SUSE-SU-2024:1288-1 Security update for the Linux Kernel (Live Patch 16 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-1504002481 fixes several issues. The following security issues were fixed: - CVE-2024-0565: Fixed an out-of-bounds memory read flaw in receiveencryptedstandard in fs/smb/client/smb2ops.c bsc1219078. - CVE-2023-42753: Fixed an array indexing vulnerability i...

SUSE-SU-2024:1278-1 Security update for the Linux Kernel (Live Patch 10 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005549 fixes one issue. The following security issue was fixed: - CVE-2023-52340: Fixed ICMPv6 “Packet Too Big” packets force a DoS of the Linux kernel by forcing 100% CPU bsc1219296...

SUSE-SU-2024:1276-1 Security update for the Linux Kernel (Live Patch 42 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059153 fixes several issues. The following security issues were fixed: - CVE-2023-6531: Fixed a use-after-free flaw due to a race problem in the unix garbage collector's deletion of SKB races with unixstreamreadgenericon the socket that the SKB is queu...

SUSE-SU-2024:1257-1 Security update for the Linux Kernel (Live Patch 40 for SLE 15 SP2)

This update for the Linux Kernel 5.3.18-15020024163 fixes several issues. The following security issues were fixed: - CVE-2024-0565: Fixed an out-of-bounds memory read flaw in receiveencryptedstandard in fs/smb/client/smb2ops.c bsc1219078. - CVE-2023-42753: Fixed an array indexing vulnerability i...

CVE-2021-47181

In the Linux kernel, the following vulnerability has been resolved: usb: musb: tusb6010: check return value after calling platformgetresource It will cause null-ptr-deref if platformgetresource returns NULL, we need check the return value...

CVE-2024-23851 affecting package kernel for versions less than 5.15.153.1-1

CVE-2024-23851 affecting package kernel for versions less than 5.15.153.1-1. A patched version of the package is available...

SUSE-SU-2024:1153-1 Security update for the Linux Kernel (Live Patch 40 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122150 fixes one issue. The following security issue was fixed: - CVE-2023-51779: Fixed a use-after-free because of a btsockioctl race condition in btsockrecvmsg bsc1218610...

CVE-2024-26780 af_unix: Fix task hung while purging oob_skb in GC.

In the Linux kernel, the following vulnerability has been resolved: afunix: Fix task hung while purging oobskb in GC. syzbot reported a task hung; at the same time, GC was looping infinitely in listforeachentrysafe for OOB skb. 0 syzbot demonstrated that the listforeachentrysafe was not actually...

CVE-2024-26746 dmaengine: idxd: Ensure safe user copy of completion record

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Ensure safe user copy of completion record If CONFIGHARDENEDUSERCOPY is enabled, copying completion record from event log cache to user triggers a kernel bug. 1987.159822 usercopy: Kernel memory exposure attempt...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a security issue in netlink skbdatagramiter...

CVE-2024-26763 dm-crypt: don't modify the data when using authenticated encryption

In the Linux kernel, the following vulnerability has been resolved: dm-crypt: don't modify the data when using authenticated encryption It was said that authenticated encryption could produce invalid tag when the data that is being encrypted is modified 1. So, fix this problem by copying the data...

CVE-2024-26723

In the Linux kernel, the following vulnerability has been resolved: lan966x: Fix crash when adding interface under a lag There is a crash when adding one of the lan966x interfaces under a lag interface. The issue can be reproduced like this: ip link add name bond0 type bond miimon 100 mode...

OESA-2024-1353 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Don't advance iterator after restart due to yielding After dropping mmulock in the TDP MMU, restart the iterator during tdpiternext and do not...

OESA-2024-1346 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: i2c: xiic: fix reference leak when pmruntimegetsync fails The PM reference count is not expected to be incremented on return in xiicxfer and xiici2cremove...

SUSE-SU-2024:1025-1 Security update for the Linux Kernel (Live Patch 47 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122173 fixes one issue. The following security issue was fixed: - CVE-2023-51779: Fixed a use-after-free because of a btsockioctl race condition in btsockrecvmsg bsc1218610...

SUSE-SU-2024:1017-1 Security update for the Linux Kernel (Live Patch 33 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059124 fixes several issues. The following security issues were fixed: - CVE-2023-6531: Fixed a use-after-free flaw due to a race problem in the unix garbage collector's deletion of SKB races with unixstreamreadgenericon the socket that the SKB is queu...

Linux Kernel nft_exthdr_ipv6_eval Stack-based Buffer Overflow Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of the Linux Kernel. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

CVE-2021-47177

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix sysfs leak in allociommu iommudevicesysfsadd is called before, so is has to be cleaned on subsequent errors...

kernel: ktls overwrites readonly memory pages when using function splice with a ktls socket as destination

An out-of-bounds memory write flaw was found in the Linux kernel’s Transport Layer Security functionality in how a user calls a function splice with a ktls socket as the destination. This flaw allows a local user to crash or potentially escalate their privileges on the system...

CVE-2024-26635

In the Linux kernel, the following vulnerability has been resolved: llc: Drop support for ETHPTR8022. syzbot reported an uninit-value bug below. 0 llc supports ETHP8022 0x0004 and used to support ETHPTR8022 0x0011, and syzbot abused the latter to trigger the bug. write$tunr0,...