CVE-2022-49711 bus: fsl-mc-bus: fix KASAN use-after-free in fsl_mc_bus_remove()

In the Linux kernel, the following vulnerability has been resolved: bus: fsl-mc-bus: fix KASAN use-after-free in fslmcbusremove In fslmcbusremove, mc-rootmcbusdev-mcio is passed to fsldestroymcio. However, mc-rootmcbusdev is already freed in fslmcdeviceremove. Then reference to mc-rootmcbusdev-mc...

SUSE CVE-2023-1281

Use After Free vulnerability in Linux kernel traffic control index filter tcindex allows Privilege Escalation. The imperfect hash area can be updated while packets are traversing, which will cause a use-after-free when 'tcfextsexec' is called with the destroyed tcfext. A local attacker user can u...

Important: Red Hat Security Advisory: kpatch-patch-5_14_0-284_52_1, kpatch-patch-5_14_0-284_79_1, and kpatch-patch-5_14_0-284_92_1 security update

An update for kpatch-patch-5140-284521, kpatch-patch-5140-284791, and kpatch-patch-5140-284921 is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System...

AZL-56822 CVE-2025-21697 affecting package kernel for versions less than 6.6.76.1-1

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Ensure job pointer is set to NULL after job completion After a job completes, the corresponding pointer in the device must be set to NULL. Failing to do so triggers a warning when unloading the driver, as it appears the...

Azure Linux 3.0 Security Update: hyperv-daemons (CVE-2024-26961)

The version of hyperv-daemons installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-26961 advisory. - In the Linux kernel, the following vulnerability has been resolved: mac802154: fix llsec key resourc...

CVE-2024-50237 affecting package kernel for versions less than 6.6.64.2-1

CVE-2024-50237 affecting package kernel for versions less than 6.6.64.2-1. An upgraded version of the package is available that resolves this issue...

CVE-2024-53188 affecting package kernel for versions less than 6.6.64.2-1

CVE-2024-53188 affecting package kernel for versions less than 6.6.64.2-1. An upgraded version of the package is available that resolves this issue...

CVE-2024-50211 affecting package kernel for versions less than 6.6.64.2-1

CVE-2024-50211 affecting package kernel for versions less than 6.6.64.2-1. An upgraded version of the package is available that resolves this issue...

Security update for the Linux Kernel (Live Patch 46 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059167 fixes several issues. The following security issues were fixed: CVE-2024-36971: Fixed dstnegativeadvice race bsc1226324. CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. CVE-2022-48956: ipv6...

Security update for the Linux Kernel (Live Patch 45 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059164 fixes several issues. The following security issues were fixed: CVE-2024-36971: Fixed dstnegativeadvice race bsc1226324. CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. CVE-2022-48956: ipv6...

AZL-55822 CVE-2024-57890 affecting package kernel for versions less than 6.6.76.1-1

In the Linux kernel, the following vulnerability has been resolved: RDMA/uverbs: Prevent integer overflow issue In the expression "cmd.wqesize cmd.wrcount", both variables are u32 values that come from the user so the multiplication can lead to integer wrapping. Then we pass the result to...

AZL-55851 CVE-2024-57882 affecting package kernel for versions less than 6.6.76.1-1

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix TCP options overflow. Syzbot reported the following splat: Oops: general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 1 PREEMPT SMP KASAN PTI KASAN: null-ptr-deref in range...

AZL-55872 CVE-2024-36476 affecting package kernel for versions less than 5.15.176.3-1

In the Linux kernel, the following vulnerability has been resolved: RDMA/rtrs: Ensure 'ibsge list' is accessible Move the declaration of the 'ibsge list' variable outside the 'alwaysinvalidate' block to ensure it remains accessible for use throughout the function. Previously, 'ibsge list' was...

Unbreakable Enterprise kernel security update

5.4.17-2136.339.5 - tracing/kprobes: Skip symbol counting logic for module symbols in createlocaltracekprobe Nikolay Kuratov - vhostscsi: log write descriptors Dongli Zhang Orabug: 37393533 - vhost-scsi: protect vq-logbase with vq-mutex Dongli Zhang Orabug: 37393533 5.4.17-2136.339.4 - RDMA/bnxtr...

PT-2025-3021 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.12.0-rc6+ Description: A circular locking dependency warning has been detected in the Linux kernel's Bluetooth module. This issue occurs when the iso sock recvmsg function is called, which can lead to a deadlo...

PT-2025-2981 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.12.0-10553-gb86545e02e8c Description: A potential deadlock issue has been identified in the Linux kernel. The queue attr store function first freezes the queue -q usage counterio and then acquires -sysfs lock...

Amazon Linux 2 : kernel (ALASKERNEL-5.10-2025-077)

The version of kernel installed on the remote host is prior to 5.10.228-219.884. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2025-077 advisory. In the Linux kernel, the following vulnerability has been resolved: KVM: Fix a data race on...

AZL-55340 CVE-2024-56776 affecting package kernel for versions less than 6.6.64.2-1

In the Linux kernel, the following vulnerability has been resolved: drm/sti: avoid potential dereference of error pointers The return value of drmatomicgetcrtcstate needs to be checked. To avoid use of error pointer 'crtcstate' in case of the failure...

Important: Red Hat Security Advisory: kpatch-patch-5_14_0-427_13_1, kpatch-patch-5_14_0-427_31_1, and kpatch-patch-5_14_0-427_44_1 security update

An update for kpatch-patch-5140-427131, kpatch-patch-5140-427311, and kpatch-patch-5140-427441 is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System...

PT-2025-9012

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.12.7-770 2 Description A vulnerability in the Linux kernel has been identified, which can cause the system to crash when using touchscreen and framebuffer on certain devices, such as the Nokia 770. The issue is...