USN-7654-1 linux, linux-aws, linux-aws-5.15, linux-gcp, linux-gcp-5.15, linux-gke, linux-gkeop, linux-hwe-5.15, linux-ibm, linux-ibm-5.15, linux-intel-iotg, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-nvidia-tegra, linux-nvidia-tegra-5.15, linux-nvidia-tegra-igx, linux-oracle, linux-oracle-5.15 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PA-RISC architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; -...

PT-2025-31065

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s networking scheduler net/sched related to handling empty red-black trees within the htb lookup leaf function. Specifically, a BUG ON condition can be...

Malicious code in lezer-promql-tree-viz (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 75c995399e97f574eb4cc3e4484bfabc69554ee170fa58d38740ba5d058568d5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in ezer-promql-tree-viz (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 05504b5d2d9021afb1ee0c8ba55dc17f1d41a4f477637bddff24f2c0084b4749 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-5912 Malicious code in ezer-promql-tree-viz (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 05504b5d2d9021afb1ee0c8ba55dc17f1d41a4f477637bddff24f2c0084b4749 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-5933 Malicious code in lezer-promql-tree-viz (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 75c995399e97f574eb4cc3e4484bfabc69554ee170fa58d38740ba5d058568d5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

net: dsa: mv88e6xxx: fix -ENOENT when deleting VLANs and MST is unsupported

...

ocfs2: validate l_tree_depth to avoid out-of-bounds access

...

SUSE CVE-2025-38260

In the Linux kernel, the following vulnerability has been resolved: btrfs: handle csum tree error with rescue=ibadroots correctly BUG There is syzbot based reproducer that can crash the kernel, with the following call trace: With some debug output added DEBUG: rescue=ibadroots parsed BTRFS: devic...

SUSE CVE-2025-38299

In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8195: Set ETDM1/2 IN/OUT to COMPDUMMY ETDM2INBE and ETDM1OUTBE are defined as COMPEMPTY, in the case the codec dainame will be null. Avoid a crash if the device tree is not assigning a codec to these links...

AZL-65409 CVE-2025-7425 affecting package libxslt 1.1.43-3

A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may acce...

UBUNTU-CVE-2025-7425

A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may acce...

CVE-2025-7425

A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may acce...

DEBIAN-CVE-2025-38299

In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8195: Set ETDM1/2 IN/OUT to COMPDUMMY ETDM2INBE and ETDM1OUTBE are defined as COMPEMPTY, in the case the codec dainame will be null. Avoid a crash if the device tree is not assigning a codec to these links...

UBUNTU-CVE-2025-38299

In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8195: Set ETDM1/2 IN/OUT to COMPDUMMY ETDM2INBE and ETDM1OUTBE are defined as COMPEMPTY, in the case the codec dainame will be null. Avoid a crash if the device tree is not assigning a codec to these links...

UBUNTU-CVE-2025-38269

In the Linux kernel, the following vulnerability has been resolved: btrfs: exit after state insertion failure at btrfsconvertextentbit If insertstate state failed it returns an error pointer and we call extentiotreepanic which will trigger a BUG call. However if CONFIGBUG is disabled, which is an...

CVE-2025-38299 ASoC: mediatek: mt8195: Set ETDM1/2 IN/OUT to COMP_DUMMY()

In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8195: Set ETDM1/2 IN/OUT to COMPDUMMY ETDM2INBE and ETDM1OUTBE are defined as COMPEMPTY, in the case the codec dainame will be null. Avoid a crash if the device tree is not assigning a codec to these links...

DEBIAN-CVE-2025-38260

In the Linux kernel, the following vulnerability has been resolved: btrfs: handle csum tree error with rescue=ibadroots correctly BUG There is syzbot based reproducer that can crash the kernel, with the following call trace: With some debug output added DEBUG: rescue=ibadroots parsed BTRFS: devic...

CVE-2025-38260 btrfs: handle csum tree error with rescue=ibadroots correctly

In the Linux kernel, the following vulnerability has been resolved: btrfs: handle csum tree error with rescue=ibadroots correctly BUG There is syzbot based reproducer that can crash the kernel, with the following call trace: With some debug output added DEBUG: rescue=ibadroots parsed BTRFS: devic...

CVE-2025-38247 userns and mnt_idmap leak in open_tree_attr(2)

In the Linux kernel, the following vulnerability has been resolved: userns and mntidmap leak in opentreeattr2 Once wantmountsetattr has returned a positive, it does require finishmountkattr to release -mntuserns. Failing domountsetattr does not change that. As the result, we can end up leaking...