UBUNTU-CVE-2025-40075

In the Linux kernel, the following vulnerability has been resolved: tcpmetrics: use dstdevnetrcu Replace three dstdev with a lockdep enabled helper...

Moderate: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

SUSE-SU-2024:3587-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-48901: btrfs: do not start relocation until in progress drops are done bsc1229607. - CVE-2022-48911: kabi: add nfqueuegetrefs for kabi compliance...

SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:3564-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3564-1 advisory. The SUSE Linux Enterprise 15 SP6 RT kernel was updated to receive various security bugfixes. The following security bugs were...

SUSE-SU-2024:3569-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-48901: btrfs: do not start relocation until in progress drops are done bsc1229607. - CVE-2022-48911: kabi: add nfqueuegetrefs for kabi compliance. bsc122963...

SUSE-SU-2024:3564-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP6 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2023-52610: net/sched: actct: fix skb leak and crash on ooo frags bsc1221610. - CVE-2023-52752: smb: client: fix use-after-free bug in cifsdebugdataprocshow...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2024-12610)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12610 advisory. - MIPS: Octeon: Add PCIe link status check Dave Kleikamp Orabug: 36947196 CVE-2024-40968 - drm/amdgpu: Fix signedness bug in sdmav40processtrapirq...

CVE-2024-42154

A vulnerability was found in the Linux kernel's tcpmetrics.c, where insufficient validation of the length of the source address for TCP metrics could lead to incorrect memory read out of boundary read. Mitigation Mitigation for this issue is either not available or the currently available options...

CVE-2024-42154

In the Linux kernel, the following vulnerability has been resolved: tcpmetrics: validate source addr length I don't see anything checking that TCPMETRICSATTRSADDRIPV4 is at least 4 bytes long, and the policy doesn't have an entry for this attribute at all neither does it for IPv6 but v6 is manual...

CVE-2024-42154

In the Linux kernel, the following vulnerability has been resolved: tcpmetrics: validate source addr length I don't see anything checking that TCPMETRICSATTRSADDRIPV4 is at least 4 bytes long, and the policy doesn't have an entry for this attribute at all neither does it for IPv6 but v6 is manual...

CVE-2024-42154

CVE-2024-42154 : In the Linux kernel, the vulnerability is in tcp_metrics: validate source addr length. The issue is that TCP_METRICS_ATTR_SADDR_IPV4 may be stored with fewer than 4 bytes and the policy lacks an entry for this attribute (IPv6 similarly manually validated). Root cause: missing len...

CVE-2024-42154 tcp_metrics: validate source addr length

In the Linux kernel, the following vulnerability has been resolved: tcpmetrics: validate source addr length I don't see anything checking that TCPMETRICSATTRSADDRIPV4 is at least 4 bytes long, and the policy doesn't have an entry for this attribute at all neither does it for IPv6 but v6 is manual...