Security update for the Linux Kernel (Live Patch 28 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024125 fixes several issues. The following security issues were fixed: CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. CVE-2022-48956: ipv6: avoid use-after-free in ip6fragment bsc1232637...

Security update for the Linux Kernel (Live Patch 23 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024108 fixes several issues. The following security issues were fixed: CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. CVE-2022-48956: ipv6: avoid use-after-free in ip6fragment bsc1232637...

Security update for the Linux Kernel (Live Patch 58 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122222 fixes several issues. The following security issues were fixed: CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. CVE-2022-48956: ipv6: avoid use-after-free in ip6fragment bsc1232637...

CLSA-2025-1736783731 kernel: Fix of 10 CVEs

media: edia: dvbdev: fix a use-after-free CVE-2024-27043 - vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans CVE-2024-50264 - net/sched: stop qdisctreereducebacklog on TCHROOT CVE-2024-53057 - bpf: Fix out-of-bounds write in triegetnextkey CVE-2024-50262 - KVM: nSVM:...

PT-2025-30803

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue within the vsock/vmci subsystem. Specifically, the vmci transport packet structure was not properly initialized, potentially leaving uninitialized data...

kernel: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans

A dangling pointer can be created in vsk-trans, potentially leading to a Use-After-Free condition...

SUSE CVE-2024-53118

In the Linux kernel, the following vulnerability has been resolved: vsock: Fix skerrorqueue memory leak Kernel queues MSGZEROCOPY completion notifications on the error queue. Where they remain, until explicitly recved. To prevent memory leaks, clean up the queue when the socket is destroyed...

DEBIAN-CVE-2024-53119

In the Linux kernel, the following vulnerability has been resolved: virtio/vsock: Fix acceptqueue memory leak As the final stages of socket destruction may be delayed, it is possible that virtiotransportrecvlisten will be called after the acceptqueue has been flushed, but before the SOCKDONE flag...

DEBIAN-CVE-2024-50264

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans During loopback communication, a dangling pointer can be created in vsk-trans, potentially leading to a Use-After-Free condition. This issue is resolved ...

PT-2024-35555

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.65 Description A vulnerability in the Linux kernel has been resolved. The issue is related to the introduction of support for vsock and unix sockets in sockmap, where the function tls sw has ctx tx/rx cannot...

CVE-2024-43873

...

SUSE CVE-2024-44996

In the Linux kernel, the following vulnerability has been resolved: vsock: fix recursive -recvmsg calls After a vsock socket has been added to a BPF sockmap, its prot-recvmsg has been replaced with vsockbpfrecvmsg. Thus the following recursiion could happen: vsockbpfrecvmsg - vsockrecvmsg -...

DEBIAN-CVE-2024-44996

In the Linux kernel, the following vulnerability has been resolved: vsock: fix recursive -recvmsg calls After a vsock socket has been added to a BPF sockmap, its prot-recvmsg has been replaced with vsockbpfrecvmsg. Thus the following recursiion could happen: vsockbpfrecvmsg - vsockrecvmsg -...

DEBIAN-CVE-2024-35814

In the Linux kernel, the following vulnerability has been resolved: swiotlb: Fix double-allocation of slots due to broken alignment handling Commit bbb73a103fbb "swiotlb: fix a braino in the alignment check fix", which was a fix for commit 0eee5ae10256 "swiotlb: fix slot alignment checks", causes...

SUSE CVE-2021-47024

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: free queued packets when closing socket As reported by syzbot 1, there is a memory leak while closing the socket. We partially solved this issue with commit ac03046ece2b "vsock/virtio: free packets during the socket...

CLSA-2023-1701801241 Fix of 8 CVEs

CVE-url: https://ubuntu.com/security/CVE-2023-45871 - igb: Limit maximum frame Rx based on MTU - igb: Only sync size of expected frame in ethtool testing - igb: Add support for ethtool private flag to allow use of legacy Rx - igb: Add support for using order 1 pages to receive large frames - igb:...

kernel: Linux kernel: Denial of Service due to memory allocation failure in vhost/vsock

A flaw was found in the Linux kernel's vhost/vsock component. A local user could trigger a memory allocation failure when copying large files over sftp SSH File Transfer Protocol over vsock virtual socket. This issue occurs because the kernel's kmalloc function fails to allocate sufficient memory...

SUSE CVE-2018-14625

A flaw was found in the Linux Kernel where an attacker may be able to have an uncontrolled read to kernel-memory from within a vm guest. A race condition between connect and close function may allow an attacker using the AFVSOCK protocol to gather a 4 byte information leak or possibly intercept o...

CVE-2022-3629

A memory leak flaw was found in the Linux kernel’s Virtual Socket Protocol. This flaw allows a local user to crash the system...

PT-2022-35105 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.3 Description: The issue is related to the use of kvmalloc/kvfree for larger packets in vhost/vsock. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel...