The vulnerability of the ethtool_getPhyStats_ethtool() function in the Linux kernel’s network subsystem allows a hacker to cause a service failure.

The vulnerability of the ethtoolgetPhyStatsethtool function in the Linux kernel’s network subsystem is related to read misses beyond the boundary. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the module parameter function module arch/x86/kvm/vmx/vmx.c in the virtualization subsystem of the Linux operating system’s x86 kernel allows a attacker to cause a service failure.

The vulnerability of the module parameter function module arch/x86/kvm/vmx/vmx.c in the virtualization subsystem of the Linux operating system’s x86 kernel is related to code errors. Exploiting this vulnerability could allow an attacker to cause a service failure...

Vulnerability of RDMA/hns components of Linux operating system cores, allowing attackers to cause service interruptions

The vulnerability of RDMA/hns components of the Linux operating system is related to improper locking mechanisms. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the Linux operating system’s ASoC kernel component, which allows a hacker to cause a service failure

The vulnerability of the Linux operating system’s ASoC kernel component is related to the assignment of the NULL pointer in the function asocqcomlpasscpuplatformprobe in sound/soc/qcom/lpass-cpu.c. Exploiting this vulnerability could allow an attacker to cause a service failure...

PT-2025-29014

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw exists in the Linux kernel's wifi subsystem, specifically within the ath12k driver. A null access issue occurs in the assign channel context handler when ath12k mac assign vif t...

CLSA-2025-1742471200 kernel: Fix of 19 CVEs

net: defer final 'struct net' free in netns dismantle CVE-2024-56658 - smb: client: fix potential deadlock when releasing mids CVE-2023-52757 - tcp/dccp: Don't use timerpending in reqskqueueunlink. CVE-2024-50154 - ALSA: 6fire: Release resources at card release CVE-2024-53239 - smb: client: fix...

kernel: PCI/PM: Drain runtime-idle callbacks before driver removal

A vulnerability was found in the PCI subsystem in the Linux kernel, where runtime-idle callbacks are not always drained before a PCI driver is removed. If these callbacks are still active when the driver is removed, it could result in system instability or crashes...

Security update for the Linux Kernel (Live Patch 35 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024147 fixes one issue. The following security issue was fixed: CVE-2024-56648: net: hsr: avoid potential out-of-bound access in fillframeinfo bsc1235452. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods li...

CLSA-2025-1742319829 Fix of 27 CVEs

CVE-url: https://ubuntu.com/security/CVE-2023-52522 - net: fix possible store tearing in neighperiodicwork CVE-url: https://ubuntu.com/security/CVE-2024-40911 - wifi: cfg80211: Lock wiphy in cfg80211getstation CVE-url: https://ubuntu.com/security/CVE-2024-43863 - drm/vmwgfx: Fix a deadlock in dma...

PT-2025-20490

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue concerns the Linux kernel, specifically the jbd2 component. It involves a wrong check for journal emptiness, which is not determined by sb-s sequence == 0 but rather by sb-s...

blk-cgroup: Fix class @block_class's subsystem refcount leakage

...

The vulnerability of the compatibility subsystem’s kernel allows for the execution of Linux applications on Windows operating systems through the Windows Subsystem for Linux (WSL2). This enables attackers to execute arbitrary code.

The vulnerability in the kernel of the compatibility subsystem for running Linux applications, namely Windows Subsystem for Linux WSL2 on Windows operating systems, involves a pointer manipulation issue. Exploiting this vulnerability allows an attacker to execute arbitrary code...

CVE-2025-24084

Untrusted pointer dereference in Windows Subsystem for Linux allows an unauthorized attacker to execute code locally...

CVE-2025-24983

Use after free in Windows Win32 Kernel Subsystem allows an authorized attacker to elevate privileges locally...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-49080: mm/mempolicy: fix mpolnew leak in sharedpolicyreplace bsc1238033. CVE-2024-53135: KVM: VMX: Bury Intel PT virtualization guest/host mode behind...

USN-7344-2: Linux kernel vulnerabilities

Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2024-23848 Attila Szász discovered that the HFS+ file system...

USN-7328-2: Linux kernel vulnerabilities

Attila Szász discovered that the HFS+ file system implementation in the Linux Kernel contained a heap overflow vulnerability. An attacker could use a specially crafted file system image that, when mounted, could cause a denial of service system crash or possibly execute arbitrary code...

USN-7332-3 linux-lts-xenial vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PowerPC architecture; - Block layer subsystem; - GPIO subsystem; - GPU drivers; - Media drivers; - Network drivers;...

The vulnerability of the Windows Win32 Kernel Subsystem, which allows a hacker to elevate their privileges to a system level.

The vulnerability of the Windows Win32 Kernel Subsystem in the operating system is related to the possibility of exploiting memory after it is freed. Exploiting this vulnerability can allow an attacker to elevate their privileges to a system-level level...

DEBIAN-CVE-2025-21845

In the Linux kernel, the following vulnerability has been resolved: mtd: spi-nor: sst: Fix SST write failure 'commit 18bcb4aa54ea "mtd: spi-nor: sst: Factor out common write operation to sstnorwritedata"' introduced a bug where only one byte of data is written, regardless of the number of bytes...