DEBIAN-CVE-2025-22119

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: init wiphywork before allocating rfkill fails syzbort reported a uninitialize wiphyworklock in cfg80211devfree. 1 After rfkill allocation fails, the wiphy release process will be performed, which will cause...

DEBIAN-CVE-2025-22126

In the Linux kernel, the following vulnerability has been resolved: md: fix mddev uaf while iterating allmddevs list While iterating allmddevs list from mdnotifyreboot and mdexit, listforeachentrysafe is used, and this can race with deletint the next mddev, causing UAF: t1: spinlock...

CVE-2025-22121

In the Linux kernel, the following vulnerability has been resolved: ext4: fix out-of-bound read in ext4xattrinodedecrefall There's issue as follows: BUG: KASAN: use-after-free in ext4xattrinodedecrefall+0x6ff/0x790 Read of size 4 at addr ffff88807b003000 by task syz-executor.0/15172 CPU: 3 PID:...

CVE-2025-22107

In the Linux kernel, the following vulnerability has been resolved: net: dsa: sja1105: fix kasan out-of-bounds warning in sja1105tabledeleteentry There are actually 2 problems: - deleting the last element doesn't require the memmove of elements i + 1, end over it. Actually, element i+1 is out of...

UBUNTU-CVE-2025-22066

In the Linux kernel, the following vulnerability has been resolved: ASoC: imx-card: Add NULL check in imxcardprobe devmkasprintf returns NULL when memory allocation fails. Currently, imxcardprobe does not check for this case, which results in a NULL pointer dereference. Add NULL check after...

UBUNTU-CVE-2025-22096

In the Linux kernel, the following vulnerability has been resolved: drm/msm/gem: Fix error code msmparsedeps The SUBMITERROR macro turns the error code negative. This extra '-' operation turns it back to positive EINVAL again. The error code is passed to ERRPTR and since positive values are not a...

CVE-2025-22111

In the Linux kernel, the following vulnerability has been resolved: net: Remove RTNL dance for SIOCBRADDIF and SIOCBRDELIF. SIOCBRDELIF is passed to devioctl first and later forwarded to brioctlcall, which causes unnecessary RTNL dance and the splat below 0 under RTNL pressure. Let's say Thread A...

CVE-2024-58095

In the Linux kernel, the following vulnerability has been resolved: jfs: add check read-only before txBeginAnon call Added a read-only check before calling txBeginAnon in extAlloc and extRecord. This prevents modification attempts on a read-only mounted filesystem, avoiding potential errors or...

AZL-61688 CVE-2025-22018 affecting package kernel for versions less than 6.6.92.2-1

In the Linux kernel, the following vulnerability has been resolved: atm: Fix NULL pointer dereference When MPOAcacheimposrcvd receives the msg, it can trigger Null Pointer Dereference Vulnerability if both entry and holdingtime are NULL. Because there is only for the situation where entry is NULL...

PT-2025-38571

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the wifi subsystem, specifically in the cfg80211 component, leading to a use-after-free condition in the cmp bss function. This issue was addresse...

PT-2025-29011

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw exists in the Linux kernel's wifi subsystem, specifically within the ath12k driver. The issue involves the potential for sending Wireless Management Interface WMI commands to th...

PT-2025-38568

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the Bluetooth subsystem’s virtual HCI vhci component. A use-after-free condition can occur due to debugfs files such as force suspend and force...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: block, bfq: don't move oombfqq CVE-2022-49179 In the Linux kernel, the following vulnerability has been resolved: macsec: fix UAF bug for realdev CVE-2022-49390 In the Linux kernel, the following vulnerability has...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: block, bfq: don't move oombfqq CVE-2022-49179 In the Linux kernel, the following vulnerability has been resolved: macsec: fix UAF bug for realdev CVE-2022-49390 In the Linux kernel, the following vulnerability has...

Important: git

Issue Overview: A flaw was found in the git fast-import command where it provides the export-marks feature that may unexpectedly overwrite arbitrary paths. An attacker can abuse this flaw if they can control the input passed to the fast-import command by using the export-marks feature and overwri...

The vulnerability of the hci_conn_del_sysfs() function in the net/bluetooth/hci_sysfs.c module of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the hciconndelsysfs function in the net/bluetooth/hcisysfs.c module of the Linux kernel is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the...

Important: kernel6.12

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: nfsd: fix legacy client tracking initialization CVE-2024-58092 In the Linux kernel, the following vulnerability has been resolved: keys: Fix UAF in keyput CVE-2025-21893 In the Linux kernel, the following...

The vulnerability of the pc_clock_settime() function in the kernel/time/posix-clock.c module of the Linux kernel’s timer subsystem allows a hacker to cause a system failure.

The vulnerability of the pcclocksettime function in the kernel/time/posix-clock.c module of the Linux timer subsystem is related to insufficient checking of exceptional conditions. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the kmem_cache_open() function in the mm/slub.c module of the Linux kernel’s memory management subsystem allows a hacker to induce a service failure.

The vulnerability of the kmemcacheopen function in the mm/slub.c module of the Linux kernel’s memory management subsystem is related to improper memory release before deleting the last reference „memory leak“. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the kvm_page_track_cleanup() function in the arch/x86/kvm/mmu/pageTrack.c module of the virtualization subsystem on the Linux kernel-based x86 platform allows a attacker to cause a service failure.

The vulnerability of the kvmpagetrackcleanup function in the arch/x86/kvm/mmu/pageTrack.c module of the virtualization subsystem on the Linux kernel-based x86 platform is related to the dereferencing of the NULL pointer. Exploiting this vulnerability could allow an attacker to cause a service...