83 matches found
RHEL 9 : kernel (RHSA-2025:7526)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:7526 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Information disclosure in...
CVE-2023-53110
In the Linux kernel, the following vulnerability has been resolved: net/smc: fix NULL sndbufdesc in smccdctxhandler When performing a stress test on SMC-R by rmmod mlx5ib driver during the wrk/nginx test, we found that there is a probability of triggering a panic while terminating all link groups...
UBUNTU-CVE-2023-53110
In the Linux kernel, the following vulnerability has been resolved: net/smc: fix NULL sndbufdesc in smccdctxhandler When performing a stress test on SMC-R by rmmod mlx5ib driver during the wrk/nginx test, we found that there is a probability of triggering a panic while terminating all link groups...
CVE-2025-23145 mptcp: fix NULL pointer in can_accept_new_subflow
In the Linux kernel, the following vulnerability has been resolved: mptcp: fix NULL pointer in canacceptnewsubflow When testing valkey benchmark tool with MPTCP, the kernel panics in 'mptcpcanacceptnewsubflow' because subflowreq-msk is NULL. Call trace: mptcpcanacceptnewsubflow...
Security update for the Linux Kernel (Live Patch 43 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-15030059158 fixes several issues. The following security issues were fixed: CVE-2022-49014: net: tun: Fix use-after-free in tundetach bsc1232818. CVE-2022-49563: crypto: qat - add param check for RSA bsc1238788. CVE-2022-49564: crypto: qat - add param check...
SUSE-SU-2025:1137-1 Security update for xz
This update for xz fixes the following issues: - CVE-2025-31115: Fixed heap use after free and writing to an address based on the null pointer plus an offset bsc1240414...
CVE-2023-52991
CVE-2023-52991 affects the Linux kernel’s skb_segment_list path. The issue stems from a prior change: net: Support GRO/GSO fraglist chaining, which can cause frag_list to be NULL if it is pulled into the linear area during processing. This condition leads to a NULL pointer dereference in skb_segm...
UBUNTU-CVE-2022-49626
In the Linux kernel, the following vulnerability has been resolved: sfc: fix use after free when disabling sriov Use after free is detected by kfence when disabling sriov. What was read after being freed was vf-pcidev: it was freed from pcidisablesriov and later read in efxef10sriovfreevfvports,...
CVE-2021-47650
CVE-2021-47650: In the Linux kernel, ASoC: soc-compress had a potential null pointer when codec_dai could be NULL if card->dai_link->num_codecs was 0, traced through snd_soc_register_card() -> snd_soc_bind_card() -> soc_init_pcm_runtime() -> snd_soc_dai_compress_new() -> snd_soc...
Important: Red Hat Security Advisory: kernel security update
An update for kernel is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
CVE-2024-57915
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: userial: Disable ep before setting port to null to fix the crash caused by port being null Considering that in some extreme cases, when performing the unbinding operation, gserialdisconnect has cleared gser-ioport,...
Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-150600237 fixes several issues. The following security issues were fixed: CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. CVE-2024-36904: tcp: Use refcountincnotzero in tcptwskunique bsc1225733...
CVE-2024-56754
In the Linux kernel, the following vulnerability has been resolved: crypto: caam - Fix the pointer passed to caamqishutdown The type of the last parameter given to devmaddactionorreset is "struct caamdrvprivate ", but in caamqishutdown, it is casted to "struct device ". Pass the correct parameter...
CVE-2024-56754
CVE-2024-56754: Linux kernel vulnerability in crypto: caam where the pointer passed to caam_qi_shutdown() was derived from a devm_add_action_or_reset() parameter of type struct caam_drv_private *, but cast to struct device *. The connected Astra Linux advisory confirms the fix: Pass the correct p...
CVE-2024-56564
In the Linux kernel, the following vulnerability has been resolved: ceph: pass cred pointer to cephmdsauthmatch This eliminates a redundant getcurrentcred call, because cephmdscheckaccess has already obtained this pointer. As a side effect, this also fixes a reference leak in cephmdsauthmatch: by...
CVE-2024-53222
In the Linux kernel, the following vulnerability has been resolved: zram: fix NULL pointer in compalgorithmshow LTP reported a NULL pointer dereference as followed: CPU: 7 UID: 0 PID: 5995 Comm: cat Kdump: loaded Not tainted 6.12.0-rc6+ 3 Hardware name: QEMU KVM Virtual Machine, BIOS 0.0.0...
CVE-2024-53222 zram: fix NULL pointer in comp_algorithm_show()
In the Linux kernel, the following vulnerability has been resolved: zram: fix NULL pointer in compalgorithmshow LTP reported a NULL pointer dereference as followed: CPU: 7 UID: 0 PID: 5995 Comm: cat Kdump: loaded Not tainted 6.12.0-rc6+ 3 Hardware name: QEMU KVM Virtual Machine, BIOS 0.0.0...
SUSE CVE-2024-53092
In the Linux kernel, the following vulnerability has been resolved: virtiopci: Fix admin vq cleanup by using correct info pointer vpmodernavqcleanup and vpdelvqs clean up admin vq resources by virtiopcivqinfo pointer. The info pointer of admin vq is stored in vpdev-adminvq.info instead of...
SUSE CVE-2024-50238
In the Linux kernel, the following vulnerability has been resolved: phy: qcom: qmp-usbc: fix NULL-deref on runtime suspend Commit 413db06c05e7 "phy: qcom-qmp-usb: clean up probe initialisation" removed most users of the platform device driver data from the qcom-qmp-usb driver, but mistakenly also...
SUSE CVE-2024-50156
In the Linux kernel, the following vulnerability has been resolved: drm/msm: Avoid NULL dereference in msmdispstateprintregs If the allocation in msmdispstatedumpregs failed then block-state can be NULL. The msmdispstateprintregs function does have code to try to handle it with: if reg dumpaddr =...