SUSE SLES15 Security Update : kernel (SUSE-SU-2024:2896-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2896-1 advisory. The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to receive various security bugfixes. The following security bugs were...

CVE-2024-41014 xfs: add bounds checking to xlog_recover_process_data

In the Linux kernel, the following vulnerability has been resolved: xfs: add bounds checking to xlogrecoverprocessdata There is a lack of verification of the space occupied by fixed members of xlogopheader in the xlogrecoverprocessdata. We can create a crafted image to trigger an out of bounds re...

CVE-2024-41014

The CVE CVE-2024-41014 affects the Linux kernel (xfs) and is caused by insufficient bounds checking in xlog_recover_process_data, specifically verifying the space for fixed members of xlog_op_header. A crafted XFS image can trigger an out-of-bounds read by altering the xlog_op_header and xlog_rec...

CVE-2024-41014 xfs: add bounds checking to xlog_recover_process_data

In the Linux kernel, the following vulnerability has been resolved: xfs: add bounds checking to xlogrecoverprocessdata There is a lack of verification of the space occupied by fixed members of xlogopheader in the xlogrecoverprocessdata. We can create a crafted image to trigger an out of bounds re...

CVE-2024-41014

In the Linux kernel, the following vulnerability has been resolved: xfs: add bounds checking to xlogrecoverprocessdata There is a lack of verification of the space occupied by fixed members of xlogopheader in the xlogrecoverprocessdata. We can create a crafted image to trigger an out of bounds re...

SUSE CVE-2024-39472

In the Linux kernel, the following vulnerability has been resolved: xfs: fix log recovery buffer allocation for the legacy hsize fixup Commit a70f9fe52daa "xfs: detect and handle invalid iclog size set by mkfs" added a fixup for incorrect hsize values used for the initial umount record in old...

AZL-43251 CVE-2024-39472 affecting package kernel for versions less than 6.6.47.1-1

In the Linux kernel, the following vulnerability has been resolved: xfs: fix log recovery buffer allocation for the legacy hsize fixup Commit a70f9fe52daa "xfs: detect and handle invalid iclog size set by mkfs" added a fixup for incorrect hsize values used for the initial umount record in old...

CVE-2024-39472

In the Linux kernel, the following vulnerability has been resolved: xfs: fix log recovery buffer allocation for the legacy hsize fixup Commit a70f9fe52daa "xfs: detect and handle invalid iclog size set by mkfs" added a fixup for incorrect hsize values used for the initial umount record in old...

CVE-2024-39472 xfs: fix log recovery buffer allocation for the legacy h_size fixup

In the Linux kernel, the following vulnerability has been resolved: xfs: fix log recovery buffer allocation for the legacy hsize fixup Commit a70f9fe52daa "xfs: detect and handle invalid iclog size set by mkfs" added a fixup for incorrect hsize values used for the initial umount record in old...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the use of incorrect hsize values...