CVE-2025-21902

In the Linux kernel, the following vulnerability has been resolved: acpi: typec: ucsi: Introduce a -pollcci method For the ACPI backend of UCSI the UCSI "registers" are just a memory copy of the register values in an opregion. The ACPI implementation in the BIOS ensures that the opregion contents...

CVE-2025-21970

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Bridge, fix the crash caused by LAG state check When removing LAG device from bridge, NETDEVCHANGEUPPER event is triggered. Driver finds the lower devices PFs to flush all the offloaded entries. And mlx5lagissharedfdb i...

CVE-2025-21971

In the Linux kernel, the following vulnerability has been resolved: netsched: Prevent creation of classes with TCHROOT The function qdisctreereducebacklog uses TCHROOT as a termination condition when traversing up the qdisc tree to update parent backlog counters. However, if a class is created wi...

CVE-2025-21939

In the Linux kernel, the following vulnerability has been resolved: drm/xe/hmm: Don't dereference struct page pointers without notifier lock The pnfs that we obtain from hmmrangefault point to pages that we don't have a reference on, and the guarantee that they are still in the cpu page-tables is...

CVE-2025-21915

In the Linux kernel, the following vulnerability has been resolved: cdx: Fix possible UAF error in driveroverrideshow Fixed a possible UAF problem in driveroverrideshow in drivers/cdx/cdx.c This function driveroverrideshow is part of DEVICEATTRRW, which includes both driveroverrideshow and...

CVE-2025-21912

In the Linux kernel, the following vulnerability has been resolved: gpio: rcar: Use rawspinlock to protect register access Use rawspinlock in order to fix spurious messages about invalid context when spinlock debugging is enabled. The lock is only used to serialize register access. 4.239592...

CVE-2025-21964

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix integer overflow while processing acregmax mount option User-provided mount parameter acregmax of type u32 is intended to have an upper limit, but before it is validated, the value is converted from seconds to jiffies...

CVE-2025-21978

In the Linux kernel, the following vulnerability has been resolved: drm/hyperv: Fix address space leak when Hyper-V DRM device is removed When a Hyper-V DRM device is probed, the driver allocates MMIO space for the vram, and maps it cacheable. If the device removed, or in the error path for devic...

CVE-2025-21974

In the Linux kernel, the following vulnerability has been resolved: eth: bnxt: return fail if interface is down in bnxtqueuememalloc The bnxtqueuememalloc is called to allocate new queue memory when a queue is restarted. It internally accesses rx buffer descriptor corresponding to the index. The ...

CVE-2025-21929

In the Linux kernel, the following vulnerability has been resolved: HID: intel-ish-hid: Fix use-after-free issue in hidishtpclremove During the rmmod operation for the intelishtphid driver, a use-after-free issue can occur in the hidishtpclremove function. The function hidishtpcldeinit is called...

CVE-2025-21927

In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: fix potential memory corruption in nvmetcprecvpdu nvmetcprecvpdu doesn't check the validity of the header length. When header digests are enabled, a target might send a packet with an invalid header length e.g. 255,...

CVE-2025-21914

In the Linux kernel, the following vulnerability has been resolved: slimbus: messaging: Free transaction ID in delayed interrupt scenario In case of interrupt delay for any reason, slimdotransfer returns timeout error but the transaction ID TID is not freed. This results into invalid memory acces...

CVE-2025-21908

In the Linux kernel, the following vulnerability has been resolved: NFS: fix nfsreleasefolio to not deadlock via kcompactd writeback Add PFKCOMPACTD flag and currentiskcompactd helper to check for it so nfsreleasefolio can skip calling nfswbfolio from kcompactd. Otherwise NFS can deadlock waiting...

CVE-2025-21900

In the Linux kernel, the following vulnerability has been resolved: NFSv4: Fix a deadlock when recovering state on a sillyrenamed file If the file is sillyrenamed, and slated for delete on close, it is possible for a server reboot to triggeer an open reclaim, with can again race with the...

CVE-2025-30204 affecting package flannel for versions less than 0.24.2-12

CVE-2025-30204 affecting package flannel for versions less than 0.24.2-12. A patched version of the package is available...

CVE-2025-3084

When run on commands with certain arguments set, explain may fail to validate these arguments before using them. This can lead to crashes in router servers. This affects MongoDB Server v5.0 prior to 5.0.31, MongoDB Server v6.0 prior to 6.0.20, MongoDB Server v7.0 prior to 7.0.16 and MongoDB Serve...

CVE-2023-0881

Running DDoS on tcp port 22 will trigger a kernel crash. This issue is introduced by the backport of a commit regarding nftlookup without the subsequent fixes that were introduced after this commit. The resolution of this CVE introduces those commits to the linux-bluefield package...

CVE-2025-2926

A vulnerability was found in HDF5 up to 1.14.6 and classified as problematic. This issue affects the function H5Ocachechkserialize of the file src/H5Ocache.c. The manipulation leads to null pointer dereference. An attack has to be approached locally. The exploit has been disclosed to the public a...

CVE-2023-29941 affecting package clang16 for versions less than 16.0.0-2

CVE-2023-29941 affecting package clang16 for versions less than 16.0.0-2. A patched version of the package is available...

CVE-2025-31164

heap-buffer overflow in fig2dev in version 3.2.9a allows an attacker to availability via local input manipulation via createlinewithspline...