DEBIAN-CVE-2025-40311

In the Linux kernel, the following vulnerability has been resolved: accel/habanalabs: support mapping cb with vmalloc-backed coherent memory When IOMMU is enabled, dmaalloccoherent with GFPUSER may return addresses from the vmalloc range. If such an address is mapped without VMMIXEDMAP,...

UBUNTU-CVE-2025-40311

In the Linux kernel, the following vulnerability has been resolved: accel/habanalabs: support mapping cb with vmalloc-backed coherent memory When IOMMU is enabled, dmaalloccoherent with GFPUSER may return addresses from the vmalloc range. If such an address is mapped without VMMIXEDMAP,...

CVE-2025-40311 accel/habanalabs: support mapping cb with vmalloc-backed coherent memory

In the Linux kernel, the following vulnerability has been resolved: accel/habanalabs: support mapping cb with vmalloc-backed coherent memory When IOMMU is enabled, dmaalloccoherent with GFPUSER may return addresses from the vmalloc range. If such an address is mapped without VMMIXEDMAP,...

CVE-2025-40311

Summary: CVE-2025-40311 in the Linux kernel involves IOMMU-enabled dma_alloc_coherent() potentially returning vmalloc-range addresses. Affected code path: accel/habanalabs mapping of cb with vmalloc-backed coherent memory. Root cause: vm_insert_page() could trigger BUG_ON due to VM_PFNMAP restric...

CVE-2025-40311

In the Linux kernel, the following vulnerability has been resolved: accel/habanalabs: support mapping cb with vmalloc-backed coherent memory When IOMMU is enabled, dmaalloccoherent with GFPUSER may return addresses from the vmalloc range. If such an address is mapped without VMMIXEDMAP,...

PT-2025-49469

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.18-rc5-gud-5.18-rc5 Description The Linux kernel contains a flaw within the DRM/Gud subsystem related to uninitialized memory. Specifically, the iosys map variables are allocated on the stack without...

Important: cri-tools

Issue Overview: net/url: insufficient validation of bracketed IPv6 hostnames The Parse function permitted values other than IPv6 addresses to be included in square brackets within the host component of a URL. RFC 3986 permits IPv6 addresses to be included within the host component, enclosed withi...

PT-2025-49455

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.0.0-rc1rpci-dev+ 237 Description The Linux kernel contained a flaw in the pci endpoint test module where the dma map single function did not properly handle zero-length mappings, leading to a potential kernel...

Amazon Linux 2 : cri-tools, --advisory ALAS2-2025-3079 (ALAS-2025-3079)

The version of cri-tools installed on the remote host is prior to 1.32.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-3079 advisory. net/url: insufficient validation of bracketed IPv6 hostnames The Parse function permitted values other than IPv6...

Amazon Linux 2 : ecs-init, --advisory ALAS2ECS-2025-083 (ALASECS-2025-083)

The version of ecs-init installed on the remote host is prior to 1.101.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2025-083 advisory. net/url: insufficient validation of bracketed IPv6 hostnames The Parse function permitted values other than IPv6...

Amazon Linux 2 : cni-plugins, --advisory ALAS2-2025-3078 (ALAS-2025-3078)

The version of cni-plugins installed on the remote host is prior to 1.7.1-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-3078 advisory. net/url: insufficient validation of bracketed IPv6 hostnames The Parse function permitted values other than IPv6...

RHEL 8 : kernel (RHSA-2025:22801)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:22801 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: mm: kmem: fix a NULL pointer...

Linux Distros Unpatched Vulnerability : CVE-2022-50614

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - misc: pciendpointtest: Fix pciendpointtestcopy,write,read panic The dmamapsingle doesn't permit zero length mapping. It causes a follow panic. A panic was...

Moderate: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: mm: kmem: fix a NULL pointer dereference in objstockflushrequired CVE-2023-53401 kernel: RDMA/rxe: Fix incomplete state save in...

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: mm: kmem: fix a NULL pointer dereference in objstockflushrequired CVE-2023-53401 kernel: RDMA/rxe: Fix incomplete state save in rxerequester CVE-2023-53539 kernel: RDMA/rxe: Fix mr-map...

CVE-2025-40272

A use-after-free race condition was found in the secretmem subsystem of the Linux kernel. When two tasks concurrently fault on the same page in a memfdsecret file, the losing task may free its folio before restoring the direct map entry. This allows the freed page to be reallocated while still...

EUVD-2025-201583

In the Linux kernel, the following vulnerability has been resolved: mm/secretmem: fix use-after-free race in fault handler When a page fault occurs in a secret memory file created with memfdsecret2, the kernel will allocate a new folio for it, mark the underlying page as not-present in the direct...

CVE-2025-40272

In the Linux kernel, the following vulnerability has been resolved: mm/secretmem: fix use-after-free race in fault handler When a page fault occurs in a secret memory file created with memfdsecret2, the kernel will allocate a new folio for it, mark the underlying page as not-present in the direct...

DEBIAN-CVE-2025-40272

In the Linux kernel, the following vulnerability has been resolved: mm/secretmem: fix use-after-free race in fault handler When a page fault occurs in a secret memory file created with memfdsecret2, the kernel will allocate a new folio for it, mark the underlying page as not-present in the direct...

UBUNTU-CVE-2025-40272

In the Linux kernel, the following vulnerability has been resolved: mm/secretmem: fix use-after-free race in fault handler When a page fault occurs in a secret memory file created with memfdsecret2, the kernel will allocate a new folio for it, mark the underlying page as not-present in the direct...