CVE-2025-37797 net_sched: hfsc: Fix a UAF vulnerability in class handling

In the Linux kernel, the following vulnerability has been resolved: netsched: hfsc: Fix a UAF vulnerability in class handling This patch fixes a Use-After-Free vulnerability in the HFSC qdisc class handling. The issue occurs due to a time-of-check/time-of-use condition in hfscchangeclass when...

USN-7475-1 linux-xilinx-zynqmp vulnerabilities

Jann Horn discovered that the watchqueue event notification subsystem in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service system crash or escalate their privileges. CVE-2022-0995 Several security issues were discovered i...

SUSE CVE-2025-23151

In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: Fix race between unprepare and queuebuf A client driver may use mhiunpreparefromtransfer to quiesce incoming data during the client driver's tear down. The client driver might also be processing data at the same...

SUSE CVE-2025-23158

In the Linux kernel, the following vulnerability has been resolved: media: venus: hfi: add check to handle incorrect queue size qsize represents size of shared queued between driver and video firmware. Firmware can modify this value to an invalid large value. In such situation, emptyspace will be...

SUSE CVE-2025-37759

In the Linux kernel, the following vulnerability has been resolved: ublk: fix handling recovery & reissue in ublkabortqueue Commit 8284066946e6 "ublk: grab request reference when the request is handled by userspace" doesn't grab request reference in case of recovery reissue. Then the request can ...

SUSE CVE-2025-37772

In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Fix workqueue crash in cmaneteventworkhandler struct rdmacmid has member "struct workstruct network" that is reused for enqueuing cmaneteventworkhandlers onto cmawq. Below crash1 can occur if more than one call to...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the ice driver not disabling the txq interrupt before refreshing the hardware, which could lead to null...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the intel-ish-hid driver not properly canceling a work queue, which could lead to reuse after release...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the removal of an unnecessary qlen check from the codel...

CVE-2025-27365

IBM MQ Operator LTS 2.0.0 through 2.0.29, MQ Operator CD 3.0.0, 3.0.1, 3.1.0 through 3.1.3, 3.3.0, 3.4.0, 3.4.1, 3.5.0, 3.5.1, and MQ Operator SC2 3.2.0 through 3.2.10 Client connecting to a MQ Queue Manager can cause a SIGSEGV in the AMQRMPPA channel process terminating it...

DEBIAN-CVE-2022-49901

In the Linux kernel, the following vulnerability has been resolved: blk-mq: Fix kmemleak in blkmqinitallocatedqueue There is a kmemleak caused by modprobe nullblk.ko unreferenced object 0xffff8881acb1f000 size 1024: comm "modprobe", pid 836, jiffies 4294971190 age 27.068s hex dump first 32 bytes:...

DEBIAN-CVE-2022-49904

In the Linux kernel, the following vulnerability has been resolved: net, neigh: Fix null-ptr-deref in neightableclear When IPv6 module gets initialized but hits an error in the middle, kenel panic with: KASAN: null-ptr-deref in range 0x0000000000000598-0x000000000000059f CPU: 1 PID: 361 Comm:...

AZL-61715 CVE-2022-49901 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: blk-mq: Fix kmemleak in blkmqinitallocatedqueue There is a kmemleak caused by modprobe nullblk.ko unreferenced object 0xffff8881acb1f000 size 1024: comm "modprobe", pid 836, jiffies 4294971190 age 27.068s hex dump first 32 bytes:...

DEBIAN-CVE-2022-49814

In the Linux kernel, the following vulnerability has been resolved: kcm: close race conditions on skreceivequeue sk-skreceivequeue is protected by skb queue lock, but for KCM sockets its RX path takes mux-rxlock to protect more than just skb queue. However, kcmrecvmsg still only grabs the skb que...

CVE-2022-49814

In the Linux kernel, the following vulnerability has been resolved: kcm: close race conditions on skreceivequeue sk-skreceivequeue is protected by skb queue lock, but for KCM sockets its RX path takes mux-rxlock to protect more than just skb queue. However, kcmrecvmsg still only grabs the skb que...

UBUNTU-CVE-2022-49814

In the Linux kernel, the following vulnerability has been resolved: kcm: close race conditions on skreceivequeue sk-skreceivequeue is protected by skb queue lock, but for KCM sockets its RX path takes mux-rxlock to protect more than just skb queue. However, kcmrecvmsg still only grabs the skb que...

UBUNTU-CVE-2022-49904

In the Linux kernel, the following vulnerability has been resolved: net, neigh: Fix null-ptr-deref in neightableclear When IPv6 module gets initialized but hits an error in the middle, kenel panic with: KASAN: null-ptr-deref in range 0x0000000000000598-0x000000000000059f CPU: 1 PID: 361 Comm:...

DEBIAN-CVE-2025-37794

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Purge vif txq in ieee80211dostop After ieee80211dostop SKB from vif's txq could still be processed. Indeed another concurrent vif scheduleandwaketxq call could cause those packets to be dequeued see...

UBUNTU-CVE-2025-37794

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Purge vif txq in ieee80211dostop After ieee80211dostop SKB from vif's txq could still be processed. Indeed another concurrent vif scheduleandwaketxq call could cause those packets to be dequeued see...

CVE-2022-49904 net, neigh: Fix null-ptr-deref in neigh_table_clear()

In the Linux kernel, the following vulnerability has been resolved: net, neigh: Fix null-ptr-deref in neightableclear When IPv6 module gets initialized but hits an error in the middle, kenel panic with: KASAN: null-ptr-deref in range 0x0000000000000598-0x000000000000059f CPU: 1 PID: 361 Comm:...