Security update for the Linux Kernel (Live Patch 47 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059170 fixes several issues. The following security issues were fixed: CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. CVE-2022-48956: ipv6: avoid use-after-free in ip6fragment bsc1232637...

DEBIAN-CVE-2024-57892

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix slab-use-after-free due to dangling pointer dqipriv When mounting ocfs2 and then remounting it as read-only, a slab-use-after-free occurs after the user uses a syscall to quotagetnextquota. Specifically, sbdqinfosb,...

CVE-2024-57892

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix slab-use-after-free due to dangling pointer dqipriv When mounting ocfs2 and then remounting it as read-only, a slab-use-after-free occurs after the user uses a syscall to quotagetnextquota. Specifically, sbdqinfosb,...

CVE-2024-57892 ocfs2: fix slab-use-after-free due to dangling pointer dqi_priv

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix slab-use-after-free due to dangling pointer dqipriv When mounting ocfs2 and then remounting it as read-only, a slab-use-after-free occurs after the user uses a syscall to quotagetnextquota. Specifically, sbdqinfosb,...

CVE-2024-57892

CVE-2024-57892 relates to the Linux kernel OCFS2 quota handling. The issue is a slab-use-after-free when remounting an ocfs2 filesystem as read-only and a quota_getnextquota syscall is used. The root cause is a dangling dqi_priv pointer that is freed during remount but not cleared, combined with ...

CVE-2024-57892 ocfs2: fix slab-use-after-free due to dangling pointer dqi_priv

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix slab-use-after-free due to dangling pointer dqipriv When mounting ocfs2 and then remounting it as read-only, a slab-use-after-free occurs after the user uses a syscall to quotagetnextquota. Specifically, sbdqinfosb,...

SUSE-SU-2025:0124-1 Security update for the Linux Kernel (Live Patch 26 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024119 fixes several issues. The following security issues were fixed: - CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. - CVE-2022-48956: ipv6: avoid use-after-free in ip6fragment bsc1232637. -...

SUSE SLES15 Security Update : kernel RT (Live Patch 0 for SLE 15 SP6) (SUSE-SU-2025:0083-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2025:0083-1 advisory. This update for the Linux Kernel 6.4.0-1506008 fixes one issue. The following security issue was fixed: - CVE-2024-50264: vsock/virtio: Initialization ...

SUSE SLES15 Security Update : kernel (Live Patch 24 for SLE 15 SP4) (SUSE-SU-2025:0109-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0109-1 advisory. This update for the Linux Kernel 5.14.21-15040024111 fixes several issues. The following security issues were fixed: - CVE-2024-50264:...

Security update for the Linux Kernel (Live Patch 9 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005544 fixes several issues. The following security issues were fixed: CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. CVE-2022-48956: ipv6: avoid use-after-free in ip6fragment bsc1232637. Patch...

SUSE-SU-2025:0111-1 Security update for the Linux Kernel (Live Patch 28 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024125 fixes several issues. The following security issues were fixed: - CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. - CVE-2022-48956: ipv6: avoid use-after-free in ip6fragment bsc1232637. -...

SUSE-SU-2025:0107-1 Security update for the Linux Kernel (Live Patch 23 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024108 fixes several issues. The following security issues were fixed: - CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. - CVE-2022-48956: ipv6: avoid use-after-free in ip6fragment bsc1232637. -...

Security update for the Linux Kernel (Live Patch 53 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122194 fixes several issues. The following security issues were fixed: CVE-2022-48686: Fixed UAF when detecting digest errors bsc1226337. CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. CVE-2022-48956...

Security update for the Linux Kernel RT (Live Patch 5 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506001017 fixes one issue. The following security issue was fixed: CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. Patch Instructions: To install this SUSE update use the SUSE recommended installation...

SUSE-SU-2025:0083-1 Security update for the Linux Kernel RT (Live Patch 0 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506008 fixes one issue. The following security issue was fixed: - CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712...

CLSA-2025-1736778412 kernel: Fix of 17 CVEs

tracing: Free buffers when a used dynamic event is removed CVE-2022-49006 - ASoC: ops: Check bounds for second channel in sndsocputvolswsx CVE-2022-48951 - ext4: fix slab-use-after-free in ext4splitextentat CVE-2024-49884 - ext4: fix bug on in ext4escacheextent as ext4splitextentat failed...

SUSE CVE-2024-56606

In the Linux kernel, the following vulnerability has been resolved: afpacket: avoid erroring out after sockinitdata in packetcreate After sockinitdata the allocated sk object is attached to the provided sock object. On error, packetcreate frees the sk object leaving the dangling pointer in the so...

SUSE CVE-2024-56603

In the Linux kernel, the following vulnerability has been resolved: net: afcan: do not leave a dangling sk pointer in cancreate On error cancreate frees the allocated sk object, but sockinitdata has already attached it to the provided sock object. This will leave a dangling sk pointer in the sock...

CVE-2024-56601

In the Linux kernel, the following vulnerability has been resolved: net: inet: do not leave a dangling sk pointer in inetcreate sockinitdata attaches the allocated sk object to the provided sock object. If inetcreate fails later, the sk object is freed, but the sock object retains the dangling...

SUSE CVE-2024-56600

In the Linux kernel, the following vulnerability has been resolved: net: inet6: do not leave a dangling sk pointer in inet6create sockinitdata attaches the allocated sk pointer to the provided sock object. If inet6create fails later, the sk object is released, but the sock object retains the...