PT-2025-54020

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak was identified and resolved in the mt7996 mcu exit routine within the mt76 module for the mt7996 wireless chipset. The issue involved failing to properly purge memory queue...

CVE-2023-53992

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: ocb: don't leave if not joined If there's no OCB state, don't ask the driver/mac80211 to leave, since that's just confusing. Since set/clear the chandef state, that's a simple check...

CLSA-2025-1766599987 kernel: Fix of 27 CVEs

xfrm: Duplicate SPI Handling CVE-2025-39965 - xfrm: state: use atomicincnotzero to increment refcount - padata: Fix pd UAF once and for all CVE-2025-38584 - padata: Remove broken queue flushing CVE-2023-52854 - padata: ensure padatadoserial runs on the correct CPU - Bluetooth: L2CAP: Fix...

CVE-2023-54085

The CVE-2023-54085 entry concerns the Linux kernel MPTCP implementation. A NULL pointer dereference can occur on fastopen early fallback when a subflow context is deleted before returning the newly allocated socket to the caller; the fastopen path does not safely handle this dereferenced subflow ...

CVE-2022-50780 net: fix UAF issue in nfqnl_nf_hook_drop() when ops_init() failed

In the Linux kernel, the following vulnerability has been resolved: net: fix UAF issue in nfqnlnfhookdrop when opsinit failed When the opsinit interface is invoked to initialize the net, but ops-init fails, data is released. However, the ptr pointer in net-gen is invalid. In this case, when...

CVE-2023-53992 wifi: cfg80211: ocb: don't leave if not joined

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: ocb: don't leave if not joined If there's no OCB state, don't ask the driver/mac80211 to leave, since that's just confusing. Since set/clear the chandef state, that's a simple check...

CVE-2025-68379 RDMA/rxe: Fix null deref on srq->rq.queue after resize failure

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix null deref on srq-rq.queue after resize failure A NULL pointer dereference can occur in rxesrqchkattr when ibvmodifysrq is invoked twice in succession under certain error conditions. The first call may fail in...

CVE-2025-68360 wifi: mt76: wed: use proper wed reference in mt76 wed driver callabacks

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: wed: use proper wed reference in mt76 wed driver callabacks MT7996 driver can use both wed and wedhif2 devices to offload traffic from/to the wireless NIC. In the current codebase we assume to always use the primary w...

PT-2025-53143

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A reference count leak exists in the xgmiitorgmii probe function within the networking subsystem of the Linux kernel. The of phy find device function returns a device node with an...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-50253: bpf: make sure skb-len != 0 when redirecting to a tunneling device bsc1249912. CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in...

SUSE-SU-2026:20012-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2022-50253: bpf: make sure skb-len != 0 when redirecting to a tunneling device bsc1249912. - CVE-2025-37916: pdscore: remove write-after-free of clientid bsc1243474. -...

[SECURITY] Fedora 43 Update: containernetworking-plugins-1.9.0-1.fc43

Reference and example networking plugins, maintained by the CNI team. The CNI Container Network Interface project consists of a specification and libraries for writing plugins to configure network interfaces in Linux containers, along with a number of supported plugins. CNI concerns itself only...

[SECURITY] Fedora 42 Update: containernetworking-plugins-1.9.0-1.fc42

Reference and example networking plugins, maintained by the CNI team. The CNI Container Network Interface project consists of a specification and libraries for writing plugins to configure network interfaces in Linux containers, along with a number of supported plugins. CNI concerns itself only...

[SECURITY] Fedora 43 Update: nebula-1.10.0-2.fc43

A scalable overlay networking tool with a focus on performance, simplicity and security...

EulerOS Virtualization 2.13.0 : kernel (EulerOS-SA-2025-2581)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : KVM: VMX: Do all initialization before exposing /dev/kvm to userspaceCVE-2022-49932 drivers:md:fix a potential use-after-free...

kernel: net: sched: sfb: fix null pointer access issue when sfb_init() fails

A null pointer dereference exists in the linux kernel, such that when sfbinit fails qdisc is NULL, and it will cause gpf issue, leading to damage to the availability of the system...

Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel (Azure) vulnerabilities (USN-7939-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7939-1 advisory. Jean-Claude Graf, Sandro Regge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor...

USN-7939-2 linux-azure-fips vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

USN-7939-1 linux-azure, linux-azure-5.4 vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

EUVD-2025-203757

In the Linux kernel, the following vulnerability has been resolved: usbnet: Prevents free active kevent The root cause of this issue are: 1. When probing the usbnet device, executing usbnetlinkchangedev, 0, 0; put the kevent work in global workqueue. However, the kevent has not yet been scheduled...