Количество 119
Количество 119
SUSE-SU-2025:03482-1
Security update for the Linux Kernel (Live Patch 60 for SLE 12 SP5)
SUSE-SU-2025:03472-1
Security update for the Linux Kernel RT (Live Patch 7 for SLE 15 SP6)
GHSA-c38j-rpqw-ch4h
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Use memcpy() for BIOS version The strlcat() with FORTIFY support is triggering a panic because it thinks the target buffer will overflow although the correct target buffer size is passed in. Anyway, instead of memset() with 0 followed by a strlcat(), just use memcpy() and ensure that the resulting buffer is NULL terminated. BIOSVersion is only used for the lpfc_printf_log() which expects a properly terminated string.
BDU:2025-10743
Уязвимость функции memcpy ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
GHSA-vwv2-838r-2q6p
In the Linux kernel, the following vulnerability has been resolved: tipc: Fix use-after-free in tipc_conn_close(). syzbot reported a null-ptr-deref in tipc_conn_close() during netns dismantle. [0] tipc_topsrv_stop() iterates tipc_net(net)->topsrv->conn_idr and calls tipc_conn_close() for each tipc_conn. The problem is that tipc_conn_close() is called after releasing the IDR lock. At the same time, there might be tipc_conn_recv_work() running and it could call tipc_conn_close() for the same tipc_conn and release its last ->kref. Once we release the IDR lock in tipc_topsrv_stop(), there is no guarantee that the tipc_conn is alive. Let's hold the ref before releasing the lock and put the ref after tipc_conn_close() in tipc_topsrv_stop(). [0]: BUG: KASAN: use-after-free in tipc_conn_close+0x122/0x140 net/tipc/topsrv.c:165 Read of size 8 at addr ffff888099305a08 by task kworker/u4:3/435 CPU: 0 PID: 435 Comm: kworker/u4:3 Not tainted 4.19.204-syzkaller #0 Hardware name: Google Go...
BDU:2025-09817
Уязвимость функции tipc_conn_close() ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
SUSE-SU-2025:03580-1
Security update for the Linux Kernel (Live Patch 49 for SLE 15 SP3)
SUSE-SU-2025:03571-1
Security update for the Linux Kernel (Live Patch 6 for SLE 15 SP6)
SUSE-SU-2025:03557-1
Security update for the Linux Kernel (Live Patch 20 for SLE 15 SP5)
SUSE-SU-2025:03553-1
Security update for the Linux Kernel (Live Patch 19 for SLE 15 SP5)
SUSE-SU-2025:03548-1
Security update for the Linux Kernel (Live Patch 31 for SLE 15 SP4)
SUSE-SU-2025:03539-1
Security update for the Linux Kernel (Live Patch 33 for SLE 15 SP4)
SUSE-SU-2025:03514-1
Security update for the Linux Kernel (Live Patch 50 for SLE 15 SP3)
SUSE-SU-2025:03503-1
Security update for the Linux Kernel (Live Patch 48 for SLE 15 SP3)
SUSE-SU-2025:03469-1
Security update for the Linux Kernel RT (Live Patch 6 for SLE 15 SP6)
SUSE-SU-2025:03566-1
Security update for the Linux Kernel (Live Patch 4 for SLE 15 SP6)
SUSE-SU-2025:03494-1
Security update for the Linux Kernel RT (Live Patch 3 for SLE 15 SP6)
SUSE-SU-2025:03468-1
Security update for the Linux Kernel RT (Live Patch 4 for SLE 15 SP6)
SUSE-SU-2025:03465-1
Security update for the Linux Kernel RT (Live Patch 2 for SLE 15 SP6)
ELSA-2025-17161
ELSA-2025-17161: kernel security update (MODERATE)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | SUSE-SU-2025:03482-1 Security update for the Linux Kernel (Live Patch 60 for SLE 12 SP5) | 4 месяца назад | ||
| SUSE-SU-2025:03472-1 Security update for the Linux Kernel RT (Live Patch 7 for SLE 15 SP6) | 4 месяца назад | ||
| GHSA-c38j-rpqw-ch4h In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Use memcpy() for BIOS version The strlcat() with FORTIFY support is triggering a panic because it thinks the target buffer will overflow although the correct target buffer size is passed in. Anyway, instead of memset() with 0 followed by a strlcat(), just use memcpy() and ensure that the resulting buffer is NULL terminated. BIOSVersion is only used for the lpfc_printf_log() which expects a properly terminated string. | CVSS3: 5.5 | 0% Низкий | 7 месяцев назад |
 | BDU:2025-10743 Уязвимость функции memcpy ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании | CVSS3: 8 | 0% Низкий | 7 месяцев назад |
| GHSA-vwv2-838r-2q6p In the Linux kernel, the following vulnerability has been resolved: tipc: Fix use-after-free in tipc_conn_close(). syzbot reported a null-ptr-deref in tipc_conn_close() during netns dismantle. [0] tipc_topsrv_stop() iterates tipc_net(net)->topsrv->conn_idr and calls tipc_conn_close() for each tipc_conn. The problem is that tipc_conn_close() is called after releasing the IDR lock. At the same time, there might be tipc_conn_recv_work() running and it could call tipc_conn_close() for the same tipc_conn and release its last ->kref. Once we release the IDR lock in tipc_topsrv_stop(), there is no guarantee that the tipc_conn is alive. Let's hold the ref before releasing the lock and put the ref after tipc_conn_close() in tipc_topsrv_stop(). [0]: BUG: KASAN: use-after-free in tipc_conn_close+0x122/0x140 net/tipc/topsrv.c:165 Read of size 8 at addr ffff888099305a08 by task kworker/u4:3/435 CPU: 0 PID: 435 Comm: kworker/u4:3 Not tainted 4.19.204-syzkaller #0 Hardware name: Google Go... | CVSS3: 7.8 | 0% Низкий | 6 месяцев назад |
| BDU:2025-09817 Уязвимость функции tipc_conn_close() ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании | CVSS3: 7.3 | 0% Низкий | 7 месяцев назад |
| SUSE-SU-2025:03580-1 Security update for the Linux Kernel (Live Patch 49 for SLE 15 SP3) | 4 месяца назад | ||
| SUSE-SU-2025:03571-1 Security update for the Linux Kernel (Live Patch 6 for SLE 15 SP6) | 4 месяца назад | ||
| SUSE-SU-2025:03557-1 Security update for the Linux Kernel (Live Patch 20 for SLE 15 SP5) | 4 месяца назад | ||
| SUSE-SU-2025:03553-1 Security update for the Linux Kernel (Live Patch 19 for SLE 15 SP5) | 4 месяца назад | ||
| SUSE-SU-2025:03548-1 Security update for the Linux Kernel (Live Patch 31 for SLE 15 SP4) | 4 месяца назад | ||
| SUSE-SU-2025:03539-1 Security update for the Linux Kernel (Live Patch 33 for SLE 15 SP4) | 4 месяца назад | ||
| SUSE-SU-2025:03514-1 Security update for the Linux Kernel (Live Patch 50 for SLE 15 SP3) | 4 месяца назад | ||
| SUSE-SU-2025:03503-1 Security update for the Linux Kernel (Live Patch 48 for SLE 15 SP3) | 4 месяца назад | ||
| SUSE-SU-2025:03469-1 Security update for the Linux Kernel RT (Live Patch 6 for SLE 15 SP6) | 4 месяца назад | ||
| SUSE-SU-2025:03566-1 Security update for the Linux Kernel (Live Patch 4 for SLE 15 SP6) | 4 месяца назад | ||
| SUSE-SU-2025:03494-1 Security update for the Linux Kernel RT (Live Patch 3 for SLE 15 SP6) | 4 месяца назад | ||
| SUSE-SU-2025:03468-1 Security update for the Linux Kernel RT (Live Patch 4 for SLE 15 SP6) | 4 месяца назад | ||
| SUSE-SU-2025:03465-1 Security update for the Linux Kernel RT (Live Patch 2 for SLE 15 SP6) | 4 месяца назад | ||
| ELSA-2025-17161 ELSA-2025-17161: kernel security update (MODERATE) | 4 месяца назад |
Уязвимостей на страницу