RDMA/mlx5: Initialize obj_event->obj_sub_list before xa_insert

...

kernel: net: sched: sfb: fix null pointer access issue when sfb_init() fails

A null pointer dereference exists in the linux kernel, such that when sfbinit fails qdisc is NULL, and it will cause gpf issue, leading to damage to the availability of the system...

SUSE CVE-2025-40352

In the Linux kernel, the following vulnerability has been resolved: platform/mellanox: mlxbf-pmc: add sysfsattrinit to countclock init The lock-related debug logic CONFIGLOCKSTAT in the kernel is noting the following warning when the BlueField-3 SOC is booted: BUG: key ffff00008a3402a8 has not be...

SUSE CVE-2025-68168

In the Linux kernel, the following vulnerability has been resolved: jfs: fix uninitialized waitqueue in transaction manager The transaction manager initialization in txInit was not properly initializing TxBlock0.waitor waitqueue, causing a crash when txEnd0 is called on read-only filesystems. Whe...

SUSE CVE-2025-68224

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

SUSE CVE-2025-68238

In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: cadence: fix DMA device NULL pointer dereference The DMA device pointer dmadev was being dereferenced before ensuring that cdnsctrl-dmac is properly initialized. Move the assignment of dmadev after successfully...

Linux Distros Unpatched Vulnerability : CVE-2025-40352

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - platform/mellanox: mlxbf-pmc: add sysfsattrinit to countclock init The lock-related debug logic CONFIGLOCKSTAT in the kernel is noting the following warning whe...

Vulnerability in UEFI firmware modules prevents IOMMU initialization on some UEFI-based motherboards

Overview A newly identified vulnerability in some UEFI-supported motherboard models leaves systems vulnerable to early-boot DMA attacks across architectures that implement UEFI and IOMMU. Although the firmware indicates that DMA protection is active, it fails to correctly initialize the IOMMU...

EUVD-2025-203788

In the Linux kernel, the following vulnerability has been resolved: mm/memfd: fix information leak in hugetlb folios When allocating hugetlb folios for memfd, three initialization steps are missing: 1. Folios are not zeroed, leading to kernel memory disclosure to userspace 2. Folios are not marke...

EUVD-2025-203789

In the Linux kernel, the following vulnerability has been resolved: mptcp: Initialise rcvmss before calling tcpsendactivereset in mptcpdofastclose. syzbot reported divide-by-zero in tcpselectwindow by MPTCP socket. 0 We had a similar issue for the bare TCP and fixed in commit 499350a5a6e7 "tcp:...

CVE-2025-68291

In the Linux kernel, the following vulnerability has been resolved: mptcp: Initialise rcvmss before calling tcpsendactivereset in mptcpdofastclose. syzbot reported divide-by-zero in tcpselectwindow by MPTCP socket. 0 We had a similar issue for the bare TCP and fixed in commit 499350a5a6e7 "tcp:...

EUVD-2025-203647

In the Linux kernel, the following vulnerability has been resolved: most: usb: hdmprobe: Fix calling putdevice before device initialization The early error path in hdmprobe can jump to errfreemdev before &mdev-dev has been initialized with deviceinitialize. Calling putdevice&mdev-dev there trigge...

EUVD-2025-203671

In the Linux kernel, the following vulnerability has been resolved: lib/testkho: check if KHO is enabled We must check whether KHO is enabled prior to issuing KHO commands, otherwise KHO internal data structures are not initialized...

EUVD-2025-203672

In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix a regression triggered by scsihostbusy Commit 995412e23bb2 "blk-mq: Replace tags-lock with SRCU for tag iterators" introduced the following regression: Call trace: srcureadlock+0x30/0x80 P...

EUVD-2025-203729

In the Linux kernel, the following vulnerability has been resolved: gpiolib: fix invalid pointer access in debugfs If the memory allocation in gpiolibseqstart fails, the s-private field remains uninitialized and is later dereferenced without checking in gpiolibseqstop. Initialize s-private to NUL...

EUVD-2025-203728

In the Linux kernel, the following vulnerability has been resolved: jfs: fix uninitialized waitqueue in transaction manager The transaction manager initialization in txInit was not properly initializing TxBlock0.waitor waitqueue, causing a crash when txEnd0 is called on read-only filesystems. Whe...

EUVD-2025-203703

In the Linux kernel, the following vulnerability has been resolved: drm/xe/guc: Add devm release action to safely tear down CT When a buffer object BO is allocated with the XEBOFLAGGGTTINVALIDATE flag, the driver initiates TLB invalidation requests via the CTB mechanism while releasing the BO...

CVE-2025-68249

In the Linux kernel, the following vulnerability has been resolved: most: usb: hdmprobe: Fix calling putdevice before device initialization The early error path in hdmprobe can jump to errfreemdev before &mdev-dev has been initialized with deviceinitialize. Calling putdevice&mdev-dev there trigge...

UBUNTU-CVE-2025-68249

In the Linux kernel, the following vulnerability has been resolved: most: usb: hdmprobe: Fix calling putdevice before device initialization The early error path in hdmprobe can jump to errfreemdev before &mdev-dev has been initialized with deviceinitialize. Calling putdevice&mdev-dev there trigge...

CVE-2025-68249

In the Linux kernel, the following vulnerability has been resolved: most: usb: hdmprobe: Fix calling putdevice before device initialization The early error path in hdmprobe can jump to errfreemdev before &mdev-dev has been initialized with deviceinitialize. Calling putdevice&mdev-dev there trigge...