186 matches found
Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-150600237 fixes several issues. The following security issues were fixed: CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfochangednotify bsc1225739. CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails bsc1227808...
SUSE-SU-2024:3680-1 Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-150600237 fixes several issues. The following security issues were fixed: - CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfochangednotify bsc1225739. - CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails bsc122780...
SUSE-SU-2024:3694-1 Security update for the Linux Kernel (Live Patch 10 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505005549 fixes several issues. The following security issues were fixed: - CVE-2024-35861: Fixed potential UAF in cifssignalcifsdforreconnect bsc1225312. - CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfochangednotify bsc1225739. -...
SUSE-SU-2024:3643-1 Security update for the Linux Kernel (Live Patch 19 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-1504002492 fixes several issues. The following security issues were fixed: - CVE-2024-35861: Fixed potential UAF in cifssignalcifsdforreconnect bsc1225312. - CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfochangednotify bsc1225739. -...
SUSE SLES15 Security Update : kernel RT (Live Patch 17 for SLE 15 SP5) (SUSE-SU-2024:3627-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3627-1 advisory. This update for the Linux Kernel 5.14.21-1505001361 fixes several issues. The following security issues were fixed: - CVE-2024-40954: net: do n...
SUSE-SU-2024:3631-1 Security update for the Linux Kernel RT (Live Patch 10 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505001335 fixes several issues. The following security issues were fixed: - CVE-2024-35861: Fixed potential UAF in cifssignalcifsdforreconnect bsc1225312. - CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfochangednotify bsc1225739. -...
SUSE-SU-2024:3627-1 Security update for the Linux Kernel RT (Live Patch 17 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505001361 fixes several issues. The following security issues were fixed: - CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails bsc1227808 - CVE-2024-41059: hfsplus: fix uninit-value in copyname bsc1228573. - CVE-2024-40909...
SUSE-SU-2024:3624-1 Security update for the Linux Kernel RT (Live Patch 7 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505001324 fixes several issues. The following security issues were fixed: - CVE-2024-35861: Fixed potential UAF in cifssignalcifsdforreconnect bsc1225312. - CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfochangednotify bsc1225739. -...
kernel: net: do not leave a dangling sk pointer, when socket creation fails
A vulnerability was found in the Linux kernel's networking component in the sockrelease function, where a dangling pointer can occur when socket creation fails. This happens when a reference to the socket is not cleared, leading to a use-after-free condition...
kernel: net: do not leave a dangling sk pointer, when socket creation fails
A vulnerability was found in the Linux kernel's networking component in the sockrelease function, where a dangling pointer can occur when socket creation fails. This happens when a reference to the socket is not cleared, leading to a use-after-free condition...
apparmor: Fix null pointer deref when receiving skb during sock creation
...
AZL-47841 CVE-2023-52889 affecting package kernel for versions less than 5.15.167.1-1
In the Linux kernel, the following vulnerability has been resolved: apparmor: Fix null pointer deref when receiving skb during sock creation The panic below is observed when receiving ICMP packets with secmark set while an ICMP raw socket is being created. SKCTXsk-label is updated in...
DEBIAN-CVE-2023-52889
In the Linux kernel, the following vulnerability has been resolved: apparmor: Fix null pointer deref when receiving skb during sock creation The panic below is observed when receiving ICMP packets with secmark set while an ICMP raw socket is being created. SKCTXsk-label is updated in...
UBUNTU-CVE-2023-52889
In the Linux kernel, the following vulnerability has been resolved: apparmor: Fix null pointer deref when receiving skb during sock creation The panic below is observed when receiving ICMP packets with secmark set while an ICMP raw socket is being created. SKCTXsk-label is updated in...
CVE-2023-52889 apparmor: Fix null pointer deref when receiving skb during sock creation
In the Linux kernel, the following vulnerability has been resolved: apparmor: Fix null pointer deref when receiving skb during sock creation The panic below is observed when receiving ICMP packets with secmark set while an ICMP raw socket is being created. SKCTXsk-label is updated in...
kernel: net: do not leave a dangling sk pointer, when socket creation fails
A vulnerability was found in the Linux kernel's networking component in the sockrelease function, where a dangling pointer can occur when socket creation fails. This happens when a reference to the socket is not cleared, leading to a use-after-free condition...
CVE-2024-40954
In the Linux kernel, the following vulnerability has been resolved: net: do not leave a dangling sk pointer, when socket creation fails It is possible to trigger a use-after-free by: attaching an fentry probe to sockrelease and the probe calling the bpfgetsocketcookie helper running traceroute -I...
DEBIAN-CVE-2024-40954
In the Linux kernel, the following vulnerability has been resolved: net: do not leave a dangling sk pointer, when socket creation fails It is possible to trigger a use-after-free by: attaching an fentry probe to sockrelease and the probe calling the bpfgetsocketcookie helper running traceroute -I...
CVE-2024-40954 net: do not leave a dangling sk pointer, when socket creation fails
In the Linux kernel, the following vulnerability has been resolved: net: do not leave a dangling sk pointer, when socket creation fails It is possible to trigger a use-after-free by: attaching an fentry probe to sockrelease and the probe calling the bpfgetsocketcookie helper running traceroute -I...
CVE-2024-40954 net: do not leave a dangling sk pointer, when socket creation fails
In the Linux kernel, the following vulnerability has been resolved: net: do not leave a dangling sk pointer, when socket creation fails It is possible to trigger a use-after-free by: attaching an fentry probe to sockrelease and the probe calling the bpfgetsocketcookie helper running traceroute -I...