CVE-2025-38344 ACPICA: fix acpi parse and parseext cache leaks

In the Linux kernel, the following vulnerability has been resolved: ACPICA: fix acpi parse and parseext cache leaks ACPICA commit 8829e70e1360c81e7a5a901b5d4f48330e021ea5 I'm Seunghun Han, and I work for National Security Research Institute of South Korea. I have been doing a research on ACPI and...

SUSE-SU-2025:02254-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2023-52888: media: mediatek: vcodec: Only free buffer VA that is not NULL bsc1228557. - CVE-2024-49568: net/smc: check v2extoffset/eidcnt/ismgidcnt when...

kernel: scsi: libfc: Fix use after free in fc_exch_abts_resp()

A vulnerability was found in the Linux kernel's SCSI libfc library in the fcexchabtsresp function, which can lead to a use-after-free scenario. This issue can occur because the function calls fcexchrelease, which decrements a reference count stored in the ep object and then frees the object once...

Volkswagen MIB3 Infotainment 安全漏洞

Volkswagen MIB3 Infotainment is an infotainment system on a vehicle from Volkswagen Germany. A security vulnerability exists in Volkswagen MIB3 Infotainment that stems from a disabled abort flag in the Bluetooth stack, which could lead to bypassing the assertion function...

CVE-2022-50126

A flaw was found in the jbd2 module in the Linux kernel. An assertion failure can be triggered when a specific sequence of transactions and operations is performed due to incorrect synchronization, potentially resulting in a denial of service...

SUSE CVE-2022-50126

In the Linux kernel, the following vulnerability has been resolved: jbd2: fix assertion 'jh-bfrozendata == NULL' failure when journal aborted Following process will fail assertion 'jh-bfrozendata == NULL' in jbd2journaldirtymetadata: jbd2journalcommittransaction unlinkdir/a jh-btransaction = tran...

The vulnerability of the usb6fire_chip_abort() function in the sound/usb/6fire/chip.c module allows a hacker to trigger a service failure for USB audio devices in Linux operating systems.

The vulnerability of the usb6firechipabort function in the sound/usb/6fire/chip.c module, which supports USB audio devices in Linux operating systems, is related to the reutilization of previously freed memory. Exploiting this vulnerability can allow an attacker to cause a service failure...

CVE-2022-50126

In the Linux kernel, the following vulnerability has been resolved: jbd2: fix assertion 'jh-bfrozendata == NULL' failure when journal aborted Following process will fail assertion 'jh-bfrozendata == NULL' in jbd2journaldirtymetadata: jbd2journalcommittransaction unlinkdir/a jh-btransaction = tran...

DEBIAN-CVE-2022-50126

In the Linux kernel, the following vulnerability has been resolved: jbd2: fix assertion 'jh-bfrozendata == NULL' failure when journal aborted Following process will fail assertion 'jh-bfrozendata == NULL' in jbd2journaldirtymetadata: jbd2journalcommittransaction unlinkdir/a jh-btransaction = tran...

UBUNTU-CVE-2022-50126

In the Linux kernel, the following vulnerability has been resolved: jbd2: fix assertion 'jh-bfrozendata == NULL' failure when journal aborted Following process will fail assertion 'jh-bfrozendata == NULL' in jbd2journaldirtymetadata: jbd2journalcommittransaction unlinkdir/a jh-btransaction = tran...

CVE-2022-50126

CVE-2022-50126 concerns the Linux kernel, specifically jbd2: fix assertion 'jh->b_frozen_data == NULL' failure when a journal is aborted. The impact is a kernel BUG triggered during journal abort paths in jbd2_journal_dirty_metadata(), as seen in reproducer traces involving ext4 unlink operati...

CVE-2022-50126 jbd2: fix assertion 'jh->b_frozen_data == NULL' failure when journal aborted

In the Linux kernel, the following vulnerability has been resolved: jbd2: fix assertion 'jh-bfrozendata == NULL' failure when journal aborted Following process will fail assertion 'jh-bfrozendata == NULL' in jbd2journaldirtymetadata: jbd2journalcommittransaction unlinkdir/a jh-btransaction = tran...

CVE-2025-38016

In the Linux kernel, the following vulnerability has been resolved: HID: bpf: abort dispatch if device destroyed The current HID bpf implementation assumes no output report/request will go through it after hidbpfdestroydevice has been called. This leads to a bug that unplugging certain types of H...

Astra Linux - уязвимость в linux-6.12

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix handling of received connection abort Fix the handling of a connection abort that we've received. Though the abort is at the connection level, it needs propagating to the calls on that connection. Whilst the propagatio...

Astra Linux - уязвимость в linux-6.12

In the Linux kernel, the following vulnerability has been resolved: ublk: fix handling recovery & reissue in ublkabortqueue Commit 8284066946e6 "ublk: grab request reference when the request is handled by userspace" doesn't grab request reference in case of recovery reissue. Then the request can ...

UBUNTU-CVE-2025-37996

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix uninitialized memcache pointer in usermemabort Commit fce886a60207 "KVM: arm64: Plumb the pKVM MMU in KVM" made the initialization of the local memcache variable in usermemabort conditional, leaving a codepath whe...

CVE-2025-37996

The CVE-2025-37996 entry concerns the Linux kernel KVM/arm64 path where an uninitialized local memcache pointer in user_mem_abort() could be used via kvm_pgtable_stage2_map(). The underlying cause was partial initialization introduced by a prior commit, leaving a codepath that could fail on stage...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an uninitialized memcache pointer in usermemabort...

kernel: wifi: rtw89: fix null pointer access when abort scan

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: fix null pointer access when abort scan The Linux kernel CVE team has assigned CVE-2024-35946 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024051921-CVE-2024-35946-c2c2@gregkh/T...

CVE-2022-26656

Pexip Infinity before 27.3 allows remote attackers to trigger a software abort, and possibly enumerate usernames, via One Touch Join...