SUSE CVE-2025-38204

In the Linux kernel, the following vulnerability has been resolved: jfs: fix array-index-out-of-bounds read in addmissingindices stbl is s8 but it must contain offsets into slot which can go from 0 to 127. Added a bound check for that error and return -EIO if the check fails. Also make jfsreaddir...

DEBIAN-CVE-2025-38204

In the Linux kernel, the following vulnerability has been resolved: jfs: fix array-index-out-of-bounds read in addmissingindices stbl is s8 but it must contain offsets into slot which can go from 0 to 127. Added a bound check for that error and return -EIO if the check fails. Also make jfsreaddir...

DEBIAN-CVE-2025-38198

In the Linux kernel, the following vulnerability has been resolved: fbcon: Make sure modelist not set on unregistered console It looks like attempting to write to the "storemodes" sysfs node will run afoul of unregistered consoles: UBSAN: array-index-out-of-bounds in...

PT-2025-27973

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, related to the fbcon module. The issue occurs when attempting to write to the "store modes" sysfs node, which can cause an...

SUSE CVE-2025-38013

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Set nchannels after allocating struct cfg80211scanrequest Make sure that nchannels is set after allocating the struct cfg80211registereddevice::intscanreq member. Seen with syzkaller: UBSAN:...

UBUNTU-CVE-2022-50066

In the Linux kernel, the following vulnerability has been resolved: net: atlantic: fix aqvec index out of range error The final update statement of the for loop exceeds the array range, the dereference of self-aqveci is not checked and then leads to the index out of range error. Also fixed this...

CVE-2022-50066 net: atlantic: fix aq_vec index out of range error

In the Linux kernel, the following vulnerability has been resolved: net: atlantic: fix aqvec index out of range error The final update statement of the for loop exceeds the array range, the dereference of self-aqveci is not checked and then leads to the index out of range error. Also fixed this...

DEBIAN-CVE-2025-38054

In the Linux kernel, the following vulnerability has been resolved: ptp: ocp: Limit signal/freq counts in summary output functions The debugfs summary output could access uninitialized elements in the freqin and signalout arrays, causing NULL pointer dereferences and triggering a kernel Oops...

UBUNTU-CVE-2025-38013

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Set nchannels after allocating struct cfg80211scanrequest Make sure that nchannels is set after allocating the struct cfg80211registereddevice::intscanreq member. Seen with syzkaller: UBSAN:...

UBUNTU-CVE-2025-38054

In the Linux kernel, the following vulnerability has been resolved: ptp: ocp: Limit signal/freq counts in summary output functions The debugfs summary output could access uninitialized elements in the freqin and signalout arrays, causing NULL pointer dereferences and triggering a kernel Oops...

PT-2025-27732

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.15.0-121-generic 131-Ubuntu Description: A vulnerability in the Linux kernel has been resolved, specifically in the openvswitch module. The issue occurs when an unexpected MPLS packet does not end with the...

CVE-2019-11774

Prior to 0.1, all builds of Eclipse OMR contain a bug where the loop versioner may fail to privatize a value that is pulled out of the loop by versioning - for example if there is a condition that is moved out of the loop that reads a field we may not privatize the value of that field in the...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-49111: Bluetooth: Fix use after free in hcisendacl bsc1237984. CVE-2025-21726: padata: avoid UAF for reorderwork bsc1238865. CVE-2025-21785: arm64: cacheinfo:...

Alibaba Cloud Linux 3 : 0016: sqlite (ALINUX3-SA-2023:0016)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2023:0016 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2022-35737: SQLite 1.0.12 through 3.39.x before...

kernel: drm/amdgpu: Fix out-of-bounds read of df_v1_7_channel_number

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix out-of-bounds read of dfv17channelnumber Check the fbchannelnumber range to avoid the array out-of-bounds read error...

kernel: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service()

In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: add range check for connrspepid in htcconnectservice I found the following bug in my fuzzer: UBSAN: array-index-out-of-bounds in drivers/net/wireless/ath/ath9k/htchst.c:26:51 index 255 is out of range for type...

kernel: bpf: Fix array bounds error with may_goto

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix array bounds error with maygoto maygoto uses an additional 8 bytes on the stack, which causes the interpreters array to go out of bounds when calculating index by stacksize. 1. If a BPF program is rewritten, re-evaluate...

SUSE CVE-2022-49792

In the Linux kernel, the following vulnerability has been resolved: iio: adc: mp2629: fix potential array out of bound access Add sentinel at end of maps to avoid potential array out of bound access in iio core...

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from the Chinese company Huawei. Huawei HarmonyOS suffers from an out-of-bounds read/write vulnerability. The vulnerability stems from the kernel module failing to properly check array boundaries when processing certain data. An attacker can exploit this...

DEBIAN-CVE-2023-53112

In the Linux kernel, the following vulnerability has been resolved: drm/i915/sseu: fix maxsubslices array-index-out-of-bounds access It seems that commit bc3c5e0809ae "drm/i915/sseu: Don't try to store EU mask internally in UAPI format" exposed a potential out-of-bounds access, reported by UBSAN ...