SUSE CVE-2021-47652

In the Linux kernel, the following vulnerability has been resolved: video: fbdev: smscufx: Fix null-ptr-deref in ufxusbprobe I got a null-ptr-deref report: BUG: kernel NULL pointer dereference, address: 0000000000000000 ... RIP: 0010:fbdestroymodelist+0x38/0x100 ... Call Trace:...

SUSE CVE-2022-49293

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: initialize registers in nftdochain Initialize registers to avoid stack leak into userspace...

CLSA-2025-1739525834 kernel: Fix of 24 CVEs

media: uvcvideo: Skip parsing frames of type UVCVSUNDEFINED in uvcparseformat CVE-2024-53104 - wifi: ath9k: add range check for connrspepid in htcconnectservice CVE-2024-53156 - xsk: fix OOB map writes when deleting elements CVE-2024-56614 - hvsock: Initializing vsk-trans to NULL to prevent a...

CVE-2024-57950

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Initialize denominator defaults to 1 WHAT & HOW Variables, used as denominators and maybe not assigned to other values, should be initialized to non-zero to avoid DIVIDEBYZERO, as reported by Coverity. cherry...

UBUNTU-CVE-2024-57950

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Initialize denominator defaults to 1 WHAT & HOW Variables, used as denominators and maybe not assigned to other values, should be initialized to non-zero to avoid DIVIDEBYZERO, as reported by Coverity. cherry...

CLSA-2025-1738672047 kernel: Fix of 15 CVEs

drm/amdgpu: add missing size check in amdgpudebugfsgprwaveread CVE-2024-50282 - drm/amdgpu: fix usage slab after free CVE-2024-56551 - Bluetooth: L2CAP: fix use-after-free in l2capconndel CVE-2022-3640 - netfilter: ipset: add missing range check in bitmapipuadt CVE-2024-53141 - ceph: prevent...

smb: Initialize cfid->tcon before performing network ops

...

DEBIAN-CVE-2024-57909

In the Linux kernel, the following vulnerability has been resolved: iio: light: bh1745: fix information leak in triggered buffer The 'scan' local struct is used to push data to user space from a triggered buffer, but it does not set values for inactive channels, as it only uses...

CVE-2024-57874 arm64: ptrace: fix partial SETREGSET for NT_ARM_TAGGED_ADDR_CTRL

In the Linux kernel, the following vulnerability has been resolved: arm64: ptrace: fix partial SETREGSET for NTARMTAGGEDADDRCTRL Currently taggedaddrctrlset doesn't initialize the temporary 'ctrl' variable, and a SETREGSET call with a length of zero will leave this uninitialized. Consequently...

SUSE CVE-2024-56641

In the Linux kernel, the following vulnerability has been resolved: net/smc: initialize closework early to avoid warning We encountered a warning that closework was canceled before initialization. WARNING: CPU: 7 PID: 111103 at kernel/workqueue.c:3047 flushwork+0x19e/0x1b0 Workqueue: events...

PT-2026-2876

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to the initialization of the cpu tasks array. The issue occurs because the array is not initialized statically, leading to potential crashes whe...

PT-2026-2891

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the drm/i915/gem subsystem related to the initialization of the eb.vma array within the i915 gem do execbuffer function. Specifically, the eb.vma arra...

SUSE CVE-2024-56676

In the Linux kernel, the following vulnerability has been resolved: thermal: testing: Initialize some variables annoteded with free Variables annotated with free need to be initialized if the function can return before they get updated for the first time or the attempt to free the memory pointed ...

CVE-2024-56676 thermal: testing: Initialize some variables annoteded with _free()

In the Linux kernel, the following vulnerability has been resolved: thermal: testing: Initialize some variables annoteded with free Variables annotated with free need to be initialized if the function can return before they get updated for the first time or the attempt to free the memory pointed ...

DEBIAN-CVE-2024-56641

In the Linux kernel, the following vulnerability has been resolved: net/smc: initialize closework early to avoid warning We encountered a warning that closework was canceled before initialization. WARNING: CPU: 7 PID: 111103 at kernel/workqueue.c:3047 flushwork+0x19e/0x1b0 Workqueue: events...

UBUNTU-CVE-2024-56630

In the Linux kernel, the following vulnerability has been resolved: ocfs2: free inode when ocfs2getinitinode fails syzbot is reporting busy inodes after unmount, for commit 9c89fe0af826 "ocfs2: Handle error from dquotinitialize" forgot to call iput when newinode succeeded and dquotinitialize fail...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2023-52524: Fixed possible corruption in nfc/llcp bsc1220927. CVE-2024-49925: fbdev: efifb: Register sysfs groups through driver core bsc1232224 CVE-2024-50089:...

SUSE CVE-2024-53101

In the Linux kernel, the following vulnerability has been resolved: fs: Fix uninitialized value issue in fromkuid and fromkgid ocfs2setattr uses attr-iamode, attr-iauid and attr-iagid in a trace point even though ATTRMODE, ATTRUID and ATTRGID aren't set. Initialize all fields of newattrs to avoid...

DEBIAN-CVE-2024-53101

In the Linux kernel, the following vulnerability has been resolved: fs: Fix uninitialized value issue in fromkuid and fromkgid ocfs2setattr uses attr-iamode, attr-iauid and attr-iagid in a trace point even though ATTRMODE, ATTRUID and ATTRGID aren't set. Initialize all fields of newattrs to avoid...

CVE-2024-50302

In the Linux kernel, the following vulnerability has been resolved: HID: core: zero-initialize the report buffer Since the report buffer is used by all kinds of drivers in various ways, let's zero-initialize it during allocation to make sure that it can't be ever used to leak kernel memory via...