SUSE-SU-2023:2822-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2023-3090: Fixed a heap out-of-bounds write in the ipvlan network driver bsc1212842. - CVE-2023-3111: Fixed a use-after-free vulnerability in preparetoreloca...

CVE-2023-21400

In multiple functions of iouring.c, there is a possible kernel memory corruption due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation...

OESA-2023-1394 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: An out-of-bounds read vulnerability was found in the SR-IPv6 implementation in the Linux kernel. Quoting ZDI security advisory 1: "This vulnerability allows local attackers to disclose sensitive information on affected...

SUSE-SU-2023:0145-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-4662: Fixed a recursive locking violation in usb-storage that can cause the kernel to deadlock. bsc1206664 - CVE-2022-3564: Fixed a bug which could lead...

Medium: kernel

Issue Overview: 2023-07-06: The severity level was changed from important to medium. A flaw was found in the handling of stack expansion in the Linux kernel 6.1 through 6.4, aka "Stack Rot". The maple tree, responsible for managing virtual memory areas, can undergo node replacement without proper...

SUSE-SU-2023:2782-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2023-35828: Fixed a use-after-free flaw inside renesasusb3remove in drivers/usb/gadget/udc/renesasusb3.c bsc1212513. - CVE-2023-35823: Fixed a...

SUSE-SU-2023:2741-1 Security update for the Linux Kernel (Live Patch 22 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-1503005987 fixes several issues. The following security issues were fixed: - CVE-2022-4744: Fixed double-free that could lead to DoS or privilege escalation in TUN/TAP device driver functionality bsc1209672. - CVE-2023-23455: Fixed a denial of service insid...

SUSE-SU-2023:2735-1 Security update for the Linux Kernel (Live Patch 3 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-1504002421 fixes several issues. The following security issues were fixed: - CVE-2023-23455: Fixed a denial of service inside atmtcenqueue in net/sched/schatm.c because of type confusion non-negative numbers can sometimes indicate a TCACTSHOT condition...

SUSE-SU-2023:2714-1 Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-1504002418 fixes several issues. The following security issues were fixed: - CVE-2022-4744: Fixed double-free that could lead to DoS or privilege escalation in TUN/TAP device driver functionality bsc1209672. - CVE-2023-23455: Fixed a denial of service insi...

SUSE-SU-2023:2703-1 Security update for the Linux Kernel (Live Patch 8 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-1504002446 fixes several issues. The following security issues were fixed: - CVE-2023-31436: Fixed an out-of-bounds write in qfqchangeclass because lmax can exceed QFQMINLMAX bsc1210989. - CVE-2023-28466: Fixed race condition that could lead to...

SUSE-SU-2023:2701-1 Security update for the Linux Kernel (Live Patch 30 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059115 fixes several issues. The following security issues were fixed: - CVE-2022-4744: Fixed double-free that could lead to DoS or privilege escalation in TUN/TAP device driver functionality bsc1209672. - CVE-2023-31436: Fixed an out-of-bounds write i...

SUSE-SU-2023:2698-1 Security update for the Linux Kernel (Live Patch 33 for SLE 15 SP2)

This update for the Linux Kernel 5.3.18-15020024142 fixes several issues. The following security issues were fixed: - CVE-2022-4744: Fixed double-free that could lead to DoS or privilege escalation in TUN/TAP device driver functionality bsc1209672. - CVE-2023-31436: Fixed an out-of-bounds write i...

SUSE-SU-2023:2687-1 Security update for the Linux Kernel (Live Patch 40 for SLE 15 SP1)

This update for the Linux Kernel 4.12.14-150100197145 fixes several issues. The following security issues were fixed: - CVE-2023-31436: Fixed an out-of-bounds write in qfqchangeclass because lmax can exceed QFQMINLMAX bsc1210989. - CVE-2023-28466: Fixed race condition that could lead to...

PT-2023-17858 · Google · Android Kernel

Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to a heap buffer overflow in the cd CodeMsg function of cd codec.c, which could lead to remote code execution without requiring additional execution privileges. User interaction is not necessar...

SUSE-SU-2023:2646-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 AZURE kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2023-3161: Fixed shift-out-of-bounds in fbconsetfont bsc1212154. - CVE-2023-21102: Fixed possible bypass of shadow stack protection in efirtasmwrapper ...

MGASA-2023-0201 Updated kernel packages fix security vulnerabilities

This kernel update is based on upstream 5.15.117 and fixes atleast the following security issues: In the Linux kernel through 6.2.7, fs/ntfs3/inode.c has an invalid kfree because it does not validate MFT flags before replaying logs CVE-2022-48425. An out-of-bounds memory access flaw was found in...

SUSE-SU-2023:2534-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2023-1077: Fixed a type confusion in picknextrtentity, that could cause memory corruption bsc1208600. - CVE-2022-3566: Fixed race condition in the TCP Handle...

OESA-2023-1352 kernel security update

The Linux Kernel image for RaspberryPi. Security Fixes: A use after free flaw was found in hfsplusputsuper in fs/hfsplus/super.c in the Linux Kernel. This flaw could allow a local user to cause a denial of service problem.CVE-2023-2985...

SUSE-SU-2023:2442-1 Security update for the Linux Kernel (Live Patch 38 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122144 fixes several issues. The following security issues were fixed: - CVE-2023-28464: Fixed user-after-free that could lead to privilege escalation in hciconncleanup in net/uetooth/hciconn.c bsc1211111. - CVE-2023-1989: Fixed a use after free in...

Unbreakable Enterprise kernel security update

4.1.12-124.75.3 - net: sched: schqfq: prevent slab-out-of-bounds in qfqactivateagg Gwangun Jung Orabug: 35354791 CVE-2023-2248 4.1.12-124.75.2 - prlimit: doprlimit needs to have a speculation check Greg Kroah-Hartman Orabug: 35354303 CVE-2023-0458 - kernel/sys.c: fix potential Spectre v1 issue...