Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from failure to properly handle work queue failures, which could lead to a resource leak...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from mishandling of the schsfq queue, which could lead to null pointer dereferencing...

PT-2025-27694

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A race condition has been identified in the Linux kernel's RED Random Early Detection component. This issue occurs when the SFQ Stochastic Fairness Queuing perturb timer fires at an...

kernel: blk-mq: don't touch ->tagset in blk_mq_get_sq_hctx

A use-after-free vulnerability was found in the blkmqgetsqhctx function in the Linux kernel's block multiqueue blk-mq subsystem. This issue occurs when the function accesses the tagset pointer to determine the current default hardware context through mapping. If this access occurs after the tagse...

kernel: blk-mq: don't touch ->tagset in blk_mq_get_sq_hctx

A use-after-free vulnerability was found in the blkmqgetsqhctx function in the Linux kernel's block multiqueue blk-mq subsystem. This issue occurs when the function accesses the tagset pointer to determine the current default hardware context through mapping. If this access occurs after the tagse...

Asrmicro ASR Series 安全漏洞

Asrmicro ASR Series is a series of chips from Avantage Technology Asrmicro, a Chinese company. A security vulnerability exists in Asrmicro ASR Series, which originates from an improper resource release in the pbwork-queue.C file in the router module, which could lead to a resource leak...

PT-2025-33558

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A race condition exists between the spsc queue push function and the run-job worker, potentially causing job scheduling to halt and leading to hangs while waiting on DMA fences. This...

PT-2025-30120

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the networking scheduler where certain classful qdiscs may unexpectedly empty a child qdisc, leading to a use-after-free condition. This can occur whe...

Security Bulletin: RabbitMQ HTTP API Authorization Bypass Allows Unauthorized Queue Deletion

Summary RabbitMQ is a feature rich, multi-protocol messaging and streaming broker. In affected versions queue deletion via the HTTP API was not verifying the configure permission of the user. Users who had all of the following: 1. Valid credentials, 2. Some permissions for the target virtual host...

kernel: idpf: fix idpf_vc_core_init error path

In the Linux kernel, the following vulnerability has been resolved: idpf: fix idpfvccoreinit error path In an event where the platform running the device control plane is rebooted, reset is detected on the driver. It releases all the resources and waits for the reset to complete. Once the reset i...

The vulnerability of the mana_ib_install_cq_cb() function in the drivers/infiniband/hw/mana/cq.c file of the Linux operating system allows a hacker to compromise the confidentiality and accessibility of protected information.

The vulnerability of the manaibinstallcqcb function in the drivers/infiniband/hw/mana/cq.c file of the Linux operating system is related to the execution of operations outside of memory buffers. Exploiting this vulnerability could allow an attacker to compromise the confidentiality and...

SUSE-SU-2025:02090-1 Security update for the Linux Kernel (Live Patch 65 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122247 fixes several issues. The following security issues were fixed: - CVE-2022-49545: ALSA: usb-audio: Cancel pending work at closing a MIDI substream bsc1238730. - CVE-2022-49179: block, bfq: do not move oombfqq bsc1241331...

SUSE-SU-2025:02087-1 Security update for the Linux Kernel (Live Patch 64 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122244 fixes several issues. The following security issues were fixed: - CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inetcreate bsc1235231. - CVE-2022-49545: ALSA: usb-audio: Cancel pending work at closing a MIDI substream bsc1238730. ...

kernel: tipc: fix use-after-free Read in tipc_named_reinit

A vulnerability was found in the Linux kernel's Transparent Inter-Process Communication TIPC subsystem, allowing a use-after-free condition during the cleanup process. This issue arises when the kernel's work queue mechanism does not properly synchronize the destruction of TIPC namespaces with th...

kernel: mt76: fix use-after-free by removing a non-RCU wcid pointer

A vulnerability was found in the Linux kernel's mt76 wi-fi driver. A concurrency bug causes the mtxq TX queue to maintain a raw pointer to a wcid structure mtxq-wcid that might be freed by the time it is accessed. This issue can lead to a use-after-free scenario, leading to system instability,...

kernel: tipc: fix use-after-free Read in tipc_named_reinit

A vulnerability was found in the Linux kernel's Transparent Inter-Process Communication TIPC subsystem, allowing a use-after-free condition during the cleanup process. This issue arises when the kernel's work queue mechanism does not properly synchronize the destruction of TIPC namespaces with th...

kernel: tipc: fix use-after-free Read in tipc_named_reinit

A vulnerability was found in the Linux kernel's Transparent Inter-Process Communication TIPC subsystem, allowing a use-after-free condition during the cleanup process. This issue arises when the kernel's work queue mechanism does not properly synchronize the destruction of TIPC namespaces with th...

kernel: mt76: fix use-after-free by removing a non-RCU wcid pointer

A vulnerability was found in the Linux kernel's mt76 wi-fi driver. A concurrency bug causes the mtxq TX queue to maintain a raw pointer to a wcid structure mtxq-wcid that might be freed by the time it is accessed. This issue can lead to a use-after-free scenario, leading to system instability,...

SUSE CVE-2025-38083

In the Linux kernel, the following vulnerability has been resolved: netsched: prio: fix a race in priotune Gerrard Tai reported a race condition in PRIO, whenever SFQ perturb timer fires at the wrong time. The race is as follows: CPU 0 CPU 1 1: lock root 2: qdisctreeflushbacklog 3: unlock root | ...

CVE-2025-38083

In the Linux kernel, the following vulnerability has been resolved: netsched: prio: fix a race in priotune Gerrard Tai reported a race condition in PRIO, whenever SFQ perturb timer fires at the wrong time. The race is as follows: CPU 0 CPU 1 1: lock root 2: qdisctreeflushbacklog 3: unlock root | ...