SUSE-SU-2026:20263-1 Security update for the Linux Kernel (Live Patch 13 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise kernel 6.4.0-36.1 fixes various security issues The following security issues were fixed: - CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in liotargetnaclinfoshow bsc1251787. - CVE-2025-40204: sctp: Fix MAC comparison to be constant-time...

CVE-2023-53320

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix issues in mpi3mrgetalltgtinfo The function mpi3mrgetalltgtinfo has four issues: 1 It calculates valid entry length in alltgtinfo assuming the header part of the struct mpi3mrdevicemapinfo would equal to sizeofu3...

CVE-2023-53320

CVE-2023-53320 (Linux kernel) relates to scsi: mpi3mr: Fix issues in mpi3mr_get_all_tgt_info(). The patch fixes four issues in mpi3mr_get_all_tgt_info(): (1) valid entry length now uses the correct header size (sizeof(u64) instead of sizeof(u32)); (2) kern_entrylen no longer subtracts one from nu...

Longtongue - Customized Password/Passphrase List Inputting Target Info

Customized Password/Passphrase List inputting Target Info Installation git clone https://github.com/edoardottt/longtongue.git cd longtongue python3 longtongue.py Usage usage: longtongue.py -h -p | -c | -v -l | -L -y -n Customized Password/Passphrase List inputting Target Info optional arguments:...

kernel: Null pointer dereference in fs/cifs/cifsencrypt.c:setup_ntlmv2_rsp() when empty TargetInfo is returned in NTLMSSP setup negotiation response allowing to crash client's kernel

A flaw was found in the Linux kernel's client-side implementation of the cifs protocol. This flaw allows an attacker controlling the server to kernel panic a client which has the CIFS server mounted...