SUSE-SU-2023:0774-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 Azure kernel was updated to receive various security and bugfixes. - CVE-2022-3523: Fixed use after free related to device private page handling bsc1204363. - CVE-2022-36280: Fixed out-of-bounds memory access vulnerability found in vmwgfx driver bsc1203332. -...

SUSE-SU-2023:0767-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2023-26545: Fixed double free in net/mpls/afmpls.c upon an allocation failure bsc1208700. - CVE-2023-23559: Fixed integer overflow in rndiswlan that leads to...

PT-2023-35378 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.1.13 Description: A potential security issue has been identified in the Linux Kernel, related to the transmission of SYN messages, which may cause a kernel warning. The actual impact and attack plausibility...

Unbreakable Enterprise kernel security update

4.1.12-124.72.2 - net: sched: atm: dont intepret cls results when asked to drop Jamal Hadi Salim Orabug: 34983616 CVE-2023-23455 - Bluetooth: L2CAP: Fix u8 overflow Sungwoo Kim Orabug: 34880763 CVE-2022-45934 4.1.12-124.72.1 - target: Invoke transportlunremovecmd to remove tmr form the list Gulam...

CVE-2023-23000

In the Linux kernel before 5.17, drivers/phy/tegra/xusb.c mishandles the tegraxusbfindportnode return value. Callers expect NULL in the error case, but an error pointer is used...

SUSE-SU-2023:0562-1 Security update for the Linux Kernel (Live Patch 25 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-1503005998 fixes several issues. The following security issues were fixed: - CVE-2022-3564: Fixed use-after-free in l2capcore.c of the Bluetooth component bsc1206314. - CVE-2023-0179: Fixed incorrect arithmetics when fetching VLAN header bits bsc1207139...

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

OESA-2023-1087 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: A double-free memory flaw was found in the Linux kernel. The Intel GVT-g graphics driver triggers VGA card system resource overload, causing a fail in the intelgvtdmamapguestpage function. This issue could allow a local user to...

SUSE CVE-2015-8575

The scosockbind function in net/bluetooth/sco.c in the Linux kernel before 4.3.4 does not verify an address length, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application...

SUSE CVE-2021-33624

In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted e.g., because of type confusion and consequently an unprivileged BPF program can read arbitrary memory locations via a side-channel attack, aka CID-9183671af6db...

CVE-2023-0394 affecting package kernel 5.10.164.1-1

CVE-2023-0394 affecting package kernel 5.10.164.1-1. A patched version of the package is available...

Advisory ROSA-SA-2023-2107

kernel 123 rosa-server79 test00 software: kernel 123xxxxxxxxxzzzzzzzzzzzz CVE-Crit: packageevrstring: test00 CVE-ID: test CVE-Crit: Not Current...

PT-2023-34936 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.1.11 Description: A potential security issue exists in the Linux Kernel. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prior to v6.1.11, update...

PT-2023-34941 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.1.11 Description: A potential security issue exists due to a crash during cgroup migration in the multi-gen LRU. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux...

PT-2023-35101 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.93 Description: The issue is related to out-of-bounds reads in the wifi brcmfmac driver. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prior...

Unbreakable Enterprise kernel security update

4.14.35-2047.522.3 - ALSA: pcm: oss: Fix race at SNDCTLDSPSYNC Sasha Levin Orabug: 34653896 CVE-2022-3303 - net/rds: Fill in rdsexthdrsize gaps Gerd Rausch Orabug: 34979172 - net/rds: Trigger rdssendhsping more than once Gerd Rausch Orabug: 34607787 - Revert 'RDS: TCP: Track peer's connection...

SUSE-SU-2023:0320-1 Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-150400155 fixes one issue. The following security issue was fixed: - CVE-2022-4379: Fixed a use-after-free vulnerability in nfs4file.c:nfs42sscopen bsc1206209...

SUSE-SU-2023:0267-1 Security update for the Linux Kernel (Live Patch 25 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-1503005998 fixes several issues. The following security issues were fixed: - CVE-2022-3424: Fixed use-after-free in grusetcontextoption, grufault and gruhandleusercallos that could lead to kernel panic bsc1204167. - CVE-2022-2602: Fixed a local privilege...

CVE-2022-38675

In gpu driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel...

SUSE-SU-2023:0250-1 Security update for the Linux Kernel (Live Patch 32 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122124 fixes several issues. The following security issues were fixed: - CVE-2022-3424: Fixed use-after-free in grusetcontextoption, grufault and gruhandleusercallos that could lead to kernel panic bsc1204167. - CVE-2022-3565: Fixed use-after-free in...