SUSE SLES15 Security Update : kernel (Live Patch 13 for SLE 15 SP5) (SUSE-SU-2025:0146-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0146-1 advisory. This update for the Linux Kernel 5.14.21-1505005562 fixes several issues. The following security issues were fixed: - CVE-2024-50264:...

SUSE-SU-2025:0150-1 Security update for the Linux Kernel (Live Patch 25 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024116 fixes several issues. The following security issues were fixed: - CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. - CVE-2022-48956: ipv6: avoid use-after-free in ip6fragment bsc1232637. -...

SUSE-SU-2025:0138-1 Security update for the Linux Kernel (Live Patch 15 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005568 fixes several issues. The following security issues were fixed: - CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. - CVE-2022-48956: ipv6: avoid use-after-free in ip6fragment bsc1232637. -...

SUSE-SU-2025:0136-1 Security update for the Linux Kernel (Live Patch 39 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059144 fixes several issues. The following security issues were fixed: - CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. - CVE-2022-48956: ipv6: avoid use-after-free in ip6fragment bsc1232637...

CVE-2024-57891

In the Linux kernel, the following vulnerability has been resolved: schedext: Fix invalid irq restore in scxopsbypass While adding outer irqsave/restore locking, 0e7ffff1b811 "scx: Fix raciness in scxopsbypass" forgot to convert an inner rqunlockirqrestore to rqunlock which could re-enable IRQ...

CVE-2024-54031

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsethash: unaligned atomic read on struct nftsetext Access to genmask field in struct nftsetext results in unaligned atomic read: 72.130109 Unable to handle kernel paging request at virtual address ffff0000c2bb708c...

CVE-2024-57857 RDMA/siw: Remove direct link to net_device

In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Remove direct link to netdevice Do not manage a per device direct link to netdevice. Rely on associated ibdevices netdevice management, not doubling the effort locally. A badly managed local link to netdevice was causin...

CVE-2024-57801

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Skip restore TC rules for vport rep without loaded flag During driver unload, unregisternetdev is called after unloading vport rep. So, the mlx5ereppriv is already freed while trying to get rpriv-netdev, or walk...

CVE-2024-57891 sched_ext: Fix invalid irq restore in scx_ops_bypass()

In the Linux kernel, the following vulnerability has been resolved: schedext: Fix invalid irq restore in scxopsbypass While adding outer irqsave/restore locking, 0e7ffff1b811 "scx: Fix raciness in scxopsbypass" forgot to convert an inner rqunlockirqrestore to rqunlock which could re-enable IRQ...

SUSE-SU-2025:0110-1 Security update for the Linux Kernel (Live Patch 27 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024122 fixes several issues. The following security issues were fixed: - CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. - CVE-2022-48956: ipv6: avoid use-after-free in ip6fragment bsc1232637. -...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2025-1024)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-56368

In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Fix overflow in rbmapvma An overflow occurred when performing the following calculation: nrpages = nrsubbufs + 1 subbuforder - pgoff; Add a check before the calculation to avoid this problem. syzbot reported this as ...

CVE-2024-55881

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Play nice with protected guests in completehypercallexit Use is64bithypercall instead of is64bitmode to detect a 64-bit hypercall when completing said hypercall. For guests with protected state, e.g. SEV-ES and SEV-SNP,...

SUSE CVE-2024-57878

In the Linux kernel, the following vulnerability has been resolved: arm64: ptrace: fix partial SETREGSET for NTARMFPMR Currently fpmrset doesn't initialize the temporary 'fpmr' variable, and a SETREGSET call with a length of zero will leave this uninitialized. Consequently an arbitrary value will...

UBUNTU-CVE-2024-57874

In the Linux kernel, the following vulnerability has been resolved: arm64: ptrace: fix partial SETREGSET for NTARMTAGGEDADDRCTRL Currently taggedaddrctrlset doesn't initialize the temporary 'ctrl' variable, and a SETREGSET call with a length of zero will leave this uninitialized. Consequently...

CVE-2024-57876 drm/dp_mst: Fix resetting msg rx state after topology removal

In the Linux kernel, the following vulnerability has been resolved: drm/dpmst: Fix resetting msg rx state after topology removal If the MST topology is removed during the reception of an MST down reply or MST up request sideband message, the drmdpmsttopologymgr::upreqrecv/downreprecv states could...

CVE-2024-49573

In the Linux kernel, the following vulnerability has been resolved: sched/fair: Fix NEXTBUDDY Adam reports that enabling NEXTBUDDY insta triggers a WARN in picknextentity. Moving clearbuddies up before the delayed dequeue bits ensures no -next buddy becomes delayed. Further ensure no new -next...

DEBIAN-CVE-2024-47794

In the Linux kernel, the following vulnerability has been resolved: bpf: Prevent tailcall infinite loop caused by freplace There is a potential infinite loop issue that can occur when using a combination of tail calls and freplace. In an upcoming selftest, the attach target for entryfreplace of...

CVE-2024-57807 scsi: megaraid_sas: Fix for a potential deadlock

In the Linux kernel, the following vulnerability has been resolved: scsi: megaraidsas: Fix for a potential deadlock This fixes a 'possible circular locking dependency detected' warning CPU0 CPU1 ---- ---- lock&instance-resetmutex; lock&shost-scanmutex; lock&instance-resetmutex;...

CVE-2024-57798 drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req()

In the Linux kernel, the following vulnerability has been resolved: drm/dpmst: Ensure mstprimary pointer is valid in drmdpmsthandleupreq While receiving an MST up request message from one thread in drmdpmsthandleupreq, the MST topology could be removed from another thread via...