CVE-2024-50124 Bluetooth: ISO: Fix UAF on iso_sock_timeout

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix UAF on isosocktimeout conn-sk maybe have been unlinked/freed while waiting for isoconnlock so this checks if the conn-sk is still valid by checking if it part of isosklist...

LSN-0107-1: Kernel Live Patch Security Notice

In the Linux kernel, the following vulnerability has been resolved: inet: inetdefrag: prevent sk release while still in use iplocalout and other functions can pass skb-sk as function argument. If the skb is a fragment and reassembly happens before such function call returns, the sk must not be...

LSN-0107-1 Kernel Live Patch Security Notice

In the Linux kernel, the following vulnerability has been resolved: inet: inetdefrag: prevent sk release while still in use iplocalout and other functions can pass skb-sk as function argument. If the skb is a fragment and reassembly happens before such function call returns, the sk must not be...

AlmaLinux 9 : kernel (ALSA-2024:8617)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:8617 advisory. hw: cpu: intel: Native Branch History Injection BHI CVE-2024-2201 kernel: tcp: add sanity checks to rx zerocopy CVE-2024-26640 kernel: mptcp: fix data...

SUSE SLES15 Security Update : kernel (Live Patch 45 for SLE 15 SP3) (SUSE-SU-2024:3774-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3774-1 advisory. This update for the Linux Kernel 5.3.18-15030059164 fixes several issues. The following security issues were fixed: - CVE-2021-47598: schcake: ...

CVE-2024-50080 ublk: don't allow user copy for unprivileged device

In the Linux kernel, the following vulnerability has been resolved: ublk: don't allow user copy for unprivileged device UBLKFUSERCOPY requires userspace to call write on ublk char device for filling request buffer, and unprivileged device can't be trusted. So don't allow user copy for unprivilege...

CVE-2024-50002

In the Linux kernel, the following vulnerability has been resolved: staticcall: Handle module init failure correctly in staticcalldelmodule Module insertion invokes staticcalladdmodule to initialize the static calls in a module. staticcalladdmodule invokes staticcallinit, which allocates a struct...

CVE-2022-49013 sctp: fix memory leak in sctp_stream_outq_migrate()

In the Linux kernel, the following vulnerability has been resolved: sctp: fix memory leak in sctpstreamoutqmigrate When sctpstreamoutqmigrate is called to release stream out resources, the memory pointed to by priohead in stream out is not released. The memory leak information is as follows:...

AZL-51420 CVE-2024-49901 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: drm/msm/adreno: Assign msmgpu-pdev earlier to avoid nullptrs There are some cases, such as the one uncovered by Commit 46d4efcccc68 "drm/msm/a6xx: Avoid a nullptr dereference when speedbin setting fails" where msmgpucleanup :...

SUSE CVE-2024-47727

In the Linux kernel, the following vulnerability has been resolved: x86/tdx: Fix "in-kernel MMIO" check TDX only supports kernel-initiated MMIO operations. The handlemmio function checks if the VE exception occurred in the kernel and rejects the operation if it did not. However, userspace can...

AZL-50858 CVE-2024-49861 affecting package kernel for versions less than 6.6.56.1-5

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix helper writes to read-only maps Lonial found an issue that despite user- and BPF-side frozen BPF map like in case of .rodata, it was still possible to write into it from a BPF program side through specific helpers having...

DEBIAN-CVE-2024-47740

In the Linux kernel, the following vulnerability has been resolved: f2fs: Require FMODEWRITE for atomic write ioctls The F2FS ioctls for starting and committing atomic writes check for inodeownerorcapable, but this does not give LSMs like SELinux or Landlock an opportunity to deny the write acces...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a null pointer dereference issue in the nilfspalloccommitfreeentry function in the nilfs2 file system...

Security update for the Linux Kernel (Live Patch 15 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005568 fixes several issues. The following security issues were fixed: CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfochangednotify bsc1225739. CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails bsc1227808...

Security update for the Linux Kernel (Live Patch 11 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005552 fixes several issues. The following security issues were fixed: CVE-2024-35861: Fixed potential UAF in cifssignalcifsdforreconnect bsc1225312. CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfochangednotify bsc1225739. CVE-2024-40954:...

Security update for the Linux Kernel (Live Patch 40 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059147 fixes several issues. The following security issues were fixed: CVE-2024-35861: Fixed potential UAF in cifssignalcifsdforreconnect bsc1225312. CVE-2021-47291: ipv6: fix another slab-out-of-bounds in fib6nhflushexceptions bsc1227651...

CVE-2024-44995 affecting package kernel for versions less than 6.6.51.1-1

CVE-2024-44995 affecting package kernel for versions less than 6.6.51.1-1. An upgraded version of the package is available that resolves this issue...

Security update for the Linux Kernel

The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-38538: net: bridge: xmit: make sure we have at least eth header len bytes bsc1226606. CVE-2024-40902: jfs: xattr: fix buffer overflow for invalid xattr...

Unbreakable Enterprise kernel-container security update

5.4.17-2136.336.5.1 - vhost/scsi: null-ptr-dereference in vhostscsigetreq Haoran Zhang Orabug: 37138988 5.4.17-2136.336.5 - uek-rpm: Add skxedaccommon.ko to nanomodules Sherry Yang Orabug: 37030127 - EDAC, i10nm: make skxcommon.o a separate module Arnd Bergmann Orabug: 37030127 - uek-rpm:...

USN-7020-4: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - Network drivers; - SCSI drivers; - F2FS file system; - BPF subsystem; - IPv4 networking;...