MGASA-2023-0201 Updated kernel packages fix security vulnerabilities

This kernel update is based on upstream 5.15.117 and fixes atleast the following security issues: In the Linux kernel through 6.2.7, fs/ntfs3/inode.c has an invalid kfree because it does not validate MFT flags before replaying logs CVE-2022-48425. An out-of-bounds memory access flaw was found in...

SUSE-SU-2023:2534-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2023-1077: Fixed a type confusion in picknextrtentity, that could cause memory corruption bsc1208600. - CVE-2022-3566: Fixed race condition in the TCP Handle...

OESA-2023-1352 kernel security update

The Linux Kernel image for RaspberryPi. Security Fixes: A use after free flaw was found in hfsplusputsuper in fs/hfsplus/super.c in the Linux Kernel. This flaw could allow a local user to cause a denial of service problem.CVE-2023-2985...

SUSE-SU-2023:2442-1 Security update for the Linux Kernel (Live Patch 38 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122144 fixes several issues. The following security issues were fixed: - CVE-2023-28464: Fixed user-after-free that could lead to privilege escalation in hciconncleanup in net/uetooth/hciconn.c bsc1211111. - CVE-2023-1989: Fixed a use after free in...

Important: kernel

Issue Overview: There is a potential deadlock in the eBPF subsystem in the Linux kernel. The default sysctl configuration "kernel.unprivilegedbpfdisabled" on Amazon Linux does not allow unprivileged users to use eBPF. CVE-2023-0160 A denial of service problem was found, due to a possible recursiv...

Unbreakable Enterprise kernel security update

4.1.12-124.75.3 - net: sched: schqfq: prevent slab-out-of-bounds in qfqactivateagg Gwangun Jung Orabug: 35354791 CVE-2023-2248 4.1.12-124.75.2 - prlimit: doprlimit needs to have a speculation check Greg Kroah-Hartman Orabug: 35354303 CVE-2023-0458 - kernel/sys.c: fix potential Spectre v1 issue...

SUSE-SU-2023:2416-1 Security update for the Linux Kernel (Live Patch 28 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059109 fixes several issues. The following security issues were fixed: - CVE-2023-28464: Fixed user-after-free that could lead to privilege escalation in hciconncleanup in net/uetooth/hciconn.c bsc1211111. - CVE-2023-1989: Fixed a use after free in...

SUSE-SU-2023:2399-1 Security update for the Linux Kernel (Live Patch 40 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122150 fixes several issues. The following security issues were fixed: - CVE-2023-28464: Fixed user-after-free that could lead to privilege escalation in hciconncleanup in net/uetooth/hciconn.c bsc1211111. - CVE-2023-1989: Fixed a use after free in...

SUSE-SU-2023:2386-1 Security update for the Linux Kernel (Live Patch 39 for SLE 15 SP1)

This update for the Linux Kernel 4.12.14-150100197142 fixes several issues. The following security issues were fixed: - CVE-2023-1989: Fixed a use after free in btsdioremove bsc1210500. - CVE-2023-2162: Fixed an use-after-free flaw in iscsiswtcpsessioncreate bsc1210662. - CVE-2023-23454: Fixed a...

SUSE-SU-2023:2376-1 Security update for the Linux Kernel (Live Patch 31 for SLE 15 SP1)

This update for the Linux Kernel 4.12.14-150100197114 fixes several issues. The following security issues were fixed: - CVE-2023-28464: Fixed user-after-free that could lead to privilege escalation in hciconncleanup in net/uetooth/hciconn.c bsc1211111. - CVE-2023-1989: Fixed a use after free in...

OESA-2023-1304 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: A use-after-free vulnerability was found in drmleaseheld in drivers/gpu/drm/drmlease.c in the Linux kernel due to a race problem. This flaw allows a local user privilege attacker to cause a denial of service DoS or a kernel...

ALSA-2023:3349 Important: kernel security and bug fix update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: netfilter: use-after-free in nftables when processing batch requests can lead to privilege escalation CVE-2023-32233 For more details about the security issues, including the impact, a CV...

CVE-2023-0459 Copy_from_user Spectre-V1 Gadget in Linux Kernel

Copyfromuser on 64-bit versions of the Linux kernel does not implement the uaccessbeginnospec allowing a user to bypass the "accessok" check and pass a kernel pointer to copyfromuser. This would allow an attacker to leak information. We recommend upgrading beyond...

Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. The following packages have been upgraded to a later upstream version: kernel 4.18.0. BZ2122230, BZ2122267 Security Fixes: use-after-free caused by l2capreassemblesdu in net/bluetooth/l2capcore.c CVE-2022-3564...

kernel: soc: qcom: ocmem: Fix refcount leak in of_get_ocmem

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: ocmem: Fix refcount leak in ofgetocmem ofparsephandle returns a node pointer with refcount incremented, we should use ofnodeput on it when not need anymore. Add missing ofnodeput to avoid refcount leak. ofnodeput will...

PT-2025-26094

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved, related to the freeing of not-finalized bpf prog pack. The issue occurs when there are multiple subprogs and jit subprogs is called...

PT-2025-17220 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A memory leak issue has been identified in the Linux kernel, specifically in the es58x rx err msg function. This occurs when can-do set mode fails, causing the function to return witho...

ALSA-2023:2458 Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: use-after-free in l2capconnect and l2capleconnectreq in net/bluetooth/l2capcore.c CVE-2022-42896 net/ulp: use-after-free in listening ULP sockets CVE-2023-0461 cpu: AMD CPUs may transiently execu...

PT-2025-26074 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A potential NULL pointer dereference issue has been identified in the Linux kernel, specifically in the kernfs remove function. This issue arises when lockdep is enabled, causing lockd...

Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: use-after-free in l2capconnect and l2capleconnectreq in net/bluetooth/l2capcore.c CVE-2022-42896 net/ulp: use-after-free in listening ULP sockets CVE-2023-0461 cpu: AMD CPUs may transiently execu...