Azure Linux 3.0 Security Update: kernel (CVE-2024-39485)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-39485 advisory. - In the Linux kernel, the following vulnerability has been resolved: media: v4l: async: Properly re- initiali...

Important: kernel

Issue Overview: A flaw use-after-free in function scosocksendmsg of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIOREGISTER or other way triggers race condition of the call scoconndel together with the call scosocksendmsg with the expected controllable faulting memory...

PT-2025-8835

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.12.0 Description A slab-use-after-free read issue has been identified in the Linux kernel's Bluetooth management functionality, specifically in the mgmt remove adv monitor sync function. This issue can cause a...

SUSE SLES12 Security Update : kernel (Live Patch 59 for SLE 12 SP5) (SUSE-SU-2025:0090-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0090-1 advisory. This update for the Linux Kernel 4.12.14-122225 fixes several issues. The following security issues were fixed: - CVE-2024-50264: vsock/virtio:...

kernel: gro: fix ownership transfer

A flaw was found in the Linux kernel's Generic Receive Offload GRO feature, where packets processed with a fragment list are not properly orphaned due to incorrect handling of socket references. This vulnerability can cause system instability or kernel bugs. The issue has been fixed by making sur...

Important: kernel

Issue Overview: A denial-of-service DoS flaw was identified in the Linux kernel due to an incorrect memory barrier in xtreplacetable in net/netfilter/xtables.c in the netfilter subsystem. CVE-2021-29650 A flaw was found in kernel/bpf/verifier.c in BPF in the Linux kernel. An incorrect limit is...

PT-2024-35672

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.14.0-162.6.1.el9 1.x86 64 Description A vulnerability in the Linux kernel has been resolved, specifically in the RDMA/mlx5 component. The issue involved moving events notifier registration to be after device...

kernel: wifi: nl80211: reject iftype change with mesh ID change

CVE-2024-27410 is a vulnerability in the Linux kernel’s Wi-Fi subsystem, affecting the nl80211 interface. The issue occurs when a mesh ID is set while simultaneously switching the interface to mesh mode, which can overwrite critical data in the wireless device's configuration. This can lead to...

Important: bubblewrap and flatpak security update

Bubblewrap /usr/bin/bwrap is a core execution engine for unprivileged containers that works as a setuid binary on kernels without user namespaces. Security Fixes: flatpak: Access to files outside sandbox for apps using persistent= --persist CVE-2024-42472 For more details about the security issue...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: ima: Fix use-after-free on a dentry's dname.name CVE-2024-39494 Affected Packages: kernel Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between...

Medium: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: ext4: fix corruption during on-line resize CVE-2024-35807 Affected Packages: kernel Issue Correction: Run dnf update kernel --releasever 2023.5.20240916 to update your system. New Packages: aarch64: ...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: use timestamp to check for set element timeout CVE-2024-27397 In the Linux kernel, the following vulnerability has been resolved: ima: Fix use-after-free on a dentry's dname.name CVE-2024-3949...

RHSA-2016:2107 Red Hat Security Advisory: kernel-rt security update

Bulletin has no description...

RHSA-2009:1540 Red Hat Security Advisory: kernel-rt security, bug fix, and enhancement update

Bulletin has no description...

Important: Red Hat Security Advisory: bubblewrap and flatpak security update

An update for bubblewrap and flatpak is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Medium: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: usb-storage: alauda: Check whether the media is initialized CVE-2024-38619 In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: fully validate NFTDATAVALUE on store to data...

Important: Red Hat Security Advisory: kpatch-patch-5_14_0-284_48_1 and kpatch-patch-5_14_0-284_52_1 security update

An update for kpatch-patch-5140-284481 and kpatch-patch-5140-284521 is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which give...

kernel: netfilter: nf_tables: flush pending destroy work before exit_net release

A vulnerability was found in the Linux kernel's Netfilter framework, specifically within the nftables component. The issue arises from a race condition between the exitnet function and the destroy work queue, which can lead to use-after-free errors and potential system instability. This...

kernel: netfilter: validate user input for expected length

CVE-2024-35896 is a vulnerability in the Linux kernel's Netfilter component, where the setsockopt function fails to properly validate the length of user-supplied data before copying it into kernel space. This oversight can lead to out-of-bounds memory access, potentially causing system crashes or...

kernel: netfilter: validate user input for expected length

CVE-2024-35896 is a vulnerability in the Linux kernel's Netfilter component, where the setsockopt function fails to properly validate the length of user-supplied data before copying it into kernel space. This oversight can lead to out-of-bounds memory access, potentially causing system crashes or...