Security update for the Linux Kernel (Live Patch 47 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059170 fixes several issues. The following security issues were fixed: CVE-2024-36971: Fixed dstnegativeadvice race bsc1226324. CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. CVE-2022-48956: ipv6...

PT-2025-18425

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak issue has been identified in the Linux kernel, specifically in the ath12k wifi module. The issue occurs when the ath12k pci remove function fails to free allocated firmware...

SUSE CVE-2024-57933

In the Linux kernel, the following vulnerability has been resolved: gve: guard XSK operations on the existence of queues This patch predicates the enabling and disabling of XSK pools on the existence of queues. As it stands, if the interface is down, disabling or enabling XSK pools would result i...

CVE-2025-21656 hwmon: (drivetemp) Fix driver producing garbage data when SCSI errors occur

In the Linux kernel, the following vulnerability has been resolved: hwmon: drivetemp Fix driver producing garbage data when SCSI errors occur scsiexecutecmd function can return both negative linux codes and positive scsicmnd result field error codes. Currently the driver just passes error codes o...

CVE-2025-21656

CVE-2025-21656 is a Linux kernel issue in topology printing (cpumap) where the vsnprintf-based formatting could mutate the cpumask during output, leading to inconsistent core visibility in the printed cpumap. The fix keeps the cpumask unchanged by caching it to a temporary variable before printin...

CVE-2024-57937

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2024-57922 drm/amd/display: Add check for granularity in dml ceil/floor helpers

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add check for granularity in dml ceil/floor helpers Why Wrapper functions for dcnbwceil2 and dcnbwfloor2 should check for granularity is non zero to avoid assert and divide-by-zero error in dcnbw functions. How A...

Security update for the Linux Kernel (Live Patch 44 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059161 fixes several issues. The following security issues were fixed: CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. CVE-2022-48956: ipv6: avoid use-after-free in ip6fragment bsc1232637...

SUSE CVE-2024-57903

In the Linux kernel, the following vulnerability has been resolved: net: restrict SOREUSEPORT to inet sockets After blamed commit, crypto sockets could accidentally be destroyed from RCU call back, as spotted by zyzbot 1. Trying to acquire a mutex in RCU callback is not allowed. Restrict...

CVE-2024-57903

CVE-2024-57903 is a Linux kernel vulnerability affecting the net module: SO_REUSEPORT was restricted to inet sockets after a blamed commit. The issue could involve destroying crypto sockets via an RCU callback and attempted mutex acquisition within that context. The description notes that the pat...

SUSE CVE-2024-53682

In the Linux kernel, the following vulnerability has been resolved: regulator: axp20x: AXP717: set rampdelay AXP717 datasheet says that regulator ramp delay is 15.625 us/step, which is 10mV in our case. Add a AXPDESCRANGESDELAY macro and update AXPDESCRANGES macro to expand to AXPDESCRANGESDELAY...

CVE-2024-57878 arm64: ptrace: fix partial SETREGSET for NT_ARM_FPMR

In the Linux kernel, the following vulnerability has been resolved: arm64: ptrace: fix partial SETREGSET for NTARMFPMR Currently fpmrset doesn't initialize the temporary 'fpmr' variable, and a SETREGSET call with a length of zero will leave this uninitialized. Consequently an arbitrary value will...

CVE-2024-57809 PCI: imx6: Fix suspend/resume support on i.MX6QDL

In the Linux kernel, the following vulnerability has been resolved: PCI: imx6: Fix suspend/resume support on i.MX6QDL The suspend/resume functionality is currently broken on the i.MX6QDL platform, as documented in the NXP errata ERR005723: https://www.nxp.com/docs/en/errata/IMX6DQCE.pdf This patc...

CVE-2024-47809

CVE-2024-47809 (Linux kernel) fixes a possible NULL pointer dereference in the DLM code path when a lock block (lkb) is created but the lkb_resource is not yet assigned (until attach_lkb via validate_lock_args). The issue could occur when request_lock() calls, potentially exposing a crash; anothe...

RHEL 9 : kpatch-patch-5_14_0-427_13_1, kpatch-patch-5_14_0-427_31_1, and kpatch-patch-5_14_0-427_44_1 (RHSA-2025:0052)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:0052 advisory. This is a kernel live patch module which can be loaded by the kpatch command line utility to modify the code of a running kernel. This patch module i...

RHEL 8 : kpatch-patch-4_18_0-477_43_1, kpatch-patch-4_18_0-477_67_1, and kpatch-patch-4_18_0-477_81_1 (RHSA-2025:0051)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:0051 advisory. This is a kernel live patch module which can be loaded by the kpatch command line utility to modify the code of a running kernel. This patch module i...

AZL-55343 CVE-2024-56783 affecting package kernel for versions less than 6.6.76.1-1

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsocket: remove WARNONONCE on maximum cgroup level cgroup maximum depth is INTMAX by default, there is a cgroup toggle to restrict this maximum depth to a more reasonable value not to harm performance. Remove...

UBUNTU-CVE-2024-56780

In the Linux kernel, the following vulnerability has been resolved: quota: flush quotareleasework upon quota writeback One of the paths quota writeback is called from is: freezesuper syncfilesystem ext4syncfs dquotwritebackdquots Since we currently don't always flush the quotareleasework queue in...

SUSE CVE-2024-56619

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential out-of-bounds memory access in nilfsfindentry Syzbot reported that when searching for records in a directory where the inode's isize is corrupted and has a large value, memory access outside the folio/page...

PT-2026-2898

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to the octeontx2-pf driver. The issue involves a shift-out-of-bounds error triggered when users provide small or zero ring sizes through the...