixed: - CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. - CVE-2022-48956: ipv6: avoid use-after-free in ip6fragment bsc1232637. -...

SUSE SLES15 Security Update : kernel (Live Patch 47 for SLE 15 SP3) (SUSE-SU-2025:0132-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0132-1 advisory. This update for the Linux Kernel 5.3.18-15030059170 fixes several issues. The following security issues were fixed: - CVE-2024-50264:...

CVE-2024-57892

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix slab-use-after-free due to dangling pointer dqipriv When mounting ocfs2 and then remounting it as read-only, a slab-use-after-free occurs after the user uses a syscall to quotagetnextquota. Specifically, sbdqinfosb,...