CVE-2025-71233

In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Avoid creating sub-groups asynchronously The asynchronous creation of sub-groups by a delayed work could lead to a NULL pointer dereference when the driver directory is removed before the work completes. The crash...

SUSE CVE-2025-40343

In the Linux kernel, the following vulnerability has been resolved: nvmet-fc: avoid scheduling association deletion twice When forcefully shutting down a port via the configfs interface, nvmetportsubsysdroplink first calls nvmetportdelctrls and then nvmetdisableport. Both functions will eventuall...

CVE-2025-40343

In the Linux kernel, the following vulnerability has been resolved: nvmet-fc: avoid scheduling association deletion twice When forcefully shutting down a port via the configfs interface, nvmetportsubsysdroplink first calls nvmetportdelctrls and then nvmetdisableport. Both functions will eventuall...

CVE-2025-40343

CVE-2025-40343 affects the Linux kernel in nvmet-fc where forceful port shutdown can schedule deletion of associations twice. Root cause: nvmet_port_subsys_drop_link() schedules work items for both nvmet_port_del_ctrls() and nvmet_disable_port() before verifying if an association is already being...

CLSA-2024-1723494706 Fix of 19 CVEs

CVE-url: https://ubuntu.com/security/CVE-2024-42068 - bpf: Take return from setmemoryro into account with bpfproglockro CVE-url: https://ubuntu.com/security/CVE-2024-42079 - gfs2: Fix NULL pointer dereference in gfs2logflush CVE-url: https://ubuntu.com/security/CVE-2024-42226 - usb: xhci: prevent...