CVE-2025-38720 net: hibmcge: fix rtnl deadlock issue

In the Linux kernel, the following vulnerability has been resolved: net: hibmcge: fix rtnl deadlock issue Currently, the hibmcge netdev acquires the rtnllock in pcierrorhandlers.resetprepare and releases it in pcierrorhandlers.resetdone. However, in the PCI framework: pciresetbus - pciresetslot -...

CVE-2025-38720 net: hibmcge: fix rtnl deadlock issue

In the Linux kernel, the following vulnerability has been resolved: net: hibmcge: fix rtnl deadlock issue Currently, the hibmcge netdev acquires the rtnllock in pcierrorhandlers.resetprepare and releases it in pcierrorhandlers.resetdone. However, in the PCI framework: pciresetbus - pciresetslot -...

nbd: fix uaf in nbd_genl_connect() error path

...

netlink: Fix wraparounds of sk->sk_rmem_alloc.

...

can: netlink: can_changelink(): fix NULL pointer deref of struct can_priv::do_set_mode

...

net: Remove RTNL dance for SIOCBRADDIF and SIOCBRDELIF.

...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: dma-buf/dma-resv: check if the new fence is really later CVE-2022-49935 In the Linux kernel, the following vulnerability has been resolved: mptcp: do not queue data on closed subflows CVE-2022-50070 In the Linux...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from netlink not properly handling memory limits during unicast, which could lead to an infinite retry loop...

net: ravb: Fix missing rtnl lock in suspend/resume path

...

ASB-A-392852041

In ethnlopsbegin of netlink.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

SUSE CVE-2025-38638

In the Linux kernel, the following vulnerability has been resolved: ipv6: add a retry logic in net6rtnotify inet6rtnotify can be called under RCU protection only. This means the route could be changed concurrently and rt6fillnode could return -EMSGSIZE. Re-size the skb when this happens and retry...

AZL-73638 CVE-2025-38665 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: can: netlink: canchangelink: fix NULL pointer deref of struct canpriv::dosetmode Andrei Lalaev reported a NULL pointer deref when a CAN device is restarted from Bus Off and the driver does not implement the struct...

CVE-2025-38665

In the Linux kernel, the following vulnerability has been resolved: can: netlink: canchangelink: fix NULL pointer deref of struct canpriv::dosetmode Andrei Lalaev reported a NULL pointer deref when a CAN device is restarted from Bus Off and the driver does not implement the struct...

DEBIAN-CVE-2025-38665

In the Linux kernel, the following vulnerability has been resolved: can: netlink: canchangelink: fix NULL pointer deref of struct canpriv::dosetmode Andrei Lalaev reported a NULL pointer deref when a CAN device is restarted from Bus Off and the driver does not implement the struct...

UBUNTU-CVE-2025-38665

In the Linux kernel, the following vulnerability has been resolved: can: netlink: canchangelink: fix NULL pointer deref of struct canpriv::dosetmode Andrei Lalaev reported a NULL pointer deref when a CAN device is restarted from Bus Off and the driver does not implement the struct...

CVE-2025-38665 can: netlink: can_changelink(): fix NULL pointer deref of struct can_priv::do_set_mode

In the Linux kernel, the following vulnerability has been resolved: can: netlink: canchangelink: fix NULL pointer deref of struct canpriv::dosetmode Andrei Lalaev reported a NULL pointer deref when a CAN device is restarted from Bus Off and the driver does not implement the struct...

CVE-2025-38665

In the Linux kernel, the following vulnerability has been resolved: can: netlink: canchangelink: fix NULL pointer deref of struct canpriv::dosetmode Andrei Lalaev reported a NULL pointer deref when a CAN device is restarted from Bus Off and the driver does not implement the struct...

Linux Distros Unpatched Vulnerability : CVE-2025-22055

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: fix geneveopt length integer overflow struct geneveopt uses 5 bit length for each single option, which means every vary size option should be smaller than...

CVE-2025-38588

In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent infinite loop in rt6nlmsgsize While testing prior patch, I was able to trigger an infinite loop in rt6nlmsgsize in the following place: listforeachentryrcusibling, &f6i-fib6siblings, fib6siblings...

UBUNTU-CVE-2025-38568

In the Linux kernel, the following vulnerability has been resolved: net/sched: mqprio: fix stack out-of-bounds write in tc entry parsing TCAMQPRIOTCENTRYINDEX is validated using NLAPOLICYMAXNLAU32, TCQOPTMAXQUEUE, which allows the value TCQOPTMAXQUEUE 16. This leads to a 4-byte out-of-bounds stac...