Unbreakable Enterprise kernel security update

5.15.0-206.153.7 - mmc: core: Initialize mmcblkiocdata Mikko Rapeli - ahci: asm1064: asm1166: don't limit reported ports Conrad Kostecki - mmc: core: Fix switch on gp3 partition Dominique Martinet - Drivers: hv: vmbus: Calculate ring buffer size for more efficient use of memory Michael Kelley -...

Unbreakable Enterprise kernel security update

4.14.35-2047.535.2.1 - netfilter: nftables: reject QUEUE/DROP verdict parameters Florian Westphal Orabug: 36467681 CVE-2024-1086 4.14.35-2047.535.2 - Fix null ptr in rdstcprecvpath Allison Henderson Orabug: 33499812 - LTS version: v4.14.338 Saeed Mirzamohammadi - crypto: scompress - initialize...

CVE-2024-26798 fbcon: always restore the old font data in fbcon_do_set_font()

In the Linux kernel, the following vulnerability has been resolved: fbcon: always restore the old font data in fbcondosetfont Commit a5a923038d70 fbdev: fbcon: Properly revert changes when vcresize failed started restoring old font data upon failure of vcresize. But it performs so only for user...

CVE-2024-26778

In the Linux kernel, the following vulnerability has been resolved: fbdev: savage: Error out if pixclock equals zero The userspace program could pass any values to the driver through ioctl interface. If the driver doesn't check the value of pixclock, it may cause divide-by-zero error. Although...

CVE-2024-26778

In the Linux kernel, the following vulnerability has been resolved: fbdev: savage: Error out if pixclock equals zero The userspace program could pass any values to the driver through ioctl interface. If the driver doesn't check the value of pixclock, it may cause divide-by-zero error. Although...

DEBIAN-CVE-2024-26778

In the Linux kernel, the following vulnerability has been resolved: fbdev: savage: Error out if pixclock equals zero The userspace program could pass any values to the driver through ioctl interface. If the driver doesn't check the value of pixclock, it may cause divide-by-zero error. Although...

CVE-2024-26777

In the Linux kernel, the following vulnerability has been resolved: fbdev: sis: Error out if pixclock equals zero The userspace program could pass any values to the driver through ioctl interface. If the driver doesn't check the value of pixclock, it may cause divide-by-zero error. In...

UBUNTU-CVE-2024-26777

In the Linux kernel, the following vulnerability has been resolved: fbdev: sis: Error out if pixclock equals zero The userspace program could pass any values to the driver through ioctl interface. If the driver doesn't check the value of pixclock, it may cause divide-by-zero error. In...

CVE-2024-26778 fbdev: savage: Error out if pixclock equals zero

In the Linux kernel, the following vulnerability has been resolved: fbdev: savage: Error out if pixclock equals zero The userspace program could pass any values to the driver through ioctl interface. If the driver doesn't check the value of pixclock, it may cause divide-by-zero error. Although...

CVE-2024-26778 fbdev: savage: Error out if pixclock equals zero

In the Linux kernel, the following vulnerability has been resolved: fbdev: savage: Error out if pixclock equals zero The userspace program could pass any values to the driver through ioctl interface. If the driver doesn't check the value of pixclock, it may cause divide-by-zero error. Although...

CVE-2024-26778

In the Linux kernel, the following vulnerability has been resolved: fbdev: savage: Error out if pixclock equals zero The userspace program could pass any values to the driver through ioctl interface. If the driver doesn't check the value of pixclock, it may cause divide-by-zero error. Although...

CVE-2024-26778

CVE-2024-26778 concerns a flaw in the Linux kernel fbdev sav age driver (savage) where an unchecked pixclock input to ioctl() can cause a divide-by-zero. The advisory notes that pixclock is partly validated in savagefb_decode_var() but not sufficiently in savagefb_probe(); the fix introduces a ch...

CVE-2024-26777 fbdev: sis: Error out if pixclock equals zero

In the Linux kernel, the following vulnerability has been resolved: fbdev: sis: Error out if pixclock equals zero The userspace program could pass any values to the driver through ioctl interface. If the driver doesn't check the value of pixclock, it may cause divide-by-zero error. In...

CVE-2024-26777 fbdev: sis: Error out if pixclock equals zero

In the Linux kernel, the following vulnerability has been resolved: fbdev: sis: Error out if pixclock equals zero The userspace program could pass any values to the driver through ioctl interface. If the driver doesn't check the value of pixclock, it may cause divide-by-zero error. In...

CVE-2024-26777

CVE-2024-26777 concerns Linux kernel fbdev drivers (sis and savage) where pixclock may be used as a divisor before being validated, enabling a divide-by-zero error via user-supplied ioctl values. The root cause is that pixclock is used in calculations (e.g., drate) before a zero check, with fixes...

CVE-2024-26777

In the Linux kernel, the following vulnerability has been resolved: fbdev: sis: Error out if pixclock equals zero The userspace program could pass any values to the driver through ioctl interface. If the driver doesn't check the value of pixclock, it may cause divide-by-zero error. In...

CVE-2024-26777 fbdev: sis: Error out if pixclock equals zero

In the Linux kernel, the following vulnerability has been resolved: fbdev: sis: Error out if pixclock equals zero The userspace program could pass any values to the driver through ioctl interface. If the driver doesn't check the value of pixclock, it may cause divide-by-zero error. In...

CentOS 7 : kernel (RHSA-2024:1249)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1249 advisory. - There are use-after-free vulnerabilities in the Linux kernel's net/bluetooth/l2capcore.c's l2capconnect and l2capleconnectreq functions which may all...

RHEL 8 : kernel (RHSA-2024:1268)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1268 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: nftables:...

kernel: drm/i915: Fix system suspend without fbdev being initialized

A NULL pointer dereference was found in the Linux kernel Intel i915 graphics driver's framebuffer device suspend handling. On platforms without display hardware where fbdev is not initialized, a local user with privileges to initiate system suspend can trigger the suspend path, causing the driver...