DEBIAN-CVE-2025-38066

In the Linux kernel, the following vulnerability has been resolved: dm cache: prevent BUGON by blocking retries on failed device resumes A cache device failing to resume due to mapping errors should not be retried, as the failure leaves a partially initialized policy object. Repeating the resume...

CVE-2025-38040

In the Linux kernel, the following vulnerability has been resolved: serial: mctrlgpio: split disablems into sync and nosync APIs The following splat has been observed on a SAMA5D27 platform using atmelserial: BUG: sleeping function called from invalid context at kernel/irq/manage.c:738 inatomic: ...

UBUNTU-CVE-2025-38013

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Set nchannels after allocating struct cfg80211scanrequest Make sure that nchannels is set after allocating the struct cfg80211registereddevice::intscanreq member. Seen with syzkaller: UBSAN:...

PT-2025-25896 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to the fixed version Description: A kernel BUG has been resolved in the Linux kernel, specifically in the bpf and cgroup components. The issue was reported by Syzkaller and occurs when a kernel BUG is triggered due...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a mismatch in the exchange of PFN page types in mprotect, which could lead to a kernel bug...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: L2CAP: Fixed a slab-use-after-free error in l2capsendcmd. After the hci sync command releases the l2capconn, the hci receive data work queue references the released l2cap Conn when sending data to the upper layer...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: btrfs: The program exits after a state insertion failure at btrfsconvertextentbit. If the insertstate function fails, it returns an error pointer. We then call extentiotreepanic, which will trigger a BUG. However, if CONFIGBUG is...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: drm/imagination: take paired job reference For paired jobs, the fragment job must take a reference to the geometry job, so that the geometry job cannot be freed until the fragment job has finished with it. The geometry job...

TencentOS Server 3: kernel (TSSA-2024:1024)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:1024 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

PT-2025-30774

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The OP-TEE driver registers the notif callback function for FF-A notifications. This function is called in an atomic context, which can lead to errors when processing asynchronous...

SUSE SLES15: cluster-md-kmp-azure / dlm-kmp-azure / gfs2-kmp-azure / etc (SUSE-SU-2025:01707-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:01707-1 advisory. The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to receive various security bugfixes. The following securi...

CVE-2020-7462

In 11.4-PRERELEASE before r360733 and 11.3-RELEASE before p13, improper mbuf handling in the kernel causes a use-after-free bug by sending IPv6 Hop-by-Hop options over the loopback interface. The use-after-free situation may result in unintended kernel behaviour including a kernel panic...

CVE-2025-37904 btrfs: fix the inode leak in btrfs_iget()

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix the inode leak in btrfsiget BUG There is a bug report that a syzbot reproducer can lead to the following busy inode at unmount time: BTRFS info device loop1: last unmount of filesystem...

PT-2025-22166 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to the fixed version Description: A bug in the Linux kernel has been identified, which can lead to a busy inode at unmount time, resulting in a kernel BUG. This issue occurs when btrfs alloc path fails, and btrfs...

kernel: Bluetooth: Fix memory leak in hci_req_sync_complete()

This CVE identifies a memory leak in the Linux kernel's Bluetooth subsystem, specifically within the hcireqsynccomplete function. The issue arises because the function fails to release the previous synchronization request state before assigning a new one, leading to increased memory usage over...

AZL-70144 CVE-2025-37861 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Synchronous access b/w reset and tm thread for reply queue When the task management thread processes reply queues while the reset thread resets them, the task management thread accesses an invalid queue ID 0xFFFF, s...

AZL-69938 CVE-2025-37807 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix kmemleak warning for percpu hashmap Vlad Poenaru reported the following kmemleak issue: unreferenced object 0x606fd7c44ac8 size 32: backtrace crc 0: pcpuallocnoprof+0x730/0xeb0 bpfmapallocpercpu+0x69/0xc0...

SUSE CVE-2023-53065

In the Linux kernel, the following vulnerability has been resolved: perf/core: Fix perfoutputbegin parameter is incorrectly invoked in perfeventbpfoutput syzkaller reportes a KASAN issue with stack-out-of-bounds. The call trace is as follows: dumpstack+0x9c/0xd3...

SUSE CVE-2023-53144

In the Linux kernel, the following vulnerability has been resolved: erofs: fix wrong kunmap when using LZMA on HIGHMEM platforms As the call trace shown, the root cause is kunmap incorrect pages: BUG: kernel NULL pointer dereference, address: 00000000 CPU: 1 PID: 40 Comm: kworker/u5:0 Not tainted...

CVE-2023-53144

CVE-2023-53144 concerns the Linux kernel erofs subsystem. The connected documentation describes an identified issue where kunmap could be applied to incorrect pages during LZMA decompression on HIGHMEM platforms, leading to a NULL pointer dereference in z_erofs_lzma_decompress and related call ch...