SUSE CVE-2025-38685

In the Linux kernel, the following vulnerability has been resolved: fbdev: Fix vmalloc out-of-bounds write in fastimageblit This issue triggers when a userspace program does an ioctl FBIOPUTCON2FBMAP by passing console number and frame buffer number. Ideally this maps console to frame buffer and...

Security update for the Linux Kernel (Live Patch 54 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122201 fixes several issues. The following security issues were fixed: CVE-2022-48686: Fixed UAF when detecting digest errors bsc1226337. CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. CVE-2022-48956...

Security update for the Linux Kernel (Live Patch 44 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059161 fixes several issues. The following security issues were fixed: CVE-2021-47598: schcake: do not call cakedestroy from cakeinit bsc1227471. CVE-2023-52752: smb: client: fix use-after-free bug in cifsdebugdataprocshow bsc1225819. CVE-2024-35862:...

Security update for the Linux Kernel (Live Patch 47 for SLE 15 SP2)

This update for the Linux Kernel 5.3.18-15020024188 fixes several issues. The following security issues were fixed: CVE-2021-47600: dm btree remove: fix use after free in rebalancechildren bsc1227472. CVE-2021-47598: schcake: do not call cakedestroy from cakeinit bsc1227471. CVE-2023-52752: smb:...

kernel: tty: Fix out-of-bound vmalloc access in imageblit

A vulnerability was found in the Linux kernel's tty subsystem within the imageblit function when a userspace program performs an ioctl operation with the FBIOPUTVSCREENINFO command, passing a fbvarscreeninfo structure with limited fields. If the structure’s values remain unchanged from a previous...