468 matches found
CVE-2025-39792
CVE-2025-39792 concerns the Linux kernel, where zoned DM targets (dm-crypt and dm-flakey) could previously encounter unsafe BIO splitting when handling zone append emulation. The advisory states that dm_accept_partial_bio() must not split writes passed to the map() function and that large BIOs mu...
UBUNTU-CVE-2025-39784
In the Linux kernel, the following vulnerability has been resolved: PCI: Fix link speed calculation on retrain failure When pciefailedlinkretrain fails to retrain, it tries to revert to the previous link speed. However it calculates that speed from the Link Control 2 register without masking out...
CVE-2025-39747 drm/msm: Add error handling for krealloc in metadata setup
In the Linux kernel, the following vulnerability has been resolved: drm/msm: Add error handling for krealloc in metadata setup Function msmioctlgeminfosetmetadata now checks for krealloc failure and returns -ENOMEM, avoiding potential NULL pointer dereference. Explicitly avoids GFPNOFAIL due to...
Malicious Package
Overview bundleliep is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...
CVE-2025-39725
In the Linux kernel, the following vulnerability has been resolved: mm/vmscan: fix hwpoisoned large folio handling in shrinkfoliolist In shrinkfoliolist, the hwpoisoned folio may be large folio, which can't be handled by unmappoisonedfolio. For THP, trytounmapone must be passed with TTUSPLITHUGEP...
mm/huge_memory: avoid PMD-size page cache if needed
...
f2fs: quota: fix to avoid warning in dquot_writeback_dquots()
...
kernel: net: qrtr: start MHI channel after endpoit creation
In the Linux kernel, the following vulnerability has been resolved: net: qrtr: start MHI channel after endpoit creation MHI channel may generates event/interrupt right after enabling. It may leads to 2 race conditions issues. 1 Such event may be dropped by qcommhiqrtrdlcallback at check: if !qdev...
CVE-2025-38650
In the Linux kernel, the following vulnerability has been resolved: hfsplus: remove mutexlock check in hfsplusfreeextents Syzbot reported an issue in hfsplus filesystem: ------------ cut here ------------ WARNING: CPU: 0 PID: 4400 at fs/hfsplus/extents.c:346 hfsplusfreeextents+0x700/0xad0 Call...
SUSE CVE-2025-38650
In the Linux kernel, the following vulnerability has been resolved: hfsplus: remove mutexlock check in hfsplusfreeextents Syzbot reported an issue in hfsplus filesystem: ------------ cut here ------------ WARNING: CPU: 0 PID: 4400 at fs/hfsplus/extents.c:346 hfsplusfreeextents+0x700/0xad0 Call...
CVE-2025-38650
In the Linux kernel, the following vulnerability has been resolved: hfsplus: remove mutexlock check in hfsplusfreeextents Syzbot reported an issue in hfsplus filesystem: ------------ cut here ------------ WARNING: CPU: 0 PID: 4400 at fs/hfsplus/extents.c:346 hfsplusfreeextents+0x700/0xad0 Call...
UBUNTU-CVE-2025-38650
In the Linux kernel, the following vulnerability has been resolved: hfsplus: remove mutexlock check in hfsplusfreeextents Syzbot reported an issue in hfsplus filesystem: ------------ cut here ------------ WARNING: CPU: 0 PID: 4400 at fs/hfsplus/extents.c:346 hfsplusfreeextents+0x700/0xad0 Call...
CVE-2025-38650 hfsplus: remove mutex_lock check in hfsplus_free_extents
In the Linux kernel, the following vulnerability has been resolved: hfsplus: remove mutexlock check in hfsplusfreeextents Syzbot reported an issue in hfsplus filesystem: ------------ cut here ------------ WARNING: CPU: 0 PID: 4400 at fs/hfsplus/extents.c:346 hfsplusfreeextents+0x700/0xad0 Call...
CVE-2025-38616 tls: handle data disappearing from under the TLS ULP
In the Linux kernel, the following vulnerability has been resolved: tls: handle data disappearing from under the TLS ULP TLS expects that it owns the receive queue of the TCP socket. This cannot be guaranteed in case the reader of the TCP socket entered before the TLS ULP was installed, or uses...
CVE-2024-58239
CVE-2024-58239 affects the Linux kernel TLS receive path. If a non-DATA record remains on the rx_list and another record of the same type is still queued, records can merge, causing incorrect processing: the non-DATA record may be treated as DATA, leading to improper handling. The fix described i...
AZL-66473 CVE-2025-38577 affecting package kernel for versions less than 6.6.104.2-1
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid panic in f2fsevictinode As syzbot 1 reported as below: R10: 0000000000000100 R11: 0000000000000206 R12: 00007ffe17473450 R13: 00007f28b1c10854 R14: 000000000000dae5 R15: 00007ffe17474520 --- end trace...
CVE-2025-38556
In the Linux kernel, the following vulnerability has been resolved: HID: core: Harden s32ton against conversion to 0 bits Testing by the syzbot fuzzer showed that the HID core gets a shift-out-of-bounds exception when it tries to convert a 32-bit quantity to a 0-bit quantity. Ideally this should...
CVE-2025-38586
In the ARM64 Linux kernel, the BPF JIT for a program acting as an exception boundary does not call find_used_callee_regs, so the frame pointer (FP) is not marked as used and FP is not set up in the prologue, risking a pagefault crash. The fix sets ctx->fp_used = true for exception-boundary pro...
CVE-2025-38580
The CVE-2025-38580 entry concerns a Linux kernel ext4 use-after-free in ext4_end_io_rsv_work(). The fix adds a check in ext4_io_end_defer_completion() to ensure io_end->list_vec is empty before adding to i_rsv_conversion_list, preventing starting an unnecessary worker. It also adds ext4_emerge...
CVE-2025-38556
In the Linux kernel, the following vulnerability has been resolved: HID: core: Harden s32ton against conversion to 0 bits Testing by the syzbot fuzzer showed that the HID core gets a shift-out-of-bounds exception when it tries to convert a 32-bit quantity to a 0-bit quantity. Ideally this should...