Linux Distros Unpatched Vulnerability : CVE-2024-42303

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: media: imx-pxp: Fix ERRPTR dereference in pxpprobe devmregmapinitmmio can fail, add a check...

SUSE CVE-2025-38362

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null pointer check for getfirstactivedisplay The function modhdcphdcp1enableencryption calls the function getfirstactivedisplay, but does not check its return value. The return value is a null pointer if the...

UBUNTU-CVE-2025-38489

In the Linux kernel, the following vulnerability has been resolved: s390/bpf: Fix bpfarchtextpoke with newaddr == NULL again Commit 7ded842b356d "s390/bpf: Fix bpfplt pointer arithmetic" has accidentally removed the critical piece of commit c730fce7c70c "s390/bpf: Fix bpfarchtextpoke with newaddr...

UBUNTU-CVE-2025-38475

In the Linux kernel, the following vulnerability has been resolved: smc: Fix various oops due to inetsock type confusion. syzbot reported weird splats 01 in cipsov4socksetattr while freeing inetsksk-inetopt. The address was freed multiple times even though it was read-only memory...

CVE-2025-38451

In the Linux kernel, the following vulnerability has been resolved: md/md-bitmap: fix GPF in bitmapgetstats The commit message of commit 6ec1f0239485 "md/md-bitmap: fix stats collection for external bitmaps" states: Remove the external bitmap check as the statistics should be available regardless...

CVE-2025-38385

Summary: CVE-2025-38385 affects the Linux kernel in the LAN78xx USB Ethernet driver, where a WARN can be triggered during USB disconnect when NAPI is still enabled. Root cause (per provided data): In the disconnect path, netif_napi_del() was redundantly called even though unregister_netdev() hand...

UBUNTU-CVE-2025-38345

In the Linux kernel, the following vulnerability has been resolved: ACPICA: fix acpi operand cache leak in dswstate.c ACPICA commit 987a3b5cf7175916e2a4b6ea5b8e70f830dfe732 I found an ACPI cache leak in ACPI early termination and boot continuing case. When early termination occurs due to maliciou...

DEBIAN-CVE-2025-38290

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix node corruption in ar-arvifs list In current WLAN recovery code flow, ath12kcorehalt only reinitializes the "arvifs" list head. This will cause the list node immediately following the list head to become an...

CVE-2025-38272

In the Linux kernel, the following vulnerability has been resolved: net: dsa: b53: do not enable EEE on bcm63xx BCM63xx internal switches do not support EEE, but provide multiple RGMII ports where external PHYs may be connected. If one of these PHYs are EEE capable, we may try to enable EEE for t...

CVE-2025-38327 fgraph: Do not enable function_graph tracer when setting funcgraph-args

In the Linux kernel, the following vulnerability has been resolved: fgraph: Do not enable functiongraph tracer when setting funcgraph-args When setting the funcgraph-args option when function graph tracer is net enabled, it incorrectly enables it. Worse, it unregisters itself when it was never...

CVE-2025-38184

In the Linux kernel, the following vulnerability has been resolved: tipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer The reproduction steps: 1. create a tun interface 2. enable l2 bearer 3. TIPCNLUDPGETREMOTEIP with media name set to tun tipc: Started in network mode tipc: Nod...

CVE-2025-38175 binder: fix yet another UAF in binder_devices

In the Linux kernel, the following vulnerability has been resolved: binder: fix yet another UAF in binderdevices Commit e77aff5528a18 "binderfs: fix use-after-free in binderdevices" addressed a use-after-free where devices could be released without first being removed from the binderdevices list...

SUSE CVE-2025-38144

In the Linux kernel, the following vulnerability has been resolved: watchdog: lenovose30wdt: Fix possible devmioremap NULL pointer dereference in lenovose30wdtprobe devmioremap returns NULL on error. Currently, lenovose30wdtprobe does not check for this case, which results in a NULL pointer...

CVE-2025-38165

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix panic when calling skblinearize The panic can be reproduced by executing the command: ./bench sockmap -c 2 -p 1 -a --rx-verdict-ingress --rx-strp 100000 Then a kernel panic was captured: ''' 657.460555 kernel BU...

UBUNTU-CVE-2025-38138

In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: Add NULL check in udmaprobe devmkasprintf returns NULL when memory allocation fails. Currently, udmaprobe does not check for this case, which results in a NULL pointer dereference. Add NULL check after devmkasprint...

CVE-2025-38165

CVE-2025-38165 affects the Linux kernel (bpf, sockmap) and can trigger a kernel panic when skb_linearize is called in the backlog path. The root cause, introduced by a prior skb_get usage to fix race conditions, caused panics for large RX payloads (e.g., when using the strparser to accumulate up ...

CVE-2025-38158

CVE-2025-38158 affects the Linux kernel (hisi_acc_vfio_pci) and fixes an XQE/AEQE DMA address error observed after migration. The root cause is an incorrect address construction when reading hardware registers, causing wrong DMA addresses for EQE/AEQE and guest kernel‑mode encryption services to ...

CVE-2025-38139

In Linux kernels with netfs, CVE-2025-38139 is resolved by correcting the write-retry path: netfs_retry_write_stream() now uses the iterator-reset function, ensuring the subrequest length accounts for any shortened data after a retry. The bug could cause a KASAN slab-out-of-bounds read in iov_ite...

CVE-2025-38131 coresight: prevent deactivate active config while enabling the config

In the Linux kernel, the following vulnerability has been resolved: coresight: prevent deactivate active config while enabling the config While enable active config via cscfgcsdevenableactiveconfig, active config could be deactivated via configfs' sysfs interface. This could make UAF issue in bel...

PT-2025-30757

Name of the Vulnerable Software and Affected Versions Linux kernel versions 6.16.0-rc2-WSL2-STABLE and earlier. Description A runtime warning was observed in the truncate folio batch exceptionals function within the Linux kernel's fuse module. This issue was addressed by applying a fix initially...