DEBIAN-CVE-2025-37931

In the Linux kernel, the following vulnerability has been resolved: btrfs: adjust subpage bit start based on sectorsize When running machines with 64k page size and a 16k nodesize we started seeing tree log corruption in production. This turned out to be because we were not writing out dirty bloc...

DEBIAN-CVE-2025-37932

In the Linux kernel, the following vulnerability has been resolved: schhtb: make htbqlennotify idempotent htbqlennotify always deactivates the HTB class and in fact could trigger a warning if it is already deactivated. Therefore, it is not idempotent and not friendly to its callers, like...

UBUNTU-CVE-2025-37931

In the Linux kernel, the following vulnerability has been resolved: btrfs: adjust subpage bit start based on sectorsize When running machines with 64k page size and a 16k nodesize we started seeing tree log corruption in production. This turned out to be because we were not writing out dirty bloc...

CVE-2025-37931 btrfs: adjust subpage bit start based on sectorsize

In the Linux kernel, the following vulnerability has been resolved: btrfs: adjust subpage bit start based on sectorsize When running machines with 64k page size and a 16k nodesize we started seeing tree log corruption in production. This turned out to be because we were not writing out dirty bloc...

CVE-2025-37931

CVE-2025-37931 affects the Linux kernel with a Btrfs bitmap addressing flaw that can cause metadata/write-out corruption in certain configurations. The root cause: when writing a dirty subpage EB, the bitmap is indexed by sectors instead of nodes, so for 64k pagesize, 16k nodesize, and 4k sectors...

CVE-2025-37931 btrfs: adjust subpage bit start based on sectorsize

In the Linux kernel, the following vulnerability has been resolved: btrfs: adjust subpage bit start based on sectorsize When running machines with 64k page size and a 16k nodesize we started seeing tree log corruption in production. This turned out to be because we were not writing out dirty bloc...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a race condition in domovemount's handling of MNTTREEBENEATH, which could result in a change of mount point...

xorg: xwayland: Use of uninitialized pointer in compRedirectWindow()

An access to an uninitialized pointer flaw was found in X.Org and Xwayland. The function compCheckRedirect may fail if it cannot allocate the backing pixmap. In that case, compRedirectWindow will return a BadAlloc error without validating the window tree marked just before, which leaves the...

github.com/expr-lang/expr: Memory Exhaustion in Expr Parser with Unrestricted Input

A flaw was found in Expr. This vulnerability allows excessive memory usage and potential out-of-memory OOM crashes via unbounded input strings, where a malicious or inadvertent large expression can cause the parser to construct an extremely large Abstract Syntax Tree AST, consuming excessive memo...

xorg: xwayland: Use of uninitialized pointer in compRedirectWindow()

An access to an uninitialized pointer flaw was found in X.Org and Xwayland. The function compCheckRedirect may fail if it cannot allocate the backing pixmap. In that case, compRedirectWindow will return a BadAlloc error without validating the window tree marked just before, which leaves the...

kernel: net: stmmac: dwmac-tegra: Read iommu stream id from device tree

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: dwmac-tegra: Read iommu stream id from device tree Nvidia's Tegra MGBE controllers require the IOMMU "Stream ID" SID to be written to the MGBEWRAPAXIASID0CTRL register. The current driver is hard coded to use MGBE0's...

kernel: PCI: keystone: Fix NULL pointer dereference in case of DT error in ks_pcie_setup_rc_app_regs()

A NULL pointer dereference was found in the Linux kernel in case of DT error in kspciesetuprcappregs. This may lead to a crash...

kernel: smb: Initialize cfid->tcon before performing network ops

In the Linux kernel, the following vulnerability has been resolved: smb: Initialize cfid-tcon before performing network ops Avoid leaking a tcon ref when a lease break races with opening the cached directory. Processing the leak break might take a reference to the tcon in cacheddirleasebreak and...

kernel: maple_tree: correct tree corruption on spanning store

In the Linux kernel, the following vulnerability has been resolved: mapletree: correct tree corruption on spanning store Patch series "mapletree: correct tree corruption on spanning store", v3. There has been a nasty yet subtle maple tree corruption bug that appears to have been in existence sinc...

kernel: amba: bus: fix refcount leak

A reference count leak was found in the ARM AMBA bus driver. When AMBA devices are created from device tree, the ofnode reference count is incremented but never decremented in ambadevicerelease, causing gradual memory leaks...

UBUNTU-CVE-2025-37865

In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: fix -ENOENT when deleting VLANs and MST is unsupported Russell King reports that on the ZII dev rev B, deleting a bridge VLAN from a user port fails with -ENOENT:...

SUSE CVE-2022-49898

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix tree mod log mishandling of reallocated nodes We have been seeing the following panic in production kernel BUG at fs/btrfs/tree-mod-log.c:677! invalid opcode: 0000 1 SMP RIP: 0010:treemodlogrewind+0x1b4/0x200 RSP:...

SUSE CVE-2022-49851

In the Linux kernel, the following vulnerability has been resolved: riscv: fix reserved memory setup Currently, RISC-V sets up reserved memory using the "early" copy of the device tree. As a result, when trying to get a reserved memory region using ofreservedmemlookup, the pointer to reserved...

rexml: DoS vulnerability in REXML

A vulnerability was found in REXML RubyGems. This package is vulnerable to denial of service DoS when parsing a deep XML structure with the same local name attribute. This vulnerability only affects tree parser API like REXML::Document.new, other parser APIs such as stream parser API and SAX2...

ubifs: skip dumping tnc tree when zroot is null

...