UBUNTU-CVE-2024-56688

In the Linux kernel, the following vulnerability has been resolved: sunrpc: clear XPRTSOCKUPDTIMEOUT when reset transport Since transport-sock has been set to NULL during reset transport, XPRTSOCKUPDTIMEOUT also needs to be cleared. Otherwise, the xstcpsetsockettimeouts may be triggered in...

CVE-2024-56688

In the Linux kernel, the following vulnerability has been resolved: sunrpc: clear XPRTSOCKUPDTIMEOUT when reset transport Since transport-sock has been set to NULL during reset transport, XPRTSOCKUPDTIMEOUT also needs to be cleared. Otherwise, the xstcpsetsockettimeouts may be triggered in...

SUSE CVE-2024-53206

In the Linux kernel, the following vulnerability has been resolved: tcp: Fix use-after-free of nreq in reqsktimerhandler. The cited commit replaced inetcskreqskqueuedropandput with inetcskreqskqueuedrop and reqskput in reqsktimerhandler. Then, oreq should be passed to reqskput instead of req;...

PT-2025-2534

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.6.74 Description: A vulnerability has been resolved in the Linux kernel, specifically in the net: wwan: t7xx module, related to a Fix FSM command timeout issue. When the driver processes an internal state chan...

kernel: Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: l2cap: fix null-ptr-deref in l2capchantimeout There is a race condition between l2capchantimeout and l2capchandel. When we use l2capchandel to delete the channel, the chan-conn will be set to null. But the conn could b...

kernel: Bluetooth: ISO: Fix UAF on iso_sock_timeout

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix UAF on isosocktimeout conn-sk maybe have been unlinked/freed while waiting for isoconnlock so this checks if the conn-sk is still valid by checking if it part of isosklist...

Important: kernel

Issue Overview: A flaw was found in the smb client in the Linux kernel. A potential out-of-bounds error was seen in the smb2parsecontexts function. Validate offsets and lengths before dereferencing create contexts in smb2parsecontexts. CVE-2023-52434 In the Linux kernel, the following vulnerabili...

SUSE SLED15: libsoup-3_0-0 / libsoup-3_0-0-32bit / libsoup-devel / etc (SUSE-SU-2024:4352-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:4352-1 advisory. - CVE-2024-52530: Fixed HTTP request smuggling via stripping null bytes from the ends of header...

Security update for libsoup

This update for libsoup fixes the following issues: CVE-2024-52530: Fixed HTTP request smuggling via stripping null bytes from the ends of header names bsc1233285 CVE-2024-52531: Fixed buffer overflow via UTF-8 conversion in soupheaderparseparamliststrict bsc1233292 CVE-2024-52532: Fixed infinite...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2023-52524: Fixed possible corruption in nfc/llcp bsc1220927. CVE-2024-49925: fbdev: efifb: Register sysfs groups through driver core bsc1232224 CVE-2024-50089:...

CBL Mariner 2.0 Security Update: kernel (CVE-2024-49963)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-49963 advisory. - In the Linux kernel, the following vulnerability has been resolved: mailbox: bcm2835: Fix timeout during...

CVE-2024-50095

...

Security update for the Linux Kernel (Live Patch 13 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005562 fixes several issues. The following security issues were fixed: CVE-2021-47517: Fix panic when interrupt coaleceing is set via ethtool bsc1225429. CVE-2024-36904: tcp: Use refcountincnotzero in tcptwskunique bsc1225733. CVE-2024-43861: Fix memor...

kernel: tcp: avoid too many retransmit packets

A vulnerability was found in the tcpretransmittimer function in the Linux kernel's TCP implementation. This issue occurs when a TCP socket uses TCPUSERTIMEOUT and the peer's window retracts to zero, leading to excessive retransmission of packets every two milliseconds for up to four minutes after...

kernel: net/smc: avoid data corruption caused by decline

In the Linux kernel, the following vulnerability has been resolved: net/smc: avoid data corruption caused by decline We found a data corruption issue during testing of SMC-R on Redis applications. The benchmark has a low probability of reporting a strange error as shown below. "Error: Protocol...

kernel: Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: l2cap: fix null-ptr-deref in l2capchantimeout There is a race condition between l2capchantimeout and l2capchandel. When we use l2capchandel to delete the channel, the chan-conn will be set to null. But the conn could b...

kernel: Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: l2cap: fix null-ptr-deref in l2capchantimeout There is a race condition between l2capchantimeout and l2capchandel. When we use l2capchandel to delete the channel, the chan-conn will be set to null. But the conn could b...

kernel: Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: l2cap: fix null-ptr-deref in l2capchantimeout There is a race condition between l2capchantimeout and l2capchandel. When we use l2capchandel to delete the channel, the chan-conn will be set to null. But the conn could b...

kernel: Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: l2cap: fix null-ptr-deref in l2capchantimeout There is a race condition between l2capchantimeout and l2capchandel. When we use l2capchandel to delete the channel, the chan-conn will be set to null. But the conn could b...

undertow: client side invocation timeout raised when calling over HTTP2

A flaw was found in Undertow that tripped the client-side invocation timeout with certain calls made over HTTP2. This flaw allows an attacker to carry out denial of service attacks...