CVE-2023-53988 fs/ntfs3: Fix slab-out-of-bounds read in hdr_delete_de()

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix slab-out-of-bounds read in hdrdeletede Here is a BUG report from syzbot: BUG: KASAN: slab-out-of-bounds in hdrdeletede+0xe0/0x150 fs/ntfs3/index.c:806 Read of size 16842960 at addr ffff888079cc0600 by task...

CVE-2022-50706

Technical details are not publicly available in the provided documents. Monitor for updates.

CVE-2025-68356 gfs2: Prevent recursive memory reclaim

In the Linux kernel, the following vulnerability has been resolved: gfs2: Prevent recursive memory reclaim Function newinode returns a new inode with inode-imapping-gfpmask set to GFPHIGHUSERMOVABLE. This value includes the GFPFS flag, so allocations in that address space can recurse into...

jbd2: avoid bug_on in jbd2_journal_get_create_access() when file system corrupted

...

CVE-2025-68337

CVE-2025-68337 concerns the Linux kernel: a JBD2/jbd2_journal_get_create_access path could trigger a BUG_ON under file-system corruption, potentially crashing the system. The issue arises when file-system data becomes inconsistent (e.g., block bitmap of a referenced block not set), allowing a blo...

CVE-2025-68337 jbd2: avoid bug_on in jbd2_journal_get_create_access() when file system corrupted

In the Linux kernel, the following vulnerability has been resolved: jbd2: avoid bugon in jbd2journalgetcreateaccess when file system corrupted There's issue when file system corrupted: ------------ cut here ------------ kernel BUG at fs/jbd2/transaction.c:1289! Oops: invalid opcode: 0000 1 SMP...

anti-xss

//: AUTO-GENERATED BY "PHP README Helper": base file - doc...

drm/radeon: delete radeon_fence_process in is_signaled, no deadlock

...

CVE-2025-68310 s390/pci: Avoid deadlock between PCI error recovery and mlx5 crdump

In the Linux kernel, the following vulnerability has been resolved: s390/pci: Avoid deadlock between PCI error recovery and mlx5 crdump Do not block PCI config accesses through pcicfgaccesslock when executing the s390 variant of PCI error recovery: Acquire just devicelock instead of pcidevlock as...

CVE-2025-68310

CVE-2025-68310 : Linux kernel fix for a deadlock between PCI error recovery and mlx5 crdump on s390. The patch avoids blocking PCI config accesses by PCI error recovery code by acquiring only device_lock() (not pci_dev_lock()), preventing hangs in mlx5_health_unload and crdump collection when PCI...

CVE-2025-68198

In the Linux kernel, the following vulnerability has been resolved: crash: fix crashkernel resource shrink When crashkernel is configured with a high reservation, shrinking its value below the low crashkernel reservation causes two issues: 1. Invalid crashkernel resource objects 2. Kernel crash i...

CVE-2025-40361

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2025-68223

In the Linux kernel, the following vulnerability has been resolved: drm/radeon: delete radeonfenceprocess in issignaled, no deadlock Delete the attempt to progress the queue when checking if fence is signaled. This avoids deadlock. dma-fenceops::signaled can be called with the fence lock in unkno...

CVE-2025-40361

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2025-68223 drm/radeon: delete radeon_fence_process in is_signaled, no deadlock

In the Linux kernel, the following vulnerability has been resolved: drm/radeon: delete radeonfenceprocess in issignaled, no deadlock Delete the attempt to progress the queue when checking if fence is signaled. This avoids deadlock. dma-fenceops::signaled can be called with the fence lock in unkno...

CVE-2025-68223 drm/radeon: delete radeon_fence_process in is_signaled, no deadlock

In the Linux kernel, the following vulnerability has been resolved: drm/radeon: delete radeonfenceprocess in issignaled, no deadlock Delete the attempt to progress the queue when checking if fence is signaled. This avoids deadlock. dma-fenceops::signaled can be called with the fence lock in unkno...

CVE-2025-40361

CVE-2025-40361 entry is rejected/not used and not an active vulnerability.

CVE-2025-40361 fs: ext4: change GFP_KERNEL to GFP_NOFS to avoid deadlock

In the Linux kernel, the following vulnerability has been resolved: fs: ext4: change GFPKERNEL to GFPNOFS to avoid deadlock The parent function ext4xattrinodelookupcreate already uses GFPNOFS for memory alloction, so the function ext4xattrinodecachefind should use same gfpflag...

PT-2025-51722

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.14.0-570.12.1.bringup7.el9.s390x 1 Description The Linux kernel contained a flaw where a deadlock could occur between PCI error recovery and mlx5 crdump operations on the s390 architecture. Specifically, the...

PT-2025-51577

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's ext4 file system implementation related to memory allocation within the extended attribute handling routines. Specifically, the ext4 xattr inode cache...