PT-2025-22243

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak issue has been identified in the Linux kernel, specifically in the wifi module wl1251. The problem occurs when the wl1251 ps elp wakeup function fails with a -ETIMEDOUT...

SUSE CVE-2025-21884

In the Linux kernel, the following vulnerability has been resolved: net: better track kernel sockets lifetime While kernel sockets are dismantled during pernetoperations-exit, their freeing can be delayed by any tx packets still held in qdisc or device queues, due to skbsetownerw prior calls. Thi...

DEBIAN-CVE-2025-21868

In the Linux kernel, the following vulnerability has been resolved: net: allow small head cache usage with large MAXSKBFRAGS values Sabrina reported the following splat: WARNING: CPU: 0 PID: 1 at net/core/dev.c:6935 netifnapiaddweightlocked+0x8f2/0xba0 Modules linked in: CPU: 0 UID: 0 PID: 1 Comm...

Linux kernel 资源管理错误漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A resource management error vulnerability exists in Linux kernel that stems from the ethskbpkttype function accessing skb data that does not contain an Ethernet header, which...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from ipvlan not ensuring that the network header is in the linear portion of the skb, which could lead to...

SUSE CVE-2025-21852

In the Linux kernel, the following vulnerability has been resolved: net: Add rxskb of kfreeskb to rawtpnullargs. Yan Zhai reported a BPF prog could trigger a null-ptr-deref 0 in tracekfreeskb if the prog does not check if rxsk is NULL. Commit c53795d48ee8 "net: add rxsk to tracekfreeskb" added rx...

SUSE CVE-2025-21864

In the Linux kernel, the following vulnerability has been resolved: tcp: drop secpath at the same time as we currently drop dst Xiumei reported hitting the WARN in xfrm6tunnelnetexit while running tests that boil down to: - create a pair of netns - run a basic TCP test over ipcomp6 - delete the...

CVE-2025-21864 tcp: drop secpath at the same time as we currently drop dst

In the Linux kernel, the following vulnerability has been resolved: tcp: drop secpath at the same time as we currently drop dst Xiumei reported hitting the WARN in xfrm6tunnelnetexit while running tests that boil down to: - create a pair of netns - run a basic TCP test over ipcomp6 - delete the...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from accessing a skb's memory even after it has been sent, potentially leading to reuse after release...

DEBIAN-CVE-2025-21788

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ti: am65-cpsw: fix memleak in certain XDP cases If the XDP program doesn't result in XDPPASS then we leak the memory allocated by am65cpswbuildskb. It is pointless to allocate SKB memory before running the XDP...

DEBIAN-CVE-2025-21774

In the Linux kernel, the following vulnerability has been resolved: can: rockchip: rkcanfdhandlerxfifooverflowint: bail out if skb cannot be allocated Fix NULL pointer check in rkcanfdhandlerxfifooverflowint to bail out if skb cannot be allocated...

DEBIAN-CVE-2025-21758

In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: add RCU protection to mldnewpack mldnewpack can be called without RTNL or RCU being held. Note that we no longer can use sockallocsendskb because ipv6.igmpsk uses GFPKERNEL allocations which can sleep. Instead use...

UBUNTU-CVE-2025-21788

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ti: am65-cpsw: fix memleak in certain XDP cases If the XDP program doesn't result in XDPPASS then we leak the memory allocated by am65cpswbuildskb. It is pointless to allocate SKB memory before running the XDP...

UBUNTU-CVE-2025-21775

In the Linux kernel, the following vulnerability has been resolved: can: ctucanfd: handle skb allocation failure If skb allocation fails, the pointer to struct canframe is NULL. This is actually handled everywhere inside ctucanerrinterrupt except for the only place. Add the missed NULL check. Fou...

SUSE CVE-2022-49051

In the Linux kernel, the following vulnerability has been resolved: net: usb: aqc111: Fix out-of-bounds accesses in RX fixup aqc111rxfixup contains several out-of-bounds accesses that can be triggered by a malicious or defective USB device, in particular: - The metadata array...

SUSE CVE-2022-49142

In the Linux kernel, the following vulnerability has been resolved: net: preserve skbendoffset in skbunclonekeeptruesize syzbot found another way to trigger the infamous WARNONONCEdelta truesize value, we also need to make sure TCP wont fill new tailroom that pskbexpandhead was able to get from a...

SUSE CVE-2022-49153

In the Linux kernel, the following vulnerability has been resolved: wireguard: socket: free skb in send6 when ipv6 is disabled I got a memory leak report: unreferenced object 0xffff8881191fc040 size 232: comm "kworker/u17:0", pid 23193, jiffies 4295238848 age 3464.870s hex dump first 32 bytes: 00...

SUSE CVE-2022-49275

In the Linux kernel, the following vulnerability has been resolved: can: mcan: mcantxhandler: fix use after free of skb canputechoskb will clone skb then free the skb. Move the canputechoskb for the mcan version 3.0.x directly before the start of the xmit in hardware, similar to the 3.1.x branch...

SUSE CVE-2022-49369

In the Linux kernel, the following vulnerability has been resolved: amt: fix possible memory leak in amtrcv If an amt receives packets and it finds socket. If it can't find a socket, it should free a received skb. But it doesn't. So, a memory leak would possibly occur...

SUSE CVE-2022-49470

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btmtksdio: fix use-after-free at btmtksdiorecvevent We should not access skb buffer data anymore after hcirecvframe was called. 39.634809 BUG: KASAN: use-after-free in btmtksdiorecvevent+0x1b0 39.634855 Read of size 1 ...