SUSE-SU-2025:0885-1 Security update for the Linux Kernel RT (Live Patch 2 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-150600108 fixes several issues. The following security issues were fixed: - CVE-2024-46818: drm/amd/display: Check gpioid before used as array index bsc1231204. - CVE-2024-46815: drm/amd/display: Check numvalidsets before accessing readerwmsets bsc1231196. -...

CVE-2025-21850

In the Linux kernel, the following vulnerability has been resolved: nvmet: Fix crash when a namespace is disabled The namespace percpu counter protects pending I/O, and we can only safely diable the namespace once the counter drop to zero. Otherwise we end up with a crash when running...

Linux Distros Unpatched Vulnerability : CVE-2022-49264

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - exec: Force single empty string when argv is empty Quoting1 Ariadne Conill: In several other operating systems, it is a hard requirement that the second argumen...

Linux Distros Unpatched Vulnerability : CVE-2024-42123

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/amdgpu: fix double free erraddr pointer warnings In amdgpuumcbadpagepollingtimeout, the amdgpuumchandlebadpages will be run many times so that double free...

CVE-2022-49626

In CVE-2022-49626, the Linux kernel sfc (Solarflare) driver had a use-after-free: vf->pci_dev could be freed during pci_disable_sriov and later read in efx_ef10_sriov_free_vf_vswitching. The root cause is reading a freed vf->pci_dev in the SR-IOV disable path. A patch fixes this by setting ...

CVE-2022-49079 btrfs: zoned: traverse devices under chunk_mutex in btrfs_can_activate_zone

In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: traverse devices under chunkmutex in btrfscanactivatezone btrfscanactivatezone can be called with the devicelistmutex already held, which will lead to a deadlock: insertdevextents // Takes devicelistmutex -...

CVE-2025-21648

CVE-2025-21648 affects the Linux kernel netfilter conntrack code. The vulnerability arises from the hashtable resize path where the maximum size could exceed practical limits, risking a WARN_ON_ONCE in __kvmalloc_node_noprof() when __GFP_NOWARN is unset. The fix clamps the conntrack hashtable siz...

SUSE-SU-2024:4376-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2021-47594: mptcp: never allow the PM to close a listener subflow bsc1226560. - CVE-2022-48983: iouring: Fix a null-ptr-deref in iotctxexitcb bsc1231959. -...

CVE-2024-46761 pci/hotplug/pnv_php: Fix hotplug driver crash on Powernv

In the Linux kernel, the following vulnerability has been resolved: pci/hotplug/pnvphp: Fix hotplug driver crash on Powernv The hotplug driver for powerpc pci/hotplug/pnvphp.c causes a kernel crash when we try to hot-unplug/disable the PCIe switch/bridge from the PHB. The crash occurs because...

CVE-2024-26746 dmaengine: idxd: Ensure safe user copy of completion record

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Ensure safe user copy of completion record If CONFIGHARDENEDUSERCOPY is enabled, copying completion record from event log cache to user triggers a kernel bug. 1987.159822 usercopy: Kernel memory exposure attempt...

CVE-2024-26636 llc: make llc_ui_sendmsg() more robust against bonding changes

In the Linux kernel, the following vulnerability has been resolved: llc: make llcuisendmsg more robust against bonding changes syzbot was able to trick llcuisendmsg, allocating an skb with no headroom, but subsequently trying to push 14 bytes of Ethernet header 1 Like some others, llcuisendmsg...

kernel security and bug fix update

2.6.32-754.OL6 - Update genkey bug 25599697 2.6.32-754 - powerpc 64s: Add support for a store forwarding barrier at kernel entry/exit Mauricio Oliveira 1581053 CVE-2018-3639 - x86 amd: Disable AMD SSBD mitigation in a VM Waiman Long 1580360 - x86 specctrl: Fix late microcode problem with AMD Waim...

CVE-2018-5824

In CVE-2018-5824, Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android on CAF-based Linux kernels prior to the 2018-04-05 patch level are vulnerable to a buffer overflow when processing HTT_T2H_MSG_TYPE_RX_FLUSH or HTT_T2H_MSG_TYPE_RX_PN_IND messages if the firmware tid value is out of r...

SUSE-SU-2017:3304-1 Security update for the Linux Kernel (Live Patch 18 for SLE 12)

This update for the Linux Kernel 3.12.60-5263 fixes several issues. The following security issues were fixed: - CVE-2017-16939: The XFRM dump policy implementation in net/xfrm/xfrmuser.c allowed local users to gain privileges or cause a denial of service use-after-free via a crafted SORCVBUF...

Updated kernel and kmod packages fixes security vulnerabilities

This kernel update is based on upstream 4.4.50 and fixes at least the following security issues: The cgroup offline implementation in the Linux kernel through 4.8.11 mishandles certain drain operations, which allows local users to cause a denial of service system hang by leveraging access to a...