Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes. The Linux Enterprise 12 SP5 kernel turned LTSS Extended Security The following security bugs were fixed: CVE-2021-46936: Fixed use-after-free in twtimerhandler bsc1220439. CVE-2021-47163: kABI fix for tipc:...

Unbreakable Enterprise kernel security update

4.1.12-124.92.3 - memcgwriteeventcontrol: fix a user-triggerable oops Al Viro Orabug: 37070674 CVE-2024-45021 - ocfs2: fix races between hole punching and AIO+DIO Su Yue Orabug: 36835819 CVE-2024-40943 4.1.12-124.92.2 - fbdev: savage: Handle err return when savagefbcheckvar failed Cai Xinchen...

ALSA-2024:10274 Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: bpf: Fix overrunning reservations in ringbuf CVE-2024-41009 kernel: USB: serial: mos7840: fix crash on resume CVE-2024-42244 kernel: cxl/port: Fix use-after-free, permit out-of-order...

CVE-2024-53091 bpf: Add sk_is_inet and IS_ICSK check in tls_sw_has_ctx_tx/rx

In the Linux kernel, the following vulnerability has been resolved: bpf: Add skisinet and ISICSK check in tlsswhasctxtx/rx As the introduction of the support for vsock and unix sockets in sockmap, tlsswhasctxtx/rx cannot presume the socket passed in must be ISICSK. vsock and afunix sockets have...

Unspecified vulnerability in Linux kernel (CNVD-2024-46458)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a VM dma-resv lock release on xesyncinfenceget failure. No detailed vulnerability details are provided at th...

Unspecified vulnerability in Linux kernel (CNVD-2024-46457)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel suffers from a security vulnerability that stems from memory reuse after release. No details of the vulnerability are provided at this time...

Unspecified vulnerability in Linux kernel (CNVD-2024-46416)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel suffers from a security vulnerability that stems from a null pointer dereference. No details of the vulnerability are provided at this time...

USN-7121-2: Linux kernel (Azure) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - S390 architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - ATM...

Unbreakable Enterprise kernel security update

5.15.0-300.163.18.7 - Revert 'net/mlx5: disable the 'fast unload' feature on Exadata systems' Qing Huang Orabug: 37285705 - Revert 'net/mlx5: pretend 'fast unload' succeeded on Exadata systems' Qing Huang Orabug: 37285705 5.15.0-300.163.18.6 - x86/fpu: Keep xfdstate in sync with MSRIA32XFD Adamos...

CVE-2024-50301

In the Linux kernel, the following vulnerability has been resolved: security/keys: fix slab-out-of-bounds in keytaskpermission KASAN reports an out of bounds read: BUG: KASAN: slab-out-of-bounds in kuidval include/linux/uidgid.h:36 BUG: KASAN: slab-out-of-bounds in uideq include/linux/uidgid.h:63...

AZL-53766 CVE-2024-50287 affecting package kernel for versions less than 5.15.173.1-1

In the Linux kernel, the following vulnerability has been resolved: media: v4l2-tpg: prevent the risk of a division by zero As reported by Coverity, the logic at tpgprecalculateline blindly rescales the buffer even when scaledwitdh is equal to zero. If this ever happens, this will cause a divisio...

CVE-2024-50283 ksmbd: fix slab-use-after-free in smb3_preauth_hash_rsp

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab-use-after-free in smb3preauthhashrsp ksmbdusersessionput should be called under smb3preauthhashrsp. It will avoid freeing session before calling smb3preauthhashrsp...

CVE-2023-52921 drm/amdgpu: fix possible UAF in amdgpu_cs_pass1()

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix possible UAF in amdgpucspass1 Since the gangsize check is outside of chunk parsing loop, we need to reset i before we free the chunk data. Suggested by Ye Zhang @VAR10CK of Baidu Security...

kernel security update

5.14.0-503.14.15.OL9 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...

CVE-2024-34729

In multiple locations, there is a possible arbitrary code execution due to a logic error in the code. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation...

kernel: drm/radeon: fix UBSAN warning in kv_dpm.c

A vulnerability was found in the Linux kernel's DRM/Radeon driver, specifically in the sumovidmappingentry within the kvdpm.c file. Insufficient bounds checking can lead to memory corruption...

kernel: lz4: fix LZ4_decompress_safe_partial read out of bound

In the Linux kernel, the following vulnerability has been resolved: lz4: fix LZ4decompresssafepartial read out of bound When partialDecoding, it is EOF if we've either filled the output buffer or can't proceed with reading an offset for following match. In some extreme corner cases when compresse...

kernel: dyndbg: fix old BUG_ON in >control parser

In the Linux kernel, the following vulnerability has been resolved: dyndbg: fix old BUGON in control parser The Linux kernel CVE team has assigned CVE-2024-35947 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024051952-CVE-2024-35947-09bb@gregkh/T...

kernel: RDMA/mlx5: Fix fortify source warning while accessing Eth segment

A flaw was found in the Linux kernel's mlx5 InfiniBand driver. Certain scenarios could lead to a use-after-free issue, potentially allowing an attacker to escalate their privileges or affect system integrity or stability...

Moderate: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...