SUSE-SU-2024:0925-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2021-47078: Fixed a bug by clearing all QP fields if creation failed bsc1220863 - CVE-2021-47076: Fixed a bug by returning CQE error if invalid lkey was supplied...

CVE-2024-26636 llc: make llc_ui_sendmsg() more robust against bonding changes

In the Linux kernel, the following vulnerability has been resolved: llc: make llcuisendmsg more robust against bonding changes syzbot was able to trick llcuisendmsg, allocating an skb with no headroom, but subsequently trying to push 14 bytes of Ethernet header 1 Like some others, llcuisendmsg...

CVE-2021-47128 bpf, lockdown, audit: Fix buggy SELinux lockdown permission checks

In the Linux kernel, the following vulnerability has been resolved: bpf, lockdown, audit: Fix buggy SELinux lockdown permission checks Commit 59438b46471a "security,lockdown,selinux: implement SELinux lockdown" added an implementation of the lockeddown LSM hook to SELinux, with the aim to restric...

OESA-2024-1282 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: uio: Fix use-after-free in uioopen core-1 core-2 ------------------------------------------------------- uiounregisterdevice uioopen idev = idrfind...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. A security vulnerability exists in the Linux kernel that stems from an error in the ice module...

SUSE-SU-2024:0900-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2023-6270: Fixed a use-after-free issue in aoecmdcfgpkts bsc1218562. - CVE-2023-52463: Fixed null pointer dereference in efivarfs bsc1220328. - CVE-2023-52559:...

kernel: ktls overwrites readonly memory pages when using function splice with a ktls socket as destination

An out-of-bounds memory write flaw was found in the Linux kernel’s Transport Layer Security functionality in how a user calls a function splice with a ktls socket as the destination. This flaw allows a local user to crash or potentially escalate their privileges on the system...

CVE-2024-26611

In the Linux kernel, the following vulnerability has been resolved: xsk: fix usage of multi-buffer BPF helpers for ZC XDP Currently when packet is shrunk via bpfxdpadjusttail and memory type is set to MEMTYPEXSKBUFFPOOL, null ptr dereference happens: 1136314.192256 BUG: kernel NULL pointer...

OESA-2024-1260 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: A vulnerability was reported in the Open vSwitch sub-component in the Linux Kernel. The flaw occurs when a recursive operation of code push recursively calls into the code block. The OVS module does not validate the stack depth,...

CVE-2024-26627 scsi: core: Move scsi_host_busy() out of host lock for waking up EH handler

In the Linux kernel, the following vulnerability has been resolved: scsi: core: Move scsihostbusy out of host lock for waking up EH handler Inside scsiehwakeup, scsihostbusy is called & checked with host lock every time for deciding if error handler kthread needs to be waken up. This can be too...

CVE-2024-26627

CVE-2024-26627 concerns the Linux kernel SCSI subsystem. The issue arises from calling and checking scsi_host_busy() with host locks during scsi_eh_wakeup(), which can serialize recovery when N hardware queues and queue depth M are large, leading to heavy overhead and, in worst cases, a hard lock...

CVE-2024-26625 llc: call sock_orphan() at release time

In the Linux kernel, the following vulnerability has been resolved: llc: call sockorphan at release time syzbot reported an interesting trace 1 caused by a stale sk-skwq pointer in a closed llc socket. In commit ff7b11aa481f "net: socket: set sock-sk to NULL after calling protoops::release" Eric...

CVE-2021-47103

In the Linux kernel, the following vulnerability has been resolved: inet: fully convert sk-skrxdst to RCU rules syzbot reported various issues around early demux, one being included in this changelog 1 sk-skrxdst is using RCU protection without clearly documenting it. And following sequences in...

CVE-2021-47088

In the Linux kernel, the following vulnerability has been resolved: mm/damon/dbgfs: protect targets destructions with kdamondlock DAMON debugfs interface iterates current monitoring targets in 'dbgfstargetidsread' while holding the corresponding 'kdamondlock'. However, it also destructs the...

openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2023:3656-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2023:0147-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-52573 net: rds: Fix possible NULL-pointer dereference

In the Linux kernel, the following vulnerability has been resolved: net: rds: Fix possible NULL-pointer dereference In rdsrdmacmeventhandlercmn check, if conn pointer exists before dereferencing it as rdmasetservicetype argument Found by Linux Verification Center linuxtesting.org with SVACE...

CVE-2023-52518 Bluetooth: hci_codec: Fix leaking content of local_codecs

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcicodec: Fix leaking content of localcodecs The following memory leak can be observed when the controller supports codecs which are stored in localcodecs list but the elements are never freed: unreferenced object...

SUSE-SU-2024:0695-1 Security update for the Linux Kernel (Live Patch 41 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059150 fixes one issue. The following security issue was fixed: - CVE-2023-1829: Fixed a use-after-free vulnerability in the control index filter bsc1210619...

CVE-2021-47052

In the Linux kernel, the following vulnerability has been resolved: crypto: sa2ul - Fix memory leak of rxd There are two error return paths that are not freeing rxd and causing memory leaks. Fix these. Addresses-Coverity: "Resource leak"...