CVE-2022-50780

In the Linux kernel, the following vulnerability has been resolved: net: fix UAF issue in nfqnlnfhookdrop when opsinit failed When the opsinit interface is invoked to initialize the net, but ops-init fails, data is released. However, the ptr pointer in net-gen is invalid. In this case, when...

SUSE-SU-2025:20582-1 Security update for kernel-livepatch-MICRO-6-0-RT_Update_7

This update for kernel-livepatch-MICRO-6-0-RTUpdate7 fixes the following issues: - CVE-2025-37752: netsched: schsfq: move the limit validation bsc1245776 - CVE-2025-37797: netsched: hfsc: Fix a UAF vulnerability in class handling bsc1245793 - CVE-2025-21702: pfifotailenqueue: Drop new packet when...

Security update for kernel-livepatch-MICRO-6-0_Update_2

This update for kernel-livepatch-MICRO-6-0Update2 fixes the following issues: CVE-2024-56664: bpf, sockmap: fix race between element replace and close bsc1235250 CVE-2025-37752: netsched: schsfq: move the limit validation bsc1245776 CVE-2025-37797: netsched: hfsc: Fix a UAF vulnerability in class...

Security update for kernel-livepatch-MICRO-6-0_Update_7

This update for kernel-livepatch-MICRO-6-0Update7 fixes the following issues: CVE-2025-37752: netsched: schsfq: move the limit validation bsc1245776 CVE-2025-37797: netsched: hfsc: Fix a UAF vulnerability in class handling bsc1245793 CVE-2025-21702: pfifotailenqueue: Drop new packet when sch-limi...

AZL-64580 CVE-2025-38115 affecting package kernel for versions less than 6.6.96.1-1

In the Linux kernel, the following vulnerability has been resolved: netsched: schsfq: fix a potential crash on gsoskb handling SFQ has an assumption of always being able to queue at least one packet. However, after the blamed commit, sch-q.len can be inflated by packets in sch-gsoskb, and an...

AZL-55564 CVE-2024-53206 affecting package kernel for versions less than 5.15.176.3-1

In the Linux kernel, the following vulnerability has been resolved: tcp: Fix use-after-free of nreq in reqsktimerhandler. The cited commit replaced inetcskreqskqueuedropandput with inetcskreqskqueuedrop and reqskput in reqsktimerhandler. Then, oreq should be passed to reqskput instead of req;...

OESA-2024-2495 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: tcp/dccp: Don't use timerpending in reqskqueueunlink. Martin KaFai Lau reported use-after-free 0 in reqsktimerhandler. """ We are seeing a use-after-free from a...

No title provided

REJECTED CVE An issue was identified in the Linux kernel's netfilter subsystem related to nftables. The issue occurs when a positive value, such as NFACCEPT, is provided in the upper 16 bits of NFDROP verdict parameters, which are expected to contain valid errno values e.g., -EPERM. This improper...