CVE-2025-40198

Consolidated advisories confirm CVE-2025-40198 affects the Linux kernel in ext4, specifically a potential buffer over-read in parse_apply_sb_mount_options(). The issue is mitigated by hardening the parser to treat s_mount_opts as a potential non-string and by ensuring NUL termination, with fixes ...

kernel: iomap: iomap: fix memory corruption when recording errors during writeback

In the Linux kernel, the following vulnerability has been resolved: iomap: iomap: fix memory corruption when recording errors during writeback Every now and then I see this crash on arm64: Unable to handle kernel NULL pointer dereference at virtual address 00000000000000f8 Buffer I/O error on dev...

kernel: pstore/ram: Check start of empty przs during init

An out of bounds array vulnerability exists in the linux kernel, such that a missing check on the start field of a PRZ persistent ram zone during initialization leads to damage to the availability and integrity of the system...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from an access contention in blk-throttle during throttle policy activation, which could lead to a null pointer...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a buffer out-of-bounds read that could lead to a superblock parsing error...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from TDX/SNP not forcing the mapping of legacy PCI nulls to UCs, which could result in a memory type error...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not waiting for asynchronous decryption to complete after a tlsstrpmsghold failure, which could lead to a UA...

Linux Distros Unpatched Vulnerability : CVE-2025-40159

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xsk: Harden userspace-supplied xdpdesc validation Turned out certain clearly invalid values passed in xdpdesc from userspace can pass xp,unalignedvalidatedesc a...

kernel: linux/dim: Fix divide by 0 in RDMA DIM

In the Linux kernel, the following vulnerability has been resolved: linux/dim: Fix divide by 0 in RDMA DIM Fix a divide 0 error in rdmadimstatscompare when prev-cperatio == 0. CallTrace: Hardware name: H3C R4900 G3/RS33M2C9S, BIOS 2.00.37P21 03/12/2020 task: ffff880194b78000 task.stack:...

Amazon Linux 2 : kernel, --advisory ALAS2-2025-3075 (ALAS-2025-3075)

The version of kernel installed on the remote host is prior to 4.14.355-280.708. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-3075 advisory. In the Linux kernel, the following vulnerability has been resolved: fs: dlm: fix invalid derefence of sblvbptr...

Ubuntu: Security Advisory (USN-7864-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2025:4004-1 Security update for the Linux Kernel (Live Patch 61 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059218 fixes several issues. The following security issues were fixed: - CVE-2022-50248: wifi: iwlwifi: mvm: fix double free on tx path bsc1249841. - CVE-2025-38664: ice: Fix a null pointer dereference in icecopyandinitpkg bsc1248631. - CVE-2022-50252:...

K000157322: Linux kernel vulnerability CVE-2025-8941

Security Advisory Description A flaw was found in linux-pam. The pamnamespace module may improperly handle user-controlled paths, allowing local users to exploit symlink attacks and race conditions to elevate their privileges to root. This CVE provides a "complete" fix for CVE-2025-6020...

Amazon Linux 2023 : kmod-nvidia-open-dkms (ALAS2023NVIDIA-2025-252)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023NVIDIA-2025-252 advisory. NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause a use-after-free. A successful exploit of this vulnerability might lead to code execution, escalatio...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990625)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990625 advisory. In the Linux kernel, the following vulnerability has been resolved: usbnet: sanity check for maxpacket maxpacket of 0 makes no sense and oopses as we need to divide ...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990416)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990416 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: us122l: Use sndcardfreewhenclosed at disconnection The USB disconnect callback is supposed ...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990441)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990441 advisory. In the Linux kernel, the following vulnerability has been resolved: dm ioctl: prevent potential spectre v1 gadget It appears like cmd could be a Spectre v1 gadget as...

Important: libnvidia-nscq

Issue Overview: NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause a use-after-free. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, and information disclosure. CVE-2025-23280...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989861)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989861 advisory. In the Linux kernel, the following vulnerability has been resolved: NFSD: Prevent a potential integer overflow If the tag length is = U32MAX - 3 then the length + 4...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989109)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989109 advisory. In the Linux kernel, the following vulnerability has been resolved: tcp: Fix a data-race around sysctltcpnotsentlowat. While reading sysctltcpnotsentlowat, it can be...