CVE-2022-49034 sh: cpuinfo: Fix a warning for CONFIG_CPUMASK_OFFSTACK

In the Linux kernel, the following vulnerability has been resolved: sh: cpuinfo: Fix a warning for CONFIGCPUMASKOFFSTACK When CONFIGCPUMASKOFFSTACK and CONFIGDEBUGPERCPUMAPS are selected, cpumaxbitswarn generates a runtime warning similar as below when showing /proc/cpuinfo. Fix this by using...

CVE-2024-53154

In the Linux kernel, the following vulnerability has been resolved: clk: clk-apple-nco: Add NULL check in applncoprobe Add NULL check in applncoprobe, to handle kernel NULL pointer dereference error...

CVE-2024-53147

In the Linux kernel, the following vulnerability has been resolved: exfat: fix out-of-bounds access of directory entries In the case of the directory size is greater than or equal to the cluster size, if startclu becomes an EOF clusteran invalid cluster due to file system corruption, then the...

CVE-2024-53146 NFSD: Prevent a potential integer overflow

In the Linux kernel, the following vulnerability has been resolved: NFSD: Prevent a potential integer overflow If the tag length is = U32MAX - 3 then the "length + 4" addition can result in an integer overflow. Address this by splitting the decoding into several steps so that decodecbcompound4res...

LSN-0108-1: Kernel Live Patch Security Notice

In the Linux kernel, the following vulnerability has been resolved: tls: fix use-after-free on failed backlog decryption When the decrypt request goes to the backlog and cryptoaeaddecrypt returns -EBUSY, tlsdodecryption will wait until all async decryptions have completed. If one of them fails,...

Moderate: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

USN-7169-2: Linux kernel (GCP) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Ext4 file system; - Network traffic control; - VMware vSockets driver; CVE-2024-49967, CVE-2024-53057, CVE-2024-502...

SUSE-SU-2024:4316-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2023-52778: mptcp: deal with large GSO size bsc1224948. - CVE-2023-52920: bpf: support non-r10 register spill/fill to/from stack in precision tracking...

CBL Mariner 2.0 Security Update: kernel (CVE-2024-50117)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-50117 advisory. - In the Linux kernel, the following vulnerability has been resolved: drm/amd: Guard against bad data for ATIF...

CBL Mariner 2.0 Security Update: kernel (CVE-2024-49903)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-49903 advisory. - In the Linux kernel, the following vulnerability has been resolved: jfs: Fix uaf in dbFreeBits syzbot report...

Moderate: Red Hat Security Advisory: kernel:5.14.0 security update

An update for the kernel:5.14.0 module is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

SUSE-SU-2024:4262-1 Security update for the Linux Kernel (Live Patch 28 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024125 fixes several issues. The following security issues were fixed: - CVE-2024-43861: Fix memory leak for not ip packets bsc1229553. - CVE-2021-47598: schcake: do not call cakedestroy from cakeinit bsc1227471. - CVE-2024-40954: net: do not leave a...

openSUSE: Security Advisory for the Linux Kernel (Live Patch 13 for SLE 15 SP5) (SUSE-SU-2024:4243-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2024:4239-1 Security update for the Linux Kernel (Live Patch 51 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122186 fixes several issues. The following security issues were fixed: - CVE-2024-43861: Fix memory leak for not ip packets bsc1229553. - CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks bsc1229273...

CVE-2024-53141

In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: add missing range check in bitmapipuadt When tbIPSETATTRIPTO is not present but tbIPSETATTRCIDR exists, the values of ip and ipto are slightly swapped. Therefore, the range check for ip should be done later, but...

SUSE-SU-2024:4218-1 Security update for the Linux Kernel (Live Patch 10 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005549 fixes several issues. The following security issues were fixed: - CVE-2021-47517: Fix panic when interrupt coaleceing is set via ethtool bsc1225429. - CVE-2024-36904: tcp: Use refcountincnotzero in tcptwskunique bsc1225733. - CVE-2024-43861: Fix...

SUSE-SU-2024:4207-1 Security update for the Linux Kernel (Live Patch 14 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005565 fixes several issues. The following security issues were fixed: - CVE-2021-47517: Fix panic when interrupt coaleceing is set via ethtool bsc1225429. - CVE-2024-36904: tcp: Use refcountincnotzero in tcptwskunique bsc1225733. - CVE-2024-43861: Fix...

CVE-2024-53104

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Skip parsing frames of type UVCVSUNDEFINED in uvcparseformat This can lead to out of bounds writes since frames of this type were not taken into account when calculating the size of the frames buffer in...

Unspecified vulnerability in Linux kernel (CNVD-2024-46458)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a VM dma-resv lock release on xesyncinfenceget failure. No detailed vulnerability details are provided at th...

Unspecified vulnerability in Linux kernel (CNVD-2024-46457)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel suffers from a security vulnerability that stems from memory reuse after release. No details of the vulnerability are provided at this time...