kernel: ipv4: Fix uninit-value access in __ip_make_skb()

In the Linux kernel, the following vulnerability has been resolved: ipv4: Fix uninit-value access in ipmakeskb KMSAN reported uninit-value access in ipmakeskb 1. ipmakeskb tests HDRINCL to know if the skb has icmphdr. However, HDRINCL can cause a race condition. If calling setsockopt2 with...

SUSE SLES12 Security Update : kernel (Live Patch 57 for SLE 12 SP5) (SUSE-SU-2024:3822-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3822-1 advisory. This update for the Linux Kernel 4.12.14-122219 fixes several issues. The following security issues were fixed: - CVE-2024-35863: Fixed potenti...

Security update for the Linux Kernel (Live Patch 28 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024125 fixes several issues. The following security issues were fixed: CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails bsc1227808 CVE-2024-41059: hfsplus: fix uninit-value in copyname bsc1228573. Patch Instructions:...

Unbreakable Enterprise kernel security update

4.14.35-2047.539.5 - Revert 'mm/writeback: fix possible divide-by-zero in wbdirtylimits, again' Jan Kara - net/mlx5e: drop shorter ethernet frames Manjunath Patil Orabug: 36879158 CVE-2024-41090 CVE-2024-41091 4.14.35-2047.539.4 - Fix parsing error in UEK5 kernel-uek-spec Yifei Liu Orabug: 368471...

CVE-2024-41059

CVE-2024-41059 (Linux kernel) : A KMSAN-uninitialized value occurred in hfsplus when copying names during extended attributes operations (copy_name in fs/hfsplus/xattr.c). The issue traces to uninitialized memory used during sized_strscpy, leading to a potential information leak or instability wi...

CVE-2024-39301

In the Linux kernel, the following vulnerability has been resolved: net/9p: fix uninit-value in p9clientrpc Syzbot with the help of KMSAN reported the following error: BUG: KMSAN: uninit-value in trace9pclientres include/trace/events/9p.h:146 inline BUG: KMSAN: uninit-value in...

CVE-2023-52842 virtio/vsock: Fix uninit-value in virtio_transport_recv_pkt()

In the Linux kernel, the following vulnerability has been resolved: virtio/vsock: Fix uninit-value in virtiotransportrecvpkt KMSAN reported the following uninit-value access issue: ===================================================== BUG: KMSAN: uninit-value in virtiotransportrecvpkt+0x1dfb/0x26...

GSD-2022-1006715 usb: idmouse: fix an uninit-value in idmouse_open

usb: idmouse: fix an uninit-value in idmouseopen This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.3 by commit...

GSD-2022-1003209 staging: rtl8712: fix uninit-value in usb_read8() and friends

staging: rtl8712: fix uninit-value in usbread8 and friends This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.47 by commit...