Уязвимость kernel-lt

Important: kernel security update

ELSA-2025-23279: kernel security update (IMPORTANT)

Security update for the Linux Kernel (Live Patch 3 for SLE 15 SP7)

Security update for the Linux Kernel (Live Patch 43 for SLE 15 SP4)

Security update for the Linux Kernel (Live Patch 71 for SLE 12 SP5)

Security update for the Linux Kernel (Live Patch 70 for SLE 12 SP5)

Security update for the Linux Kernel RT (Live Patch 3 for SLE 15 SP7)

In the Linux kernel, the following vulnerability has been resolved: iommufd: Fix race during abort for file descriptors fput() doesn't actually call file_operations release() synchronously, it puts the file on a work queue and it will be released eventually. This is normally fine, except for iommufd the file and the iommufd_object are tied to gether. The file has the object as it's private_data and holds a users refcount, while the object is expected to remain alive as long as the file is. When the allocation of a new object aborts before installing the file it will fput() the file and then go on to immediately kfree() the obj. This causes a UAF once the workqueue completes the fput() and tries to decrement the users refcount. Fix this by putting the core code in charge of the file lifetime, and call __fput_sync() during abort to ensure that release() is called before kfree. __fput_sync() is a bit too tricky to open code in all the object implementations. Instead the objects te...

Уязвимость компонента iommufd ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании

In the Linux kernel, the following vulnerability has been resolved: tls: wait for pending async decryptions if tls_strp_msg_hold fails Async decryption calls tls_strp_msg_hold to create a clone of the input skb to hold references to the memory it uses. If we fail to allocate that clone, proceeding with async decryption can lead to various issues (UAF on the skb, writing into userspace memory after the recv() call has returned). In this case, wait for all pending decryption requests.

Уязвимость функции tls_strp_msg_hold() ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании

Security update for the Linux Kernel (Live Patch 29 for SLE 15 SP5)

Security update for the Linux Kernel (Live Patch 51 for SLE 15 SP3)

Security update for the Linux Kernel (Live Patch 59 for SLE 15 SP3)

Security update for the Linux Kernel (Live Patch 60 for SLE 15 SP3)

Security update for the Linux Kernel (Live Patch 56 for SLE 15 SP3)

Security update for the Linux Kernel (Live Patch 62 for SLE 12 SP5)

Security update for the Linux Kernel (Live Patch 61 for SLE 12 SP5)

Security update for the Linux Kernel (Live Patch 60 for SLE 12 SP5)