CentOS 9 : kernel-5.14.0-648.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the kernel-5.14.0-648.el9 build changelog. - In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fix buffer overflow in debugfs If the user tries to...

Linux Distros Unpatched Vulnerability : CVE-2025-40226

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - firmware: armscmi: Account for failed debug initialization When the SCMI debug subsystem fails to initialize, the related debug root will be missing, and the...

Linux Distros Unpatched Vulnerability : CVE-2025-40314

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: cdns3: gadget: Use-after-free during failed initialization and exit of cdnsp gadget In the cdnspgadgetinit and cdnspgadgetexit functions, the gadget...

CVE-2025-40279

In the Linux kernel, the following vulnerability has been resolved: net: sched: actconnmark: initialize struct tcife to fix kernel leak In tcfconnmarkdump, the variable 'opt' was partially initialized using a designatied initializer. While the padding bytes are reamined uninitialized. nlaput copi...

EUVD-2025-201577

In the Linux kernel, the following vulnerability has been resolved: net: sched: actife: initialize struct tcife to fix KMSAN kernel-infoleak Fix a KMSAN kernel-infoleak detected by the syzbot . net? KMSAN: kernel-infoleak in skbdatagramiter In tcfifedump, the variable 'opt' was partially...

EUVD-2025-201576

In the Linux kernel, the following vulnerability has been resolved: net: sched: actconnmark: initialize struct tcife to fix kernel leak In tcfconnmarkdump, the variable 'opt' was partially initialized using a designatied initializer. While the padding bytes are reamined uninitialized. nlaput copi...

CVE-2025-40279

In the Linux kernel, the following vulnerability has been resolved: net: sched: actconnmark: initialize struct tcife to fix kernel leak In tcfconnmarkdump, the variable 'opt' was partially initialized using a designatied initializer. While the padding bytes are reamined uninitialized. nlaput copi...

CVE-2025-40278

In the Linux kernel, the following vulnerability has been resolved: net: sched: actife: initialize struct tcife to fix KMSAN kernel-infoleak Fix a KMSAN kernel-infoleak detected by the syzbot . net? KMSAN: kernel-infoleak in skbdatagramiter In tcfifedump, the variable 'opt' was partially...

UBUNTU-CVE-2025-40278

In the Linux kernel, the following vulnerability has been resolved: net: sched: actife: initialize struct tcife to fix KMSAN kernel-infoleak Fix a KMSAN kernel-infoleak detected by the syzbot . net? KMSAN: kernel-infoleak in skbdatagramiter In tcfifedump, the variable 'opt' was partially...

CVE-2025-40279

CVE-2025-40279 : Linux kernel issue in net: sched: act_connmark. The patch fixes a kernel information leak by correcting initialization of a tc_ife-like structure in tcf_connmark_dump() – the code previously partially initialized an opt struct via designated initializers, leaving padding uninitia...

CVE-2025-40279

In the Linux kernel, the following vulnerability has been resolved: net: sched: actconnmark: initialize struct tcife to fix kernel leak In tcfconnmarkdump, the variable 'opt' was partially initialized using a designatied initializer. While the padding bytes are reamined uninitialized. nlaput copi...

CVE-2025-40279 net: sched: act_connmark: initialize struct tc_ife to fix kernel leak

In the Linux kernel, the following vulnerability has been resolved: net: sched: actconnmark: initialize struct tcife to fix kernel leak In tcfconnmarkdump, the variable 'opt' was partially initialized using a designatied initializer. While the padding bytes are reamined uninitialized. nlaput copi...

CVE-2025-40278 net: sched: act_ife: initialize struct tc_ife to fix KMSAN kernel-infoleak

In the Linux kernel, the following vulnerability has been resolved: net: sched: actife: initialize struct tcife to fix KMSAN kernel-infoleak Fix a KMSAN kernel-infoleak detected by the syzbot . net? KMSAN: kernel-infoleak in skbdatagramiter In tcfifedump, the variable 'opt' was partially...

mtd: core: fix possible resource leak in init_mtd()

...

CVE-2025-40234

In the Linux kernel, the following vulnerability has been resolved: platform/x86: alienware-wmi-wmax: Fix NULL pointer dereference in sleep handlers Devices without the AWCC interface don't initialize awcc. Add a check before dereferencing it in sleep handlers...

CVE-2025-40226

In the Linux kernel, the following vulnerability has been resolved: firmware: armscmi: Account for failed debug initialization When the SCMI debug subsystem fails to initialize, the related debug root will be missing, and the underlying descriptor will be NULL. Handle this fault condition in the...

orangefs: Fix kmemleak in orangefs_sysfs_init()

...

CVE-2025-40263

In the Linux kernel, the following vulnerability has been resolved: Input: croseckeyb - fix an invalid memory access If croseckeybregistermatrix isn't called due to buttonsswitchesonly in croseckeybprobe, ckdev-idev remains NULL. An invalid memory access is observed in croseckeybprocess when...

CVE-2025-40234

In the Linux kernel, the following vulnerability has been resolved: platform/x86: alienware-wmi-wmax: Fix NULL pointer dereference in sleep handlers Devices without the AWCC interface don't initialize awcc. Add a check before dereferencing it in sleep handlers...

CVE-2025-40226

In the Linux kernel, the following vulnerability has been resolved: firmware: armscmi: Account for failed debug initialization When the SCMI debug subsystem fails to initialize, the related debug root will be missing, and the underlying descriptor will be NULL. Handle this fault condition in the...