Linux Distros Unpatched Vulnerability : CVE-2023-53149

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ext4: avoid deadlock in fs reclaim with page writeback Ext4 has a filesystem wide lock protecting ext4writepages calls to avoid races with switching of...

SUSE CVE-2022-50273

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on destination blkaddr during recovery As Wenqing Liu reported in bugzilla: https://bugzilla.kernel.org/showbug.cgi?id=216456 loop5: detected capacity change from 0 to 131072 F2FS-fs loop5:...

SUSE CVE-2023-53197

In the Linux kernel, the following vulnerability has been resolved: USB: uhci: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremove instead whi...

CLSA-2025-1757962453 kernel: Fix of 32 CVEs

inet: fully convert sk-skrxdst to RCU rules CVE-2021-47103 - ALSA: usb-audio: Fix out of bounds reads when finding clock sources CVE-2024-53150 - posix-cpu-timers: fix race between handleposixcputimers and posixcputimerdel CVE-2025-38352 - can: peakusb: fix use after free bugs CVE-2021-47670 -...

CLSA-2025-1757961864 kernel: Fix of 32 CVEs

inet: fully convert sk-skrxdst to RCU rules CVE-2021-47103 - ALSA: usb-audio: Fix out of bounds reads when finding clock sources CVE-2024-53150 - posix-cpu-timers: fix race between handleposixcputimers and posixcputimerdel CVE-2025-38352 - can: peakusb: fix use after free bugs CVE-2021-47670 -...

CVE-2023-53256

In the Linux kernel, the following vulnerability has been resolved: firmware: armffa: Fix FFA device names for logical partitions Each physical partition can provide multiple services each with UUID. Each such service can be presented as logical partition with a unique combination of VM ID and...

CVE-2022-50333

In the Linux kernel, the following vulnerability has been resolved: fs: jfs: fix shift-out-of-bounds in dbDiscardAG This should be applied to most URSAN bugs found recently by syzbot, by guarding the dbMount. As syzbot feeding rubbish into the bmap descriptor...

CVE-2022-50335

In the Linux kernel, the following vulnerability has been resolved: 9p: set req refcount to zero to avoid uninitialized usage When a new request is allocated, the refcount will be zero if it is reused, but if the request is newly allocated from slab, it is not fully initialized before being added...

DEBIAN-CVE-2022-50313

In the Linux kernel, the following vulnerability has been resolved: erofs: fix order = MAXORDER warning due to crafted negative isize As syzbot reported 1, the root cause is that isize field is a signed type, and negative isize is also less than EROFSBLKSIZ. As a consequence, it's handled as fast...

DEBIAN-CVE-2022-50284

In the Linux kernel, the following vulnerability has been resolved: ipc: fix memory leak in initmqueuefs When setupmqsysctls failed in initmqueuefs, mqueueinodecachep is not released. In order to fix this issue, the release path is reordered...

CVE-2022-50284

In the Linux kernel, the following vulnerability has been resolved: ipc: fix memory leak in initmqueuefs When setupmqsysctls failed in initmqueuefs, mqueueinodecachep is not released. In order to fix this issue, the release path is reordered...

CVE-2022-50277

In the Linux kernel, the following vulnerability has been resolved: ext4: don't allow journal inode to have encrypt flag Mounting a filesystem whose journal inode has the encrypt flag causes a NULL dereference in fscryptlimitioblocks when the 'inlinecrypt' mount option is used. The problem is tha...

UBUNTU-CVE-2022-50313

In the Linux kernel, the following vulnerability has been resolved: erofs: fix order = MAXORDER warning due to crafted negative isize As syzbot reported 1, the root cause is that isize field is a signed type, and negative isize is also less than EROFSBLKSIZ. As a consequence, it's handled as fast...

UBUNTU-CVE-2023-53262

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix scheduling while atomic in decompression path 16.945668 C0 Call trace: 16.945678 C0 dumpbacktrace+0x110/0x204 16.945706 C0 dumpstacklvl+0x84/0xbc 16.945735 C0 schedulebug+0xb8/0x1ac 16.945756 C0 schedule+0x724/0xbdc...

UBUNTU-CVE-2023-53260

In the Linux kernel, the following vulnerability has been resolved: ovl: fix null pointer dereference in ovlpermission Following process: P1 P2 pathlookupat linkpathwalk inodepermission ovlpermission ovlipathrealinode, &realpath path-dentry = ovlidentryupperinode dropcache dentrykillovldentry...

UBUNTU-CVE-2022-50286

In the Linux kernel, the following vulnerability has been resolved: ext4: fix delayed allocation bug in ext4clumapped for bigalloc + inline When converting files with inline data to extents, delayed allocations made on a file system created with both the bigalloc and inline options can result in...

CVE-2022-50335 9p: set req refcount to zero to avoid uninitialized usage

In the Linux kernel, the following vulnerability has been resolved: 9p: set req refcount to zero to avoid uninitialized usage When a new request is allocated, the refcount will be zero if it is reused, but if the request is newly allocated from slab, it is not fully initialized before being added...

CVE-2022-50334 hugetlbfs: fix null-ptr-deref in hugetlbfs_parse_param()

In the Linux kernel, the following vulnerability has been resolved: hugetlbfs: fix null-ptr-deref in hugetlbfsparseparam Syzkaller reports a null-ptr-deref bug as follows: ====================================================== KASAN: null-ptr-deref in range 0x0000000000000000-0x0000000000000007...

CVE-2023-53262 f2fs: fix scheduling while atomic in decompression path

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix scheduling while atomic in decompression path 16.945668 C0 Call trace: 16.945678 C0 dumpbacktrace+0x110/0x204 16.945706 C0 dumpstacklvl+0x84/0xbc 16.945735 C0 schedulebug+0xb8/0x1ac 16.945756 C0 schedule+0x724/0xbdc...

CVE-2023-53260 ovl: fix null pointer dereference in ovl_permission()

In the Linux kernel, the following vulnerability has been resolved: ovl: fix null pointer dereference in ovlpermission Following process: P1 P2 pathlookupat linkpathwalk inodepermission ovlpermission ovlipathrealinode, &realpath path-dentry = ovlidentryupperinode dropcache dentrykillovldentry...