kernel: block: fix uaf for flush rq while iterating tags

In the Linux kernel, the following vulnerability has been resolved: block: fix uaf for flush rq while iterating tags blkmqclearflushrqmapping is not called during scsi probe, by checking blkqueueinitdone. However, QUEUEFLAGINITDONE is cleared in delgendisk by commit aec89dc5d421 "block: keep...

kernel: ASoC: SOF: stream-ipc: Check for cstream nullity in sof_ipc_msg_data()

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: stream-ipc: Check for cstream nullity in sofipcmsgdata The nullity of sps-cstream should be checked similarly as it is done in sofsetstreamdataoffset function. Assuming that it is not NULL if sps-stream is NULL is...

kernel: ASoC: SOF: Intel: hda-dai: Ensure DAI widget is valid during params

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda-dai: Ensure DAI widget is valid during params Each cpu DAI should associate with a widget. However, the topology might not create the right number of DAI widgets for aggregated amps. And it will cause NULL...

kernel: ASoC: soc-pcm: don't use soc_pcm_ret() on .prepare callback

In the Linux kernel, the following vulnerability has been resolved: ASoC: soc-pcm: don't use socpcmret on .prepare callback commit 1f5664351410 "ASoC: lower "no backend DAIs enabled for ... Port" log severity" ignores -EINVAL error message on common socpcmret. It is used from many functions,...

Windows Subsystem for Linux GUI Remote Code Execution Vulnerability

Heap-based buffer overflow in Windows Subsystem for Linux GUI allows an unauthorized attacker to execute code over a network...

KLA90059 Multiple vulnerability in Microsoft Open Source Software

A remote code execution vulnerability was found in Microsoft Open Source Software. Malicious users can exploit this vulnerability to execute arbitrary code, bypass security restrictions. Original advisories CVE-2025-62220 Related products Microsoft-Windows CVE list CVE-2025-62220 critical Solutio...

PT-2025-52903

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.0+ 3 Description The Linux kernel contains a race condition within the macintosh/mac hid subsystem, specifically in the mac hid toggle emumouse function. This issue arises when multiple processes concurrently...

PT-2025-46513

Name of the Vulnerable Software and Affected Versions Windows Subsystem for Linux GUI affected versions not specified Description A heap-based buffer overflow exists in the Windows Subsystem for Linux GUI component. This flaw allows an unauthorized attacker to execute code over a network by sendi...

Microsoft Windows Subsystem for Linux 安全漏洞

Microsoft Windows Subsystem for Linux WSL is a Microsoft Windows Subsystem for Linux, a compatibility layer capable of running native Linux binary executables ELF format. A security vulnerability exists in the Microsoft Windows Subsystem for Linux GUI. An attacker can exploit the vulnerability to...

PT-2025-51635

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue in the pinctrl subsystem, specifically within the s32cc driver. The s32 pinctrl desc structure is allocated using devm kmalloc, but not all of its fiel...

Ubuntu Pro FIPS 16.04 LTS : Linux kernel (FIPS) vulnerabilities (USN-7865-1)

"The remote Ubuntu Pro FIPS 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7865-1 advisory. Jean-Claude Graf, Sandro Regge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor...

USN-7865-1: Linux kernel (FIPS) vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

USN-7865-1 linux-fips vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

Ubuntu 22.04 LTS / 24.04 LTS : Linux kernel (GCP and GKE) vulnerabilities (USN-7864-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7864-1 advisory. Jean-Claude Graf, Sandro Regge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor...

PT-2025-51685

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to the ASoC SDCA component and parsing of the mipi-sdca-control-cn-list. The struct sdca control declares a values field as an integer array, bu...

USN-7853-3: Linux kernel (Azure) vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

USN-7853-3 linux-azure, linux-azure-4.15 vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

USN-7861-2 linux-realtime, linux-realtime-6.8 vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

USN-7861-2: Linux kernel (Real-time) vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

USN-7864-1: Linux kernel (GCP and GKE) vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...