CLSA-2025-1738663660 kernel: Fix of 11 CVEs

ELF: fix kernel.randomizevaspace double read CVE-2024-46826 - smb: client: fix UAF in async decryption CVE-2024-50047 - net: do not delay dstentriesadd in dstrelease CVE-2024-50036 - net: atlantic: eliminate double free in error handling logic CVE-2023-52664 - smb: client: fix potential UAF in...

Ubuntu 18.04 LTS : Linux kernel (HWE) vulnerabilities (USN-7234-2)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7234-2 advisory. Ye Zhang and Nicolas Wu discovered that the iouring subsystem in the Linux kernel did not properly handle locking for rings with IOPOLL, leading to a...

SUSE SLES15 Security Update : kernel (Live Patch 10 for SLE 15 SP5) (SUSE-SU-2025:0158-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0158-1 advisory. This update for the Linux Kernel 5.14.21-1505005549 fixes several issues. The following security issues were fixed: - CVE-2024-50264:...

Ubuntu 18.04 LTS : Linux kernel (Azure) vulnerabilities (USN-7195-2)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7195-2 advisory. Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereferenc...

Oracle Linux 8 : kernel (ELSA-2025-0065)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-0065 advisory. - mptcp: cope racing subflow creation in mptcprcvspaceadjust Davide Caratti RHEL-69667 CVE-2024-53122 - i40e: fix race condition by adding filter's...

Ubuntu: Security Advisory (USN-7169-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Linux 8 : kernel (ELSA-2024-10943)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-10943 advisory. - irqchip/gic-v4: Correctly deal with setaffinity on lazily-mapped VPEs Charles Mirabile RHEL-66965 CVE-2024-50192 - irqchip/gic-v4: Don't allow a VMO...

Ubuntu 24.04 LTS : Linux kernel vulnerabilities (USN-7089-5)

The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7089-5 advisory. Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kernel did not properly check for the device to be enabled before writing. A local...

USN-6865-1 linux, linux-aws, linux-kvm, linux-lts-xenial vulnerabilities

It was discovered that the ext4 file system implementation in the Linux kernel did not properly validate data state on write operations. An attacker could use this to construct a malicious ext4 file system image that, when mounted, could cause a denial of service system crash. CVE-2021-33631 It w...

SUSE-SU-2023:1971-1 Security update for the Linux Kernel (Live Patch 28 for SLE 12 SP4)

This update for the Linux Kernel 4.12.14-95102 fixes several issues. The following security issues were fixed: - CVE-2023-0590: Fixed race condition in qdiscgraft bsc1207795. - CVE-2023-1118: Fixed a use-after-free bugs caused by enetxirqsim in media/rc bsc1208837. - CVE-2022-2991: Fixed an...

USN-6007-1 linux-gcp vulnerabilities

It was discovered that the Upper Level Protocol ULP subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execut...

About the security content of iOS 13 - Apple Support

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. Apple security documents reference...

About the security content of watchOS 4.3.1

About the security content of watchOS 4.3.1 This document describes the security content of watchOS 4.3.1. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are...

SUSE-SU-2017:0983-1 Security update for xen

This update for xen to version 4.7.2 fixes the following issues: These security issues were fixed: - CVE-2017-7228: Broken check in memoryexchange permited PV guest breakout bsc1030442. - XSA-206: Unprivileged guests issuing writes to xenstore were able to stall progress of the control domain or...

RHEL 6 : rhev-hypervisor6 (RHSA-2014:0815)

An updated rhev-hypervisor6 package that fixes several security issues is now available. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available for each...

RHEL 6 : rhev-hypervisor6 (RHSA-2014:1168)

The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2014:1168 advisory. The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization...

Moderate: Red Hat Security Advisory: rhev-hypervisor6 security and bug fix update

An updated rhev-hypervisor6 package that fixes one security issue is now available. The Red Hat Security Response Team has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available from the CVE...

Apple Releases Apple TV 6.0, Fixes 50+ Bugs

After a botched software update over the weekend, Apple re-released version 6.0 of its Apple TV product last night, replete with the requisite bells and whistles but not without a slew of security updates and bug fixes. 57 bugs in total are addressed in 6.0; the third update the digital media...

Important: Red Hat Security Advisory: rhev-hypervisor6 security and bug fix update

An updated rhev-hypervisor6 package that fixes two security issues and various bugs is now available. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

CVE-2012-4544

The PV domain builder in Xen 4.2 and earlier does not validate the size of the kernel or ramdisk 1 before or 2 after decompression, which allows local guest administrators to cause a denial of service domain 0 memory consumption via a crafted a kernel or b ramdisk...