CVE-2025-21760 ndisc: extend RCU protection in ndisc_send_skb()

In the Linux kernel, the following vulnerability has been resolved: ndisc: extend RCU protection in ndiscsendskb ndiscsendskb can be called without RTNL or RCU held. Acquire rcureadlock earlier, so that we can use devnetrcu and avoid a potential UAF...

Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2024-779)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-779 advisory. In the Linux kernel, the following vulnerability has been resolved: posix-timers: Ensure timer ID search-loop limit is valid CVE-2023-53728 In the Linux kernel, the following vulnerability has...

AZL-51360 CVE-2024-49883 affecting package kernel for versions less than 5.15.173.1-1

In the Linux kernel, the following vulnerability has been resolved: ext4: aovid use-after-free in ext4extinsertextent As Ojaswin mentioned in Link, in ext4extinsertextent, if the path is reallocated in ext4extcreatenewleaf, we'll use the stale path and cause UAF. Below is a sample trace with dumm...