161 matches found
CVE-2022-49157
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix premature hw access after PCI error After a recoverable PCI error has been detected and recovered, qla driver needs to check to see if the error condition still persist and/or wait for the OS to give the resume...
PT-2025-14363
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL pointer dereference error in the Linux kernel has been resolved. The issue occurred because devm kasprintf calls can return null pointers on failure, but the return values were no...
CVE-2025-21658
In the Linux kernel, the following vulnerability has been resolved: btrfs: avoid NULL pointer dereference if no valid extent tree BUG Syzbot reported a crash with the following call trace: BTRFS info device loop0: scrub: started on devid 1 BUG: kernel NULL pointer dereference, address:...
CVE-2024-57926
In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Set private-alldrmprivatei-drm to NULL if mtkdrmbind returns err The pointer need to be set to NULL, otherwise KASAN complains about use-after-free. Because in mtkdrmbind, all private's drm are set as follows...
CVE-2024-56616
In the Linux kernel, the following vulnerability has been resolved: drm/dpmst: Fix MST sideband message body length check Fix the MST sideband message body length check, which must be at least 1 byte accounting for the message body CRC aka message data CRC at the end of the message. This fixes a...
CVE-2024-56552
In the Linux kernel, the following vulnerability has been resolved: drm/xe/gucsubmit: fix race around suspendpending Currently in some testcases we can trigger: xe 0000:03:00.0: drm Assertion execqueuedestroyedq failed! .... WARNING: CPU: 18 PID: 2640 at drivers/gpu/drm/xe/xegucsubmit.c:1826...
CVE-2024-56607
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix atomic calls in ath12kmacopsetbitratemask When I try to manually set bitrates: iw wlan0 set bitrates legacy-2.4 1 I get sleeping from invalid context error, see below. Fix that by switching to use recently...
OESA-2024-2583 tinyxml security update
TinyXML parses an XML document, and builds from that a Document Object Model DOM that can be read, modified, and saved. XML is a very structured and convenient format. All those random file formats created to store application data can all be replaced with XML. One parser for everything. Security...
SUSE-SU-2024:4355-1 Security update for libsoup
This update for libsoup fixes the following issues: - CVE-2024-52530: Fixed HTTP request smuggling via stripping null bytes from the ends of header names bsc1233285 - CVE-2024-52531: Fixed buffer overflow via UTF-8 conversion in soupheaderparseparamliststrict bsc1233292 - CVE-2024-52532: Fixed...
CBL Mariner 2.0 Security Update: kernel (CVE-2024-47720)
"The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-47720 advisory. - In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null check for...
CVE-2024-53110
In the Linux kernel, the following vulnerability has been resolved: vpvdpa: fix idtable array not null terminated error Allocate one extra virtiodeviceid as null terminator, otherwise vdpamgmtdevgetclasses may iterate multiple times and visit undefined memory...
SUSE CVE-2024-50300
In the Linux kernel, the following vulnerability has been resolved: regulator: rtq2208: Fix uninitialized use of regulatorconfig Fix rtq2208 driver uninitialized use to cause kernel error...
Important: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: inet: inetdefrag: prevent sk release while still in use CVE-2024-26921 In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetpipapo: walk over current view on netlink dump...
Oracle Linux 7 / 8 / 9 : linux-firmware (ELSA-2024-12797)
The remote Oracle Linux 7 / 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12797 advisory. 20241003-999.35.git95bfe086.el8 - Rebase to latest upstream Orabug: 37132142 - Fix build error in ol7 due to linking in copy-firmware.sh Orabu...
linux-firmware security update
20241003-999.35.git95bfe086.el8 - Rebase to latest upstream Orabug: 37132142 - Fix build error in ol7 due to linking in copy-firmware.sh Orabug: 37132515 - Bring back drirectory structure qcom/sc8280xp Orabug: 37132142...
UBUNTU-CVE-2024-50035
In the Linux kernel, the following vulnerability has been resolved: ppp: fix pppasyncencode illegal access syzbot reported an issue in pppasyncencode 1 In this case, pppoesendmsg is called with a zero size. Then pppasyncencode is called with an empty skb. BUG: KMSAN: uninit-value in pppasyncencod...
CVE-2024-49977 net: stmmac: Fix zero-division error when disabling tc cbs
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: Fix zero-division error when disabling tc cbs The commit b8c43360f6e4 "net: stmmac: No need to calculate speed divider when offload is disabled" allows the "porttransmitratekbps" to be set to a value of 0, which is...
Security update for xen
This update for xen fixes the following issues: Security fixes: CVE-2024-31145: Fixed error handling in x86 IOMMU identity mapping XSA-460 bsc1228574 CVE-2024-31146: Fixed PCI device pass-through with shared resources XSA-461 bsc1228575 CVE-2024-45817: Fixed Deadlock in vlapicerror XSA-462...
CVE-2024-43878 xfrm: Fix input error path memory access
In the Linux kernel, the following vulnerability has been resolved: xfrm: Fix input error path memory access When there is a misconfiguration of input state slow path KASAN report error. Fix this error. west login: 52.987278 eth1: renamed from veth11 53.078814 eth1: renamed from veth21 53.181355...
Unbreakable Enterprise kernel security update
4.14.35-2047.539.5 - Revert 'mm/writeback: fix possible divide-by-zero in wbdirtylimits, again' Jan Kara - net/mlx5e: drop shorter ethernet frames Manjunath Patil Orabug: 36879158 CVE-2024-41090 CVE-2024-41091 4.14.35-2047.539.4 - Fix parsing error in UEK5 kernel-uek-spec Yifei Liu Orabug: 368471...