SUSE CVE-2023-53065

In the Linux kernel, the following vulnerability has been resolved: perf/core: Fix perfoutputbegin parameter is incorrectly invoked in perfeventbpfoutput syzkaller reportes a KASAN issue with stack-out-of-bounds. The call trace is as follows: dumpstack+0x9c/0xd3...

SUSE CVE-2023-53144

In the Linux kernel, the following vulnerability has been resolved: erofs: fix wrong kunmap when using LZMA on HIGHMEM platforms As the call trace shown, the root cause is kunmap incorrect pages: BUG: kernel NULL pointer dereference, address: 00000000 CPU: 1 PID: 40 Comm: kworker/u5:0 Not tainted...

CVE-2023-53144

CVE-2023-53144 concerns the Linux kernel erofs subsystem. The connected documentation describes an identified issue where kunmap could be applied to incorrect pages during LZMA decompression on HIGHMEM platforms, leading to a NULL pointer dereference in z_erofs_lzma_decompress and related call ch...

PT-2025-18857

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to the fixed version Description A bug in the Linux kernel's histogram code allowed histogram values to have certain modifiers, which caused a bug. The issue occurred when attempting to set a histogram value to a...

DEBIAN-CVE-2022-49900

In the Linux kernel, the following vulnerability has been resolved: i2c: piix4: Fix adapter not be removed in piix4remove In piix4probe, the piix4 adapter will be registered in: piix4probe piix4addadapterssb800 / piix4addadapter i2caddadapter Based on the probed device type, piix4addadapterssb800...

UBUNTU-CVE-2022-49898

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix tree mod log mishandling of reallocated nodes We have been seeing the following panic in production kernel BUG at fs/btrfs/tree-mod-log.c:677! invalid opcode: 0000 1 SMP RIP: 0010:treemodlogrewind+0x1b4/0x200 RSP:...

CVE-2022-49879 ext4: fix BUG_ON() when directory entry has invalid rec_len

In the Linux kernel, the following vulnerability has been resolved: ext4: fix BUGON when directory entry has invalid reclen The reclen field in the directory entry has to be a multiple of 4. A corrupted filesystem image can be used to hit a BUG in ext4reclentodisk, called from makeindexeddir...

CVE-2025-37925 jfs: reject on-disk inodes of an unsupported type

In the Linux kernel, the following vulnerability has been resolved: jfs: reject on-disk inodes of an unsupported type Syzbot has reported the following BUG: kernel BUG at fs/inode.c:668! Oops: invalid opcode: 0000 1 PREEMPT SMP KASAN PTI CPU: 3 UID: 0 PID: 139 Comm: jfsCommit Not tainted...

SUSE CVE-2024-58092

In the Linux kernel, the following vulnerability has been resolved: nfsd: fix legacy client tracking initialization Get rid of the nfsd4legacytrackingops-init call in checkforlegacymethods. That will be handled in the caller nfsd4clienttrackinginit. Otherwise, we'll wind up calling...

CVE-2025-22120

In the Linux kernel, the following vulnerability has been resolved: ext4: goto right label 'outmmapsem' in ext4setattr Otherwise, if ext4inodeattachjinode fails, a hung task will happen because filemapinvalidateunlock isn't called to unlock mapping-invalidatelock. Like this: EXT4-fs error device...

UBUNTU-CVE-2025-22085

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fix use-after-free when rename device name Syzbot reported a slab-use-after-free with the following call trace: ================================================================== BUG: KASAN: slab-use-after-free in...

CVE-2025-22123 f2fs: fix to avoid accessing uninitialized curseg

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid accessing uninitialized curseg syzbot reports a f2fs bug as below: F2FS-fs loop3: Stopped filesystem due to reason: 7 kworker/u8:7: attempt to access beyond end of device BUG: unable to handle page fault for...

PT-2025-27750

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A panic in the Linux kernel can be triggered by executing a specific command, resulting in a kernel bug. The issue originates from the assertion BUG ONskb sharedskb in skb linearize. A...

DEBIAN-CVE-2025-21984

In the Linux kernel, the following vulnerability has been resolved: mm: fix kernel BUG when userfaultfdmove encounters swapcache userfaultfdmove checks whether the PTE entry is present or a swap entry. - If the PTE entry is present, movepresentpte handles folio migration by setting: srcfolio-inde...

UBUNTU-CVE-2025-21949

In the Linux kernel, the following vulnerability has been resolved: LoongArch: Set hugetlb mmap base address aligned with pmd size With ltp test case "testcases/bin/hugefork02", there is a dmesg error report message such as: kernel BUG at mm/hugetlb.c:5550! Oops - BUG1: CPU: 0 UID: 0 PID: 1517...

CVE-2025-21949 LoongArch: Set hugetlb mmap base address aligned with pmd size

In the Linux kernel, the following vulnerability has been resolved: LoongArch: Set hugetlb mmap base address aligned with pmd size With ltp test case "testcases/bin/hugefork02", there is a dmesg error report message such as: kernel BUG at mm/hugetlb.c:5550! Oops - BUG1: CPU: 0 UID: 0 PID: 1517...

Security update for the Linux Kernel

The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-26924: scsi: lpfc: Release hbalock before calling lpfcworkerwakeup bsc1225820. CVE-2024-27397: netfilter: nftables: use timestamp to check for s...

DEBIAN-CVE-2023-52982

In the Linux kernel, the following vulnerability has been resolved: fscache: Use waitonbit to wait for the freeing of relinquished volume The freeing of relinquished volume will wake up the pending volume acquisition by using wakeupbit, however it is mismatched with waitvarevent used in...

UBUNTU-CVE-2023-53029

In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: Fix the use of GFPKERNEL in atomic context on rt The commit 4af1b64f80fb "octeontx2-pf: Fix lmtst ID used in aura free" uses the get/putcpu to protect the usage of percpu pointer in -aurafreeptr callback, but it als...

UBUNTU-CVE-2022-49738

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on iextraisize in isalive syzbot found a f2fs bug: BUG: KASAN: slab-out-of-bounds in datablkaddr fs/f2fs/f2fs.h:2891 inline BUG: KASAN: slab-out-of-bounds in isalive fs/f2fs/gc.c:1117 inline BUG: KASA...