EUVD-2024-53751

Malicious code in bioql PyPI...

SUSE CVE-2025-38571

In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix client side handling of tls alerts A security exploit was discovered in NFS over TLS in tlsalertrecv due to its assumption that there is valid data in the msghdr's iterator's kvec. Instead, this patch proposes the...

AZL-66467 CVE-2025-38571 affecting package kernel for versions less than 6.6.104.2-1

In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix client side handling of tls alerts A security exploit was discovered in NFS over TLS in tlsalertrecv due to its assumption that there is valid data in the msghdr's iterator's kvec. Instead, this patch proposes the...

SUSE-SU-2025:0556-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-57897: drm/amdkfd: Correct the migration DMA map direction bsc1235969. - CVE-2024-57893: ALSA: seq: oss: Fix races at processing SysEx messages bsc123592...

DEBIAN-CVE-2024-57791

In the Linux kernel, the following vulnerability has been resolved: net/smc: check return value of sockrecvmsg when draining clc data When receiving clc msg, the field length in smcclcmsghdr indicates the length of msg should be received from network and the value should not be fully trusted as i...

CVE-2024-57791

In the Linux kernel, the following vulnerability has been resolved: net/smc: check return value of sockrecvmsg when draining clc data When receiving clc msg, the field length in smcclcmsghdr indicates the length of msg should be received from network and the value should not be fully trusted as i...

CVE-2024-57791

CVE-2024-57791 affects the Linux kernel net/smc component. The vulnerability arises when draining clc data: the length field in smc_clc_msg_hdr, sourced from the network, may be trusted and if it exceeds buflen in smc_clc_wait_msg, a deadloop can occur. The connected documents describe the patch ...

CVE-2024-57791 net/smc: check return value of sock_recvmsg when draining clc data

In the Linux kernel, the following vulnerability has been resolved: net/smc: check return value of sockrecvmsg when draining clc data When receiving clc msg, the field length in smcclcmsghdr indicates the length of msg should be received from network and the value should not be fully trusted as i...

CVE-2023-52772

CVE-2023-52772 is a Linux kernel use-after-free in unix_stream_read_actor() affecting af_unix sockets. The issue arises when releasing the unix socket lock and u->oob_skb can be changed by another thread, requiring temporarily increased skb refcount. The vulnerability was fixed upstream in the...

CVE-2024-26805 netlink: Fix kernel-infoleak-after-free in __skb_datagram_iter

In the Linux kernel, the following vulnerability has been resolved: netlink: Fix kernel-infoleak-after-free in skbdatagramiter syzbot reported the following uninit-value access issue 1: netlinktofullskb creates a new skb and puts the skb-data passed as a 1st arg of netlinktofullskb onto new skb...

CVE-2024-26638

In the Linux kernel, the following vulnerability has been resolved: nbd: always initialize struct msghdr completely syzbot complains that msg-msggetinq value can be uninitialized 1 struct msghdr got many new fields recently, we should always make sure their values is zero by default. 1 BUG: KMSAN...

CVE-2024-26638 nbd: always initialize struct msghdr completely

In the Linux kernel, the following vulnerability has been resolved: nbd: always initialize struct msghdr completely syzbot complains that msg-msggetinq value can be uninitialized 1 struct msghdr got many new fields recently, we should always make sure their values is zero by default. 1 BUG: KMSAN...