RHSA-2025:4509 Red Hat Security Advisory: kernel security update

Bulletin has no description...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Azure Linux 3.0 Security Update: kernel (CVE-2024-57951)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-57951 advisory. - In the Linux kernel, the following vulnerability has been resolved: hrtimers: Handle CPU state correctly on...

Azure Linux 3.0 Security Update: kernel (CVE-2024-57911)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-57911 advisory. - In the Linux kernel, the following vulnerability has been resolved: iio: dummy: iiosimplydummybuffer: fix...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

CVE-2024-57834 affecting package kernel for versions less than 5.15.179.1-1

CVE-2024-57834 affecting package kernel for versions less than 5.15.179.1-1. A patched version of the package is available...

CVE-2024-58098

The CVE-2024-58098 issue affects the Linux kernel BPF verifier, specifically the logic tracking changes_pkt_data for global sub-programs. When verifiers process calls to helpers, pointers may be invalidated inconsistently between callers and global sub-programs, making certain programs unsafe (e....

SUSE-SU-2025:1463-1 Security update for the Linux Kernel (Live Patch 48 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059174 fixes several issues. The following security issues were fixed: - CVE-2024-50205: ALSA: firewire-lib: Avoid division by zero in applyconstrainttosize bsc1233294. - CVE-2024-56650: netfilter: xtables: fix LED ID check in ledtgcheck bsc1235431...

ksmbd: fix use-after-free in ksmbd_free_work_struct

...

net: davicom: fix UAF in dm9000_drv_remove

...

RHEL 9 : kernel (RHSA-2025:4469)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:4469 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: nvme-tcp: fix potential memory corrupti...

CVE-2023-53080

In the Linux kernel, the following vulnerability has been resolved: xsk: Add missing overflow check in xdpumemreg The number of chunks can overflow u32. Make sure to return -EINVAL on overflow. Also remove a redundant u32 cast assigning umem-npgs...

CVE-2023-53055

In the Linux kernel, the following vulnerability has been resolved: fscrypt: destroy keyring after securitysbdelete fscryptdestroykeyring must be called after all potentially-encrypted inodes were evicted; otherwise it cannot safely destroy the keyring. Since inodes that are in-use by the Landloc...

CVE-2023-53071

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: do not run mt76unregisterdevice on unregistered hw Trying to probe a mt7921e pci card without firmware results in a successful probe where ieee80211registerhw hasn't been called. When removing the driver,...

CVE-2023-53058

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: E-Switch, Fix an Oops in error handling code The error handling dereferences "vport". There is nothing we can do if it is an error pointer except returning the error code...

CVE-2022-49932

In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Do all initialization before exposing /dev/kvm to userspace Call kvminit only after all setup is complete, as kvminit exposes /dev/kvm to userspace and thus allows userspace to create VMs and call other ioctls. E.g. KVM...

CVE-2023-53135 riscv: Use READ_ONCE_NOCHECK in imprecise unwinding stack mode

In the Linux kernel, the following vulnerability has been resolved: riscv: Use READONCENOCHECK in imprecise unwinding stack mode When CONFIGFRAMEPOINTER is unset, the stack unwinding function walkstackframe randomly reads the stack and then, when KASAN is enabled, it can lead to the following...

CVE-2023-53134

In the Linux kernel, the following vulnerability has been resolved: bnxten: Avoid order-5 memory allocation for TPA data The driver needs to keep track of all the possible concurrent TPA GRO/LRO completions on the aggregation ring. On P5 chips, the maximum number of concurrent TPA is 256 and the...

CVE-2023-53109

In the Linux kernel, the following vulnerability has been resolved: net: tunnels: annotate lockless accesses to dev-neededheadroom IP tunnels can apparently update dev-neededheadroom in their xmit path. This patch takes care of three tunnels xmit, and also the core LLRESERVEDSPACE and...

CVE-2023-53107

In the Linux kernel, the following vulnerability has been resolved: veth: Fix use after free in XDPREDIRECT Commit 718a18a0c8a6 "veth: Rework vethxdprcvskb in order to accept non-linear skb" introduced a bug where it tried to use pskbexpandhead if the headroom was less than XDPPACKETHEADROOM. Thi...