CVE-2024-52332

CVE-2024-52332: Linux kernel igb driver fix for potential invalid memory access during module init. When pci_register_driver() can fail, the dca_notifier must be unregistered; otherwise, if igb fails to install, dca_notifier may be invoked and access memory that is no longer valid. The connected ...

CVE-2024-49569 nvme-rdma: unquiesce admin_q before destroy it

In the Linux kernel, the following vulnerability has been resolved: nvme-rdma: unquiesce adminq before destroy it Kernel will hang on destroy adminq while we create ctrl failed, such as following calltrace: PID: 23644 TASK: ff2d52b40f439fc0 CPU: 2 COMMAND: "nvme" 0 ff61d23de260fb78 schedule at...

CVE-2024-47141 pinmux: Use sequential access to access desc->pinmux data

In the Linux kernel, the following vulnerability has been resolved: pinmux: Use sequential access to access desc-pinmux data When two client of the same gpio call pinctrlselectstate for the same functionality, we are seeing NULL pointer issue while accessing desc-muxowner. Let's say two processes...

kernel security update

An update is available for kernel. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...

OESA-2025-1032 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: sh: cpuinfo: Fix a warning for CONFIGCPUMASKOFFSTACK When CONFIGCPUMASKOFFSTACK and CONFIGDEBUGPERCPUMAPS are selected, cpumaxbitswarn generates a runtime warnin...

kernel security update

5.14.0-503.21.15.OL9 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...

USN-7169-4: Linux kernel (Azure) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Ext4 file system; - Network traffic control; - VMware vSockets driver; CVE-2024-49967, CVE-2024-53057, CVE-2024-502...

USN-7194-1: Linux kernel (Azure) vulnerabilities

Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. A physically proximate remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2020-12351 Andy Nguyen discovered that the...

RHSA-2025:0065 Red Hat Security Advisory: kernel security update

Bulletin has no description...

RHSA-2025:0062 Red Hat Security Advisory: kernel security update

Bulletin has no description...

RHSA-2025:0058 Red Hat Security Advisory: kernel security update

Bulletin has no description...

RHSA-2025:0055 Red Hat Security Advisory: kernel security update

Bulletin has no description...

kernel security update

4.18.0-553.34.110.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : Linux kernel (Azure) vulnerabilities (USN-7185-2)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7185-2 advisory. Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an integer overflow vulnerability. A...

CVE-2024-56778

In the Linux kernel, the following vulnerability has been resolved: drm/sti: avoid potential dereference of error pointers in stihqvdpatomiccheck The return value of drmatomicgetcrtcstate needs to be checked. To avoid use of error pointer 'crtcstate' in case of the failure...

CVE-2023-35685

In DevmemIntMapPages of devicememserver.c, there is a possible physical page uaf due to a logic error in the code. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2024-56786

...

CVE-2023-35685

In DevmemIntMapPages of devicememserver.c, there is a possible physical page uaf due to a logic error in the code. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation...

Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-48853: swiotlb: fix info leak with DMAFROMDEVICE bsc1228015. CVE-2024-26801: Bluetooth: Avoid potential use-after-free in hcierrorreset bsc1222413...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...