kernel: ALSA: usb-audio: Validate UAC3 cluster segment descriptors

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Validate UAC3 cluster segment descriptors UAC3 class segment descriptors need to be verified whether their sizes match with the declared lengths and whether they fit with the allocated buffer sizes, too. Otherwis...

SUSE CVE-2025-68243

In the Linux kernel, the following vulnerability has been resolved: NFS: Check the TLS certificate fields in nfsmatchclient If the TLS security policy is of type RPCXPRTSECTLSX509, then the certserial and privkeyserial fields need to match as well since they define the client's identity, as...

SUSE CVE-2025-68311

In the Linux kernel, the following vulnerability has been resolved: tty: serial: ip22zilog: Use platform device for probing After commit 84a9582fd203 "serial: core: Start managing serial controllers to enable runtime PM" serial drivers need to provide a device in struct uartport.dev otherwise an...

EUVD-2025-203758

In the Linux kernel, the following vulnerability has been resolved: tty: serial: ip22zilog: Use platform device for probing After commit 84a9582fd203 "serial: core: Start managing serial controllers to enable runtime PM" serial drivers need to provide a device in struct uartport.dev otherwise an...

EUVD-2025-203793

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: Fix race condition between concurrent dwc3removerequests call paths This patch addresses a race condition caused by unsynchronized execution of multiple call paths invoking dwc3removerequests, leading to premature...

EUVD-2025-203790

In the Linux kernel, the following vulnerability has been resolved: most: usb: fix double free on late probe failure The MOST subsystem has a non-standard registration function which frees the interface on registration failures and on deregistration. This unsurprisingly leads to bugs in the MOST...

CVE-2025-68311

In the Linux kernel, the following vulnerability has been resolved: tty: serial: ip22zilog: Use platform device for probing After commit 84a9582fd203 "serial: core: Start managing serial controllers to enable runtime PM" serial drivers need to provide a device in struct uartport.dev otherwise an...

CVE-2025-68288

In the Linux kernel, the following vulnerability has been resolved: usb: storage: Fix memory leak in USB bulk transport A kernel memory leak was identified by the 'ioctlsg01' test from Linux Test Project LTP. The following bytes were mainly observed: 0x53425355. When USB storage devices incorrect...

CVE-2025-68290

In the Linux kernel, the following vulnerability has been resolved: most: usb: fix double free on late probe failure The MOST subsystem has a non-standard registration function which frees the interface on registration failures and on deregistration. This unsurprisingly leads to bugs in the MOST...

UBUNTU-CVE-2025-68282

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: udc: fix use-after-free in usbgadgetstatework A race condition during gadget teardown can lead to a use-after-free in usbgadgetstatework, as reported by KASAN: BUG: KASAN: invalid-access in sysfsnotify+0x2c/0xd0...

CVE-2025-68311

CVE-2025-68311 : In the Linux kernel, the ip22zilog serial driver was probing without a platform device in its uart_port.dev, which could trigger an oops. The fix switches the ip22zilog driver to a platform driver and initializes the serial device in the sgI-ip22 code, following the commit that s...

CVE-2025-68311 tty: serial: ip22zilog: Use platform device for probing

In the Linux kernel, the following vulnerability has been resolved: tty: serial: ip22zilog: Use platform device for probing After commit 84a9582fd203 "serial: core: Start managing serial controllers to enable runtime PM" serial drivers need to provide a device in struct uartport.dev otherwise an...

CVE-2025-68311 tty: serial: ip22zilog: Use platform device for probing

In the Linux kernel, the following vulnerability has been resolved: tty: serial: ip22zilog: Use platform device for probing After commit 84a9582fd203 "serial: core: Start managing serial controllers to enable runtime PM" serial drivers need to provide a device in struct uartport.dev otherwise an...

EUVD-2025-203653

In the Linux kernel, the following vulnerability has been resolved: NFS: Check the TLS certificate fields in nfsmatchclient If the TLS security policy is of type RPCXPRTSECTLSX509, then the certserial and privkeyserial fields need to match as well since they define the client's identity, as...

CVE-2025-68243

In the Linux kernel, the following vulnerability has been resolved: NFS: Check the TLS certificate fields in nfsmatchclient If the TLS security policy is of type RPCXPRTSECTLSX509, then the certserial and privkeyserial fields need to match as well since they define the client's identity, as...

CVE-2025-68243

In the Linux kernel, the following vulnerability has been resolved: NFS: Check the TLS certificate fields in nfsmatchclient If the TLS security policy is of type RPCXPRTSECTLSX509, then the certserial and privkeyserial fields need to match as well since they define the client's identity, as...

CVE-2025-68290

The CVE-2025-68290 entry corresponds to a Linux kernel issue in the MOST subsystem where a non-standard registration path frees the interface on registration failures and deregistration. This led to reference underflows, use-after-free, and multiple double-free conditions in MOST/USB-related driv...

CVE-2025-68290 most: usb: fix double free on late probe failure

In the Linux kernel, the following vulnerability has been resolved: most: usb: fix double free on late probe failure The MOST subsystem has a non-standard registration function which frees the interface on registration failures and on deregistration. This unsurprisingly leads to bugs in the MOST...

CVE-2025-68290 most: usb: fix double free on late probe failure

In the Linux kernel, the following vulnerability has been resolved: most: usb: fix double free on late probe failure The MOST subsystem has a non-standard registration function which frees the interface on registration failures and on deregistration. This unsurprisingly leads to bugs in the MOST...

CVE-2025-68288 usb: storage: Fix memory leak in USB bulk transport

In the Linux kernel, the following vulnerability has been resolved: usb: storage: Fix memory leak in USB bulk transport A kernel memory leak was identified by the 'ioctlsg01' test from Linux Test Project LTP. The following bytes were mainly observed: 0x53425355. When USB storage devices incorrect...