CVE-2022-49092

CVE-2022-49092 concerns a Linux kernel net/ipv4 routing issue where deleting a route that points to a nexthop ID (without nhid) triggers a warning in fib_nh_match when a nexthop object is present. The root cause is a match operation on a fib_info with a nexthop object; the fix is to skip such mat...

CVE-2022-49079 btrfs: zoned: traverse devices under chunk_mutex in btrfs_can_activate_zone

In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: traverse devices under chunkmutex in btrfscanactivatezone btrfscanactivatezone can be called with the devicelistmutex already held, which will lead to a deadlock: insertdevextents // Takes devicelistmutex -...

CVE-2022-49075 btrfs: fix qgroup reserve overflow the qgroup limit

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix qgroup reserve overflow the qgroup limit We use extentchangeset-byteschanged in qgroupreservedata to record how many bytes we set for EXTENTQGROUPRESERVED state. Currently the byteschanged is set as "unsigned int", and...

CVE-2022-49075

CVE-2022-49075 : In the Linux kernel, a qgroup reserve overflow in btrfs can occur when fallocate spans more than 4 GiB. The root cause is that extent_changeset->bytes_changed is stored as an unsigned int, causing overflow and potentially breaking the qgroup limit. The advisory notes that regu...

CVE-2022-49069 drm/amd/display: Fix by adding FPU protection for dcn30_internal_validate_bw

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix by adding FPU protection for dcn30internalvalidatebw Why Below general protection fault observed when WebGL Aquarium is run for longer duration. If drm debug logs are enabled and set to 0x1f then the issue is...

CVE-2022-49067 powerpc: Fix virt_addr_valid() for 64-bit Book3E & 32-bit

In the Linux kernel, the following vulnerability has been resolved: powerpc: Fix virtaddrvalid for 64-bit Book3E & 32-bit mpe: On 64-bit Book3E vmalloc space starts at 0x8000000000000000. Because of the way pa works we have: pa0x8000000000000000 == 0, and therefore virttopfn0x8000000000000000 == ...

CVE-2022-49059

In the Linux kernel, the following vulnerability has been resolved: nfc: nci: add flushworkqueue to prevent uaf Our detector found a concurrent use-after-free bug when detaching an NCI device. The main reason for this bug is the unexpected scheduling between the used delayed mechanism timer and...

CVE-2022-49053 scsi: target: tcmu: Fix possible page UAF

In the Linux kernel, the following vulnerability has been resolved: scsi: target: tcmu: Fix possible page UAF tcmutrygetdatapage looks up pages under cmdrlock, but it does not take refcount properly and just returns page pointer. When tcmutrygetdatapage returns, the returned page may have been...

CVE-2021-47642

CVE-2021-47642: in the Linux kernel’s video fbdev/nvidiafb path, a fixed-size buffer overrun could occur by copying a channel name with strcpy into chan->adapter.name. The defect arises from copying into a 48-char buffer without length checks; fix is to use strscpy() to prevent overflows. The ...

CVE-2021-47639 KVM: x86/mmu: Zap _all_ roots when unmapping gfn range in TDP MMU

In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Zap all roots when unmapping gfn range in TDP MMU Zap both valid and invalid roots when zapping/unmapping a gfn range, as KVM must ensure it holds no references to the freed page after returning from the unmap...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not clearing all roots when unmapping gfn ranges in the TDP MMU...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that originates from out-of-bounds access in the aqc111rxfixup function...

USN-7234-5: Linux kernel vulnerabilities

Ye Zhang and Nicolas Wu discovered that the iouring subsystem in the Linux kernel did not properly handle locking for rings with IOPOLL, leading to a double-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code...

Siemens SIMATIC Devices Linux Kernel Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2022-3545)

A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability is the function areacacheget of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfpcppcore.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a...

LSN-0109-1 Kernel Live Patch Security Notice

In the Linux kernel, the following vulnerability has been resolved: tls: fix use-after-free on failed backlog decryption When the decrypt request goes to the backlog and cryptoaeaddecrypt returns -EBUSY, tlsdodecryption will wait until all async decryptions have completed. If one of them fails,...

Moderate: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

Moderate: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: mm: migrate: fix getting incorrect page mapping during page migration CVE-2023-52490 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and...

SUSE SLES15 Security Update : kernel (SUSE-SU-2025:0576-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0576-1 advisory. The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: -...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.17.17 bug fix and security update

Red Hat OpenShift Container Platform release 4.17.17 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.17. Red Hat Product Security has rated this update as having a...