CVE-2024-42303

In the Linux kernel, the following vulnerability has been resolved: media: imx-pxp: Fix ERRPTR dereference in pxpprobe devmregmapinitmmio can fail, add a check and bail out in case of error...

Moderate: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

CVE-2024-39489

In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix memleak in seg6hmacinitalgo seg6hmacinitalgo returns without cleaning up the previous allocations if one fails, so it's going to leak all that memory and the crypto tfms. Update seg6hmacexit to only free the memory...

CVE-2022-48729 IB/hfi1: Fix panic with larger ipoib send_queue_size

In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix panic with larger ipoib sendqueuesize When the ipoib sendqueuesize is increased from the default the following panic happens: RIP: 0010:hfi1ipoibdraintxring+0x45/0xf0 hfi1 Code: 31 e4 eb 0f 8b 85 c8 02 00 00 41 83 c4...

CVE-2023-52833 Bluetooth: btusb: Add date->evt_skb is NULL check

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: Add date-evtskb is NULL check fix crash because of null pointers 6104.969662 BUG: kernel NULL pointer dereference, address: 00000000000000c8 6104.969667 PF: supervisor read access in kernel mode 6104.969668 PF:...

CVE-2023-52822

Removed by vendor...

SUSE-SU-2024:1719-1 Security update for the Linux Kernel (Live Patch 46 for SLE 15 SP2)

This update for the Linux Kernel 5.3.18-15020024183 fixes several issues. The following security issues were fixed: - CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb-macheader bsc1223514. - CVE-2023-6546: Fixed a race condition that could lead to a use-after-free in the GS...

SUSE-SU-2024:1659-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-26760: Fixed scsi/target/pscsi bioput for error case bsc1222596. - CVE-2024-27389: Fixed pstore inode handling with dinvalidate bsc1223705. - CVE-2024-27062...

SUSE-SU-2024:1582-1 Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-15050053 fixes several issues. The following security issues were fixed: - CVE-2024-0775: Fixed a use-after-free flaw was found in the ext4remount in fs/ext4/super.c in ext4 bsc1219079. - CVE-2023-5717: Fixed a heap out-of-bounds write vulnerability perf...

CVE-2024-27062

In the Linux kernel, the following vulnerability has been resolved: nouveau: lock the client object tree. It appears the client object tree has no locking unless I've missed something else. Fix races around adding/removing client objects, mostly vram bar mappings. 4562.099306 general protection...

Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: GSM multiplexing race condition leads to privilege escalation CVE-2023-6546 kernel: multiple use-after-free vulnerabilities CVE-2024-1086, CVE-2023-3567, CVE-2023-4133, CVE-2023-6932,...

SUSE-SU-2024:1386-1 Security update for the Linux Kernel (Live Patch 21 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024100 fixes several issues. The following security issues were fixed: - CVE-2024-26622: Fixed UAF write bug in tomoyowritecontrol bsc1220828. - CVE-2024-1086: Fixed a use-after-free vulnerability inside the nftables component that could have been...

CVE-2023-52644

In the Linux kernel, the following vulnerability has been resolved: wifi: b43: Stop/wake correct queue in DMA Tx path when QoS is disabled When QoS is disabled, the queue priority value will not map to the correct ieee80211 queue since there is only one queue. Stop/wake queue 0 when QoS is disabl...

CVE-2024-26884 bpf: Fix hashtab overflow check on 32-bit arches

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix hashtab overflow check on 32-bit arches The hashtab code relies on rounduppowoftwo to compute the number of hash buckets, and contains an overflow check by checking if the resulting value is 0. However, on 32-bit arches,...

SUSE-SU-2024:1299-1 Security update for the Linux Kernel (Live Patch 10 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-1504002455 fixes several issues. The following security issues were fixed: - CVE-2024-0565: Fixed an out-of-bounds memory read flaw in receiveencryptedstandard in fs/smb/client/smb2ops.c bsc1219078. - CVE-2023-42753: Fixed an array indexing vulnerability i...

SUSE-SU-2024:1278-1 Security update for the Linux Kernel (Live Patch 10 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005549 fixes one issue. The following security issue was fixed: - CVE-2023-52340: Fixed ICMPv6 “Packet Too Big” packets force a DoS of the Linux kernel by forcing 100% CPU bsc1219296...

CVE-2021-47181

In the Linux kernel, the following vulnerability has been resolved: usb: musb: tusb6010: check return value after calling platformgetresource It will cause null-ptr-deref if platformgetresource returns NULL, we need check the return value...

CVE-2024-26780 af_unix: Fix task hung while purging oob_skb in GC.

In the Linux kernel, the following vulnerability has been resolved: afunix: Fix task hung while purging oobskb in GC. syzbot reported a task hung; at the same time, GC was looping infinitely in listforeachentrysafe for OOB skb. 0 syzbot demonstrated that the listforeachentrysafe was not actually...

CVE-2024-26763 dm-crypt: don't modify the data when using authenticated encryption

In the Linux kernel, the following vulnerability has been resolved: dm-crypt: don't modify the data when using authenticated encryption It was said that authenticated encryption could produce invalid tag when the data that is being encrypted is modified 1. So, fix this problem by copying the data...

SUSE-SU-2024:1017-1 Security update for the Linux Kernel (Live Patch 33 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059124 fixes several issues. The following security issues were fixed: - CVE-2023-6531: Fixed a use-after-free flaw due to a race problem in the unix garbage collector's deletion of SKB races with unixstreamreadgenericon the socket that the SKB is queu...