RHSA-2025:14811 Red Hat Security Advisory: kpatch-patch-5_14_0-427_13_1, kpatch-patch-5_14_0-427_31_1, kpatch-patch-5_14_0-427_44_1, kpatch-patch-5_14_0-427_55_1, and kpatch-patch-5_14_0-427_68_2 security update

Bulletin has no description...

AZL-66692 CVE-2025-38676 affecting package kernel for versions less than 6.6.96.2-1

In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Avoid stack buffer overflow from kernel cmdline While the kernel command line is considered trusted in most environments, avoid writing 1 byte past the end of "acpiid" if the "str" argument is maximum length...

RHEL 9 : kpatch-patch-5_14_0-284_104_1, kpatch-patch-5_14_0-284_117_1, kpatch-patch-5_14_0-284_52_1, kpatch-patch-5_14_0-284_79_1, and kpatch-patch-5_14_0-284_92_1 (RHSA-2025:14599)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:14599 advisory. This is a kernel live patch module which can be loaded by the kpatch command line utility to modify the code of a running kernel. This patch module ...

Linux Distros Unpatched Vulnerability : CVE-2017-5206

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Firejail before 0.9.44.4, when running on a Linux kernel before 4.8, allows context-dependent attackers to bypass a seccomp-based sandbox protection mechanism v...

Linux Distros Unpatched Vulnerability : CVE-2005-3660

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Linux kernel 2.4 and 2.6 allows attackers to cause a denial of service memory exhaustion and panic by creating a large number of connected file descriptors or...

AZL-66653 CVE-2025-38643 affecting package kernel for versions less than 6.6.119.3-1

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: Add missing lock in cfg80211checkandendcac Callers of wdevchandef must hold the wiphy mutex. But the worker cfg80211propagatecacdonewk never takes the lock. Which triggers the warning below with the...

AZL-66614 CVE-2025-38626 affecting package kernel for versions less than 6.6.104.2-1

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to trigger foreground gc during f2fsmapblocks in lfs mode w/ "mode=lfs" mount option, generic/299 will cause system panic as below: ------------ cut here ------------ kernel BUG at fs/f2fs/segment.c:2835! Call Trace:...

SUSE SLES15 Security Update : kernel (Live Patch 0 for SLE 15 SP7) (SUSE-SU-2025:02942-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02942-1 advisory. This update for the Linux Kernel 6.4.0-15070051 fixes several issues. The following security issues were fixed: - CVE-2025-38494: HID: core: d...

SUSE SLES15 Security Update : kernel (Live Patch 52 for SLE 15 SP3) (SUSE-SU-2025:02955-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02955-1 advisory. This update for the Linux Kernel 5.3.18-15030059188 fixes several issues. The following security issues were fixed: - CVE-2025-38494: HID: cor...

SUSE SLES15 Security Update : kernel (Live Patch 47 for SLE 15 SP3) (SUSE-SU-2025:02945-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02945-1 advisory. This update for the Linux Kernel 5.3.18-15030059170 fixes several issues. The following security issues were fixed: - CVE-2025-38494: HID: cor...

Security update for the Linux Kernel (Live Patch 55 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059198 fixes several issues. The following security issues were fixed: CVE-2025-38494: HID: core: do not bypass hidhwrawrequest bsc1247350. CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID bsc1247351...

SUSE SLES15 Security Update : kernel (Live Patch 13 for SLE 15 SP6) (SUSE-SU-2025:02922-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02922-1 advisory. This update for the Linux Kernel 6.4.0-1506002360 fixes several issues. The following security issues were fixed: - CVE-2025-38494: HID: core:...

SUSE SLES15 Security Update : kernel (Live Patch 22 for SLE 15 SP5) (SUSE-SU-2025:02876-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02876-1 advisory. This update for the Linux Kernel 5.14.21-1505005591 fixes several issues. The following security issues were fixed: - CVE-2025-38494: HID: cor...

Linux Distros Unpatched Vulnerability : CVE-2018-14610

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the Linux kernel through 4.17.10. There is out-of-bounds access in writeextentbuffer when mounting and operating a crafted btrfs imag...

SUSE SLES15 Security Update : kernel (Live Patch 25 for SLE 15 SP5) (SUSE-SU-2025:02902-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02902-1 advisory. This update for the Linux Kernel 5.14.21-15050055100 fixes several issues. The following security issues were fixed: - CVE-2025-38494: HID:...

AZL-66506 CVE-2025-38601 affecting package kernel for versions less than 6.6.104.2-1

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: clear initialized flag for deinit-ed srng lists In a number of cases we see kernel panics on resume due to ath11k kernel page fault, which happens under the following circumstances: 1 First ath11khaldumpsrngstats ca...

AZL-66530 CVE-2025-38583 affecting package kernel for versions less than 6.6.104.2-1

In the Linux kernel, the following vulnerability has been resolved: clk: xilinx: vcu: unregister pllpost only if registered correctly If registration of pllpost is failed, it will be set to NULL or ERR, unregistering same will fail with following call trace: Unable to handle kernel NULL pointer...

AZL-66521 CVE-2025-38578 affecting package kernel for versions less than 6.6.104.2-1

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid UAF in f2fssyncinodemeta syzbot reported an UAF issue as below: 1 2 1 https://syzkaller.appspot.com/text?tag=CrashReport&x=16594c60580000 ================================================================== BUG:...

Security update for the Linux Kernel (Live Patch 56 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059201 fixes several issues. The following security issues were fixed: CVE-2025-38494: HID: core: do not bypass hidhwrawrequest bsc1247350. CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID bsc1247351...

AZL-66437 CVE-2025-38553 affecting package kernel for versions less than 6.6.104.2-1

In the Linux kernel, the following vulnerability has been resolved: net/sched: Restrict conditions for adding duplicating netems to qdisc tree netemenqueue's duplication prevention logic breaks when a netem resides in a qdisc tree with other netems - this can lead to a soft lockup and OOM loop in...