SUSE CVE-2025-38132

In the Linux kernel, the following vulnerability has been resolved: coresight: holding cscfgcsdevlock while removing cscfg from csdev There'll be possible race scenario for coresight config: CPU0 CPU1 perf enable load module cscfgloadconfigsets activate config. // sysfs sysactivecnt == 1...

CVE-2024-50114

CVE-2024-50114 affects Linux kernel KVM on arm64. The flaw originates in the vCPU teardown path when a failed vCPU creation leads to an MMIO redistributor being unregistered, triggering a use-after-free in kvm_put_kvm during VM teardown. The root cause is improper teardown ordering that could all...

CVE-2024-50114 KVM: arm64: Unregister redistributor for failed vCPU creation

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Unregister redistributor for failed vCPU creation Alex reports that syzkaller has managed to trigger a use-after-free when tearing down a VM: BUG: KASAN: slab-use-after-free in kvmputkvm+0x300/0xe68...

CVE-2024-26691

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix circular locking dependency The rule inside kvm enforces that the vcpu-mutex is taken inside kvm-lock. The rule is violated by the pkvmcreatehypvm which acquires the kvm-lock while already holding the vcpu-mutex...

CVE-2024-26691 KVM: arm64: Fix circular locking dependency

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix circular locking dependency The rule inside kvm enforces that the vcpu-mutex is taken inside kvm-lock. The rule is violated by the pkvmcreatehypvm which acquires the kvm-lock while already holding the vcpu-mutex...