1524 matches found
USN-7649-1 linux, linux-gcp, linux-raspi, linux-realtime vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PA-RISC architecture; - PowerPC architecture; - S390 architecture; - x86 architecture; -...
PT-2025-44093
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.16.0-rc5-c1610d2d66b1-next-vm Description The Linux kernel contains an issue within the KVM component related to handling L1 intercepts during userspace I/O completion. Specifically, the kernel may recheck L1...
openvswitch: Fix unsafe attribute parsing in output_userspace()
...
CVE-2025-38182
In the Linux kernel, the following vulnerability has been resolved: ublk: santizize the arguments from userspace when adding a device Sanity check the values for queue depth and number of queues we get from userspace when adding a device...
USN-7605-2: Linux kernel (Low Latency) vulnerabilities
It was discovered that the CIFS network file system implementation in the Linux kernel did not properly verify the target namespace when handling upcalls. An attacker could use this to expose sensitive information. CVE-2025-2312 Several security issues were discovered in the Linux kernel. An...
CVE-2025-38188
In the Linux kernel, the following vulnerability has been resolved: drm/msm/a7xx: Call CPRESETCONTEXTSTATE Calling this packet is necessary when we switch contexts because there are various pieces of state used by userspace to synchronize between BR and BV that are persistent across submits and w...
AZL-64731 CVE-2025-38182 affecting package kernel for versions less than 6.6.96.1-1
In the Linux kernel, the following vulnerability has been resolved: ublk: santizize the arguments from userspace when adding a device Sanity check the values for queue depth and number of queues we get from userspace when adding a device...
CVE-2025-38182
In the Linux kernel, the following vulnerability has been resolved: ublk: santizize the arguments from userspace when adding a device Sanity check the values for queue depth and number of queues we get from userspace when adding a device...
UBUNTU-CVE-2025-38182
In the Linux kernel, the following vulnerability has been resolved: ublk: santizize the arguments from userspace when adding a device Sanity check the values for queue depth and number of queues we get from userspace when adding a device...
CVE-2025-46733 REE userspace code can panic TAs, leading to fTPM PCR reset and data disclosure
OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. In version 4.5.0, using a specially crafted tee-supplicant binary running in REE userspace, an attacker can trigger a panic in a TA that...
CVE-2025-38151
In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Fix hang when cmaneteventcallback fails to queuework The cited commit fixed a crash when cmaneteventcallback was called for a cmaid while work on that id from a previous call had not yet started. The work item was...
CVE-2025-38151 RDMA/cma: Fix hang when cma_netevent_callback fails to queue_work
In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Fix hang when cmaneteventcallback fails to queuework The cited commit fixed a crash when cmaneteventcallback was called for a cmaid while work on that id from a previous call had not yet started. The work item was...
CVE-2025-38151
Technical details about CVE-2025-38151 are not publicly provided in the supplied documents; no explicit information on affected kernel versions, root cause, impact, or patch is included. Monitor for updates.
CVE-2025-38151 RDMA/cma: Fix hang when cma_netevent_callback fails to queue_work
In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Fix hang when cmaneteventcallback fails to queuework The cited commit fixed a crash when cmaneteventcallback was called for a cmaid while work on that id from a previous call had not yet started. The work item was...
USN-7606-1: Linux kernel (OEM) vulnerabilities
It was discovered that the CIFS network file system implementation in the Linux kernel did not properly verify the target namespace when handling upcalls. An attacker could use this to expose sensitive information. CVE-2025-2312 Several security issues were discovered in the Linux kernel. An...
CVE-2025-38090
In the Linux kernel, the following vulnerability has been resolved: drivers/rapidio/riocm.c: prevent possible heap overwrite In riocmcdevioctlRIOCMCHANSEND - cmchanmsgsend - riocmchsend cmchanmsgsend checks that userspace didn't send too much data but riocmchsend failed to check that userspace se...
UBUNTU-CVE-2025-38090
In the Linux kernel, the following vulnerability has been resolved: drivers/rapidio/riocm.c: prevent possible heap overwrite In riocmcdevioctlRIOCMCHANSEND - cmchanmsgsend - riocmchsend cmchanmsgsend checks that userspace didn't send too much data but riocmchsend failed to check that userspace se...
CVE-2025-38090 drivers/rapidio/rio_cm.c: prevent possible heap overwrite
In the Linux kernel, the following vulnerability has been resolved: drivers/rapidio/riocm.c: prevent possible heap overwrite In riocmcdevioctlRIOCMCHANSEND - cmchanmsgsend - riocmchsend cmchanmsgsend checks that userspace didn't send too much data but riocmchsend failed to check that userspace se...
CVE-2025-38090 drivers/rapidio/rio_cm.c: prevent possible heap overwrite
In the Linux kernel, the following vulnerability has been resolved: drivers/rapidio/riocm.c: prevent possible heap overwrite In riocmcdevioctlRIOCMCHANSEND - cmchanmsgsend - riocmchsend cmchanmsgsend checks that userspace didn't send too much data but riocmchsend failed to check that userspace se...
CVE-2025-38090
CVE-2025-38090 concerns the Linux kernel: a heap overwrite could occur in drivers/rapidio/rio_cm.c due to incomplete validation in riocm_ch_send() when handling rio_ch_hdr data during RIO_CM_CHAN_SEND. The issue arises because cm_chan_msg_send() allocates space and checks userspace data size, but...