DEBIAN-CVE-2022-49204

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix more uncharged while msg has moredata In tcpbpfsendverdict, if msg has more data after tcpbpfsendmsgredir: tcpbpfsendverdict tosend = msg-sg.size //msg-sg.size = 22220 case SKREDIRECT: skmsgreturn //uncharged...

DEBIAN-CVE-2022-49049

In the Linux kernel, the following vulnerability has been resolved: mm/secretmem: fix panic when growing a memfdsecret When one tries to grow an existing memfdsecret with ftruncate, one gets a panic 1. For example, doing the following reliably induces the panic: fd = memfdsecret; ftruncatefd, 10;...

UBUNTU-CVE-2022-49073

In the Linux kernel, the following vulnerability has been resolved: ata: satadwc460ex: Fix crash due to OOB write the driver uses libata's "tag" values from in various arrays. Since the mentioned patch bumped the ATATAGINTERNAL to 32, the value of the SATADWCQCMDMAX needs to account for that...

CVE-2022-49711 bus: fsl-mc-bus: fix KASAN use-after-free in fsl_mc_bus_remove()

In the Linux kernel, the following vulnerability has been resolved: bus: fsl-mc-bus: fix KASAN use-after-free in fslmcbusremove In fslmcbusremove, mc-rootmcbusdev-mcio is passed to fsldestroymcio. However, mc-rootmcbusdev is already freed in fslmcdeviceremove. Then reference to mc-rootmcbusdev-mc...

CVE-2022-49711

In the Linux kernel, the following vulnerability has been resolved: bus: fsl-mc-bus: fix KASAN use-after-free in fslmcbusremove In fslmcbusremove, mc-rootmcbusdev-mcio is passed to fsldestroymcio. However, mc-rootmcbusdev is already freed in fslmcdeviceremove. Then reference to mc-rootmcbusdev-mc...

CVE-2022-49640

The CVE-2022-49640 issue affects the Linux kernel’s sysctl path, specifically proc_douintvec_minmax(). A concurrent access to a sysctl variable led to potential data races; the fix patches the function to use READ_ONCE() and WRITE_ONCE() internally, addressing the data-race on the sysctl side. Th...

CVE-2022-49641 sysctl: Fix data races in proc_douintvec().

In the Linux kernel, the following vulnerability has been resolved: sysctl: Fix data races in procdouintvec. A sysctl variable is accessed concurrently, and there is always a chance of data-race. So, all readers and writers need some basic protection to avoid load/store-tearing. This patch change...

CVE-2022-49583 iavf: Fix handling of dummy receive descriptors

In the Linux kernel, the following vulnerability has been resolved: iavf: Fix handling of dummy receive descriptors Fix memory leak caused by not handling dummy receive descriptor properly. iavfgetrxbuffer now sets the rxbuffer return value for dummy receive descriptors. Without this patch, when...

CVE-2022-49489

CVE-2022-49489 details (NORMAL mode) Affects the Linux kernel component: drm/msm/disp/dpu1. The issue arises from set vbif hw config to NULL to avoid use-after-free during PM runtime resume in the DPU, leading to an Unable to handle kernel paging request crash (illustrated by the call trace inclu...

CVE-2022-49444 module: fix [e_shstrndx].sh_size=0 OOB access

In the Linux kernel, the following vulnerability has been resolved: module: fix eshstrndx.shsize=0 OOB access It is trivial to craft a module to trigger OOB access in this line: if info-secstringsstrhdr-shsize - 1 != '\0' BUG: unable to handle page fault for address: ffffc90000aa0fff PGD 10000006...

CVE-2022-49182 net: hns3: add vlan list lock to protect vlan list

In the Linux kernel, the following vulnerability has been resolved: net: hns3: add vlan list lock to protect vlan list When adding port base VLAN, vf VLAN need to remove from HW and modify the vlan state in vf VLAN list as false. If the periodicity task is freeing the same node, it may cause "use...

CVE-2022-49176 bfq: fix use-after-free in bfq_dispatch_request

In the Linux kernel, the following vulnerability has been resolved: bfq: fix use-after-free in bfqdispatchrequest KASAN reports a use-after-free report when doing normal scsi-mq test 69832.239032 ================================================================== 69832.241810 BUG: KASAN:...

CVE-2021-47633

CVE-2021-47633 is described in connected documents as a Linux kernel flaw in the ath5k driver where, during EEPROM parsing (ath5k_eeprom_read_pcal_info_5111), an out-of-bounds write could occur when no curve is selected in a loop, allowing idx to reach AR5K_EEPROM_N_PD_CURVES and causing pd to be...

Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506002314 fixes several issues. The following security issues were fixed: CVE-2024-36974: net/sched: taprio: always validate TCATAPRIOATTRPRIOMAP bsc1227371. CVE-2024-53104: media: uvcvideo: Skip parsing frames of type UVCVSUNDEFINED in uvcparseformat...

SUSE CVE-2023-0045

The current implementation of the prctl syscall does not issue an IBPB immediately during the syscall. The ibprctlset function updates the Thread Information Flags TIFs for the task and updates the SPECCTRL MSR on the function speculationctrlupdate, but the IBPB is only issued on the next schedul...

SUSE CVE-2023-52499

In the Linux kernel, the following vulnerability has been resolved: powerpc/47x: Fix 47x syscall return crash Eddie reported that newer kernels were crashing during boot on his 476 FSP2 system: kernel tried to execute user page b7ee2000 - exploit attempt? uid: 0 BUG: Unable to handle kernel...

Azure Linux 3.0 Security Update: kernel (CVE-2024-49903)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-49903 advisory. - In the Linux kernel, the following vulnerability has been resolved: jfs: Fix uaf in dbFreeBits syzbot report...

drm/rockchip: vop: Fix a dereferenced before check warning

...

drm/sti: avoid potential dereference of error pointers

...

Security update for the Linux Kernel (Live Patch 22 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024103 fixes one issue. The following security issue was fixed: CVE-2024-36971: Fixed dstnegativeadvice race bsc1226324. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...