6095 matches found
Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2025-959)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-959 advisory. In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifsdumpfullkey CVE-2024-35866 In the Linux kernel, the following vulnerability has been...
SUSE CVE-2025-37823
In the Linux kernel, the following vulnerability has been resolved: netsched: hfsc: Fix a potential UAF in hfscdequeue too Similarly to the previous patch, we need to safe guard hfscdequeue too. But for this one, we don't have a reliable reproducer...
CVE-2025-37827
In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: return EIO on RAID1 block group write pointer mismatch There was a bug report about a NULL pointer dereference in btrfsaddfreespacezoned that ultimately happens because a conversion from the default metadata profile...
CVE-2025-37824
In the Linux kernel, the following vulnerability has been resolved: tipc: fix NULL pointer dereference in tipcmonreinitself syzbot reported: tipc: Node number set to 1055423674 Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 1 SMP KASAN NOPTI KASAN:...
CVE-2025-37823
In the Linux kernel, the following vulnerability has been resolved: netsched: hfsc: Fix a potential UAF in hfscdequeue too Similarly to the previous patch, we need to safe guard hfscdequeue too. But for this one, we don't have a reliable reproducer...
CVE-2025-37819
In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v2m: Prevent use after free of gicv2mgetfwnode With ACPI in place, gicv2mgetfwnode is registered with the pci subsystem as pcimsigetfwnodecb, which may get invoked at runtime during a PCI host bridge probe. But, the...
CVE-2025-37813
In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Fix invalid pointer dereference in Etron workaround This check is performed before preparetransfer and preparering, so enqueue can already point at the final link TRB of a segment. And indeed it will, some 0.4% of time...
CVE-2023-53100
In the Linux kernel, the following vulnerability has been resolved: ext4: fix WARNING in ext4updateinlinedata Syzbot found the following issue: EXT4-fs loop0: mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: none. fscrypt: AES-256-CTS-CBC using implementation...
CVE-2023-53098
In the Linux kernel, the following vulnerability has been resolved: media: rc: gpio-ir-recv: add remove function In case runtime PM is enabled, do runtime PM clean up to remove cpu latency qos request, otherwise driver removal may have below kernel dump: 19.463299 Unable to handle kernel NULL...
CVE-2023-53143
In the Linux kernel, the following vulnerability has been resolved: ext4: fix another off-by-one fsmap error on 1k block filesystems Apparently syzbot figured out that issuing this FSMAP call: struct fsmaphead cmd = .fmhcount = ...; .fmhkeys = .fmrdevice = / ext4 dev /, .fmrphysical = 0, ,...
CVE-2023-53122
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
CVE-2023-53134
In the Linux kernel, the following vulnerability has been resolved: bnxten: Avoid order-5 memory allocation for TPA data The driver needs to keep track of all the possible concurrent TPA GRO/LRO completions on the aggregation ring. On P5 chips, the maximum number of concurrent TPA is 256 and the...
CVE-2023-53130
Removed by vendor...
CVE-2023-53129
Removed by vendor...
CVE-2023-53126
In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix sashba.phy memory leak in mpi3mrremove Free mrioc-sashba.phy at .remove...
CVE-2023-53114
In the Linux kernel, the following vulnerability has been resolved: i40e: Fix kernel crash during reboot when adapter is in recovery mode If the driver detects during probe that firmware is in recovery mode then i40einitrecoverymode is called and the rest of probe function is skipped including...
CVE-2023-53102
In the Linux kernel, the following vulnerability has been resolved: ice: xsk: disable txq irq before flushing hw iceqpdis intends to stop a given queue pair that is a target of xsk pool attach/detach. One of the steps is to disable interrupts on these queues. It currently is broken in a way that...
CVE-2023-53100 ext4: fix WARNING in ext4_update_inline_data
In the Linux kernel, the following vulnerability has been resolved: ext4: fix WARNING in ext4updateinlinedata Syzbot found the following issue: EXT4-fs loop0: mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: none. fscrypt: AES-256-CTS-CBC using implementation...
CVE-2023-53099
In the Linux kernel, the following vulnerability has been resolved: firmware: xilinx: don't make a sleepable memory allocation from an atomic context The following issue was discovered using lockdep: 6.691371 BUG: sleeping function called from invalid context at include/linux/sched/mm.h:209...
CVE-2023-53098
In the Linux kernel, the following vulnerability has been resolved: media: rc: gpio-ir-recv: add remove function In case runtime PM is enabled, do runtime PM clean up to remove cpu latency qos request, otherwise driver removal may have below kernel dump: 19.463299 Unable to handle kernel NULL...