SUSE-SU-2026:0029-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-50280: pnode: terminate at peers of source bsc1249806. - CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in liotargetnaclinfoshow bsc1251786. -...

Linux Distros Unpatched Vulnerability : CVE-2023-54281

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - btrfs: release path before inode lookup during the ino lookup ioctl During the ino lookup ioctl we can end up calling btrfsiget to get an inode reference while ...

CVE-2023-54180

In the Linux kernel, the following vulnerability has been resolved: btrfs: handle case when repair happens with dev-replace BUG There is a bug report that a BUGON in btrfsrepairiofailure originally repairiofailure in v6.0 kernel got triggered when replacing a unreliable disk: BTRFS warning device...

SUSE CVE-2023-54182

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to check readonly condition correctly With below case, it can mount multi-device image w/ rw option, however one of secondary device is set as ro, later update will cause panic, so let's introduce f2fsdevisreadonly, and...

SUSE CVE-2023-54313

In the Linux kernel, the following vulnerability has been resolved: ovl: fix null pointer dereference in ovlgetaclrcu Following process: P1 P2 pathopenat linkpathwalk maylookup inodepermissionrcu ovlpermission aclpermissioncheck checkacl getcachedaclrcu ovlgetinodeacl realinode =...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992834)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992834 advisory. In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix NULL pointer dereference in isftracetrampoline when ftrace is dead ftracestartup does...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992796)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992796 advisory. In the Linux kernel, the following vulnerability has been resolved: efistub/tpm: Use ACPI reclaim memory for event log to avoid corruption The TPM event log table is...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992992)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992992 advisory. In the Linux kernel, the following vulnerability has been resolved: media: cx88: Fix a null-ptr-deref bug in bufferprepare When the driver calls cx88riscbuffer to...

Linux Distros Unpatched Vulnerability : CVE-2022-50884

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm: Prevent drmcopyfield to attempt copying a NULL pointer There are some struct drmdriver fields that are required by drivers since drmcopyfield attempts to...

EUVD-2023-60398

In the Linux kernel, the following vulnerability has been resolved: netfilter: ebtables: fix table blob use-after-free We are not allowed to return an error at this point. Looking at the code it looks like ret is always 0 at this point, but its not. t = findtablelocknet, repl-name, &ret, &ebtmute...

CVE-2023-54180

In the Linux kernel, the following vulnerability has been resolved: btrfs: handle case when repair happens with dev-replace BUG There is a bug report that a BUGON in btrfsrepairiofailure originally repairiofailure in v6.0 kernel got triggered when replacing a unreliable disk: BTRFS warning device...

CVE-2023-54180

In the Linux kernel, the following vulnerability has been resolved: btrfs: handle case when repair happens with dev-replace BUG There is a bug report that a BUGON in btrfsrepairiofailure originally repairiofailure in v6.0 kernel got triggered when replacing a unreliable disk: BTRFS warning device...

CVE-2023-54193

In the Linux kernel, the following vulnerability has been resolved: net/sched: clsapi: remove blockcb from driverlist before freeing Error handler of tcfblockbind frees the whole bo-cblist on error. However, by that time the flowblockcb instances are already in the driver list because driver...

UBUNTU-CVE-2022-50873

In the Linux kernel, the following vulnerability has been resolved: vdpa/vpvdpa: fix kfree a wrong pointer in vpvdparemove In vpvdparemove, the code kfree&vpvdpamgtdev-mgtdev.idtable uses a reference of pointer as the argument of kfree, which is the wrong pointer and then may hit crash like this:...

CVE-2022-50814

In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/zip - fix mismatch in get/set sglsgenr KASAN reported this Bug: 17619.659757 BUG: KASAN: global-out-of-bounds in paramgetint+0x34/0x60 17619.673193 Read of size 4 at addr fffff01332d7ed00 by task readall/1507958...

CVE-2023-54253 btrfs: set page extent mapped after read_folio in relocate_one_page

In the Linux kernel, the following vulnerability has been resolved: btrfs: set page extent mapped after readfolio in relocateonepage One of the CI runs triggered the following panic assertion failed: PagePrivatepage && page-private, in fs/btrfs/subpage.c:229 ------------ cut here ------------...

CVE-2022-50841

CVE-2022-50841 affects the Linux kernel, specifically ntfs3 attribute-size handling. The vulnerability arises from an overflow when adding offset during MFT attribute parsing, allowing an attribute with a very large size (e.g., 0xffffff7f) to bypass the used-size check and potentially trigger out...

CVE-2023-54180 btrfs: handle case when repair happens with dev-replace

In the Linux kernel, the following vulnerability has been resolved: btrfs: handle case when repair happens with dev-replace BUG There is a bug report that a BUGON in btrfsrepairiofailure originally repairiofailure in v6.0 kernel got triggered when replacing a unreliable disk: BTRFS warning device...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-992402)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992402 advisory. In the Linux kernel, the following vulnerability has been resolved: ubi: ensure that VID header offset + VID header size dumpstack lib/dumpstack.c:88 inline...

CVE-2023-54068

In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: fix to call f2fswaitonpagewriteback in f2fswriterawpages BUGON will be triggered when writing files concurrently, because the same page is writtenback multiple times. 1597 void folioendwritebackstruct folio folio...