Security update for kernel-livepatch-MICRO-6-0_Update_10

This update for kernel-livepatch-MICRO-6-0Update10 fixes the following issues: CVE-2025-38664: ice: Fix a null pointer dereference in icecopyandinitpkg bsc1248631 CVE-2025-38618: vsock: Do not allow binding to VMADDRPORTANY bsc1249207 Patch Instructions: To install this SUSE update use the SUSE...

Security update for the Linux Kernel (Live Patch 8 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506002338 fixes several issues. The following security issues were fixed: CVE-2025-38664: ice: Fix a null pointer dereference in icecopyandinitpkg bsc1248631. CVE-2025-38617: net/packet: fix a race in packetsetring and packetnotifier bsc1249208...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: vsock: Do not allow binding to VMADDRPORTANY. It is possible for a vsock to automatically bind itself to VMADDRPORTANY. This can lead to a “use-after-free” issue when a connection is made to the bound socket. The socket returned ...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: The length of the packet header is validated before calling skbPut. When receiving a vsock packet in the guest, only the size of the virtqueue buffer is validated prior to calling virtiovsockskbrxPut. Unfortunately,...

kernel: vsock/virtio: Validate length in packet header before skb_put()

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Validate length in packet header before skbput When receiving a vsock packet in the guest, only the virtqueue buffer size is validated prior to virtiovsockskbrxput. Unfortunately, virtiovsockskbrxput uses the length...

kernel: vsock/virtio: Validate length in packet header before skb_put()

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Validate length in packet header before skbput When receiving a vsock packet in the guest, only the virtqueue buffer size is validated prior to virtiovsockskbrxput. Unfortunately, virtiovsockskbrxput uses the length...

Moderate: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this update as...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414646)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414646 advisory. A local privilege escalation was discovered in the Linux kernel before 5.10.13. Multiple race conditions in the AFVSOCK implementation are caused by wrong locking in...

EUVD-2022-55584

Malicious code in bioql PyPI...

RLSA-2025:16373 Moderate: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: vsock: Fix transport TOCTOU CVE-2025-38461 For more details about the security issues, including the impact, a CVSS score,...

RHEL 9 : kernel (RHSA-2025:17122)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:17122 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: usb: dwc3: gadget: check that...

SUSE SLES15 Security Update : kernel RT (Live Patch 2 for SLE 15 SP6) (SUSE-SU-2025:03315-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03315-1 advisory. This update for the Linux Kernel 6.4.0-150600108 fixes several issues. The following security issues were fixed: - CVE-2024-49860: ACPI: sysfs...

SUSE SLES15 Security Update : kernel RT (Live Patch 1 for SLE 15 SP6) (SUSE-SU-2025:03341-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03341-1 advisory. This update for the Linux Kernel 6.4.0-150600105 fixes several issues. The following security issues were fixed: - CVE-2024-49860: ACPI: sysfs...

Security update for kernel-livepatch-MICRO-6-0_Update_3

This update for kernel-livepatch-MICRO-6-0Update3 fixes the following issues: CVE-2025-38177: kernel: schhfsc: make hfscqlennotify idempotent bsc1246356 CVE-2025-38109: net/mlx5: fix ECVF vports unload on shutdown flow bsc1245685 CVE-2025-38181: calipso: fix null-ptr-deref in calipsoreqset,delatt...

Security update for kernel-livepatch-MICRO-6-0-RT_Update_6

This update for kernel-livepatch-MICRO-6-0-RTUpdate6 fixes the following issues: CVE-2025-38177: kernel: schhfsc: make hfscqlennotify idempotent bsc1246356 CVE-2025-38109: net/mlx5: fix ECVF vports unload on shutdown flow bsc1245685 CVE-2025-38181: calipso: fix null-ptr-deref in...

CVE-2022-50271 vhost/vsock: Use kvmalloc/kvfree for larger packets.

In the Linux kernel, the following vulnerability has been resolved: vhost/vsock: Use kvmalloc/kvfree for larger packets. When copying a large file over sftp over vsock, data size is usually 32kB, and kmalloc seems to fail to try to allocate 32 32kB regions. vhost-5837: page allocation failure:...

vsock/vmci: Clear the vmci transport packet properly when initializing it

...

vsock: Fix transport_{g2h,h2g} TOCTOU

...

vsock: Do not allow binding to VMADDR_PORT_ANY

...

Linux Distros Unpatched Vulnerability : CVE-2025-38618

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - vsock: Do not allow binding to VMADDRPORTANY It is possible for a vsock to autobind to VMADDRPORTANY. This can cause a use-after-free when a connection is made ...