DEBIAN-CVE-2022-50367

In the Linux kernel, the following vulnerability has been resolved: fs: fix UAF/GPF bug in nilfsmdtdestroy In allocinode, inodeinitalways could return -ENOMEM if securityinodealloc fails, which causes inode-iprivate uninitialized. Then nilfsismetadatafileinode returns true and nilfsfreeinode...

SUSE SLES15 Security Update : kernel (Live Patch 9 for SLE 15 SP6) (SUSE-SU-2025:03235-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03235-1 advisory. This update for the Linux Kernel 6.4.0-1506002342 fixes several issues. The following security issues were fixed: - CVE-2025-38087: net/sched:...

CLSA-2025-1758034087 kernel: Fix of 24 CVEs

tls: always refresh the queue when reading sock CVE-2025-38471 - Bluetooth: hcicore: Fix use-after-free in vhciflush CVE-2025-38250 - i2c/designware: Fix an initialization issue CVE-2025-38380 - wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds CVE-2025-38159 - mm/hugetlb:...

CVE-2022-50329 block, bfq: fix uaf for bfqq in bfq_exit_icq_bfqq

In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix uaf for bfqq in bfqexiticqbfqq Commit 64dc8c732f5c "block, bfq: fix possible uaf for 'bfqq-bic'" will access 'bic-bfqq' in bicsetbfqq, however, bfqexiticqbfqq can free bfqq first, and then call bicsetbfqq, which...

kernel: net/sched: Always pass notifications when child class becomes empty

A use-after-free UAF vulnerability was found in the Linux kernel's net/sched subsystem, specifically in the Credit-Based Shaper CBS qdisc implementation schcbs. The vulnerability occurs because the CBS qdisc's reset function qdiscresetqueue only resets its internal queue but fails to reset its...

Security update for the Linux Kernel (Live Patch 27 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-15050055110 fixes several issues. The following security issues were fixed: CVE-2025-38001: netsched: hfsc: Address reentrant enqueue adding class to eltree twice bsc1244235. CVE-2025-38000: schhfsc: Fix qlen accounting bug when using peek in hfscenqueue...

SUSE-SU-2025:03194-1 Security update for the Linux Kernel (Live Patch 24 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005597 fixes several issues. The following security issues were fixed: - CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579. - CVE-2022-49053: scsi: target: tcmu: Fix possible page UAF bsc1237930. - CVE-2025-38001: netsched: hfsc: Address reentra...

SUSE-SU-2025:03191-1 Security update for the Linux Kernel (Live Patch 20 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005583 fixes several issues. The following security issues were fixed: - CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579. - CVE-2022-49053: scsi: target: tcmu: Fix possible page UAF bsc1237930. - CVE-2025-38001: netsched: hfsc: Address reentra...

SUSE-SU-2025:03190-1 Security update for the Linux Kernel (Live Patch 17 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005573 fixes several issues. The following security issues were fixed: - CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579. - CVE-2022-49053: scsi: target: tcmu: Fix possible page UAF bsc1237930. - CVE-2025-38001: netsched: hfsc: Address reentra...

Security update for the Linux Kernel (Live Patch 32 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024136 fixes several issues. The following security issues were fixed: CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579. CVE-2022-49053: scsi: target: tcmu: Fix possible page UAF bsc1237930. CVE-2025-38001: netsched: hfsc: Address reentrant...

SUSE-SU-2025:03181-1 Security update for the Linux Kernel (Live Patch 32 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024136 fixes several issues. The following security issues were fixed: - CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579. - CVE-2022-49053: scsi: target: tcmu: Fix possible page UAF bsc1237930. - CVE-2025-38001: netsched: hfsc: Address...

Security update for the Linux Kernel (Live Patch 33 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024141 fixes several issues. The following security issues were fixed: CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579. CVE-2022-49053: scsi: target: tcmu: Fix possible page UAF bsc1237930. CVE-2025-38001: netsched: hfsc: Address reentrant...

Security update for the Linux Kernel (Live Patch 39 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024161 fixes several issues. The following security issues were fixed: CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579. CVE-2025-38001: netsched: hfsc: Address reentrant enqueue adding class to eltree twice bsc1244235. CVE-2025-38000: schhfsc...

SUSE-SU-2025:20714-1 Security update for kernel-livepatch-MICRO-6-0-RT_Update_2

This update for kernel-livepatch-MICRO-6-0-RTUpdate2 fixes the following issues: - CVE-2025-38087: net/sched: fix use-after-free in tapriodevnotifier bsc1245505 - CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579 - CVE-2025-38001: netsched: hfsc: Address reentrant enqueue adding class to...

Security update for kernel-livepatch-MICRO-6-0-RT_Update_4

This update for kernel-livepatch-MICRO-6-0-RTUpdate4 fixes the following issues: CVE-2025-38087: net/sched: fix use-after-free in tapriodevnotifier bsc1245505 CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579 CVE-2025-38001: netsched: hfsc: Address reentrant enqueue adding class to eltree...

SUSE-SU-2025:20706-1 Security update for kernel-livepatch-MICRO-6-0-RT_Update_6

This update for kernel-livepatch-MICRO-6-0-RTUpdate6 fixes the following issues: - CVE-2025-38087: net/sched: fix use-after-free in tapriodevnotifier bsc1245505 - CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579 - CVE-2025-38001: netsched: hfsc: Address reentrant enqueue adding class to...

SUSE-SU-2025:20775-1 Security update for kernel-livepatch-MICRO-6-0-RT_Update_4

This update for kernel-livepatch-MICRO-6-0-RTUpdate4 fixes the following issues: - CVE-2025-38087: net/sched: fix use-after-free in tapriodevnotifier bsc1245505 - CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579 - CVE-2025-38001: netsched: hfsc: Address reentrant enqueue adding class to...

SUSE-SU-2025:20700-1 Security update for kernel-livepatch-MICRO-6-0_Update_6

This update for kernel-livepatch-MICRO-6-0Update6 fixes the following issues: - CVE-2025-38087: net/sched: fix use-after-free in tapriodevnotifier bsc1245505 - CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579 - CVE-2025-38001: netsched: hfsc: Address reentrant enqueue adding class to eltr...

Security update for the Linux Kernel (Live Patch 29 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024128 fixes several issues. The following security issues were fixed: CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579. CVE-2022-49053: scsi: target: tcmu: Fix possible page UAF bsc1237930. CVE-2025-38001: netsched: hfsc: Address reentrant...

SUSE-SU-2025:03153-1 Security update for the Linux Kernel (Live Patch 56 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059201 fixes several issues. The following security issues were fixed: - CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579. - CVE-2025-38001: netsched: hfsc: Address reentrant enqueue adding class to eltree twice bsc1244235. - CVE-2025-38000:...