CVE-2022-50885

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix NULL-ptr-deref in rxeqpdocleanup when socket create failed There is a null-ptr-deref when mount.cifs over rdma: BUG: KASAN: null-ptr-deref in rxeqpdocleanup+0x2f3/0x360 rdmarxe Read of size 8 at addr 000000000000001...

UBUNTU-CVE-2022-50855

In the Linux kernel, the following vulnerability has been resolved: bpf: prevent leak of lsm program after failed attach In 0, we added the ability to bpfprogattach LSM programs to cgroups, but in our validation to make sure the prog is meant to be attached to BPFLSMCGROUP, we return too early if...

CVE-2022-50839

In the Linux kernel, the following vulnerability has been resolved: jbd2: fix potential buffer head reference count leak As in 'jbd2fcwaitbufs' if buffer isn't uptodate, will return -EIO without update 'journal-jfcoff'. But 'jbd2fcreleasebufs' will release buffer head from ‘jfcoff - 1’ if 'bh' is...

CVE-2023-54255 sh: dma: Fix DMA channel offset calculation

In the Linux kernel, the following vulnerability has been resolved: sh: dma: Fix DMA channel offset calculation Various SoCs of the SH3, SH4 and SH4A family, which use this driver, feature a differing number of DMA channels, which can be distributed between up to two DMAC modules. The existing...

CVE-2022-50847 drm/bridge: it6505: Initialize AUX channel in it6505_i2c_probe

In the Linux kernel, the following vulnerability has been resolved: drm/bridge: it6505: Initialize AUX channel in it6505i2cprobe During device boot, the HPD interrupt could be triggered before the DRM subsystem registers it6505 as a DRM bridge. In such cases, the driver tries to access AUX channe...

CVE-2023-54187

CVE-2023-54187 concerns a Linux kernel issue where moving/renaming a directory could trigger potential corruption. The vulnerability affects the filesystem code related to F2FS and reproduces in ext4_rename, as revealed by xfstests/generic/707. The root cause involves corruption risks during dire...

CVE-2023-54174 vfio: Fix NULL pointer dereference caused by uninitialized group->iommufd

In the Linux kernel, the following vulnerability has been resolved: vfio: Fix NULL pointer dereference caused by uninitialized group-iommufd group-iommufd is not initialized for the iommufdctxput 20018.331541 BUG: kernel NULL pointer dereference, address: 0000000000000000 20018.377508 RIP:...

CVE-2022-50818 scsi: pm8001: Fix running_req for internal abort commands

In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix runningreq for internal abort commands Disabling the remote phy for a SATA disk causes a hang: root@none$ more /sys/class/sasphy/phy-0:0:8/targetportprotocols sata root@none$ echo 0...

PT-2025-54085

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: don't reset device side if dwc3 was configured as host-only Commit c4a5153e87fd "usb: dwc3: core: Power-off core/PHYs on system suspend in host mode" replaces check for HOST only dr mode with current dr role. But durin...

PT-2025-54083

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s DRM/TTM subsystem where a resource could be leaked during eviction errors, specifically those other than -EMULTIHOP. The issue was addressed by...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992592)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992592 advisory. In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix duplicated reported IWCMEVENTCONNECTREPLY event If siwrecvmparr returns -EAGAIN, it...

CVE-2023-54108

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix DMA-API call trace on NVMe LS requests The following message and call trace was seen with debug kernels: DMA-API: qla2xxx 0000:41:00.0: device driver failed to check map error device address=0x00000002a3ff38d8...

UBUNTU-CVE-2023-54151

In the Linux kernel, the following vulnerability has been resolved: f2fs: Fix system crash due to lack of free space in LFS When f2fs tries to checkpoint during foreground gc in LFS mode, system crash occurs due to lack of free space if the amount of dirty node and dentry pages generated by data...

CVE-2023-54083 phy: tegra: xusb: Clear the driver reference in usb-phy dev

In the Linux kernel, the following vulnerability has been resolved: phy: tegra: xusb: Clear the driver reference in usb-phy dev For the dual-role port, it will assign the phy dev to usb-phy dev and use the port dev driver as the dev driver of usb-phy. When we try to destroy the port dev, it will...

CVE-2022-50755

CVE-2022-50755: Linux kernel UDF rename path had a double brelse() on buffer heads (udf_find_entry() returning NULL) causing unbalanced buffer_head b_count. The fix prevents brelse() from being called by udf_rename() when udf_find_entry() returns NULL, eliminating the imbalance. This is the concr...

CVE-2022-50716 wifi: ar5523: Fix use-after-free on ar5523_cmd() timed out

In the Linux kernel, the following vulnerability has been resolved: wifi: ar5523: Fix use-after-free on ar5523cmd timed out syzkaller reported use-after-free with the stack trace like below 1: 38.960489 C3 ================================================================== 38.963216 C3 BUG: KASAN:...

CVE-2023-53987

In the Linux kernel, the following vulnerability has been resolved: ping: Fix potentail NULL deref for /proc/net/icmp. After commit dbca1596bbb0 "ping: convert to RCU lookups, get rid of rwlock", we use RCU for ping sockets, but we should use spinlock for /proc/net/icmp to avoid a potential NULL...

CVE-2025-68727 ntfs3: Fix uninit buffer allocated by __getname()

In the Linux kernel, the following vulnerability has been resolved: ntfs3: Fix uninit buffer allocated by getname Fix uninit errors caused after buffer allocation given to 'de'; by initializing the buffer with zeroes. The fix was found by using KMSAN...

CVE-2025-68370

In the Linux kernel, CVE-2025-68370 affects the coresight tmc path handling. The fix adds the event handle to the coresight_path so dependent devices can access it (required to retrieve AUX_EVENT per CPU in perf mode). Reproduction example uses perf record -e cs_etm//k -C 0-9, which could trigger...

SUSE CVE-2025-68224

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...