18 matches found
SUSE SLES15 Security Update : kernel (Live Patch 10 for SLE 15 SP5) (SUSE-SU-2024:2207-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2207-1 advisory. This update for the Linux Kernel 5.14.21-1505005549 fixes several issues. The following security issues were fixed: - CVE-2024-26852: Fixed...
SUSE-SU-2024:2092-1 Security update for the Linux Kernel RT (Live Patch 10 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505001335 fixes several issues. The following security issues were fixed: - CVE-2024-26852: Fixed use-after-free in ip6routempathnotify bsc1223059. - CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi bsc1221302. - CVE-2022-48651: Fixed an out-of-bou...
SUSE SLES15 Security Update : kernel (Live Patch 23 for SLE 15 SP4) (SUSE-SU-2024:1411-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1411-1 advisory. This update for the Linux Kernel 5.14.21-15040024108 fixes several issues. The following security issues were fixed: - CVE-2024-26622: Fixed UA...
SUSE-SU-2024:1411-1 Security update for the Linux Kernel (Live Patch 23 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-15040024108 fixes several issues. The following security issues were fixed: - CVE-2024-26622: Fixed UAF write bug in tomoyowritecontrol bsc1220828. - CVE-2023-52340: Fixed ICMPv6 “Packet Too Big” packets force a DoS of the Linux kernel by forcing 100% CPU...
SUSE SLES15 Security Update : kernel (Live Patch 3 for SLE 15 SP5) (SUSE-SU-2024:1405-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1405-1 advisory. This update for the Linux Kernel 5.14.21-1505005519 fixes several issues. The following security issues were fixed: - CVE-2023-5717: Fixed a he...
SUSE-SU-2024:1409-1 Security update for the Linux Kernel (Live Patch 10 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505005549 fixes several issues. The following security issues were fixed: - CVE-2024-26622: Fixed UAF write bug in tomoyowritecontrol bsc1220828. - CVE-2023-52340: Fixed ICMPv6 “Packet Too Big” packets force a DoS of the Linux kernel by forcing 100% CPU...
SUSE-SU-2024:1391-1 Security update for the Linux Kernel (Live Patch 41 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-15030059150 fixes one issue. The following security issue was fixed: - CVE-2024-26622: Fixed UAF write bug in tomoyowritecontrol bsc1220828...
SUSE SLES15: kernel-livepatch-5_14_21-150400_24_81-default / etc (SUSE-SU-2024:1380-1)
The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1380-1 advisory. This update for the Linux Kernel 5.14.21-1504002481 fixes several issues. The following security issues were fixed: - CVE-2023-5717: Fixed a he...
SUSE SLES15 Security Update : kernel RT (Live Patch 8 for SLE 15 SP5) (SUSE-SU-2024:1364-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1364-1 advisory. This update for the Linux Kernel 5.14.21-1505001327 fixes several issues. The following security issues were fixed: - CVE-2024-26622: Fixed UAF...
SUSE SLES15 Security Update : kernel RT (Live Patch 7 for SLE 15 SP5) (SUSE-SU-2024:1359-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1359-1 advisory. This update for the Linux Kernel 5.14.21-1505001324 fixes several issues. The following security issues were fixed: - CVE-2023-5717: Fixed a he...
SUSE SLES15 Security Update : kernel (Live Patch 21 for SLE 15 SP4) (SUSE-SU-2024:1386-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1386-1 advisory. This update for the Linux Kernel 5.14.21-15040024100 fixes several issues. The following security issues were fixed: - CVE-2024-26622: Fixed UA...
SUSE-SU-2024:1364-1 Security update for the Linux Kernel RT (Live Patch 8 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505001327 fixes several issues. The following security issues were fixed: - CVE-2024-26622: Fixed UAF write bug in tomoyowritecontrol bsc1220828. - CVE-2024-1086: Fixed a use-after-free vulnerability inside the nftables component that could have been...
SUSE-SU-2024:1362-1 Security update for the Linux Kernel RT (Live Patch 10 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505001335 fixes several issues. The following security issues were fixed: - CVE-2024-26622: Fixed UAF write bug in tomoyowritecontrol bsc1220828. - CVE-2023-52340: Fixed ICMPv6 “Packet Too Big” packets force a DoS of the Linux kernel by forcing 100% CPU...
Fedora 39 : kernel (2024-f797f1540e)
The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-f797f1540e advisory. The 6.7.9 stable kernel update contains a number of important fixes across the tree. Tenable has extracted the preceding description block directly...
Fedora 38 : kernel (2024-5db5954a5e)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-5db5954a5e advisory. The 6.7.9 stable kernel update contains a number of important fixes across the tree. Tenable has extracted the preceding description block directly...
CVE-2024-26622
A flaw was found in the Tomoyo module in the Linux kernel. The tomoyowritecontrol function in the security/tomoyo/common.c file does not protect a buffer from multiple concurrent write requests. This issue potentially leads to a use-after-free or double-free, resulting in a denial of service...
Double free
In the Linux kernel, the following vulnerability has been resolved: tomoyo: fix UAF write bug in tomoyowritecontrol Since tomoyowritecontrol updates head-writebuf when write of long lines is requested, we need to fetch head-writebuf after head-iosem is held. Otherwise, concurrent write requests c...
CVE-2024-26622 tomoyo: fix UAF write bug in tomoyo_write_control()
In the Linux kernel, the following vulnerability has been resolved: tomoyo: fix UAF write bug in tomoyowritecontrol Since tomoyowritecontrol updates head-writebuf when write of long lines is requested, we need to fetch head-writebuf after head-iosem is held. Otherwise, concurrent write requests c...