Security update for

This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.7.28 fixes various security issues The following security issues were fixed: CVE-2025-68284: libceph: prevent potential out-of-bounds writes in handleauthsessionkey bsc1255378. CVE-2025-68285: libceph: fix potential use-after-free in...

CLSA-2026-1773045484 kernel: Fix of 28 CVEs

fix: dm: fix dmblkreportzones CVE-2025-38141 - ice: Fix a null pointer dereference in icecopyandinitpkg CVE-2025-38664 - qed: Don't collect too many protection override GRC elements CVE-2025-39949 - drm/amd/display: Avoid a NULL pointer dereference CVE-2025-39693 - iommu/amd/pgtbl: Fix possible...

Security update for the Linux Kernel (Live Patch 5 for SUSE Linux Enterprise 15 SP7)

This update for the SUSE Linux Enterprise kernel 6.4.0-150700.53.19 fixes various security issues The following security issues were fixed: CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in liotargetnaclinfoshow bsc1251787. CVE-2025-40204: sctp: Fix MAC comparison to be constant-time...

EUVD-2018-17655

Malware in sbrugna...

EUVD-2022-54912

Malicious code in bioql PyPI...

Security update for the Linux Kernel (Live Patch 60 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122228 fixes several issues. The following security issues were fixed: CVE-2024-49860: ACPI: sysfs: validate return type of STR method bsc1231862. CVE-2025-38177: schhfsc: make hfscqlennotify idempotent bsc1246356. CVE-2025-38181: calipso: Fix null-ptr-der...

CVE-2025-38208 affecting package kernel for versions less than 6.6.96.1-1

CVE-2025-38208 affecting package kernel for versions less than 6.6.96.1-1. A patched version of the package is available...

CVE-2025-38051 affecting package kernel for versions less than 6.6.96.1-1

CVE-2025-38051 affecting package kernel for versions less than 6.6.96.1-1. A patched version of the package is available...

Linux Distros Unpatched Vulnerability : CVE-2017-18075

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto/pcrypt.c in the Linux kernel before 4.14.13 mishandles freeing instances, allowing a local user able to access the AFALG-based AEAD interface...

CVE-2025-38461

In the Linux kernel, the following vulnerability has been resolved: vsock: Fix transport TOCTOU Transport assignment may race with module unload. Protect newtransport from becoming a stale pointer. This also takes care of an insecure call in vsockuselocaltransport; add a lockdep assert. BUG: unab...

CVE-2025-38353

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix taking invalid lock on wedge If device wedges on e.g. GuC upload, the submission is not yet enabled and the state is not even initialized. Protect the wedge call so it does nothing in this case. It fixes the following...

CVE-2025-38319

In the Linux kernel, the following vulnerability has been resolved: drm/amd/pp: Fix potential NULL pointer dereference in atomctrlinitializemcregtable The function atomctrlinitializemcregtable and atomctrlinitializemcregtablev22 does not check the return value of smuatomgetdatatable. If...

CVE-2022-50050

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda: Fix potential buffer overflow by snprintf snprintf returns the would-be-filled size when the string overflows the given buffer size, hence using this value may result in the buffer overflow although it's...

CVE-2022-49985 bpf: Don't use tnum_range on array range checking for poke descriptors

In the Linux kernel, the following vulnerability has been resolved: bpf: Don't use tnumrange on array range checking for poke descriptors Hsin-Wei reported a KASAN splat triggered by their BPF runtime fuzzer which is based on a customized syzkaller: BUG: KASAN: slab-out-of-bounds in...

SUSE-SU-2025:01893-1 Security update for the Linux Kernel (Live Patch 23 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005594 fixes several issues. The following security issues were fixed: - CVE-2022-49080: mm/mempolicy: fix mpolnew leak in sharedpolicyreplace bsc1238324. - CVE-2024-58013: Bluetooth: MGMT: Fix slab-use-after-free Read in mgmtremoveadvmonitorsync...

Security update for the Linux Kernel RT (Live Patch 5 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506001017 fixes several issues. The following security issues were fixed: CVE-2024-53042: ipv4: iptunnel: Fix suspicious RCU usage warning in iptunnelinitflow bsc1233678. CVE-2024-53156: wifi: ath9k: add range check for connrspepid in htcconnectservice...

Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-150600105 fixes several issues. The following security issues were fixed: CVE-2024-53042: ipv4: iptunnel: Fix suspicious RCU usage warning in iptunnelinitflow bsc1233678. CVE-2024-53156: wifi: ath9k: add range check for connrspepid in htcconnectservice...

CVE-2024-57834 affecting package kernel for versions less than 5.15.179.1-1

CVE-2024-57834 affecting package kernel for versions less than 5.15.179.1-1. A patched version of the package is available...

CVE-2022-49859 net: lapbether: fix issue of invalid opcode in lapbeth_open()

In the Linux kernel, the following vulnerability has been resolved: net: lapbether: fix issue of invalid opcode in lapbethopen If lapbregister failed when lapb device goes to up for the first time, the NAPI is not disabled. As a result, the invalid opcode issue is reported when the lapb device go...

CVE-2025-21936 Bluetooth: Add check for mgmt_alloc_skb() in mgmt_device_connected()

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Add check for mgmtallocskb in mgmtdeviceconnected Add check for the return value of mgmtallocskb in mgmtdeviceconnected to prevent null pointer dereference...