SUSE-SU-2024:2948-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2020-26558: Fixed a flaw in the Bluetooth LE and BR/EDR secure pairing that could permit a nearby man-in-the-middle attacker to identify the Passkey used during...

SUSE-SU-2024:2893-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-39494: ima: Fix use-after-free on a dentry's dname.name bsc1227716. - CVE-2024-41069: ASoC: topology: Fix route memory corruption bsc1228644. -...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Important: Red Hat Security Advisory: kernel-rt security update

An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

RHEL 9 : kernel (RHSA-2024:5257)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:5257 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: netfilter: nftables: disallow...

CVE-2024-42110

In the Linux kernel, the following vulnerability has been resolved: net: ntbnetdev: Move ntbnetdevrxhandler to call netifrx from netifrx The following is emitted when using idxd DSA dmanegine as the data mover for ntbtransport that ntbnetdev uses. 74412.546922 BUG: using smpprocessorid in...

CVE-2024-42110 net: ntb_netdev: Move ntb_netdev_rx_handler() to call netif_rx() from __netif_rx()

In the Linux kernel, the following vulnerability has been resolved: net: ntbnetdev: Move ntbnetdevrxhandler to call netifrx from netifrx The following is emitted when using idxd DSA dmanegine as the data mover for ntbtransport that ntbnetdev uses. 74412.546922 BUG: using smpprocessorid in...

CVE-2024-42110 net: ntb_netdev: Move ntb_netdev_rx_handler() to call netif_rx() from __netif_rx()

In the Linux kernel, the following vulnerability has been resolved: net: ntbnetdev: Move ntbnetdevrxhandler to call netifrx from netifrx The following is emitted when using idxd DSA dmanegine as the data mover for ntbtransport that ntbnetdev uses. 74412.546922 BUG: using smpprocessorid in...

RHEL 8 : kernel-rt (RHSA-2024:4729)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:4729 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...

CVE-2024-40991

A vulnerability was found in the Linux kernel's DMA engine component due to an issue in the ofk3udmaglueparsechnbyid helper function. It incorrectly invoked the ofnodeput function on the udmaxnp device-node without first incrementing its reference count, which could lead to potential issues in...

CVE-2024-40956

A vulnerability was found in the Linux kernel's DMA engine component in the irqprocessworklist function. A possible use-after-free condition can occur during list iteration, which is because a descriptor may be freed while another thread is reusing it, potentially leading to access to freed memor...

CVE-2022-48774

In the Linux kernel, the following vulnerability has been resolved: dmaengine: ptdma: Fix the error handling path in ptcoreinit In order to free resources correctly in the error handling path of ptcoreinit, 2 goto's have to be switched. Otherwise, some resources will leak and we will try to relea...

DEBIAN-CVE-2022-48774

In the Linux kernel, the following vulnerability has been resolved: dmaengine: ptdma: Fix the error handling path in ptcoreinit In order to free resources correctly in the error handling path of ptcoreinit, 2 goto's have to be switched. Otherwise, some resources will leak and we will try to relea...

CVE-2022-48774

In the Linux kernel, the following vulnerability has been resolved: dmaengine: ptdma: Fix the error handling path in ptcoreinit In order to free resources correctly in the error handling path of ptcoreinit, 2 goto's have to be switched. Otherwise, some resources will leak and we will try to relea...

CVE-2022-48774 dmaengine: ptdma: Fix the error handling path in pt_core_init()

In the Linux kernel, the following vulnerability has been resolved: dmaengine: ptdma: Fix the error handling path in ptcoreinit In order to free resources correctly in the error handling path of ptcoreinit, 2 goto's have to be switched. Otherwise, some resources will leak and we will try to relea...

CVE-2022-48774

CVE-2022-48774 affects the Linux kernel dmaengine/ptdma path. The issue is in pt_core_init() where resource freeing in the error path could leak resources or release unallocated items. The fix switches two goto targets in the error handling path to ensure proper resource cleanup, and relocates a ...

CVE-2022-48774 dmaengine: ptdma: Fix the error handling path in pt_core_init()

In the Linux kernel, the following vulnerability has been resolved: dmaengine: ptdma: Fix the error handling path in ptcoreinit In order to free resources correctly in the error handling path of ptcoreinit, 2 goto's have to be switched. Otherwise, some resources will leak and we will try to relea...

CVE-2022-48774 dmaengine: ptdma: Fix the error handling path in pt_core_init()

In the Linux kernel, the following vulnerability has been resolved: dmaengine: ptdma: Fix the error handling path in ptcoreinit In order to free resources correctly in the error handling path of ptcoreinit, 2 goto's have to be switched. Otherwise, some resources will leak and we will try to relea...

SUSE CVE-2024-40986

In the Linux kernel, the following vulnerability has been resolved: dmaengine: xilinx: xdma: Fix data synchronisation in xdmachannelisr Requests the vchan lock before using xdma-stoprequest...

CVE-2024-40991

In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: k3-udma-glue: Fix ofk3udmaglueparsechnbyid The ofk3udmaglueparsechnbyid helper function erroneously invokes "ofnodeput" on the "udmaxnp" device-node passed to it, without having incremented its reference count at a...