CLSA-2026-1773046198 kernel: Fix of 31 CVEs

smb3: fix for slab out of bounds on mount to ksmbd CVE-2025-38728 - netfilter: nftsetpipapo: clamp maximum map bucket size to INTMAX CVE-2025-38201 - ALSA: usb-audio: Validate UAC3 power domain descriptors, too CVE-2025-38729 - net: atm: fix /proc/net/atm/lec handling CVE-2025-38180 - tcpbpf:...

CVE-2025-38455

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Reject SEV-ES intra host migration if vCPU creation is in-flight Reject migration of SEV-ES state if either the source or destination VM is actively creating a vCPU, i.e. if kvmvmioctlcreatevcpu is in the section betwee...

CVE-2025-38455

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Reject SEV-ES intra host migration if vCPU creation is in-flight Reject migration of SEV-ES state if either the source or destination VM is actively creating a vCPU, i.e. if kvmvmioctlcreatevcpu is in the section betwee...

CVE-2025-38455

CVE-2025-38455: Linux kernel KVM-SEV-ES intra-host migration is rejected when vCPU creation is in-flight to prevent SEV-ES VM with non-SEV-ES vCPU. Root cause: vCPU creation runs largely outside kvm->lock, allowing sev_info.es_active to toggle during svm_vcpu_create(), causing issues when free...

Linux Distros Unpatched Vulnerability : CVE-2022-48700

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - 2024-08-27: CVE-2022-48700 was added to this advisory. 2024-08-27: CVE-2022-48671 was added to this advisory. 2024-08-27: CVE-2022-48672 was added to this...

Linux Distros Unpatched Vulnerability : CVE-2022-0171

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root host user-level application to crash the host kernel b...

Moderate: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

NewStart CGSL MAIN 6.06 : kernel Multiple Vulnerabilities (NS-SA-2023-0083)

The remote NewStart CGSL host, running version MAIN 6.06, has kernel packages installed that are affected by multiple vulnerabilities: - There are use-after-free vulnerabilities in the Linux kernel's net/bluetooth/l2capcore.c's l2capconnect and l2capleconnectreq functions which may allow code...

MGASA-2023-0296 Updated kernel-linus packages fix security vulnerabilities

This kernel-linus update is based on upstream 6.4.16 and fixes or adds mitigations for atleast the following security issues: A flaw was found in the Linux Kernel. The tun/tap sockets have their socket UID hardcoded to 0 due to a type confusion in their initialization function. While it will be...

Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2023-070)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-070 advisory. 2024-04-10: CVE-2023-0461 was added to this advisory. 2024-02-01: CVE-2024-0562 was added to this advisory. 2024-02-01: CVE-2022-48619 was added to this advisory. 2023-10-10: CVE-2023-3357 was...

USN-5877-1 linux-gke-5.15 vulnerabilities

Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service system crash or execute arbitrary code. CVE-2022-4378 Tamás Koczka discovered that the Bluetooth L2CAP handshake...

openSUSE 15 Security Update : kernel (SUSE-SU-2022:4613-1)

The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4613-1 advisory. - A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root host user-level application to crash the...

Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-5792-2)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5792-2 advisory. Mingwei Zhang discovered that the KVM implementation for AMD processors in the Linux kernel did not properly handle cache coherency with Secu...

Amazon Linux 2022 : bpftool, kernel, kernel-devel (ALAS2022-2022-185)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-185 advisory. A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root host user-level application to crash the host kernel by creating a confidential guest V...

Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.15-2022-009 (ALASKERNEL-5.15-2022-009)

The version of kernel installed on the remote host is prior to 5.15.73-48.135. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.15-2022-009 advisory. A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root...

Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.10-2022-021 (ALASKERNEL-5.10-2022-021)

The version of kernel installed on the remote host is prior to 5.10.147-133.644. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2022-021 advisory. A vulnerability was found in the fs/inode.c:inodeinitowner function logic of the LInux kernel that allow...

Important: kernel

Issue Overview: A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root host user-level application to crash the host kernel by creating a confidential guest VM instance in AMD CPU that supports Secure Encrypted Virtualization SEV. CVE-2022-0171 A...

Mageia: Security Advisory (MGASA-2022-0380)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MGASA-2022-0379 Updated kernel packages fix security vulnerabilities

This kernel update is based on upstream 5.15.74 and fixes at least the following security issues: A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root host user-level application to crash the host kernel by creating a confidential guest VM...

Updated kernel packages fix security vulnerabilities

This kernel update is based on upstream 5.15.74 and fixes at least the following security issues: A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root host user-level application to crash the host kernel by creating a confidential guest VM...