UBUNTU-CVE-2024-36979

In the Linux kernel, the following vulnerability has been resolved: net: bridge: mst: fix vlan use-after-free syzbot reported a suspicious rcu usage1 in bridge's mst code. While fixing it I noticed that nothing prevents a vlan to be freed while walking the list from the same path br forward delay...

CVE-2024-38601 ring-buffer: Fix a race between readers and resize checks

In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Fix a race between readers and resize checks The reader code in rbgetreaderpage swaps a new reader page into the ring buffer by doing cmpxchg on old-list.prev-next to point it to the new page. Following that, if the...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a null pointer dereference...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a null pointer dereference...

OPENSUSE-SU-2024:13245-1 kernel-devel-6.5.4-1.1 on GA media

These are all security issues fixed in the kernel-devel-6.5.4-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:13660-1 kernel-devel-6.7.4-1.1 on GA media

These are all security issues fixed in the kernel-devel-6.7.4-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:11910-1 kernel-devel-5.16.14-1.1 on GA media

These are all security issues fixed in the kernel-devel-5.16.14-1.1 package on the GA media of openSUSE Tumbleweed...

OESA-2024-1707 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix use-after-free of encap entry in neigh update handler Function mlx5erepneighupdate wasn't updated to accommodate rtnl lock removal from TC filter...

OESA-2024-1705 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: net: cdceem: fix tx fixup skb leak when usbnet transmit a skb, eem fixup it in eemtxfixup, if skbcopyexpand failed, it return NULL, usbnetstartxmit will have no...

Moderate: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

DEBIAN-CVE-2024-36960

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix invalid reads in fence signaled events Correctly set the length of the drmevent to the size of the structure that's actually used. The length of the drmevent was set to the parent structure instead of to the...

OESA-2024-1677 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: ep0: fix NULL pointer exception There is no validation of the index from dwc3wIndextodep and we might be referring a non-existing ep and trigger a NUL...

Medium: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: x86/alternatives: Disable KASAN in applyalternatives CVE-2023-52504 A null pointer dereference flaw was found in the hugetlbfsfillsuper function in the Linux kernel hugetlbfs HugeTLB pages functionality. This issu...

SUSE CVE-2023-52779

In the Linux kernel, the following vulnerability has been resolved: fs: Pass ATGETATTRNOSEC flag to getattr interface function When vfsgetattrnosec calls a filesystem's getattr interface function then the 'nosec' should propagate into this function so that vfsgetattrnosec can again be called from...

kernel security and bug fix update

5.14.0-427.18.14.OL9 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...

ALSA-2024:3306 Moderate: kernel security and bug fix update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: netfilter: nftables: mark set as dead when unbinding anonymous set with timeout CVE-2024-26643 kernel: netfilter: nftables: disallow anonymous set with timeout flag CVE-2024-26642 kernel:...

kernel security, bug fix, and enhancement update

4.18.0-553.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and shim-x...

SUSE-SU-2024:1751-1 Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-15050053 fixes several issues. The following security issues were fixed: - CVE-2023-6931: Fixed a heap out-of-bounds write vulnerability in perfreadgroup bsc1216644. - CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi bsc1221302. - CVE-2022-48651:...

kernel: smb: client: fix potential OOBs in smb2_parse_contexts()

A flaw was found in the smb client in the Linux kernel. A potential out-of-bounds error was seen in the smb2parsecontexts function. Validate offsets and lengths before dereferencing create contexts in smb2parsecontexts...

DEBIAN-CVE-2023-52798

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix dfs radar event locking The ath11k active pdevs are protected by RCU but the DFS radar event handling code calling ath11kmacgetarbypdevid was not marked as a read-side critical section. Mark the code in question...