9086 matches found
SUSE CVE-2025-38533
In the Linux kernel, the following vulnerability has been resolved: net: libwx: fix the using of Rx buffer DMA The wxrxbuffer structure contained two DMA address fields: 'dma' and 'pagedma'. However, only 'pagedma' was actually initialized and used to program the Rx descriptor. But 'dma' was...
CVE-2025-38546
In the Linux kernel, the following vulnerability has been resolved: atm: clip: Fix memory leak of struct clipvcc. ioctlATMARPMKIP allocates struct clipvcc and set it to vcc-userback. The code assumes that vccdestroysocket passes NULL skb to vcc-push when the socket is closed, and then clippush...
CVE-2025-38525
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix irq-disabled in localbhenable The rxrpcassessMTUsize function calls down into the IP layer to find out the MTU size for a route. When accepting an incoming call, this is called from rxrpcnewincomingcall which holds...
CVE-2025-38546
CVE-2025-38546 (Linux kernel: ATM clip memory leak) The vulnerability is in the ATM subsystem’s clip code. The ioctl ATMARPD_CTRL path assigns NULL to vcc->push(), which breaks the expected cleanup path and leaks memory for the allocated struct clip_vcc during ATMARP handling. The root cause i...
CVE-2025-38541
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7925: Fix null-ptr-deref in mt7925thermalinit devmkasprintf returns NULL on error. Currently, mt7925thermalinit does not check for this case, which results in a NULL pointer dereference. Add NULL check after...
UBUNTU-CVE-2025-38517
In the Linux kernel, the following vulnerability has been resolved: lib/alloctag: do not acquire non-existent lock in alloctagtopusers alloctagtopusers attempts to lock alloctagcttype-modlock even when the alloctagcttype is not allocated because: 1 alloc tagging is disabled because mem profiling ...
CVE-2025-38525 rxrpc: Fix irq-disabled in local_bh_enable()
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix irq-disabled in localbhenable The rxrpcassessMTUsize function calls down into the IP layer to find out the MTU size for a route. When accepting an incoming call, this is called from rxrpcnewincomingcall which holds...
CVE-2025-38525
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix irq-disabled in localbhenable The rxrpcassessMTUsize function calls down into the IP layer to find out the MTU size for a route. When accepting an incoming call, this is called from rxrpcnewincomingcall which holds...
CVE-2025-38507
In the Linux kernel, the following vulnerability has been resolved: HID: nintendo: avoid bluetooth suspend/resume stalls Ensure we don't stall or panic the kernel when using bluetooth-connected controllers. This was reported as an issue on android devices using kernel 6.6 due to the resume hook...
CVE-2025-38507 HID: nintendo: avoid bluetooth suspend/resume stalls
In the Linux kernel, the following vulnerability has been resolved: HID: nintendo: avoid bluetooth suspend/resume stalls Ensure we don't stall or panic the kernel when using bluetooth-connected controllers. This was reported as an issue on android devices using kernel 6.6 due to the resume hook...
CVE-2025-38507 HID: nintendo: avoid bluetooth suspend/resume stalls
In the Linux kernel, the following vulnerability has been resolved: HID: nintendo: avoid bluetooth suspend/resume stalls Ensure we don't stall or panic the kernel when using bluetooth-connected controllers. This was reported as an issue on android devices using kernel 6.6 due to the resume hook...
PT-2025-33584 · Mt76 +2 · Mt76 +2
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a flaw in the mt7925 thermal init function within the mt76 and mt7925 modules. The devm kasprintf function can return NULL on error, and the code does not che...
SUSE SLES15 / openSUSE 15 Security Update : podman (SUSE-SU-2025:02808-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:02808-1 advisory. - CVE-2025-6032: Fixed machine init command failing to verify TLS certificate bsc1245320 Tenable has extracted the preceding...
PT-2025-33568
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw exists in the Linux kernel related to interrupt handling within the rxrpc subsystem. Specifically, the rxrpc assess MTU size function, called from rxrpc new incoming call, can...
Security update for podman
This update for podman fixes the following issues: CVE-2025-6032: Fixed machine init command failing to verify TLS certificate bsc1245320 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can r...
SUSE-SU-2025:02807-1 Security update for podman
This update for podman fixes the following issues: - CVE-2025-6032: Fixed machine init command failing to verify TLS certificate bsc1245320...
Security update for podman
This update for podman fixes the following issues: CVE-2025-6032: Fixed machine init command failing to verify TLS certificate bsc1245320 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can r...
Linux Distros Unpatched Vulnerability : CVE-2025-38205
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/amd/display: Avoid divide by zero by initializing dummy pitch to 1 Why If the dummy values in populatedummydmlsurfacecfg aren't updated then they can lead t...
Linux Distros Unpatched Vulnerability : CVE-2022-49742
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - f2fs: initialize locks earlier in f2fsfillsuper syzbot is reporting lockdep warning at f2fshandleerror 1, for spinlock&sbi-errorlock is called before spinlockin...
Linux Distros Unpatched Vulnerability : CVE-2022-49925
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RDMA/core: Fix null-ptr-deref in ibcorecleanup KASAN reported a null-ptr-deref error: KASAN: null-ptr- deref in range 0x0000000000000118-0x000000000000011f CPU:...