CVE-2021-47177

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix sysfs leak in allociommu iommudevicesysfsadd is called before, so is has to be cleaned on subsequent errors...

CVE-2024-26627 scsi: core: Move scsi_host_busy() out of host lock for waking up EH handler

In the Linux kernel, the following vulnerability has been resolved: scsi: core: Move scsihostbusy out of host lock for waking up EH handler Inside scsiehwakeup, scsihostbusy is called & checked with host lock every time for deciding if error handler kthread needs to be waken up. This can be too...

CVE-2024-26625 llc: call sock_orphan() at release time

In the Linux kernel, the following vulnerability has been resolved: llc: call sockorphan at release time syzbot reported an interesting trace 1 caused by a stale sk-skwq pointer in a closed llc socket. In commit ff7b11aa481f "net: socket: set sock-sk to NULL after calling protoops::release" Eric...

CVE-2021-47088

In the Linux kernel, the following vulnerability has been resolved: mm/damon/dbgfs: protect targets destructions with kdamondlock DAMON debugfs interface iterates current monitoring targets in 'dbgfstargetidsread' while holding the corresponding 'kdamondlock'. However, it also destructs the...

CVE-2023-52573 net: rds: Fix possible NULL-pointer dereference

In the Linux kernel, the following vulnerability has been resolved: net: rds: Fix possible NULL-pointer dereference In rdsrdmacmeventhandlercmn check, if conn pointer exists before dereferencing it as rdmasetservicetype argument Found by Linux Verification Center linuxtesting.org with SVACE...

CVE-2023-52518 Bluetooth: hci_codec: Fix leaking content of local_codecs

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcicodec: Fix leaking content of localcodecs The following memory leak can be observed when the controller supports codecs which are stored in localcodecs list but the elements are never freed: unreferenced object...

CVE-2020-36787

In the Linux kernel, the following vulnerability has been resolved: media: aspeed: fix clock handling logic Video engine uses eclk and vclk for its clock sources and its reset control is coupled with eclk so the current clock enabling sequence works like below. Enable eclk De-assert Video Engine...

CVE-2023-52474 IB/hfi1: Fix bugs with non-PAGE_SIZE-end multi-iovec user SDMA requests

In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix bugs with non-PAGESIZE-end multi-iovec user SDMA requests hfi1 user SDMA request processing has two bugs that can cause data corruption for user SDMA requests that have multiple payload iovecs where an iovec other th...

MGASA-2024-0032 Updated kernel-linus fixes security vulnerabilities and many bugs

Upstream version 6.6.14 with many bugfixes and at least the following security fixes: An out-of-bounds read vulnerability was found in smb2dumpdetail in fs/smb/client/smb2ops.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information...

SUSE-SU-2023:4862-1 Security update for the Linux Kernel (Live Patch 28 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059109 fixes several issues. The following security issues were fixed: - CVE-2023-3777: Fixed a use-after-free vulnerability in netfilter: nftables component can be exploited to achieve local privilege escalation. bsc1215097 - CVE-2023-4622: Fixed a...

SUSE-SU-2023:4847-1 Security update for the Linux Kernel (Live Patch 39 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122147 fixes one issue. The following security issue was fixed: - CVE-2023-4622: Fixed a use-after-free vulnerability in the Unix domain sockets component which could be exploited to achieve local privilege escalation bsc1215442...

CVE-2023-1194

An out-of-bounds OOB memory read flaw was found in parseleasestate in the KSMBD implementation of the in-kernel samba server and CIFS in the Linux kernel. When an attacker sends the CREATE command with a malformed payload to KSMBD, due to a missing check of NameOffset in the parseleasestate...

CVE-2023-1193

A use-after-free flaw was found in setupasyncwork in the KSMBD implementation of the in-kernel samba server and CIFS in the Linux kernel. This issue could allow an attacker to crash the system by accessing freed work...

SUSE-SU-2023:4267-1 Security update for the Linux Kernel (Live Patch 4 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-1504002428 fixes several issues. The following security issues were fixed: - CVE-2023-4147: Fixed use-after-free in nftablesnewrule bsc1215118. - CVE-2023-4623: Fixed a use-after-free issue in the HFSC network scheduler which could be exploited to achieve...

SUSE-SU-2023:4072-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2023-4563: Fixed an use-after-free flaw in the nftables sub-component. This vulnerability could allow a local attacker to crash the system or lead to a kerne...

SUSE-SU-2023:3846-1 Security update for the Linux Kernel (Live Patch 34 for SLE 15 SP2)

This update for the Linux Kernel 5.3.18-15020024145 fixes several issues. The following security issues were fixed: - CVE-2023-3776: Fixed improper refcount update in clsfw leads to use-after-free bsc1215119. - CVE-2023-1829: Fixed a use-after-free vulnerability in the control index filter tcinde...

SUSE-SU-2023:3806-1 Security update for the Linux Kernel RT (Live Patch 3 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505001311 fixes one issue. The following security issue was fixed: - CVE-2023-4273: Fixed a flaw in the exFAT driver of the Linux kernel that alloawed a local privileged attacker to overflow the kernel stack bsc1214123...

SUSE-SU-2023:3784-1 Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-150500135 fixes several issues. The following security issues were fixed: - CVE-2023-3776: Fixed improper refcount update in clsfw leads to use-after-free bsc1215119. - CVE-2023-1829: Fixed a use-after-free vulnerability in the control index filter tcindex...

Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

UBUNTU-CVE-2023-4881

Rejected reason: CVE-2023-4881 was wrongly assigned to a bug that was deemed to be a non-security issue by the Linux kernel security team...