CVE-2025-39856

CVE-2025-39856 concerns the Linux kernel network driver for TI am65 CPSW-NUSS (CPSW2G) where, in the TX completion path, the variable ndev may be accessed before initialization if no TX packets have been processed. This can cause a null pointer dereference and kernel crash. Affected component: ne...

CVE-2025-39856 net: ethernet: ti: am65-cpsw-nuss: Fix null pointer dereference for ndev

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ti: am65-cpsw-nuss: Fix null pointer dereference for ndev In the TX completion packet stage of TI SoCs with CPSW2G instance, which has single external ethernet port, ndev is accessed without being initialized if no...

CVE-2023-53394

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: xsk: Fix crash on regular rq reactivation When the regular rq is reactivated after the XSK socket is closed it could be reading stale cqes which eventually corrupts the rq. This leads to no more traffic being received ...

DEBIAN-CVE-2023-53394

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: xsk: Fix crash on regular rq reactivation When the regular rq is reactivated after the XSK socket is closed it could be reading stale cqes which eventually corrupts the rq. This leads to no more traffic being received ...

CVE-2023-53394

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: xsk: Fix crash on regular rq reactivation When the regular rq is reactivated after the XSK socket is closed it could be reading stale cqes which eventually corrupts the rq. This leads to no more traffic being received ...

CVE-2023-53387

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix device management cmd timeout flow In the UFS error handling flow, the host will send a device management cmd NOP OUT to the device for link recovery. If this cmd times out and clearing the doorbell fails,...

CVE-2022-50388

In the Linux kernel, the following vulnerability has been resolved: nvme: fix multipath crash caused by flush request when blktrace is enabled The flush request initialized by blkkickflush has NULL bio, and it may be dealt with nvmeendreq during io completion. When blktrace is enabled,...

UBUNTU-CVE-2023-53394

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: xsk: Fix crash on regular rq reactivation When the regular rq is reactivated after the XSK socket is closed it could be reading stale cqes which eventually corrupts the rq. This leads to no more traffic being received ...

CVE-2023-53398 mlx5: fix possible ptp queue fifo use-after-free

In the Linux kernel, the following vulnerability has been resolved: mlx5: fix possible ptp queue fifo use-after-free Fifo indexes are not checked during pop operations and it leads to potential use-after-free when poping from empty queue. Such case was possible during re-sync action. WARNONONCE...

CVE-2023-53394

Technical details (affected product/versions, root cause, exploitability, or patch specifics) are not provided in the connected documents. Please monitor for updates from the listed sources.

CVE-2023-53394 net/mlx5e: xsk: Fix crash on regular rq reactivation

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: xsk: Fix crash on regular rq reactivation When the regular rq is reactivated after the XSK socket is closed it could be reading stale cqes which eventually corrupts the rq. This leads to no more traffic being received ...

CVE-2023-53394 net/mlx5e: xsk: Fix crash on regular rq reactivation

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: xsk: Fix crash on regular rq reactivation When the regular rq is reactivated after the XSK socket is closed it could be reading stale cqes which eventually corrupts the rq. This leads to no more traffic being received ...

CVE-2023-53394 net/mlx5e: xsk: Fix crash on regular rq reactivation

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: xsk: Fix crash on regular rq reactivation When the regular rq is reactivated after the XSK socket is closed it could be reading stale cqes which eventually corrupts the rq. This leads to no more traffic being received ...

CVE-2023-53387 scsi: ufs: core: Fix device management cmd timeout flow

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix device management cmd timeout flow In the UFS error handling flow, the host will send a device management cmd NOP OUT to the device for link recovery. If this cmd times out and clearing the doorbell fails,...

CVE-2022-50388 nvme: fix multipath crash caused by flush request when blktrace is enabled

In the Linux kernel, the following vulnerability has been resolved: nvme: fix multipath crash caused by flush request when blktrace is enabled The flush request initialized by blkkickflush has NULL bio, and it may be dealt with nvmeendreq during io completion. When blktrace is enabled,...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not properly handling routine rq reactivation after an XSK socket shutdown, which could result in reading...

PT-2025-38366

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the UFS error handling flow within the Linux kernel. Specifically, if a device management command NOP OUT times out during link recovery and clearing the doorbell fails,...

SUSE CVE-2023-53345

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix potential data race in rxrpcwaittobeconnected Inside the loop in rxrpcwaittobeconnected it checks call-error to see if it should exit the loop without first checking the call state. This is probably safe as if call-err...

CVE-2023-53345

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix potential data race in rxrpcwaittobeconnected Inside the loop in rxrpcwaittobeconnected it checks call-error to see if it should exit the loop without first checking the call state. This is probably safe as if call-err...

DEBIAN-CVE-2023-53345

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix potential data race in rxrpcwaittobeconnected Inside the loop in rxrpcwaittobeconnected it checks call-error to see if it should exit the loop without first checking the call state. This is probably safe as if call-err...