CVE-2022-49097

CVE-2022-49097 relates to the Linux kernel NFS writeback path. In low-memory conditions, the NFS writeback code could enter infinite loops in mempool_alloc, risking a writeback stall. The issue is resolved in the kernel by allowing the writeback path to fail gracefully instead of deadlocking. The...

CVE-2022-49092

CVE-2022-49092 concerns a Linux kernel net/ipv4 routing issue where deleting a route that points to a nexthop ID (without nhid) triggers a warning in fib_nh_match when a nexthop object is present. The root cause is a match operation on a fib_info with a nexthop object; the fix is to skip such mat...

CVE-2022-49075

CVE-2022-49075 : In the Linux kernel, a qgroup reserve overflow in btrfs can occur when fallocate spans more than 4 GiB. The root cause is that extent_changeset->bytes_changed is stored as an unsigned int, causing overflow and potentially breaking the qgroup limit. The advisory notes that regu...

CVE-2022-49075 btrfs: fix qgroup reserve overflow the qgroup limit

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix qgroup reserve overflow the qgroup limit We use extentchangeset-byteschanged in qgroupreservedata to record how many bytes we set for EXTENTQGROUPRESERVED state. Currently the byteschanged is set as "unsigned int", and...

CVE-2022-49069 drm/amd/display: Fix by adding FPU protection for dcn30_internal_validate_bw

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix by adding FPU protection for dcn30internalvalidatebw Why Below general protection fault observed when WebGL Aquarium is run for longer duration. If drm debug logs are enabled and set to 0x1f then the issue is...

CVE-2022-49059

In the Linux kernel, the following vulnerability has been resolved: nfc: nci: add flushworkqueue to prevent uaf Our detector found a concurrent use-after-free bug when detaching an NCI device. The main reason for this bug is the unexpected scheduling between the used delayed mechanism timer and...

CVE-2022-49053 scsi: target: tcmu: Fix possible page UAF

In the Linux kernel, the following vulnerability has been resolved: scsi: target: tcmu: Fix possible page UAF tcmutrygetdatapage looks up pages under cmdrlock, but it does not take refcount properly and just returns page pointer. When tcmutrygetdatapage returns, the returned page may have been...

CVE-2021-47642

CVE-2021-47642: in the Linux kernel’s video fbdev/nvidiafb path, a fixed-size buffer overrun could occur by copying a channel name with strcpy into chan->adapter.name. The defect arises from copying into a 48-char buffer without length checks; fix is to use strscpy() to prevent overflows. The ...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that originates from out-of-bounds access in the aqc111rxfixup function...

USN-7234-5: Linux kernel vulnerabilities

Ye Zhang and Nicolas Wu discovered that the iouring subsystem in the Linux kernel did not properly handle locking for rings with IOPOLL, leading to a double-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code...

Siemens SIMATIC Devices Linux Kernel Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2022-3545)

A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability is the function areacacheget of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfpcppcore.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a...

CVE-2025-21703 netem: Update sch->q.qlen before qdisc_tree_reduce_backlog()

In the Linux kernel, the following vulnerability has been resolved: netem: Update sch-q.qlen before qdisctreereducebacklog qdisctreereducebacklog notifies parent qdisc only if child qdisc becomes empty, therefore we need to reduce the backlog of the child qdisc before calling it. Otherwise it wou...

SUSE-SU-2025:0555-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-50199: mm/swapfile: skip HugeTLB pages for unusevma bsc1233112. - CVE-2024-53104: media: uvcvideo: Skip parsing frames of type UVCVSUNDEFINED in...

SUSE-SU-2025:0440-1 Security update for the Linux Kernel (Live Patch 52 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122189 fixes several issues. The following security issues were fixed: - CVE-2024-45016: netem: fix return value if duplicate enqueue fails bsc1230998. - CVE-2024-47684: tcp: check skb is non-NULL in tcprtodeltaus bsc1231993...

CVE-2025-21690 scsi: storvsc: Ratelimit warning logs to prevent VM denial of service

In the Linux kernel, the following vulnerability has been resolved: scsi: storvsc: Ratelimit warning logs to prevent VM denial of service If there's a persistent error in the hypervisor, the SCSI warning for failed I/O can flood the kernel log and max out CPU utilization, preventing troubleshooti...

Azure Linux 3.0 Security Update: kernel (CVE-2024-46756)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-46756 advisory. - 2024-10-24: CVE-2024-46828 was added to this advisory. 2024-10-24: CVE-2024-46840 was added to this advisory...

Azure Linux 3.0 Security Update: kernel (CVE-2024-49967)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-49967 advisory. - In the Linux kernel, the following vulnerability has been resolved: ext4: no need to continue when the numbe...

Azure Linux 3.0 Security Update: hyperv-daemons (CVE-2023-31084)

The version of hyperv-daemons installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-31084 advisory. - An issue was discovered in drivers/media/dvb-core/dvbfrontend.c in the Linux kernel 6.2. There is a...

Azure Linux 3.0 Security Update: kernel (CVE-2024-44999)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-44999 advisory. - In the Linux kernel, the following vulnerability has been resolved: gtp: pull network headers in gtpdevxmit...

Azure Linux 3.0 Security Update: kernel (CVE-2024-49884)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-49884 advisory. - In the Linux kernel, the following vulnerability has been resolved: ext4: fix slab-use-after-free in...