SUSE SLES15 Security Update : kernel (Live Patch 10 for SLE 15 SP5) (SUSE-SU-2024:2207-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2207-1 advisory. This update for the Linux Kernel 5.14.21-1505005549 fixes several issues. The following security issues were fixed: - CVE-2024-26852: Fixed...

SUSE-SU-2024:2092-1 Security update for the Linux Kernel RT (Live Patch 10 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505001335 fixes several issues. The following security issues were fixed: - CVE-2024-26852: Fixed use-after-free in ip6routempathnotify bsc1223059. - CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi bsc1221302. - CVE-2022-48651: Fixed an out-of-bou...

SUSE SLES15 Security Update : kernel (Live Patch 23 for SLE 15 SP4) (SUSE-SU-2024:1411-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1411-1 advisory. - When a router encounters an IPv6 packet too big to transmit to the next-hop, it returns an ICMP6 Packet Too Big PTB message to the sender. Th...

SUSE-SU-2024:1411-1 Security update for the Linux Kernel (Live Patch 23 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024108 fixes several issues. The following security issues were fixed: - CVE-2024-26622: Fixed UAF write bug in tomoyowritecontrol bsc1220828. - CVE-2023-52340: Fixed ICMPv6 “Packet Too Big” packets force a DoS of the Linux kernel by forcing 100% CPU...

SUSE SLES15 Security Update : kernel (Live Patch 3 for SLE 15 SP5) (SUSE-SU-2024:1405-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1405-1 advisory. - A heap out-of-bounds write vulnerability in the Linux kernel's Linux Kernel Performance Events perf component can be exploited to achieve loc...

SUSE-SU-2024:1409-1 Security update for the Linux Kernel (Live Patch 10 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005549 fixes several issues. The following security issues were fixed: - CVE-2024-26622: Fixed UAF write bug in tomoyowritecontrol bsc1220828. - CVE-2023-52340: Fixed ICMPv6 “Packet Too Big” packets force a DoS of the Linux kernel by forcing 100% CPU...

SUSE-SU-2024:1391-1 Security update for the Linux Kernel (Live Patch 41 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059150 fixes one issue. The following security issue was fixed: - CVE-2024-26622: Fixed UAF write bug in tomoyowritecontrol bsc1220828...

SUSE SLES15 Security Update : kernel (Live Patch 1 for SLE 15 SP5) (SUSE-SU-2024:1380-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1380-1 advisory. - A heap out-of-bounds write vulnerability in the Linux kernel's Linux Kernel Performance Events perf component can be exploited to achieve loc...

SUSE SLES15 Security Update : kernel RT (Live Patch 7 for SLE 15 SP5) (SUSE-SU-2024:1359-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1359-1 advisory. - A heap out-of-bounds write vulnerability in the Linux kernel's Linux Kernel Performance Events perf component can be exploited to achieve loc...

SUSE SLES15 Security Update : kernel RT (Live Patch 8 for SLE 15 SP5) (SUSE-SU-2024:1364-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1364-1 advisory. - A use-after-free vulnerability in the Linux kernel's netfilter: nftables component can be exploited to achieve local privilege escalation. Th...

SUSE SLES15 Security Update : kernel (Live Patch 21 for SLE 15 SP4) (SUSE-SU-2024:1386-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1386-1 advisory. - A use-after-free vulnerability in the Linux kernel's netfilter: nftables component can be exploited to achieve local privilege escalation. Th...

SUSE-SU-2024:1364-1 Security update for the Linux Kernel RT (Live Patch 8 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505001327 fixes several issues. The following security issues were fixed: - CVE-2024-26622: Fixed UAF write bug in tomoyowritecontrol bsc1220828. - CVE-2024-1086: Fixed a use-after-free vulnerability inside the nftables component that could have been...

SUSE-SU-2024:1362-1 Security update for the Linux Kernel RT (Live Patch 10 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505001335 fixes several issues. The following security issues were fixed: - CVE-2024-26622: Fixed UAF write bug in tomoyowritecontrol bsc1220828. - CVE-2023-52340: Fixed ICMPv6 “Packet Too Big” packets force a DoS of the Linux kernel by forcing 100% CPU...

Fedora 39 : kernel (2024-f797f1540e)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-f797f1540e advisory. The 6.7.9 stable kernel update contains a number of important fixes across the tree. Tenable has extracted the preceding description block directly...

Fedora 38 : kernel (2024-5db5954a5e)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-5db5954a5e advisory. The 6.7.9 stable kernel update contains a number of important fixes across the tree. Tenable has extracted the preceding description block directly...

CVE-2024-26622

A flaw was found in the Tomoyo module in the Linux kernel. The tomoyowritecontrol function in the security/tomoyo/common.c file does not protect a buffer from multiple concurrent write requests. This issue potentially leads to a use-after-free or double-free, resulting in a denial of service...

Double free

In the Linux kernel, the following vulnerability has been resolved: tomoyo: fix UAF write bug in tomoyowritecontrol Since tomoyowritecontrol updates head-writebuf when write of long lines is requested, we need to fetch head-writebuf after head-iosem is held. Otherwise, concurrent write requests c...

CVE-2024-26622 tomoyo: fix UAF write bug in tomoyo_write_control()

In the Linux kernel, the following vulnerability has been resolved: tomoyo: fix UAF write bug in tomoyowritecontrol Since tomoyowritecontrol updates head-writebuf when write of long lines is requested, we need to fetch head-writebuf after head-iosem is held. Otherwise, concurrent write requests c...