Azure Linux 3.0 Security Update: kernel (CVE-2025-23161)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-23161 advisory. - In the Linux kernel, the following vulnerability has been resolved: PCI: vmd: Make vmddev::cfglock a...

UBUNTU-CVE-2025-40219

In the Linux kernel, the following vulnerability has been resolved: PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOV Before disabling SR-IOV via config space accesses to the parent PF, sriovdisable first removes the PCI devices representing the VFs. Since commit 9d16947b7583...

CVE-2025-39915 net: phy: transfer phy_config_inband() locking responsibility to phylink

In the Linux kernel, the following vulnerability has been resolved: net: phy: transfer phyconfiginband locking responsibility to phylink Problem description =================== Lockdep reports a possible circular locking dependency AB/BA between &pl-statemutex and &phy-lock, as follows...

Linux Distros Unpatched Vulnerability : CVE-2025-38132

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - coresight: holding cscfgcsdevlock while removing cscfg from csdev There'll be possible race scenario for coresight config: CPU0 CPU1 perf enable load module...

kernel: KVM: arm64: Fix circular locking dependency

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix circular locking dependency The rule inside kvm enforces that the vcpu-mutex is taken inside kvm-lock. The rule is violated by the pkvmcreatehypvm which acquires the kvm-lock while already holding the vcpu-mutex...

DEBIAN-CVE-2024-36003

In the Linux kernel, the following vulnerability has been resolved: ice: fix LAG and VF lock dependency in iceresetvf 9f74a3dfcf83 "ice: Fix VF Reset paths when interface in a failed over aggregate", the ice driver has acquired the LAG mutex in iceresetvf. The commit placed this lock acquisition...

SUSE CVE-2024-26691

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix circular locking dependency The rule inside kvm enforces that the vcpu-mutex is taken inside kvm-lock. The rule is violated by the pkvmcreatehypvm which acquires the kvm-lock while already holding the vcpu-mutex...

DEBIAN-CVE-2024-26691

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix circular locking dependency The rule inside kvm enforces that the vcpu-mutex is taken inside kvm-lock. The rule is violated by the pkvmcreatehypvm which acquires the kvm-lock while already holding the vcpu-mutex...

UBUNTU-CVE-2024-26691

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix circular locking dependency The rule inside kvm enforces that the vcpu-mutex is taken inside kvm-lock. The rule is violated by the pkvmcreatehypvm which acquires the kvm-lock while already holding the vcpu-mutex...

PT-2024-21468

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to a circular locking dependency in the KVM Kernel-based Virtual Machine component of the Linux kernel, specifically on arm64 architectures. The problem arises becau...