Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Errors are now handled in mlx5chainscreatetable. In mlx5chainscreatetable, the return values of mlx5getfdbsubns and mlx5getflownamespace must be checked to prevent NULL pointer dereferences. If either function fails, th...

Oracle Linux 10 : kernel (ELSA-2026-6632)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-6632 advisory. - net/mlx5: Fix ECVF vports unload on shutdown flow CKI Backport Bot RHEL-154540 CVE-2025-38109 - mm/damon/sysfs: cleanup attrs subdirs on context dir...

Azure Linux 3.0 Security Update: kernel (CVE-2025-38161)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38161 advisory. - In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix error flow upon firmware...

SUSE-SU-2025:03408-1 Security update for the Linux Kernel (Live Patch 5 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506002325 fixes several issues. The following security issues were fixed: - CVE-2025-38177: schhfsc: make hfscqlennotify idempotent bsc1246356. - CVE-2025-38109: net/mlx5: fix ECVF vports unload on shutdown flow bsc1245685. - CVE-2025-38181: calipso: Fix...

SUSE SLES15 Security Update : kernel RT (Live Patch 4 for SLE 15 SP6) (SUSE-SU-2025:03317-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03317-1 advisory. This update for the Linux Kernel 6.4.0-1506001014 fixes several issues. The following security issues were fixed: - CVE-2025-38177: schhfsc:...

SUSE-SU-2025:03315-1 Security update for the Linux Kernel RT (Live Patch 2 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-150600108 fixes several issues. The following security issues were fixed: - CVE-2024-49860: ACPI: sysfs: validate return type of STR method bsc1231862. - CVE-2025-38177: schhfsc: make hfscqlennotify idempotent bsc1246356. - CVE-2025-38109: net/mlx5: fix ECVF...

SUSE-SU-2025:20730-1 Security update for kernel-livepatch-MICRO-6-0-RT_Update_8

This update for kernel-livepatch-MICRO-6-0-RTUpdate8 fixes the following issues: - CVE-2025-38177: kernel: schhfsc: make hfscqlennotify idempotent bsc1246356 - CVE-2025-38109: net/mlx5: fix ECVF vports unload on shutdown flow bsc1245685 - CVE-2025-38181: calipso: fix null-ptr-deref in...

Security update for kernel-livepatch-MICRO-6-0_Update_2

This update for kernel-livepatch-MICRO-6-0Update2 fixes the following issues: CVE-2024-49860: ACPI: sysfs: validate return type of STR method bsc1231862 CVE-2025-38177: kernel: schhfsc: make hfscqlennotify idempotent bsc1246356 CVE-2025-38109: net/mlx5: fix ECVF vports unload on shutdown flow...

Security update for kernel-livepatch-MICRO-6-0_Update_2

This update for kernel-livepatch-MICRO-6-0Update2 fixes the following issues: CVE-2024-49860: ACPI: sysfs: validate return type of STR method bsc1231862 CVE-2025-38177: kernel: schhfsc: make hfscqlennotify idempotent bsc1246356 CVE-2025-38109: net/mlx5: fix ECVF vports unload on shutdown flow...

Security update for kernel-livepatch-MICRO-6-0-RT_Update_2

This update for kernel-livepatch-MICRO-6-0-RTUpdate2 fixes the following issues: CVE-2024-49860: ACPI: sysfs: validate return type of STR method bsc1231862 CVE-2025-38177: kernel: schhfsc: make hfscqlennotify idempotent bsc1246356 CVE-2025-38109: net/mlx5: fix ECVF vports unload on shutdown flow...

kernel: RDMA/mlx5: Fix page_size variable overflow

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix pagesize variable overflow Change all variables storing mlx5umemmkcfindbestpgsz result to unsigned long to support values larger than 31 and avoid overflow. For example: If we try to register 4GB of memory that is...

CVE-2025-21714

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix implicit ODP use after free Prevent double queueing of implicit ODP mr destroy work by using xacmpxchg to make sure this is the only time we are destroying this specific mr. Without this change, we could try to...

DEBIAN-CVE-2025-21662

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix variable not being completed when function returns When cmdallocindex, fails cmdworkhandler needs to complete ent-slotted before returning early. Otherwise the task which issued the command may hang: mlx5core...

AZL-55011 CVE-2024-56742 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: vfio/mlx5: Fix an unwind issue in mlx5vfaddmigrationpages Fix an unwind issue in mlx5vfaddmigrationpages. If a set of pages is allocated but fails to be added to the SG table, they need to be freed to prevent a memory leak. Any...

SUSE CVE-2024-50147

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix command bitmask initialization Command bitmask have a dedicated bit for MANAGEPAGES command, this bit isn't Initialize during command bitmask Initialization, only during MANAGEPAGES. In addition,...

CVE-2024-50147

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix command bitmask initialization Command bitmask have a dedicated bit for MANAGEPAGES command, this bit isn't Initialize during command bitmask Initialization, only during MANAGEPAGES. In addition,...

CVE-2024-42268

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix missing lock on sync reset reload On sync reset reload work, when remote host updates devlink on reload actions performed on that host, it misses taking devlink lock before calling devlinkremotereloadactionsperforme...

kernel security and bug fix update

4.18.0-372.19.1.0.16.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32...