SUSE CVE-2022-49515

In the Linux kernel, the following vulnerability has been resolved: ASoC: cs35l41: Fix an out-of-bounds access in otppackedelementt The CS35L41NUMOTPELEM is 100, but only 99 entries are defined in the array otpmap1/2CS35L41NUMOTPELEM, this will trigger UBSAN to report a shift-out-of-bounds warnin...

SUSE CVE-2022-49517

In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: Fix missing ofnodeput in mt2701wm8960machineprobe This node pointer is returned by ofparsephandle with refcount incremented in this function. Calling ofnodeput to avoid the refcount leak...

SUSE CVE-2022-49615

In the Linux kernel, the following vulnerability has been resolved: ASoC: rt711-sdca: fix kernel NULL pointer dereference when IO error The initial settings will be written before the codec probe function. But, the rt711-component doesn't be assigned yet. If IO error happened during initial...

SUSE CVE-2022-49694

In the Linux kernel, the following vulnerability has been resolved: block: disable the elevator int delgendisk The elevator is only used for file system requests, which are stopped in delgendisk. Move disabling the elevator and freeing the scheduler tags to the end of delgendisk instead of doing...

AZL-58992 CVE-2024-57979 affecting package kernel for versions less than 5.15.180.1-1

In the Linux kernel, the following vulnerability has been resolved: pps: Fix a use-after-free On a board running ntpd and gpsd, I'm seeing a consistent use-after-free in sysexit from gpsd when rebooting: pps pps1: removed ------------ cut here ------------ kobject: 'null' 00000000db4bec24: is not...

UBUNTU-CVE-2025-21723

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix possible crash when setting up bsg fails If bsgsetupqueue fails, the bsgqueue is assigned a non-NULL value. Consequently, in mpi3mrbsgexit, the condition "if!mrioc-bsgqueue" will not be satisfied, preventing...

UBUNTU-CVE-2024-57979

In the Linux kernel, the following vulnerability has been resolved: pps: Fix a use-after-free On a board running ntpd and gpsd, I'm seeing a consistent use-after-free in sysexit from gpsd when rebooting: pps pps1: removed ------------ cut here ------------ kobject: 'null' 00000000db4bec24: is not...

CVE-2025-21745 blk-cgroup: Fix class @block_class's subsystem refcount leakage

In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Fix class @blockclass's subsystem refcount leakage blkcgfillrootiostats iterates over @blockclass's devices by classdeviterinit|next, but does not end iterating with classdeviterexit, so causes the class's subsystem...

CVE-2025-21745 blk-cgroup: Fix class @block_class's subsystem refcount leakage

In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Fix class @blockclass's subsystem refcount leakage blkcgfillrootiostats iterates over @blockclass's devices by classdeviterinit|next, but does not end iterating with classdeviterexit, so causes the class's subsystem...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an additional call to fwnodehandleput during removal by the media: i2c: ds90ub9x3 module...

Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-7294-2)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7294-2 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...

The vulnerability of the input/output subsystem of the Intel QuickAssist Technology (QAT) driver package allows a hacker to gain unauthorized access to protected information.

The vulnerability of the input/output subsystem of the Intel QuickAssist Technology QAT driver package is related to the use of a non-trusted pointer. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-7289-4)

"The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7289-4 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...

USN-7294-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - ACPI drivers; - Drivers core; - ATA over ethernet AOE driver; - TPM...

USN-7294-1 linux-azure, linux-azure-5.4, linux-bluefield, linux-gcp, linux-gcp-5.4, linux-ibm-5.4 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - ACPI drivers; - Drivers core; - ATA over ethernet AOE driver; - TPM...

USN-7295-1 linux-xilinx-zynqmp vulnerabilities

Ye Zhang and Nicolas Wu discovered that the iouring subsystem in the Linux kernel did not properly handle locking for rings with IOPOLL, leading to a double-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code...

USN-7295-1: Linux kernel vulnerabilities

Ye Zhang and Nicolas Wu discovered that the iouring subsystem in the Linux kernel did not properly handle locking for rings with IOPOLL, leading to a double-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code...

Security update for openssh

This update for openssh fixes the following issues: Security issues fixed: CVE-2025-26465: Fixed a MitM attack against OpenSSH's VerifyHostKeyDNS-enabled client bsc1237040 CVE-2025-26466: Fixed a DoS attack against OpenSSH's client and server bsc1237041 Other issues fixed: Fix ssh client segfault...

USN-7291-1 linux-gcp, linux-gcp-5.15, linux-gke vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - x86 architecture; - Block layer subsystem; - ACPI drivers; - GPU drivers; - HID subsystem; -...

USN-7293-1: Linux kernel vulnerabilities

Attila Szász discovered that the HFS+ file system implementation in the Linux Kernel contained a heap overflow vulnerability. An attacker could use a specially crafted file system image that, when mounted, could cause a denial of service system crash or possibly execute arbitrary code...