Astra Linux - уязвимость в linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Wipe copies of clear-key structures in case of failure. Wipe all sensitive data from the stack for all IOCTLs that convert a clear-key into a protected-or-secure-key...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: s390/pkey: Use kfreesensitive to fix Coccinelle warnings. Replace memzeroexplicit and kfree with kfreesensitive to fix the warnings reported by Coccinelle: WARNING opportunity for kfreesensitive/kvfreesensitive line 1506 WARNI...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Wipe sensitive data in case of failure. Also, wipe sensitive data from the stack if the copytouser function fails...

Azure Linux 3.0 Security Update: kernel (CVE-2025-38257)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38257 advisory. - In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Prevent overflow in size...

SUSE-SU-2026:0090-1 Security update for the Linux Kernel (Live Patch 24 for SUSE Linux Enterprise 15 SP5)

This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.97 fixes various security issues The following security issues were fixed: - CVE-2023-53574: wifi: rtw88: delete timer and free skb queue when unloading bsc1251984. - CVE-2025-38257: s390/pkey: prevent overflow in size calculation...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990297)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990297 advisory. In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Wipe sensitive data on failure Wipe sensitive data from stack also if the copytouser...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989894)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989894 advisory. In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Wipe sensitive data on failure Wipe sensitive data from stack also if the copytouser...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986548)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986548 advisory. In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Wipe sensitive data on failure Wipe sensitive data from stack also if the copytouser...

SUSE-SU-2025:02851-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-49138: Bluetooth: hcievent: Fix checking conn for leconncompleteevt bsc1238160. - CVE-2023-52923: netfilter: nftables: split async and sync catchall in t...

Linux Distros Unpatched Vulnerability : CVE-2024-42157

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Wipe sensitive data on failure Wipe sensitive data from stack also if the...

Linux Distros Unpatched Vulnerability : CVE-2025-38257

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - s390/pkey: Prevent overflow in size calculation for memdupuser Number of apqn target list entries contained in 'nrapqns' variable is determined by userspace via...

SUSE-SU-2025:02588-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-49138: Bluetooth: hcievent: Fix checking conn for leconncompleteevt bsc1238160. - CVE-2023-52923: netfilter: nftables: split async and sync catchall in two...

SUSE CVE-2025-38257

In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Prevent overflow in size calculation for memdupuser Number of apqn target list entries contained in 'nrapqns' variable is determined by userspace via an ioctl call so the result of the product in calculation of size...

CVE-2025-38257 s390/pkey: Prevent overflow in size calculation for memdup_user()

In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Prevent overflow in size calculation for memdupuser Number of apqn target list entries contained in 'nrapqns' variable is determined by userspace via an ioctl call so the result of the product in calculation of size...

PT-2025-28885

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a flaw within the s390/pkey subsystem. A calculation error in the memdup user function, related to the number of apqn target list entries determined by a...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2024-12610)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12610 advisory. - MIPS: Octeon: Add PCIe link status check Dave Kleikamp Orabug: 36947196 CVE-2024-40968 - drm/amdgpu: Fix signedness bug in sdmav40processtrapirq...

CBL Mariner 2.0 Security Update: kernel (CVE-2024-42157)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-42157 advisory. - In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Wipe sensitive data on failur...

s390/pkey: Wipe sensitive data on failure

...

SUSE CVE-2024-42155

In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Wipe copies of protected- and secure-keys Although the clear-key of neither protected- nor secure-keys is accessible, this key material should only be visible to the calling process. So wipe all copies of protected- or...

SUSE CVE-2024-42157

In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Wipe sensitive data on failure Wipe sensitive data from stack also if the copytouser fails...