CVE-2025-38465

In the Linux kernel, the following vulnerability has been resolved: netlink: Fix wraparounds of sk-skrmemalloc. Netlink has this pattern in some places if atomicread&sk-skrmemalloc sk-skrcvbuf atomicaddskb-truesize, &sk-skrmemalloc; , which has the same problem fixed by commit 5a465a0da13e "udp:...

UBUNTU-CVE-2025-38465

In the Linux kernel, the following vulnerability has been resolved: netlink: Fix wraparounds of sk-skrmemalloc. Netlink has this pattern in some places if atomicread&sk-skrmemalloc sk-skrcvbuf atomicaddskb-truesize, &sk-skrmemalloc; , which has the same problem fixed by commit 5a465a0da13e "udp:...

CVE-2025-38465

CVE-2025-38465 is a Linux kernel netlink vulnerability related to wraparounds in sk->sk_rmem_alloc. The issue arises from reading and updating sk_rmem_alloc with a pattern like if (atomic_read(&sk->sk_rmem_alloc) > sk->sk_rcvbuf) atomic_add(skb->truesize, &sk->sk_rmem_alloc);, w...

CVE-2025-38465 netlink: Fix wraparounds of sk->sk_rmem_alloc.

In the Linux kernel, the following vulnerability has been resolved: netlink: Fix wraparounds of sk-skrmemalloc. Netlink has this pattern in some places if atomicread&sk-skrmemalloc sk-skrcvbuf atomicaddskb-truesize, &sk-skrmemalloc; , which has the same problem fixed by commit 5a465a0da13e "udp:...

CVE-2025-38465 netlink: Fix wraparounds of sk->sk_rmem_alloc.

In the Linux kernel, the following vulnerability has been resolved: netlink: Fix wraparounds of sk-skrmemalloc. Netlink has this pattern in some places if atomicread&sk-skrmemalloc sk-skrcvbuf atomicaddskb-truesize, &sk-skrmemalloc; , which has the same problem fixed by commit 5a465a0da13e "udp:...

CVE-2025-38465

In the Linux kernel, the following vulnerability has been resolved: netlink: Fix wraparounds of sk-skrmemalloc. Netlink has this pattern in some places if atomicread&sk-skrmemalloc sk-skrcvbuf atomicaddskb-truesize, &sk-skrmemalloc; , which has the same problem fixed by commit 5a465a0da13e "udp:...

SUSE CVE-2025-38324

In the Linux kernel, the following vulnerability has been resolved: mpls: Use rcudereferencertnl in mplsrouteinputrcu. As syzbot reported 0, mplsrouteinputrcu can be called from mplsgetroute, where is under RTNL. net-mpls.platformlabel is only updated under RTNL. Let's use rcudereferencertnl in...

OESA-2025-1820 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: tipc: fix the msg-req tlv len check in tipcnlcompatnametabledumpheader This is a follow-up for commit 974cb0e3e7c9 "tipc: fix uninit-value in...

rtnetlink: Allocate vfinfo size for VF GUIDs when supported

...

SUSE-SU-2025:02254-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2023-52888: media: mediatek: vcodec: Only free buffer VA that is not NULL bsc1228557. - CVE-2024-49568: net/smc: check v2extoffset/eidcnt/ismgidcnt when...

Linux Kernel IPv6 Segment Routing Vulnerable to Out-of-Bounds Read via Crafted Netlink Message in SRv6 Layer

IPv6 Segment Routing SRv6 is vulnerable to an out-of-bounds read when setting HMAC data due to a lack of validation in the SEG6ATTRSECRETLEN attribute. This could allow an attacker to read up to 64 bytes of data past the skb end pointer and into skbsharedinfo, potentially leading to information...

SUSE CVE-2025-38114

In the Linux kernel, the following vulnerability has been resolved: e1000: Move cancelworksync to avoid deadlock Previously, e1000down called cancelworksync for the e1000 reset task via e1000downandstop, which takes RTNL. As reported by users and syzbot, a deadlock is possible in the following...

SUSE CVE-2025-38150

In the Linux kernel, the following vulnerability has been resolved: afpacket: move notifier's packetdevmc out of rcu critical section Syzkaller reports the following issue: BUG: sleeping function called from invalid context at kernel/locking/mutex.c:578 mutexlock+0x106/0xe80...

CVE-2025-38150 af_packet: move notifier's packet_dev_mc out of rcu critical section

In the Linux kernel, the following vulnerability has been resolved: afpacket: move notifier's packetdevmc out of rcu critical section Syzkaller reports the following issue: BUG: sleeping function called from invalid context at kernel/locking/mutex.c:578 mutexlock+0x106/0xe80...

The vulnerability in the net/ethtool/netlink.c component of the Linux operating system allows a hacker to cause a service failure.

The vulnerability in the net/ethtool/netlink.c component of the Linux operating system is related to the simultaneous execution using shared resources with incorrect synchronization. Exploiting this vulnerability allows an attacker to cause service failures...

kernel: ndisc: use RCU protection in ndisc_alloc_skb()

A vulnerability was found in the Linux kernel's IPv6 Neighbor Discovery NDISC subsystem, which manages network neighbor information. The issue arises from improper synchronization mechanisms when allocating socket buffers skbuff in the ndiscallocskb function. Specifically, the function can be...

kernel: ndisc: use RCU protection in ndisc_alloc_skb()

A vulnerability was found in the Linux kernel's IPv6 Neighbor Discovery NDISC subsystem, which manages network neighbor information. The issue arises from improper synchronization mechanisms when allocating socket buffers skbuff in the ndiscallocskb function. Specifically, the function can be...

kernel: ndisc: use RCU protection in ndisc_alloc_skb()

A vulnerability was found in the Linux kernel's IPv6 Neighbor Discovery NDISC subsystem, which manages network neighbor information. The issue arises from improper synchronization mechanisms when allocating socket buffers skbuff in the ndiscallocskb function. Specifically, the function can be...

kernel: ndisc: use RCU protection in ndisc_alloc_skb()

A vulnerability was found in the Linux kernel's IPv6 Neighbor Discovery NDISC subsystem, which manages network neighbor information. The issue arises from improper synchronization mechanisms when allocating socket buffers skbuff in the ndiscallocskb function. Specifically, the function can be...

kernel: ndisc: use RCU protection in ndisc_alloc_skb()

A vulnerability was found in the Linux kernel's IPv6 Neighbor Discovery NDISC subsystem, which manages network neighbor information. The issue arises from improper synchronization mechanisms when allocating socket buffers skbuff in the ndiscallocskb function. Specifically, the function can be...