4826 matches found
MGASA-2023-0202 Updated kernel-linus packages fix security vulnerabilities
This kernel-linus update is based on upstream 5.15.117 and fixes atleast the following security issues: In the Linux kernel through 6.2.7, fs/ntfs3/inode.c has an invalid kfree because it does not validate MFT flags before replaying logs CVE-2022-48425. An out-of-bounds memory access flaw was fou...
CVE-2023-3022
A flaw was found in the IPv6 module of the Linux kernel. The arg.result was not used consistently in fib6rulelookup, sometimes holding rt6info and other times fib6info. This was not accounted for in other parts of the code where rt6info was expected unconditionally, potentially leading to a kerne...
CVE-2023-3022
A flaw was found in the IPv6 module of the Linux kernel. The arg.result was not used consistently in fib6rulelookup, sometimes holding rt6info and other times fib6info. This was not accounted for in other parts of the code where rt6info was expected unconditionally, potentially leading to a kerne...
SUSE CVE-2023-3212
A NULL pointer dereference issue was found in the gfs2 file system in the Linux kernel. It occurs on corrupt gfs2 file systems when the evict code tries to reference the journal descriptor structure after it has been freed and set to NULL. A privileged local user could use this flaw to cause a...
SUSE CVE-2023-3022
A flaw was found in the IPv6 module of the Linux kernel. The arg.result was not used consistently in fib6rulelookup, sometimes holding rt6info and other times fib6info. This was not accounted for in other parts of the code where rt6info was expected unconditionally, potentially leading to a kerne...
CVE-2023-3022
A flaw was found in the IPv6 module of the Linux kernel. The arg.result was not used consistently in fib6rulelookup, sometimes holding rt6info and other times fib6info. This was not accounted for in other parts of the code where rt6info was expected unconditionally, potentially leading to a kerne...
kernel: Linux kernel ALSA mts64 module: Denial of Service via null pointer dereference
A flaw was found in the Linux kernel's ALSA Advanced Linux Sound Architecture mts64 module. A local user can trigger a null pointer dereference in the sndmts64interrupt function by repeatedly loading and unloading the snd-mts64 module. This can lead to a kernel panic, resulting in a Denial of...
kernel: RDMA/hfi1: Prevent panic when SDMA is disabled
A possible NULL pointer dereference was observed in the Linux kernel in hfil module. This may lead to kernel panic and then crash...
kernel: Linux kernel: Denial of Service in mt7921e driver during module unload
A flaw was discovered in the mt76/mt7921e Wi-Fi driver in the Linux kernel where improper handling of driver data during module removal can lead to a crash. Under certain insmod/rmmod stress test conditions, the driver’s mt7921pciremove function is called while the associated mt76dev driver priva...
PT-2025-43103
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.3.0-rc7+ Description The Linux kernel contains a flaw in the s390/crypto component related to ChaCha20. Specifically, the code lacks a check to verify if the necessary vector instructions are available before...
kernel: ipv6: ensure sane device mtu in tunnels
A flaw was found in the Linux kernel’s IPv6 networking code affecting the handling of IPv6 GRE tunnels. Under certain conditions, an IPv6 tunnel configuration could result in an invalid MTU Maximum Transmission Unit value being written to a network device without sanitization. Because the MTU val...
kernel: Linux kernel ALSA mts64 module: Denial of Service via null pointer dereference
A flaw was found in the Linux kernel's ALSA Advanced Linux Sound Architecture mts64 module. A local user can trigger a null pointer dereference in the sndmts64interrupt function by repeatedly loading and unloading the snd-mts64 module. This can lead to a kernel panic, resulting in a Denial of...
kernel: RDMA/hfi1: Prevent panic when SDMA is disabled
A possible NULL pointer dereference was observed in the Linux kernel in hfil module. This may lead to kernel panic and then crash...
PT-2025-25886 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.17.0-rc1 Description: A null pointer dereference issue has been identified in the Linux kernel, specifically in the tgl get bw info function in drivers/gpu/drm/i915/display/intel bw.c. This issue causes a kern...
PT-2025-25970 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, related to the qrtr Qualcomm Remote Transport module. The issue arises when the MHI Mobile Hardware Interface channel generates...
PT-2025-25984 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved. The issue is related to the vdpa sim blk device, where two new fields nas, ngroups were added to vdpasim dev attr but not...
RXSA-2023:1566 Important: kernel security, bug fix, and enhancement update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: stack overflow in doprocdointvec and procskipspaces CVE-2022-4378 ALSA: pcm: Move rwsem lock inside sndctlelemread to prevent UAF CVE-2023-0266 kernel: FUSE filesystem low-privileged user...
CVE-2023-30434
IBM Storage Scale IBM Spectrum Scale 5.1.0.0 through 5.1.2.9, 5.1.3.0 through 5.1.6.1 and IBM Elastic Storage Systems 6.1.0.0 through 6.1.2.5, 6.1.3.0 through 6.1.6.0 could allow a local user to cause a kernel panic. IBM X-Force ID: 252187...
CVE-2023-30434
IBM Storage Scale IBM Spectrum Scale 5.1.0.0 through 5.1.2.9, 5.1.3.0 through 5.1.6.1 and IBM Elastic Storage Systems 6.1.0.0 through 6.1.2.5, 6.1.3.0 through 6.1.6.0 could allow a local user to cause a kernel panic. IBM X-Force ID: 252187...
Code injection
IBM Storage Scale IBM Spectrum Scale 5.1.0.0 through 5.1.2.9, 5.1.3.0 through 5.1.6.1 and IBM Elastic Storage Systems 6.1.0.0 through 6.1.2.5, 6.1.3.0 through 6.1.6.0 could allow a local user to cause a kernel panic. IBM X-Force ID: 252187...