DEBIAN-CVE-2025-37755

In the Linux kernel, the following vulnerability has been resolved: net: libwx: handle pagepooldevallocpages error pagepooldevallocpages could return NULL. There was a WARNON!page but it would still proceed to use the NULL pointer and then crash. This is similar to commit 001ba0902046 "net: fec:...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from an unhandled pagepooldevallocpages error in net/libwx, which could lead to a null pointer dereference...

SUSE CVE-2025-22037

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix null pointer dereference in allocpreauthhash The Client send malformed smb2 negotiate request. ksmbd return error response. Subsequently, the client can send smb2 session setup even thought conn-preauthinfo is not...

UBUNTU-CVE-2025-22037

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix null pointer dereference in allocpreauthhash The Client send malformed smb2 negotiate request. ksmbd return error response. Subsequently, the client can send smb2 session setup even thought conn-preauthinfo is not...

CVE-2025-22037

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix null pointer dereference in allocpreauthhash The Client send malformed smb2 negotiate request. ksmbd return error response. Subsequently, the client can send smb2 session setup even thought conn-preauthinfo is not...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-49053: scsi: target: tcmu: Fix possible page UAF bsc1237918. CVE-2022-49465: blk-throttle: Set BIOTHROTTLED when bio has been throttled bsc1238919...

SUSE CVE-2025-22017

In the Linux kernel, the following vulnerability has been resolved: devlink: fix xaalloccyclic error handling In case of returning 1 from xaalloccyclic wrapping ERRPTR1 will be returned, which will cause ISERR to be false. Which can lead to dereference not allocated pointer rel. Fix it by checkin...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-49053: scsi: target: tcmu: Fix possible page UAF bsc1237918. CVE-2022-49465: blk-throttle: Set BIOTHROTTLED when bio has been throttled bsc1238919...

DEBIAN-CVE-2025-22017

In the Linux kernel, the following vulnerability has been resolved: devlink: fix xaalloccyclic error handling In case of returning 1 from xaalloccyclic wrapping ERRPTR1 will be returned, which will cause ISERR to be false. Which can lead to dereference not allocated pointer rel. Fix it by checkin...

UBUNTU-CVE-2025-21937

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Add check for mgmtallocskb in mgmtremotename Add check for the return value of mgmtallocskb in mgmtremotename to prevent null pointer dereference...

PT-2025-25845

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A resolved issue in the Linux kernel involves the function memblock phys alloc range, where with a specific configuration CONFIG PHYSICAL START=0x100000, if there is less than 4 MiB of...

xorg: xwayland: Use of uninitialized pointer in compRedirectWindow()

An access to an uninitialized pointer flaw was found in X.Org and Xwayland. The function compCheckRedirect may fail if it cannot allocate the backing pixmap. In that case, compRedirectWindow will return a BadAlloc error without validating the window tree marked just before, which leaves the...

CVE-2025-25566

Memory Leak vulnerability in SoftEtherVPN 5.02.5187 allows an attacker to cause a denial of service via the UnixMemoryAlloc function. NOTE: the Supplier disputes this because the behavior is limited to a single allocation of a few hundred bytes with a command-line tool...

DEBIAN-CVE-2025-21848

In the Linux kernel, the following vulnerability has been resolved: nfp: bpf: Add check for nfpappctrlmsgalloc Add check for the return value of nfpappctrlmsgalloc in nfpbpfcmsgalloc to prevent null pointer dereference...

UBUNTU-CVE-2025-21857

In the Linux kernel, the following vulnerability has been resolved: net/sched: clsapi: fix error handling causing NULL dereference tcfextsmisscookiebasealloc calls xaalloccyclic which can return 1 if the allocation succeeded after wrapping. This was treated as an error, with value 1 returned to...

xorg: xwayland: Use of uninitialized pointer in compRedirectWindow()

An access to an uninitialized pointer flaw was found in X.Org and Xwayland. The function compCheckRedirect may fail if it cannot allocate the backing pixmap. In that case, compRedirectWindow will return a BadAlloc error without validating the window tree marked just before, which leaves the...

SUSE CVE-2024-58070

In the Linux kernel, the following vulnerability has been resolved: bpf: bpflocalstorage: Always use bpfmemalloc in PREEMPTRT In PREEMPTRT, kmallocGFPATOMIC is still not safe in non preemptible context. bpfmemalloc must be used in PREEMPTRT. This patch is to enforce bpfmemalloc in the...

DEBIAN-CVE-2024-58078

In the Linux kernel, the following vulnerability has been resolved: misc: miscminoralloc to use ida for all dynamic/misc dynamic minors miscminoralloc was allocating id using ida for minor only in case of MISCDYNAMICMINOR but miscminorfree was always freeing ids using idafree causing a mismatch a...

UBUNTU-CVE-2024-58056

In the Linux kernel, the following vulnerability has been resolved: remoteproc: core: Fix idafree call while not allocated In the rprocalloc function, on error, putdevice&rproc-dev is called, leading to the call of the rproctyperelease function. An error can occurs before idaalloc is called. In...

CVE-2024-58078 misc: misc_minor_alloc to use ida for all dynamic/misc dynamic minors

In the Linux kernel, the following vulnerability has been resolved: misc: miscminoralloc to use ida for all dynamic/misc dynamic minors miscminoralloc was allocating id using ida for minor only in case of MISCDYNAMICMINOR but miscminorfree was always freeing ids using idafree causing a mismatch a...