SUSE-SU-2023:1574-1 Security update for the Linux Kernel RT (Live Patch 2 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-150400158 fixes several issues. The following security issues were fixed: - CVE-2023-26545: Fixed double free in net/mpls/afmpls.c upon an allocation failure bsc1208700. - CVE-2023-1078: Fixed a heap out-of-bounds write in rdsrmzerocopycallback bsc1208838...

Linux kernel resource management error vulnerability (CNVD-2023-34470)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a security issue in the traffic control index filter tcindex, where a call to tcfextsexec while using a...

Important: kernel

Issue Overview: A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2 attacks on L1 due to L1 thinking it doesn't need retpolines or IBPB after running L2 due to KVM L0 advertising eIBRS support to L1. An attacker at L...

SUSE-SU-2023:0749-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security and bugfixes. - CVE-2022-3523: Fixed use after free related to device private page handling bsc1204363. - CVE-2022-38096: Fixed NULL-ptr deref in vmwcmddxdefinequery bsc1203331. - CVE-2023-0461: Fixed use-after-fre...

SUSE-SU-2023:0778-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes. - CVE-2022-36280: Fixed out-of-bounds memory access vulnerability found in vmwgfx driver bsc1203332. - CVE-2022-38096: Fixed NULL-ptr deref in vmwcmddxdefinequery bsc1203331. - CVE-2023-0045: Fixed missi...

SUSE-SU-2023:0774-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 Azure kernel was updated to receive various security and bugfixes. - CVE-2022-3523: Fixed use after free related to device private page handling bsc1204363. - CVE-2022-36280: Fixed out-of-bounds memory access vulnerability found in vmwgfx driver bsc1203332. -...

SUSE-SU-2023:0767-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2023-26545: Fixed double free in net/mpls/afmpls.c upon an allocation failure bsc1208700. - CVE-2023-23559: Fixed integer overflow in rndiswlan that leads to...

PT-2023-35378 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.1.13 Description: A potential security issue has been identified in the Linux Kernel, related to the transmission of SYN messages, which may cause a kernel warning. The actual impact and attack plausibility...

Unbreakable Enterprise kernel security update

4.1.12-124.72.2 - net: sched: atm: dont intepret cls results when asked to drop Jamal Hadi Salim Orabug: 34983616 CVE-2023-23455 - Bluetooth: L2CAP: Fix u8 overflow Sungwoo Kim Orabug: 34880763 CVE-2022-45934 4.1.12-124.72.1 - target: Invoke transportlunremovecmd to remove tmr form the list Gulam...

CVE-2023-23000

In the Linux kernel before 5.17, drivers/phy/tegra/xusb.c mishandles the tegraxusbfindportnode return value. Callers expect NULL in the error case, but an error pointer is used...

SUSE-SU-2023:0562-1 Security update for the Linux Kernel (Live Patch 25 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-1503005998 fixes several issues. The following security issues were fixed: - CVE-2022-3564: Fixed use-after-free in l2capcore.c of the Bluetooth component bsc1206314. - CVE-2023-0179: Fixed incorrect arithmetics when fetching VLAN header bits bsc1207139...

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

OESA-2023-1087 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: A double-free memory flaw was found in the Linux kernel. The Intel GVT-g graphics driver triggers VGA card system resource overload, causing a fail in the intelgvtdmamapguestpage function. This issue could allow a local user to...

SUSE CVE-2015-8575

The scosockbind function in net/bluetooth/sco.c in the Linux kernel before 4.3.4 does not verify an address length, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application...

SUSE CVE-2021-33624

In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted e.g., because of type confusion and consequently an unprivileged BPF program can read arbitrary memory locations via a side-channel attack, aka CID-9183671af6db...

CVE-2023-0394 affecting package kernel 5.10.164.1-1

CVE-2023-0394 affecting package kernel 5.10.164.1-1. A patched version of the package is available...

Advisory ROSA-SA-2023-2107

kernel 123 rosa-server79 test00 software: kernel 123xxxxxxxxxzzzzzzzzzzzz CVE-Crit: packageevrstring: test00 CVE-ID: test CVE-Crit: Not Current...

PT-2023-34941 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.1.11 Description: A potential security issue exists due to a crash during cgroup migration in the multi-gen LRU. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux...

PT-2023-34936 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.1.11 Description: A potential security issue exists in the Linux Kernel. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prior to v6.1.11, update...

PT-2023-35101 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.93 Description: The issue is related to out-of-bounds reads in the wifi brcmfmac driver. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prior...