UBUNTU-CVE-2025-38202

In the Linux kernel, the following vulnerability has been resolved: bpf: Check rcureadlocktraceheld in bpfmaplookuppercpuelem bpfmaplookuppercpuelem helper is also available for sleepable bpf program. When BPF JIT is disabled or under 32-bit host, bpfmaplookuppercpuelem will not be inlined. Using...

CVE-2025-38201 netfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetpipapo: clamp maximum map bucket size to INTMAX Otherwise, it is possible to hit WARNONONCE in kvmallocnodenoprof when resizing hashtable because GFPNOWARN is unset. Similar to: b541ba7d1f5a "netfilter: conntrack...

CVE-2025-38201

CVE-2025-38201 affects the Linux kernel netfilter nft_set_pipapo. The issue arises when resizing hashtables in netfilter, where WARN_ON_ONCE can trigger if GFP flags allow high bucket counts; the fix clamps the maximum map bucket size to INT_MAX. The vulnerability is described as local-attack-vec...

PT-2025-28005

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.14.0-rc5-syzkaller Description: A vulnerability in the Linux kernel has been resolved, which involved validating AG parameters in dbMount to prevent crashes. The validation checks db agheight, db agwidth, and ...

PT-2025-27977

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved. The issue is related to the bpf map lookup percpu elem helper function, which is available for sleepable BPF programs. When BPF J...

PT-2025-27973

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, related to the fbcon module. The issue occurs when attempting to write to the "store modes" sysfs node, which can cause an...

SUSE CVE-2025-38120

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfsetpipapoavx2: fix initial map fill If the first field doesn't cover the entire start map, then we must zero out the remainder, else we leak those bits into the next match round map. The early fix was incomplete and...

SUSE CVE-2025-38141

In the Linux kernel, the following vulnerability has been resolved: dm: fix dmblkreportzones If dmgetlivetable returned NULL, dmputlivetable was never called. Also, it is possible that md-zonerevalidatemap will change while calling this function. Only read it once, so that we are always using the...

CVE-2025-38165

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix panic when calling skblinearize The panic can be reproduced by executing the command: ./bench sockmap -c 2 -p 1 -a --rx-verdict-ingress --rx-strp 100000 Then a kernel panic was captured: ''' 657.460555 kernel BU...

DEBIAN-CVE-2025-38141

In the Linux kernel, the following vulnerability has been resolved: dm: fix dmblkreportzones If dmgetlivetable returned NULL, dmputlivetable was never called. Also, it is possible that md-zonerevalidatemap will change while calling this function. Only read it once, so that we are always using the...

DEBIAN-CVE-2025-38120

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfsetpipapoavx2: fix initial map fill If the first field doesn't cover the entire start map, then we must zero out the remainder, else we leak those bits into the next match round map. The early fix was incomplete and...

AZL-64553 CVE-2025-38112 affecting package kernel for versions less than 6.6.96.1-1

In the Linux kernel, the following vulnerability has been resolved: net: Fix TOCTOU issue in skisreadable sk-skprot-sockisreadable is a valid function pointer when sk resides in a sockmap. After the last skpsockput which usually happens when socket is removed from sockmap, sk-skprot gets restored...

UBUNTU-CVE-2025-38120

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfsetpipapoavx2: fix initial map fill If the first field doesn't cover the entire start map, then we must zero out the remainder, else we leak those bits into the next match round map. The early fix was incomplete and...

UBUNTU-CVE-2025-38141

In the Linux kernel, the following vulnerability has been resolved: dm: fix dmblkreportzones If dmgetlivetable returned NULL, dmputlivetable was never called. Also, it is possible that md-zonerevalidatemap will change while calling this function. Only read it once, so that we are always using the...

CVE-2025-38141 dm: fix dm_blk_report_zones

In the Linux kernel, the following vulnerability has been resolved: dm: fix dmblkreportzones If dmgetlivetable returned NULL, dmputlivetable was never called. Also, it is possible that md-zonerevalidatemap will change while calling this function. Only read it once, so that we are always using the...

CVE-2025-38120 netfilter: nf_set_pipapo_avx2: fix initial map fill

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfsetpipapoavx2: fix initial map fill If the first field doesn't cover the entire start map, then we must zero out the remainder, else we leak those bits into the next match round map. The early fix was incomplete and...

CVE-2025-38120

CVE-2025-38120 affects the Linux kernel netfilter nf_set_pipapo_avx2. The issue: if the first field does not cover the entire start map, the remainder must be zeroed to prevent leaking bits into the next match round map. The early fix was incomplete and only addressed the generic C implementation...

CVE-2025-38120

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfsetpipapoavx2: fix initial map fill If the first field doesn't cover the entire start map, then we must zero out the remainder, else we leak those bits into the next match round map. The early fix was incomplete and...

CVE-2025-38120 netfilter: nf_set_pipapo_avx2: fix initial map fill

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfsetpipapoavx2: fix initial map fill If the first field doesn't cover the entire start map, then we must zero out the remainder, else we leak those bits into the next match round map. The early fix was incomplete and...

PT-2025-27706

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the netfilter in the Linux kernel, specifically with the nf set pipapo avx2 function. The problem occurs when the first field does not cover the entire start ma...