Oracle Linux 9 : kernel (ELSA-2025-21112)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-21112 advisory. - crypto: xts - Handle EBUSY correctly Vladis Dronov RHEL-119236 CVE-2023-53494 - ipv6: sr: Fix MAC comparison to be constant-time CKI Backport Bot...

Security update for kernel-livepatch-MICRO-6-0_Update_4

This update for kernel-livepatch-MICRO-6-0Update4 fixes the following issues: CVE-2025-21971: netsched: Prevent creation of classes with TCHROOT bsc1245794 CVE-2025-38206: exfat: fix double free in delayedfree bsc1246075 CVE-2025-38396: fs: export anoninodemakesecureinode and fix secretmem LSM...

SUSE-SU-2025:20913-1 Security update for kernel-livepatch-MICRO-6-0-RT_Update_5

This update for kernel-livepatch-MICRO-6-0-RTUpdate5 fixes the following issues: - CVE-2025-21971: netsched: Prevent creation of classes with TCHROOT bsc1245794 - CVE-2025-38206: exfat: fix double free in delayedfree bsc1246075 - CVE-2025-38396: fs: export anoninodemakesecureinode and fix secretm...

SUSE-SU-2025:20840-1 Security update for kernel-livepatch-MICRO-6-0-RT_Update_2

This update for kernel-livepatch-MICRO-6-0-RTUpdate2 fixes the following issues: - CVE-2024-50154: tcp/dccp: Don't use timerpending in reqskqueueunlink bsc1233072 - CVE-2025-21692: net: sched: fix ets qdisc OOB Indexing bsc1237048 - CVE-2025-21791: vrf: use RCU protection in l3mdevl3out bsc124074...

EUVD-2025-27909

Malicious code in bioql PyPI...

CLSA-2025-1753298759 kernel: Fix of 18 CVEs

udf: Fix a slab-out-of-bounds write bug in udffindentry CVE-2022-49846 - Bluetooth: hcisync: Fix queuing commands when HCIUNREGISTER is set CVE-2022-49136 - Bluetooth: Fix use after free in hcisendacl CVE-2022-49111 - NFSv4/pnfs: Fix a use-after-free bug in open CVE-2022-50072 - NFSv4: Don't hold...

AZL-64398 CVE-2025-38089 affecting package kernel for versions less than 6.6.96.1-1

In the Linux kernel, the following vulnerability has been resolved: sunrpc: handle SVCGARBAGE during svc auth processing as auth error tianshuo han reported a remotely-triggerable crash if the client sends a kernel RPC server a specially crafted packet. If decoding the RPC reply fails in such a w...

Security update for the Linux Kernel (Live Patch 29 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024128 fixes several issues. The following security issue was fixed: CVE-2024-43861: Fix memory leak for not ip packets bsc1229553. Fix intermittent nfs mount failures, may be due to SUNRPC over UDP. bsc1231353 Patch Instructions: To install this SUSE...

SUSE CVE-2022-48816

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: lock against -sock changing during sysfs read -sock can be set to NULL asynchronously unless -recvmutex is held. So it is important to hold that mutex. Otherwise a sysfs read can trigger an oops. Commit 17f09d3f619a...