Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix invalid address access in lookuprec when index is 0 CVE-2023-53075 In the Linux kernel, the following vulnerability has been resolved: ext4: fix task hung in ext4xattrdeleteinode CVE-2023-53089 In the...

kernel: Bluetooth: Fix use after free in hci_send_acl

A vulnerability was found in the Linux kernel's Bluetooth subsystem in the hcidisconnphylinkcompleteevt function. Improper cleanup and reference handling can lead to a connection object, hcon, being freed and then later accessed during a subsequent function call. This issue can lead to a...

kernel: Bluetooth: Fix use after free in hci_send_acl

A vulnerability was found in the Linux kernel's Bluetooth subsystem in the hcidisconnphylinkcompleteevt function. Improper cleanup and reference handling can lead to a connection object, hcon, being freed and then later accessed during a subsequent function call. This issue can lead to a...

kernel: Bluetooth: hci_sync: Fix queuing commands when HCI_UNREGISTER is set

A vulnerability was found in the Linux kernel's Bluetooth subsystem in the hcicmdsyncqueue function. There was a missing check for whether the HCIUNREGISTER flag had been set, meaning that commands were still sent even as the Bluetooth device was being unregistered. This issue could lead to a...

kernel: Bluetooth: Fix use after free in hci_send_acl

A vulnerability was found in the Linux kernel's Bluetooth subsystem in the hcidisconnphylinkcompleteevt function. Improper cleanup and reference handling can lead to a connection object, hcon, being freed and then later accessed during a subsequent function call. This issue can lead to a...

PT-2025-31082

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw was discovered in the Linux kernel related to the soundwire subsystem. A reverted commit introduced issues affecting the Dragonboard 845c sdm845 platform, leading to kernel BRK...

PT-2025-28879

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a flaw in the atm subsystem, specifically within the clip push function. A missing check allows clip push to be called with a NULL socket buffer skb by vcc...

SUSE CVE-2025-38185

In the Linux kernel, the following vulnerability has been resolved: atm: atmtcp: Free invalid length skb in atmtcpcsend. syzbot reported the splat below. 0 vccsendmsg copies data passed from userspace to skb and passes it to vcc-dev-ops-send. atmtcpcsend accesses skb-data as struct atmtcphdr afte...

USN-7607-3: Linux kernel (KVM) vulnerabilities

It was discovered that a use-after-free vulnerability existed in the Bluetooth stack in the Linux kernel. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-3640 Several security issues were discovered in the Linux kernel. An...

USN-7607-3 linux-kvm vulnerabilities

It was discovered that a use-after-free vulnerability existed in the Bluetooth stack in the Linux kernel. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-3640 Several security issues were discovered in the Linux kernel. An...

USN-7627-2: Linux kernel (FIPS) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PowerPC architecture; - Block layer subsystem; - ACPI drivers; - NILFS2 file system; - File systems infrastructure;...

USN-7627-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PowerPC architecture; - Block layer subsystem; - ACPI drivers; - NILFS2 file system; - File systems infrastructure;...

USN-7594-3 linux-aws, linux-oracle vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - PowerPC architecture; - RISC-V architecture; - User-Mode Linux UML; - x...

CVE-2025-49667

Double free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally...

CVE-2025-49667 Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability

...

CVE-2025-27061

Memory corruption whhile handling the subsystem failure memory during the parsing of video packets received from the video firmware...

CVE-2025-27061

CVE-2025-27061 is a Qualcomm vulnerability in the Video subsystem: memory corruption/out-of-bounds write while parsing video packets from the video firmware during subsystem-failure memory handling. Affected: Qualcomm Video (closed- or firmware components) within the device’s video pipeline. Impa...

CVE-2025-27061 Out-of-bounds Write in Video

Memory corruption whhile handling the subsystem failure memory during the parsing of video packets received from the video firmware...

kernel: md: fix mddev uaf while iterating all_mddevs list

A flaw was discovered in the Linux kernel’s MD multiple device subsystem during iteration over the allmddevs list in functions such as mdnotifyreboot and mdexit. The code used listforeachentrysafe, but released locks before completing reference counting, allowing concurrent deletion and freeing o...

Qualcomm Chipsets 缓冲区错误漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A buffer error vulnerability exists in Qualcomm Chipsets, which arises from a memory corruption that occurs when parsing video packets from the video firmware when the processing subsystem fails memory...