SUSE CVE-2025-38305

In the Linux kernel, the following vulnerability has been resolved: ptp: remove ptp-nvclocks check logic in ptpvclockinuse There is no disagreement that we should check both ptp-isvirtualclock and ptp-nvclocks to check if the ptp virtual clock is in use. However, when we acquire ptp-nvclocksmux t...

OESA-2025-1820 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: tipc: fix the msg-req tlv len check in tipcnlcompatnametabledumpheader This is a follow-up for commit 974cb0e3e7c9 "tipc: fix uninit-value in...

ASoC: imx-card: Add NULL check in imx_card_probe()

...

net: decrease cached dst counters in dst_release

...

RDMA/cma: Fix workqueue crash in cma_netevent_work_handler

...

jbd2: remove wrong sb->s_sequence check

...

SUSE CVE-2025-38299

In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8195: Set ETDM1/2 IN/OUT to COMPDUMMY ETDM2INBE and ETDM1OUTBE are defined as COMPEMPTY, in the case the codec dainame will be null. Avoid a crash if the device tree is not assigning a codec to these links...

SUSE CVE-2025-38308

In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Fix possible null-ptr-deref when initing hw Search result of avsdaifindpathtemplate shall be verified before being used. As 'template' is already known when avshwconstraintsinit is fired, drop the search entirel...

SUSE CVE-2025-38323

In the Linux kernel, the following vulnerability has been resolved: net: atm: add lecmutex syzbot found its way in net/atm/lec.c, and found an error path in lecdattach could leave a dangling pointer in devlec. Add a mutex to protect devlecp uses from lecdattach, lecvccattach and lecmcastattach...

CVE-2025-27061

Memory corruption whhile handling the subsystem failure memory during the parsing of video packets received from the video firmware...

DEBIAN-CVE-2025-38305

In the Linux kernel, the following vulnerability has been resolved: ptp: remove ptp-nvclocks check logic in ptpvclockinuse There is no disagreement that we should check both ptp-isvirtualclock and ptp-nvclocks to check if the ptp virtual clock is in use. However, when we acquire ptp-nvclocksmux t...

DEBIAN-CVE-2025-38299

In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8195: Set ETDM1/2 IN/OUT to COMPDUMMY ETDM2INBE and ETDM1OUTBE are defined as COMPEMPTY, in the case the codec dainame will be null. Avoid a crash if the device tree is not assigning a codec to these links...

UBUNTU-CVE-2025-38307

In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Verify content returned by parseintarray The first element of the returned array stores its length. If it is 0, any manipulation beyond the element at index 0 ends with null-ptr-deref...

Important: kernel

Issue Overview: An out-of-bounds read flaw was found in the Linux kernel's TeleTYpe subsystem. The issue occurs in how a user triggers a race condition using ioctls TIOCSPTLCK and TIOCGPTPEER and TIOCSTI and TCXONC with leakage of memory in the flushtoldisc function. This flaw allows a local user...

PT-2025-29025

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.15.0-rc6 Description: The Linux kernel contains a flaw within the ptp subsystem related to recursive locking. Specifically, the ptp vclock in use function includes a check for ptp-n vclocks that can lead to a...

PT-2025-33557

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw exists in the Linux kernel related to the rxrpc subsystem. Specifically, if an AF RXRPC service socket is opened and bound with preallocated calls, the rxrpc alloc incoming call...

PT-2025-28986 · Mediatek +1 · Mt8365 +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: This issue involves an invalid pointer dereference in the pinctrl: mediatek: eint subsystem for platforms using version 1 of the common driver. A commit introduced access to the soc...

PT-2025-28991 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a flaw within the networking subsystem. Specifically, a NULL dereference can occur in the rtnl create link function when dev-netdev ops is NULL, potentially...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix iasize underflow CVE-2022-48828 In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsocket: fix sk refcount leaks CVE-2024-46855 In the Linux kernel, the following...

PT-2025-29021

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw was identified in the Linux kernel's nvmem subsystem, specifically within the zynqmp nvmem driver. A recent change introduced an expectation for the device pointer to be passed ...