1339 matches found
CVE-2025-21884 net: better track kernel sockets lifetime
In the Linux kernel, the following vulnerability has been resolved: net: better track kernel sockets lifetime While kernel sockets are dismantled during pernetoperations-exit, their freeing can be delayed by any tx packets still held in qdisc or device queues, due to skbsetownerw prior calls. Thi...
CVE-2025-21883 ice: Fix deinitializing VF in error path
In the Linux kernel, the following vulnerability has been resolved: ice: Fix deinitializing VF in error path If iceenavfs fails after calling icecreatevfentries, it frees all VFs without removing them from snapshot PF-VF mailbox list, leading to list corruption. Reproducer: devlink dev eswitch se...
CVE-2025-21881 uprobes: Reject the shared zeropage in uprobe_write_opcode()
In the Linux kernel, the following vulnerability has been resolved: uprobes: Reject the shared zeropage in uprobewriteopcode We triggered the following crash in syzkaller tests: BUG: Bad page state in process syz.7.38 pfn:1eff3 page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0...
LSN-0110-1: Kernel Live Patch Security Notice
In the Linux kernel, the following vulnerability has been resolved: tty: ngsm: require CAPNETADMIN to attach NGSM0710 ldisc Any unprivileged user can attach NGSM0710 ldisc, but it requires CAPNETADMIN to create a GSM network anyway. Require initial namespace CAPNETADMIN to do that.CVE-2023-52880 ...
Azure Linux 3.0 Security Update: kernel (CVE-2024-55916)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-55916 advisory. - In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: util: Avoid accessing a...
Azure Linux 3.0 Security Update: kernel (CVE-2024-56595)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-56595 advisory. - In the Linux kernel, the following vulnerability has been resolved: jfs: add a check to prevent array-...
Azure Linux 3.0 Security Update: kernel (CVE-2024-56648)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-56648 advisory. - In the Linux kernel, the following vulnerability has been resolved: net: hsr: avoid potential out-of-bound...
SUSE-SU-2025:0920-1 Security update for the Linux Kernel (Live Patch 15 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505005568 fixes several issues. The following security issues were fixed: - CVE-2024-46818: drm/amd/display: Check gpioid before used as array index bsc1231204. - CVE-2024-46815: drm/amd/display: Check numvalidsets before accessing readerwmsets bsc1231196...
SUSE-SU-2025:0889-1 Security update for the Linux Kernel RT (Live Patch 6 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506001020 fixes one issue. The following security issue was fixed: - CVE-2024-56648: net: hsr: avoid potential out-of-bound access in fillframeinfo bsc1235452...
SUSE-SU-2025:0885-1 Security update for the Linux Kernel RT (Live Patch 2 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-150600108 fixes several issues. The following security issues were fixed: - CVE-2024-46818: drm/amd/display: Check gpioid before used as array index bsc1231204. - CVE-2024-46815: drm/amd/display: Check numvalidsets before accessing readerwmsets bsc1231196. -...
Linux 5.6 Cred Refcount Overflow
Linux 5.6 suffers from a cred refcount overflow at approximately 39 gigs of memory usage via iouring. see also my related prior bug reports about overflowing refcounts with lots of RAM usage: https://crbug.com/project-zero/809: BPF program refcount, with 32GiB RAM...
CVE-2025-21864
In the Linux kernel, the following vulnerability has been resolved: tcp: drop secpath at the same time as we currently drop dst Xiumei reported hitting the WARN in xfrm6tunnelnetexit while running tests that boil down to: - create a pair of netns - run a basic TCP test over ipcomp6 - delete the...
CVE-2025-21850
In the Linux kernel, the following vulnerability has been resolved: nvmet: Fix crash when a namespace is disabled The namespace percpu counter protects pending I/O, and we can only safely diable the namespace once the counter drop to zero. Otherwise we end up with a crash when running...
CVE-2025-21864 tcp: drop secpath at the same time as we currently drop dst
In the Linux kernel, the following vulnerability has been resolved: tcp: drop secpath at the same time as we currently drop dst Xiumei reported hitting the WARN in xfrm6tunnelnetexit while running tests that boil down to: - create a pair of netns - run a basic TCP test over ipcomp6 - delete the...
CVE-2025-21859
CVE-2025-21859 affects the Linux kernel USB gadget f_midi path; a deadlock occurs when a lock is acquired twice in a re-entrant f_midi_transmit. The fix is to schedule the inner f_midi_transmit via a high-priority work queue using queue_work() from the completion handler. Patched commits are refe...
CVE-2025-21853 bpf: avoid holding freeze_mutex during mmap operation
In the Linux kernel, the following vulnerability has been resolved: bpf: avoid holding freezemutex during mmap operation We use map-freezemutex to prevent races between mapfreeze and memory mapping BPF map contents with writable permissions. The way we naively do this means we'll hold freezemutex...
SUSE-SU-2025:0201-2 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-36280: Fixed out-of-bounds memory access vulnerability found in vmwgfx driver bsc1203332. - CVE-2022-48742: rtnetlink: make sure to refresh masterdev/mops i...
PT-2025-20494
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A long-standing race condition in the Linux kernel's PCI hotplug functionality can lead to a deadlock when hot-removing nested PCI hotplug ports. This issue occurs when a parent hotplug...
Important: Red Hat Security Advisory: kernel security update
An update for kernel is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as...
Important: Red Hat Security Advisory: kernel security update
An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...