CVE-2022-49182 net: hns3: add vlan list lock to protect vlan list

In the Linux kernel, the following vulnerability has been resolved: net: hns3: add vlan list lock to protect vlan list When adding port base VLAN, vf VLAN need to remove from HW and modify the vlan state in vf VLAN list as false. If the periodicity task is freeing the same node, it may cause "use...

CVE-2022-49176 bfq: fix use-after-free in bfq_dispatch_request

In the Linux kernel, the following vulnerability has been resolved: bfq: fix use-after-free in bfqdispatchrequest KASAN reports a use-after-free report when doing normal scsi-mq test 69832.239032 ================================================================== 69832.241810 BUG: KASAN:...

CVE-2021-47633

CVE-2021-47633 is described in connected documents as a Linux kernel flaw in the ath5k driver where, during EEPROM parsing (ath5k_eeprom_read_pcal_info_5111), an out-of-bounds write could occur when no curve is selected in a loop, allowing idx to reach AR5K_EEPROM_N_PD_CURVES and causing pd to be...

Security update for the Linux Kernel (Live Patch 47 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059170 fixes several issues. The following security issues were fixed: CVE-2024-36971: Fixed dstnegativeadvice race bsc1226324. CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. CVE-2022-48956: ipv6...

CVE-2025-21656 hwmon: (drivetemp) Fix driver producing garbage data when SCSI errors occur

In the Linux kernel, the following vulnerability has been resolved: hwmon: drivetemp Fix driver producing garbage data when SCSI errors occur scsiexecutecmd function can return both negative linux codes and positive scsicmnd result field error codes. Currently the driver just passes error codes o...

CVE-2025-21656

CVE-2025-21656 is a Linux kernel issue in topology printing (cpumap) where the vsnprintf-based formatting could mutate the cpumask during output, leading to inconsistent core visibility in the printed cpumap. The fix keeps the cpumask unchanged by caching it to a temporary variable before printin...

CVE-2024-57937

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2024-57903

CVE-2024-57903 is a Linux kernel vulnerability affecting the net module: SO_REUSEPORT was restricted to inet sockets after a blamed commit. The issue could involve destroying crypto sockets via an RCU callback and attempted mutex acquisition within that context. The description notes that the pat...

SUSE CVE-2024-53682

In the Linux kernel, the following vulnerability has been resolved: regulator: axp20x: AXP717: set rampdelay AXP717 datasheet says that regulator ramp delay is 15.625 us/step, which is 10mV in our case. Add a AXPDESCRANGESDELAY macro and update AXPDESCRANGES macro to expand to AXPDESCRANGESDELAY...

CVE-2024-47809

CVE-2024-47809 (Linux kernel) fixes a possible NULL pointer dereference in the DLM code path when a lock block (lkb) is created but the lkb_resource is not yet assigned (until attach_lkb via validate_lock_args). The issue could occur when request_lock() calls, potentially exposing a crash; anothe...

PT-2026-2898

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to the octeontx2-pf driver. The issue involves a shift-out-of-bounds error triggered when users provide small or zero ring sizes through the...

SUSE CVE-2024-56753

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/gfx9: Add Cleaner Shader Deinitialization in gfxv90 Module This commit addresses an omission in the previous patch related to the cleaner shader support for GFX9 hardware. Specifically, it adds the necessary...

CVE-2024-56657

In the Linux kernel, the following vulnerability has been resolved: ALSA: control: Avoid WARN for symlink errors Using WARN for showing the error of symlink creations don't give more information than telling that something goes wrong, since the usual code path is a lregister callback from each...

CVE-2024-56657 ALSA: control: Avoid WARN() for symlink errors

In the Linux kernel, the following vulnerability has been resolved: ALSA: control: Avoid WARN for symlink errors Using WARN for showing the error of symlink creations don't give more information than telling that something goes wrong, since the usual code path is a lregister callback from each...

CVE-2024-56590

CVE-2024-56590 is a Linux kernel vulnerability in Bluetooth hci_core: the patch fixes not checking skb length on hci_acldata_packet, which could cause access to uninitialized/invalid memory past skb->data. This is a local attack vector with low privileges and no user interaction, with a HIGH i...

CVE-2024-56544 udmabuf: change folios array from kmalloc to kvmalloc

In the Linux kernel, the following vulnerability has been resolved: udmabuf: change folios array from kmalloc to kvmalloc When PAGESIZE 4096, MAXPAGEORDER 10, 64bit machine, pagealloc only support 4MB. If above this, trigger this warn and return NULL. udmabuf can change size limit, if change it t...

CVE-2024-53168

CVE-2024-53168 is a Linux kernel vulnerability related to a use-after-free (UAF) in sunrpc over a kernel TCP socket. The issue, illustrated by a KASAN report (slab-use-after-free in tcp_write_timer_handler), was fixed in the kernel to address a UAF in sunrpc’s TCP path. Connected advisories (SUSE...

CBL Mariner 2.0 Security Update: kernel (CVE-2024-50163)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-50163 advisory. - In the Linux kernel, the following vulnerability has been resolved: bpf: Make sure internal and UAPI...

Security update for the Linux Kernel (Live Patch 46 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059167 fixes several issues. The following security issues were fixed: CVE-2024-43861: Fix memory leak for not ip packets bsc1229553. CVE-2021-47598: schcake: do not call cakedestroy from cakeinit bsc1227471. CVE-2021-47291: ipv6: fix another...

DEBIAN-CVE-2024-50280

In the Linux kernel, the following vulnerability has been resolved: dm cache: fix flushing uninitialized delayedwork on cachectr error An unexpected WARNON from flushwork may occur when cache creation fails, caused by destroying the uninitialized delayedwork waker in the error path of cachecreate...