CVE-2025-38575 ksmbd: use aead_request_free to match aead_request_alloc

In the Linux kernel, the following vulnerability has been resolved: ksmbd: use aeadrequestfree to match aeadrequestalloc Use aeadrequestfree instead of kfree to properly free memory allocated by aeadrequestalloc. This ensures sensitive crypto data is zeroed before being freed...

DEBIAN-CVE-2025-23132

In the Linux kernel, the following vulnerability has been resolved: f2fs: quota: fix to avoid warning in dquotwritebackdquots F2FS-fs dm-59: checkpoint=enable has some unwritten data. ------------ cut here ------------ WARNING: CPU: 6 PID: 8013 at fs/quota/dquot.c:691...

CVE-2025-22102

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btnxpuart: Fix kernel panic during FW release This fixes a kernel panic seen during release FW in a stress test scenario where WLAN and BT FW download occurs simultaneously, and due to a HW bug, chip sends out only 1...

DEBIAN-CVE-2025-22045

In the Linux kernel, the following vulnerability has been resolved: x86/mm: Fix flushtlbrange when used for zapping normal PMDs On the following path, flushtlbrange can be used for zapping normal PMD entries PMD entries that point to page tables together with the PTE entries in the pointed-to pag...

DEBIAN-CVE-2024-58096

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: add srng-lock for ath11khalsrng in monitor mode ath11khalsrng should be used with srng-lock to protect srng data. For ath11kdprxmondestprocess and ath11kdpfullmonprocessrx, they use ath11khalsrng for many times but...

CVE-2025-22080 fs/ntfs3: Prevent integer overflow in hdr_first_de()

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Prevent integer overflow in hdrfirstde The "deoff" and "used" variables come from the disk so they both need to check. The problem is that on 32bit systems if they're both greater than UINTMAX - 16 then the check does...

CVE-2025-22074 ksmbd: fix r_count dec/increment mismatch

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix rcount dec/increment mismatch rcount is only increased when there is an oplock break wait, so rcount inc/decrement are not paired. This can cause rcount to become negative, which can lead to a problem where the ksmbd...

CVE-2025-22074

CVE-2025-22074 : In the Linux kernel, ksmbd had a r_count increment/decrement mismatch that could cause r_count to become negative, leading to ksmbd thread termination issues. The issue is fixed by a patch fixing the r_count dec/increment pairing when oplock breaks occur. Affected component is ks...

CVE-2025-22049 LoongArch: Increase ARCH_DMA_MINALIGN up to 16

In the Linux kernel, the following vulnerability has been resolved: LoongArch: Increase ARCHDMAMINALIGN up to 16 ARCHDMAMINALIGN is 1 by default, but some LoongArch-specific devices such as APBDMA require 16 bytes alignment. When the data buffer length is too small, the hardware may make an error...

CVE-2025-22050 usbnet:fix NPE during rx_complete

In the Linux kernel, the following vulnerability has been resolved: usbnet:fix NPE during rxcomplete Missing usbnetgoingaway Check in Critical Path. The usbsubmiturb function lacks a usbnetgoingaway validation, whereas usbnetqueueskb includes this check. This inconsistency creates a race conditio...

CVE-2025-22033

CVE-2025-22033: Linux kernel arm64 fix for a NULL pointer dereference in alignment handling. The issue occurs when do_alignment_t32_to_handler() fixes only specific instructions and returns NULL for others (e.g., LDREX); callers would proceed with regular alignment fault handling (SIGBUS). Withou...

CVE-2025-22013 KVM: arm64: Unconditionally save+flush host FPSIMD/SVE/SME state

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Unconditionally save+flush host FPSIMD/SVE/SME state There are several problems with the way hyp code lazily saves the host's FPSIMD/SVE state, including: Host SVE being discarded unexpectedly due to inconsistent...

AZL-69506 CVE-2025-21976 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: fbdev: hypervfb: Allow graceful removal of framebuffer When a Hyper-V framebuffer device is unbind, hypervfb driver tries to release the framebuffer forcefully. If this framebuffer is in use it produce the following WARN and henc...

CVE-2025-21976

In the Linux kernel, the following vulnerability has been resolved: fbdev: hypervfb: Allow graceful removal of framebuffer When a Hyper-V framebuffer device is unbind, hypervfb driver tries to release the framebuffer forcefully. If this framebuffer is in use it produce the following WARN and henc...

DEBIAN-CVE-2025-21962

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix integer overflow while processing closetimeo mount option User-provided mount parameter closetimeo of type u32 is intended to have an upper limit, but before it is validated, the value is converted from seconds to jiffi...

UBUNTU-CVE-2025-21946

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix out-of-bounds in parsesecdesc If osidoffset, gsidoffset and dacloffset could be greater than smbntsd struct size. If it is smaller, It could cause slab-out-of-bounds. And when validating sid, It need to check it includ...

CVE-2025-21969 Bluetooth: L2CAP: Fix slab-use-after-free Read in l2cap_send_cmd

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix slab-use-after-free Read in l2capsendcmd After the hci sync command releases l2capconn, the hci receive data work queue references the released l2capconn when sending to the upper layer. Add hci dev lock to...

CVE-2025-21930 wifi: iwlwifi: mvm: don't try to talk to a dead firmware

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: don't try to talk to a dead firmware This fixes: bad state = 0 WARNING: CPU: 10 PID: 702 at drivers/net/wireless/inel/iwlwifi/iwl-trans.c:178 iwltranssendcmd+0xba/0xe0 iwlwifi Call Trace: ? warn+0xca/0x1c0 ?...

CVE-2025-21923 HID: hid-steam: Fix use-after-free when detaching device

In the Linux kernel, the following vulnerability has been resolved: HID: hid-steam: Fix use-after-free when detaching device When a hid-steam device is removed it must clean up the clienthdev used for intercepting hidraw access. This can lead to scheduling deferred work to reattach the input...

SUSE CVE-2023-52994

In the Linux kernel, the following vulnerability has been resolved: acpi: Fix suspend with Xen PV Commit f1e525009493 "x86/boot: Skip realmode init code when running as Xen PV guest" missed one code path accessing realmodeheader, leading to dereferencing NULL when suspending the system under Xen:...