ELSA-2025-20645: Unbreakable Enterprise kernel security update (IMPORTANT)

ELSA-2025-20632: Unbreakable Enterprise kernel security update (IMPORTANT)

ELSA-2025-20609: Unbreakable Enterprise kernel security update (IMPORTANT)

Security update for the Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: vsock: Do not allow binding to VMADDR_PORT_ANY It is possible for a vsock to autobind to VMADDR_PORT_ANY. This can cause a use-after-free when a connection is made to the bound socket. The socket returned by accept() also has port VMADDR_PORT_ANY but is not on the list of unbound sockets. Binding it will result in an extra refcount decrement similar to the one fixed in fcdd2242c023 (vsock: Keep the binding until socket destruction). Modify the check in __vsock_bind_connectible() to also prevent binding to VMADDR_PORT_ANY.

In the Linux kernel, the following vulnerability has been resolved: vsock: Do not allow binding to VMADDR_PORT_ANY It is possible for a vsock to autobind to VMADDR_PORT_ANY. This can cause a use-after-free when a connection is made to the bound socket. The socket returned by accept() also has port VMADDR_PORT_ANY but is not on the list of unbound sockets. Binding it will result in an extra refcount decrement similar to the one fixed in fcdd2242c023 (vsock: Keep the binding until socket destruction). Modify the check in __vsock_bind_connectible() to also prevent binding to VMADDR_PORT_ANY.

In the Linux kernel, the following vulnerability has been resolved: vsock: Do not allow binding to VMADDR_PORT_ANY It is possible for a vsock to autobind to VMADDR_PORT_ANY. This can cause a use-after-free when a connection is made to the bound socket. The socket returned by accept() also has port VMADDR_PORT_ANY but is not on the list of unbound sockets. Binding it will result in an extra refcount decrement similar to the one fixed in fcdd2242c023 (vsock: Keep the binding until socket destruction). Modify the check in __vsock_bind_connectible() to also prevent binding to VMADDR_PORT_ANY.

In the Linux kernel, the following vulnerability has been resolved: v ...

In the Linux kernel, the following vulnerability has been resolved: vsock: Do not allow binding to VMADDR_PORT_ANY It is possible for a vsock to autobind to VMADDR_PORT_ANY. This can cause a use-after-free when a connection is made to the bound socket. The socket returned by accept() also has port VMADDR_PORT_ANY but is not on the list of unbound sockets. Binding it will result in an extra refcount decrement similar to the one fixed in fcdd2242c023 (vsock: Keep the binding until socket destruction). Modify the check in __vsock_bind_connectible() to also prevent binding to VMADDR_PORT_ANY.

Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP7)

Security update for the Linux Kernel (Live Patch 13 for SLE 15 SP6)

Security update for the Linux Kernel (Live Patch 29 for SLE 15 SP5)

Security update for the Linux Kernel RT (Live Patch 2 for SLE 15 SP7)

Security update for the Linux Kernel (Live Patch 12 for SLE 15 SP6)

Security update for the Linux Kernel (Live Patch 42 for SLE 15 SP4)

Security update for the Linux Kernel (Live Patch 59 for SLE 15 SP3)

Security update for the Linux Kernel (Live Patch 28 for SLE 15 SP5)

Security update for the Linux Kernel (Live Patch 70 for SLE 12 SP5)

Security update for the Linux Kernel RT (Live Patch 11 for SLE 15 SP6)

Security update for the Linux Kernel