CVE-2025-38050 mm/hugetlb: fix kernel NULL pointer dereference when replacing free hugetlb folios

In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix kernel NULL pointer dereference when replacing free hugetlb folios A kernel crash was observed when replacing free hugetlb folios: BUG: kernel NULL pointer dereference, address: 0000000000000028 PGD 0 P4D 0 Oops:...

CVE-2025-38008 mm/page_alloc: fix race condition in unaccepted memory handling

In the Linux kernel, the following vulnerability has been resolved: mm/pagealloc: fix race condition in unaccepted memory handling The page allocator tracks the number of zones that have unaccepted memory using staticbranchenc/dec and uses that static branch in hot paths to determine if it needs ...

CVE-2025-38008 mm/page_alloc: fix race condition in unaccepted memory handling

In the Linux kernel, the following vulnerability has been resolved: mm/pagealloc: fix race condition in unaccepted memory handling The page allocator tracks the number of zones that have unaccepted memory using staticbranchenc/dec and uses that static branch in hot paths to determine if it needs ...

CVE-2025-38008

CVE-2025-38008 affects the Linux kernel: a race in the page allocator’s handling of unaccepted memory across zones due to non-serialized updates to a static key, making the -1/0 boundary vulnerable in concurrent scenarios. The issue is localized to memory management paths (mm/page_alloc) and beco...

Astra Linux - уязвимость в linux-6.12

In the Linux kernel, the following vulnerability has been resolved: slab: ensure slab-objexts is clear in a newly allocated slab page ktest recently reported crashes while running several buffered io tests with alloctaggingslaballochook at the top of the crash call stack. The signature indicates ...

CVE-2023-22808

An issue was discovered in the Arm Android Gralloc Module. A non-privileged user can read a small portion of the allocator process memory. This affects Bifrost r24p0 through r41p0 before r42p0, Valhall r24p0 through r41p0 before r42p0, and Avalon r41p0 before r42p0...

CVE-2022-20383

In AllocateInternalBuffers of g3aabufferallocator.cc, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

CVE-2020-35198

An issue was discovered in Wind River VxWorks 7. The memory allocator has a possible integer overflow in calculating a memory block's size to be allocated by calloc. As a result, the actual memory allocated is smaller than the buffer size specified by the arguments, leading to memory corruption...

CVE-2019-10350

Jenkins Port Allocator Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...

DEBIAN-CVE-2025-37908

In the Linux kernel, the following vulnerability has been resolved: mm, slab: clean up slab-objexts always When memory allocation profiling is disabled at runtime or due to an error, shutdownmemprofiling is called: slab-objexts which previously allocated remains. It won't be cleared by...

kernel: mm: krealloc: Fix MTE false alarm in __do_krealloc

In the Linux kernel, the following vulnerability has been resolved: mm: krealloc: Fix MTE false alarm in dokrealloc This patch addresses an issue introduced by commit 1a83a716ec233 "mm: krealloc: consider spare memory for GFPZERO" which causes MTE Memory Tagging Extension to falsely report a...

kernel: mm/page_alloc: let GFP_ATOMIC order-0 allocs access highatomic reserves

No description is available for this CVE...

kernel: mm, slub: avoid zeroing kmalloc redzone

In the Linux kernel, the following vulnerability has been resolved: mm, slub: avoid zeroing kmalloc redzone Since commit 946fa0dbf2d8 "mm/slub: extend redzone check to extra allocated kmalloc space than requested", setting origsize treats the wasted space objectsize - origsize as a redzone. Howev...

PT-2025-25783

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition has been identified in the Linux kernel's page allocator, specifically in the handling of unaccepted memory. The issue arises from the use of static branch enc/dec to...

SUSE CVE-2025-37774

In the Linux kernel, the following vulnerability has been resolved: slab: ensure slab-objexts is clear in a newly allocated slab page ktest recently reported crashes while running several buffered io tests with alloctaggingslaballochook at the top of the crash call stack. The signature indicates ...

DEBIAN-CVE-2025-37774

In the Linux kernel, the following vulnerability has been resolved: slab: ensure slab-objexts is clear in a newly allocated slab page ktest recently reported crashes while running several buffered io tests with alloctaggingslaballochook at the top of the crash call stack. The signature indicates ...

UBUNTU-CVE-2025-37774

In the Linux kernel, the following vulnerability has been resolved: slab: ensure slab-objexts is clear in a newly allocated slab page ktest recently reported crashes while running several buffered io tests with alloctaggingslaballochook at the top of the crash call stack. The signature indicates ...

Security update for u-boot

This update for u-boot fixes the following issues: CVE-2024-57256: Fixed integer overflow in U-Boot's ext4 symlink resolution function bsc1237284 CVE-2024-57258: Fixed multiple integer overflows in U-Boot's memory allocator bsc1237287 Patch Instructions: To install this SUSE update use the SUSE...

SUSE-SU-2025:20219-1 Security update for u-boot

This update for u-boot fixes the following issues: - CVE-2024-57256: Fixed integer overflow in U-Boot's ext4 symlink resolution function bsc1237284 - CVE-2024-57258: Fixed multiple integer overflows in U-Boot's memory allocator bsc1237287...

SUSE CVE-2025-22123

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid accessing uninitialized curseg syzbot reports a f2fs bug as below: F2FS-fs loop3: Stopped filesystem due to reason: 7 kworker/u8:7: attempt to access beyond end of device BUG: unable to handle page fault for...