USN-7294-3 linux-ibm vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - ACPI drivers; - Drivers core; - ATA over ethernet AOE driver; - TPM...

SUSE CVE-2024-58018

In the Linux kernel, the following vulnerability has been resolved: nvkm: correctly calculate the available space of the GSP cmdq buffer r535gspcmdqpush waits for the available page in the GSP cmdq buffer when handling a large RPC request. When it sees at least one available page in the cmdq, it...

SUSE CVE-2025-21778

In the Linux kernel, the following vulnerability has been resolved: tracing: Do not allow mmap of persistent ring buffer When trying to mmap a trace instance buffer that is attached to reservemem, it would crash: BUG: unable to handle page fault for address: ffffe97bd00025c8 PF: supervisor read...

CVE-2021-47634

In the Linux kernel, the following vulnerability has been resolved: ubi: Fix race condition between ctrlcdevioctl and ubicdevioctl Hulk Robot reported a KASAN report about use-after-free: ================================================================== BUG: KASAN: use-after-free in...

CVE-2025-21809 rxrpc, afs: Fix peer hash locking vs RCU callback

In the Linux kernel, the following vulnerability has been resolved: rxrpc, afs: Fix peer hash locking vs RCU callback In its address list, afs now retains pointers to and refs on one or more rxrpcpeer objects. The address list is freed under RCU and at this time, it puts the refs on those peers...

USN-7294-2 linux-aws, linux-oracle, linux-oracle-5.4 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - ACPI drivers; - Drivers core; - ATA over ethernet AOE driver; - TPM...

USN-7308-1 linux-aws vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - x86 architecture; - Block layer subsystem; - ACPI drivers; - GPU drivers; - HID subsystem; -...

USN-7289-4 linux-intel-iotg, linux-intel-iotg-5.15 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - x86 architecture; - Block layer subsystem; - ACPI drivers; - GPU drivers; - HID subsystem; -...

USN-7289-4: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - x86 architecture; - Block layer subsystem; - ACPI drivers; - GPU drivers; - HID subsystem; -...

AZL-57902 CVE-2025-21745 affecting package kernel for versions less than 5.15.179.1-1

In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Fix class @blockclass's subsystem refcount leakage blkcgfillrootiostats iterates over @blockclass's devices by classdeviterinit|next, but does not end iterating with classdeviterexit, so causes the class's subsystem...

CVE-2025-21745

In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Fix class @blockclass's subsystem refcount leakage blkcgfillrootiostats iterates over @blockclass's devices by classdeviterinit|next, but does not end iterating with classdeviterexit, so causes the class's subsystem...

DEBIAN-CVE-2024-58018

In the Linux kernel, the following vulnerability has been resolved: nvkm: correctly calculate the available space of the GSP cmdq buffer r535gspcmdqpush waits for the available page in the GSP cmdq buffer when handling a large RPC request. When it sees at least one available page in the cmdq, it...

UBUNTU-CVE-2024-58012

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda-dai: Ensure DAI widget is valid during params Each cpu DAI should associate with a widget. However, the topology might not create the right number of DAI widgets for aggregated amps. And it will cause NULL...

SUSE CVE-2021-47656

In the Linux kernel, the following vulnerability has been resolved: jffs2: fix use-after-free in jffs2clearxattrsubsystem When we mount a jffs2 image, assume that the first few blocks of the image are normal and contain at least one xattr-related inode, but the next block is abnormal. As a result...

SUSE CVE-2022-49121

In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix tag leaks on error In pm8001chipsetdevstatereq, pm8001chipfwflashupdatereq, pm80xxchipphyctlreq and pm8001chipregdevreq add missing calls to pm8001tagfree to free the allocated tag when pm8001mpibuildcmd fails...

SUSE CVE-2022-49239

In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd934x: Add missing ofnodeput in wcd934xcodecparsedata The devicenode pointer is returned by ofparsephandle with refcount incremented. We should use ofnodeput on it when done. This is similar to commit 64b92de9603f...

SUSE CVE-2022-49242

In the Linux kernel, the following vulnerability has been resolved: ASoC: mxs: Fix error handling in mxssgtl5000probe This function only calls ofnodeput in the regular path. And it will cause refcount leak in error paths. For example, when codecnp is NULL, saifnp0 and saifnp1 are not NULL, it wil...

SUSE CVE-2022-49406

In the Linux kernel, the following vulnerability has been resolved: block: Fix potential deadlock in blkiarangesysfsshow When being read, a sysfs attribute is already protected against removal with the kobject node active reference counter. As a result, in blkiarangesysfsshow, there is no need to...

SUSE CVE-2022-49490

In the Linux kernel, the following vulnerability has been resolved: drm/msm/mdp5: Return error code in mdp5piperelease when deadlock is detected mdp5getglobalstate runs the risk of hitting a -EDEADLK when acquiring the modeset lock, but currently mdp5piperelease doesn't check for if an error is...

SUSE CVE-2022-49514

In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: Fix error handling in mt8173max98090devprobe Call ofnodeputplatformnode to avoid refcount leak in the error path...