UBUNTU-CVE-2023-53475

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: tegra: fix sleep in atomic call When we set the dual-role port to Host mode, we observed the following splat: 167.057718 BUG: sleeping function called from invalid context at include/linux/sched/mm.h:229 167.057872...

UBUNTU-CVE-2022-50456

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix resolving backrefs for inline extent followed by prealloc If a file consists of an inline extent followed by a regular or prealloc extent, then a legitimate attempt to resolve a logical address in the non-inline region...

CVE-2023-53503 ext4: allow ext4_get_group_info() to fail

In the Linux kernel, the following vulnerability has been resolved: ext4: allow ext4getgroupinfo to fail Previously, ext4getgroupinfo would treat an invalid group number as BUG, since in theory it should never happen. However, if a malicious attaker or fuzzer modifies the superblock via the block...

CVE-2023-53487

CVE-2023-53487 concerns the Linux kernel under POWERPC: the powerpc/rtas_flash path allowed a user to copy memory into flash_block_cache objects when hardened usercopy is enabled (CONFIG_HARDENED_USERCOPY=y). The flaw is triggered via the /proc/powerpc/rtas/firmware_update interface, causing a ke...

CVE-2023-53463 ibmvnic: Do not reset dql stats on NON_FATAL err

In the Linux kernel, the following vulnerability has been resolved: ibmvnic: Do not reset dql stats on NONFATAL err All ibmvnic resets, make a call to netdevtxresetqueue when re-opening the device. netdevtxresetqueue resets the numqueued and numcompleted byte counters. These stats are used in Byt...

CVE-2023-53452

Observation: CVE-2023-53452 concerns a race condition in the Linux kernel affecting the wifi driver path for rtW89. When a netdev is registered but NAPI isn’t initialized yet, a race can occur if user space opens the netdev and enables NAPI, causing a kernel BUG at net/core/dev.c:6423 and an inva...

CVE-2025-39895 sched: Fix sched_numa_find_nth_cpu() if mask offline

In the Linux kernel, the following vulnerability has been resolved: sched: Fix schednumafindnthcpu if mask offline schednumafindnthcpu uses a bsearch to look for the 'closest' CPU in scheddomainsnumamasks and given cpus mask. However they might not intersect if all CPUs in the cpus mask are...

mm/damon/sysfs: fix use-after-free in state_show()

...

AZL-67656 CVE-2025-39883 affecting package kernel for versions less than 6.6.112.1-1

In the Linux kernel, the following vulnerability has been resolved: mm/memory-failure: fix VMBUGONPAGEPagePoisonedpage when unpoison memory When I did memory failure tests, below panic occurs: page dumped because: VMBUGONPAGEPagePoisonedpage kernel BUG at include/linux/page-flags.h:616! Oops:...

CVE-2025-39883 mm/memory-failure: fix VM_BUG_ON_PAGE(PagePoisoned(page)) when unpoison memory

In the Linux kernel, the following vulnerability has been resolved: mm/memory-failure: fix VMBUGONPAGEPagePoisonedpage when unpoison memory When I did memory failure tests, below panic occurs: page dumped because: VMBUGONPAGEPagePoisonedpage kernel BUG at include/linux/page-flags.h:616! Oops:...

CVE-2025-39883

CVE-2025-39883 affects the Linux kernel memory-management path mm/memory-failure, where unpoisoning memory can trigger VM_BUG_ON_PAGE(PagePoisoned(page)) due to checking PG_HWPoison flags on an uninitialized page. The root cause described in the initial and connected advisories is the uninitializ...

SUSE CVE-2025-39844

In the Linux kernel, the following vulnerability has been resolved: mm: move page table sync declarations to linux/pgtable.h During our internal testing, we started observing intermittent boot failures when the machine uses 4-level paging and has a large amount of persistent memory: BUG: unable t...

CVE-2025-39858 eth: mlx4: Fix IS_ERR() vs NULL check bug in mlx4_en_create_rx_ring

In the Linux kernel, the following vulnerability has been resolved: eth: mlx4: Fix ISERR vs NULL check bug in mlx4encreaterxring Replace NULL check with ISERR check after calling pagepoolcreate since this function returns error pointers ERRPTR. Using NULL check could lead to invalid pointer...

CVE-2023-53420

In the Linux kernel, the following vulnerability has been resolved: ntfs: Fix panic about slab-out-of-bounds caused by ntfslistxattr Here is a BUG report from syzbot: BUG: KASAN: slab-out-of-bounds in ntfslistea fs/ntfs3/xattr.c:191 inline BUG: KASAN: slab-out-of-bounds in ntfslistxattr+0x401/0x5...

CVE-2022-50419 Bluetooth: hci_sysfs: Fix attempting to call device_add multiple times

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisysfs: Fix attempting to call deviceadd multiple times deviceadd shall not be called multiple times as stated in its documentation: 'Do not call this routine or deviceregister more than once for any device structure...

CVE-2022-50386

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix user-after-free This uses l2capchanholdunlesszero after calling l2capgetchanblah to prevent the following trace: Bluetooth: l2capcore.c:static void l2capchandestroystruct kref kref Bluetooth: chan...

PT-2025-38436

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the Bluetooth subsystem, specifically in the hci sysfs component. The device add function may be called multiple times, violating its documented...

DEBIAN-CVE-2022-50371

In the Linux kernel, the following vulnerability has been resolved: led: qcom-lpg: Fix sleeping in atomic lpgbrighnessset function can sleep, while led's brightnessset callback must be non-blocking. Change LPG driver to use brightnesssetblocking instead. BUG: sleeping function called from invalid...

CVE-2023-53348 btrfs: fix deadlock when aborting transaction during relocation with scrub

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix deadlock when aborting transaction during relocation with scrub Before relocating a block group we pause scrub, then do the relocation and then unpause scrub. The relocation process requires starting and committing a...

PT-2025-38171

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw exists in the Linux kernel’s wilc1000 module related to network device unregistration. Specifically, the wilc netdev ifc init function lacks a call to unregister netdev in its...