CVE-2023-53862

CVE-2023-53862 relates to the Linux kernel hfs filesystem. The issue is a missing hfs_bnode_get() after finding/creating a bnode, which can lead to a refcount underflow and a kernel BUG in hfs_bnode_put() during writeback. The provided description shows a path where a node is allocated with refcn...

CVE-2023-53862 hfs: fix missing hfs_bnode_get() in __hfs_bnode_create

In the Linux kernel, the following vulnerability has been resolved: hfs: fix missing hfsbnodeget in hfsbnodecreate Syzbot found a kernel BUG in hfsbnodeput: kernel BUG at fs/hfs/bnode.c:466! invalid opcode: 0000 1 PREEMPT SMP KASAN CPU: 0 PID: 3634 Comm: kworker/u4:5 Not tainted...

CVE-2023-53862

In the Linux kernel, the following vulnerability has been resolved: hfs: fix missing hfsbnodeget in hfsbnodecreate Syzbot found a kernel BUG in hfsbnodeput: kernel BUG at fs/hfs/bnode.c:466! invalid opcode: 0000 1 PREEMPT SMP KASAN CPU: 0 PID: 3634 Comm: kworker/u4:5 Not tainted...

CVE-2023-53857 bpf: bpf_sk_storage: Fix invalid wait context lockdep report

In the Linux kernel, the following vulnerability has been resolved: bpf: bpfskstorage: Fix invalid wait context lockdep report './testprogs -t testlocalstorage' reported a splat: 27.137569 ============================= 27.138122 BUG: Invalid wait context 27.138650 6.5.0-03980-gd11ae1b16b0a 247...

CVE-2023-53829 f2fs: flush inode if atomic file is aborted

In the Linux kernel, the following vulnerability has been resolved: f2fs: flush inode if atomic file is aborted Let's flush the inode being aborted atomic operation to avoid stale dirty inode during eviction in this call stack: f2fsmarkinodedirtysync+0x22/0x40 f2fs f2fsabortatomicwrite+0xc4/0xf0...

CVE-2022-50638

In the Linux kernel, the following vulnerability has been resolved: ext4: fix bugon in estreesearch caused by bad boot loader inode We got a issue as fllows: ================================================================== kernel BUG at fs/ext4/extentsstatus.c:203! invalid opcode: 0000 1 PREEMP...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a missing hfsbnodeget call, which could lead to a kernel bug...

tipc: Fix use-after-free in tipc_mon_reinit_self().

...

EUVD-2025-201636

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SCO: Fix UAF on scoconnfree BUG: KASAN: slab-use-after-free in scoconnfree net/bluetooth/sco.c:87 inline BUG: KASAN: slab-use-after-free in krefput include/linux/kref.h:65 inline BUG: KASAN: slab-use-after-free in...

UBUNTU-CVE-2023-53765

In the Linux kernel, the following vulnerability has been resolved: dm cache: free background tracker's queued work in btrackerdestroy Otherwise the kernel can BUG with: 2245.426978 ============================================================================= 2245.435155 BUG btwork Tainted: G B W...

CVE-2023-53765

CVE-2023-53765 is a Linux kernel issue affecting the device-mapper cache (dm-cache) background tracker cleanup. The root cause is cleanup of bg tracker work objects (bt_work) during dm-cache teardown, where kmem_cache_destroy could leave objects and trigger a kernel BUG when freeing resources (no...

CVE-2023-53765

In the Linux kernel, the following vulnerability has been resolved: dm cache: free background tracker's queued work in btrackerdestroy Otherwise the kernel can BUG with: 2245.426978 ============================================================================= 2245.435155 BUG btwork Tainted: G B W...

CVE-2023-53765 dm cache: free background tracker's queued work in btracker_destroy

In the Linux kernel, the following vulnerability has been resolved: dm cache: free background tracker's queued work in btrackerdestroy Otherwise the kernel can BUG with: 2245.426978 ============================================================================= 2245.435155 BUG btwork Tainted: G B W...

Linux Distros Unpatched Vulnerability : CVE-2025-40235

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - btrfs: directly free partially initialized fsinfo in btrfscheckleakedroots If fsinfo-supercopy or fsinfo-superforcommit allocated failed in btrfsgettreesubvol,...

Linux Distros Unpatched Vulnerability : CVE-2023-53765

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - dm cache: free background tracker's queued work in btrackerdestroy Otherwise the kernel can BUG with: 2245.426978...

DEBIAN-CVE-2025-40282

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: 6lowpan: reset link-local header on ipv6 recv path Bluetooth 6lowpan.c netdev has headerops, so it must set link-local header for RX skb, otherwise things crash, eg. with AFPACKET SOCKRAW Add missing skbresetmacheader...

CVE-2025-40273 NFSD: free copynotify stateid in nfs4_free_ol_stateid()

In the Linux kernel, the following vulnerability has been resolved: NFSD: free copynotify stateid in nfs4freeolstateid Typically copynotify stateid is freed either when parent's stateid is being close/freed or in nfsd4laundromat if the stateid hasn't been used in a lease period. However, in case...

PT-2025-49384

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the Bluetooth component of the Linux kernel, specifically within the btusb disconnect function. The issue occurs because data associated with a Bluetooth...

SUSE CVE-2025-40233

In the Linux kernel, the following vulnerability has been resolved: ocfs2: clear extent cache after moving/defragmenting extents The extent map cache can become stale when extents are moved or defragmented, causing subsequent operations to see outdated extent flags. This triggers a BUGON in...

UBUNTU-CVE-2025-40261

In the Linux kernel, the following vulnerability has been resolved: nvme: nvme-fc: Ensure -ioerrwork is cancelled in nvmefcdeletectrl nvmefcdeleteassocation waits for pending I/O to complete before returning, and an error can cause -ioerrwork to be queued after cancelworksync had been called. Mov...