OESA-2024-2522 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: WARN on vNMI + NMI window iff NMIs are outright masked When requesting an NMI window, WARN on vNMI support being enabled if and only if NMIs are actual...

SUSE-SU-2024:4249-1 Security update for the Linux Kernel (Live Patch 56 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122216 fixes several issues. The following security issues were fixed: - CVE-2024-43861: Fix memory leak for not ip packets bsc1229553. - CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks bsc1229273. - CVE-2024-35863: Fixed...

SUSE-SU-2024:4242-1 Security update for the Linux Kernel (Live Patch 46 for SLE 15 SP2)

This update for the Linux Kernel 5.3.18-15020024183 fixes several issues. The following security issues were fixed: - CVE-2024-36904: tcp: Use refcountincnotzero in tcptwskunique bsc1225733. - CVE-2024-43861: Fix memory leak for not ip packets bsc1229553. - CVE-2021-47600: dm btree remove: fix us...

SUSE-SU-2024:4239-1 Security update for the Linux Kernel (Live Patch 51 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122186 fixes several issues. The following security issues were fixed: - CVE-2024-43861: Fix memory leak for not ip packets bsc1229553. - CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks bsc1229273...

CVE-2024-53141

In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: add missing range check in bitmapipuadt When tbIPSETATTRIPTO is not present but tbIPSETATTRCIDR exists, the values of ip and ipto are slightly swapped. Therefore, the range check for ip should be done later, but...

SUSE-SU-2024:4218-1 Security update for the Linux Kernel (Live Patch 10 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005549 fixes several issues. The following security issues were fixed: - CVE-2021-47517: Fix panic when interrupt coaleceing is set via ethtool bsc1225429. - CVE-2024-36904: tcp: Use refcountincnotzero in tcptwskunique bsc1225733. - CVE-2024-43861: Fix...

SUSE-SU-2024:4216-1 Security update for the Linux Kernel (Live Patch 12 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005559 fixes several issues. The following security issues were fixed: - CVE-2021-47517: Fix panic when interrupt coaleceing is set via ethtool bsc1225429. - CVE-2024-36904: tcp: Use refcountincnotzero in tcptwskunique bsc1225733. - CVE-2024-43861: Fix...

SUSE-SU-2024:4207-1 Security update for the Linux Kernel (Live Patch 14 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005565 fixes several issues. The following security issues were fixed: - CVE-2021-47517: Fix panic when interrupt coaleceing is set via ethtool bsc1225429. - CVE-2024-36904: tcp: Use refcountincnotzero in tcptwskunique bsc1225733. - CVE-2024-43861: Fix...

AZL-54158 CVE-2024-53130 affecting package kernel for versions less than 5.15.176.3-1

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix null-ptr-deref in blockdirtybuffer tracepoint When using the "block:blockdirtybuffer" tracepoint, markbufferdirty may cause a NULL pointer dereference, or a general protection fault when KASAN is enabled. This happens...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2021-47589: igbvf: fix double free in igbvfprobe bsc1226557. CVE-2022-48956: ipv6: avoid use-after-free in ip6fragment bsc1231893. CVE-2022-48960: net: hisilicon:...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-43854: Initialize integrity buffer to zero before writing it to media bsc1229345 CVE-2024-49925: fbdev: efifb: Register sysfs groups through driver core...

CVE-2024-53104

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Skip parsing frames of type UVCVSUNDEFINED in uvcparseformat This can lead to out of bounds writes since frames of this type were not taken into account when calculating the size of the frames buffer in...

OESA-2024-2492 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: bpf: support non-r10 register spill/fill to/from stack in precision tracking Use instruction jump history to record instructions that performed register spill/fi...

Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes. The Linux Enterprise 12 SP5 kernel turned LTSS Extended Security The following security bugs were fixed: CVE-2021-46936: Fixed use-after-free in twtimerhandler bsc1220439. CVE-2021-47163: kABI fix for tipc:...

Unbreakable Enterprise kernel security update

4.1.12-124.92.3 - memcgwriteeventcontrol: fix a user-triggerable oops Al Viro Orabug: 37070674 CVE-2024-45021 - ocfs2: fix races between hole punching and AIO+DIO Su Yue Orabug: 36835819 CVE-2024-40943 4.1.12-124.92.2 - fbdev: savage: Handle err return when savagefbcheckvar failed Cai Xinchen...

ALSA-2024:10274 Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: bpf: Fix overrunning reservations in ringbuf CVE-2024-41009 kernel: USB: serial: mos7840: fix crash on resume CVE-2024-42244 kernel: cxl/port: Fix use-after-free, permit out-of-order...

CVE-2024-53091 bpf: Add sk_is_inet and IS_ICSK check in tls_sw_has_ctx_tx/rx

In the Linux kernel, the following vulnerability has been resolved: bpf: Add skisinet and ISICSK check in tlsswhasctxtx/rx As the introduction of the support for vsock and unix sockets in sockmap, tlsswhasctxtx/rx cannot presume the socket passed in must be ISICSK. vsock and afunix sockets have...

Unspecified vulnerability in Linux kernel (CNVD-2024-46458)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a VM dma-resv lock release on xesyncinfenceget failure. No detailed vulnerability details are provided at th...

Unspecified vulnerability in Linux kernel (CNVD-2024-46416)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel suffers from a security vulnerability that stems from a null pointer dereference. No details of the vulnerability are provided at this time...

Unspecified vulnerability in Linux kernel (CNVD-2024-46457)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel suffers from a security vulnerability that stems from memory reuse after release. No details of the vulnerability are provided at this time...