CVE-2025-38151

In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Fix hang when cmaneteventcallback fails to queuework The cited commit fixed a crash when cmaneteventcallback was called for a cmaid while work on that id from a previous call had not yet started. The work item was...

CVE-2025-38130 drm/connector: only call HDMI audio helper plugged cb if non-null

In the Linux kernel, the following vulnerability has been resolved: drm/connector: only call HDMI audio helper plugged cb if non-null On driver remove, sound/soc/codecs/hdmi-codec.c calls the pluggedcb with NULL as the callback function and codecdev, as seen in its hdmiremove function. The HDMI...

CVE-2025-38130 drm/connector: only call HDMI audio helper plugged cb if non-null

In the Linux kernel, the following vulnerability has been resolved: drm/connector: only call HDMI audio helper plugged cb if non-null On driver remove, sound/soc/codecs/hdmi-codec.c calls the pluggedcb with NULL as the callback function and codecdev, as seen in its hdmiremove function. The HDMI...

CVE-2025-38130

Technical details for CVE-2025-38130 are not publicly provided in the connected documents. The materials only reiterate a kernel HDMI audio callback fix; monitor official advisories and patches for affected kernels and platforms.

CVE-2025-38127

CVE-2025-38127 affects the Linux kernel in the ice driver’s XDP path. When loading an XDP program, the callback can create new Tx queues and must update the Tx scheduler accordingly. A bug left some changes from the XDP preparation unrolled if the Tx scheduler failed, causing a crash (observed tr...

CVE-2025-38127 ice: fix Tx scheduler error handling in XDP callback

In the Linux kernel, the following vulnerability has been resolved: ice: fix Tx scheduler error handling in XDP callback When the XDP program is loaded, the XDP callback adds new Tx queues. This means that the callback must update the Tx scheduler with the new queue number. In the event of a Tx...

CVE-2025-38127 ice: fix Tx scheduler error handling in XDP callback

In the Linux kernel, the following vulnerability has been resolved: ice: fix Tx scheduler error handling in XDP callback When the XDP program is loaded, the XDP callback adds new Tx queues. This means that the callback must update the Tx scheduler with the new queue number. In the event of a Tx...

CVE-2025-38127

In the Linux kernel, the following vulnerability has been resolved: ice: fix Tx scheduler error handling in XDP callback When the XDP program is loaded, the XDP callback adds new Tx queues. This means that the callback must update the Tx scheduler with the new queue number. In the event of a Tx...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the drm connector not checking the HDMI audio callback pointer, which could result in a null pointer...

Hackers Using PDFs to Impersonate Microsoft, DocuSign, and More in Callback Phishing Campaigns

Cybersecurity researchers are calling attention to phishing campaigns that impersonate popular brands and trick targets into calling phone numbers operated by threat actors. "A significant portion of email threats with PDF payloads persuade victims to call adversary-controlled phone numbers,...

The vulnerability of the mana_ib_install_cq_cb() function in the drivers/infiniband/hw/mana/cq.c file of the Linux operating system allows a hacker to compromise the confidentiality and accessibility of protected information.

The vulnerability of the manaibinstallcqcb function in the drivers/infiniband/hw/mana/cq.c file of the Linux operating system is related to the execution of operations outside of memory buffers. Exploiting this vulnerability could allow an attacker to compromise the confidentiality and...

The vulnerability of the ServerConfig.PublicKeyCallback() function in the Go programming language library allows a hacker to bypass security restrictions.

The vulnerability of the ServerConfig.PublicKeyCallback function in the Go programming language library is related to deficiencies in the authentication process when handling keys. Exploiting this vulnerability could allow a malicious actor to circumvent security restrictions from a remote locati...

SUSE CVE-2022-49976

In the Linux kernel, the following vulnerability has been resolved: platform/x86: x86-android-tablets: Fix broken touchscreen on Chuwi Hi8 with Windows BIOS The x86-android-tablets handling for the Chuwi Hi8 is only necessary with the Android BIOS and it is causing problems with the Windows BIOS...

The vulnerability of the CallbackToLogRedirector() function in the cross-platform Assimp 3D model import library (Open Asset Import Library) allows a hacker to execute arbitrary code.

The vulnerability of the CallbackToLogRedirector function in the cross-platform Assimp 3D model import library Open Asset Import Library is related to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

DEBIAN-CVE-2022-50163

In the Linux kernel, the following vulnerability has been resolved: ax25: fix incorrect devtracker usage While investigating a separate rose issue 1, and enabling CONFIGNETDEVREFCNTTRACKER=y, Bernard reported an orthogonal ax25 issue 2 An ax25dev can be used by one or many struct ax25cb. We thus...

CVE-2022-49976

In the Linux kernel, the following vulnerability has been resolved: platform/x86: x86-android-tablets: Fix broken touchscreen on Chuwi Hi8 with Windows BIOS The x86-android-tablets handling for the Chuwi Hi8 is only necessary with the Android BIOS and it is causing problems with the Windows BIOS...

DEBIAN-CVE-2022-49976

In the Linux kernel, the following vulnerability has been resolved: platform/x86: x86-android-tablets: Fix broken touchscreen on Chuwi Hi8 with Windows BIOS The x86-android-tablets handling for the Chuwi Hi8 is only necessary with the Android BIOS and it is causing problems with the Windows BIOS...

UBUNTU-CVE-2022-49976

In the Linux kernel, the following vulnerability has been resolved: platform/x86: x86-android-tablets: Fix broken touchscreen on Chuwi Hi8 with Windows BIOS The x86-android-tablets handling for the Chuwi Hi8 is only necessary with the Android BIOS and it is causing problems with the Windows BIOS...

UBUNTU-CVE-2022-50179

In the Linux kernel, the following vulnerability has been resolved: ath9k: fix use-after-free in ath9khifusbrxcb Syzbot reported use-after-free Read in ath9khifusbrxcb 0. The problem was in incorrect htchandle-drvpriv initialization. Probable call trace which can trigger use-after-free:...

CVE-2022-50092

In the Linux kernel, the following vulnerability has been resolved: dm thin: fix use-after-free crash in dmsmregisterthresholdcallback Fault inject on pool metadata device reports: BUG: KASAN: use-after-free in dmpoolregistermetadatathreshold+0x40/0x80 Read of size 8 at addr ffff8881b9d50068 by...