CLSA-2026-1771077729 kernel: Fix of 107 CVEs

net/ieee802154: don't warn zero-sized rawsendmsg CVE-2022-50706 - bpf: Don't redirect packets with invalid pktlen CVE-2022-49975 - media: uvcvideo: Fix 1-byte out-of-bounds read in uvcparseformat CVE-2025-38680 - ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to network...

EUVD-2022-55141

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2024-27431

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: cpumap: Zero-initialise xdprxqinfo struct before running XDP program When running an XDP...

CVE-2022-49063

In the Linux kernel, the following vulnerability has been resolved: ice: arfs: fix use-after-free when freeing @rxcpurmap The CI testing bots triggered the following splat: 718.203054 BUG: KASAN: use-after-free in freeirqcpurmap+0x53/0x80 718.206349 Read of size 4 at addr ffff8881bd127e00 by task...

kernel: drm/i915/dpt: Make DPT object unshrinkable

In the Linux kernel, the following vulnerability has been resolved: drm/i915/dpt: Make DPT object unshrinkable In some scenarios, the DPT object gets shrunk but the actual framebuffer did not and thus its still there on the DPT's vm-boundlist. Then it tries to rewrite the PTEs via a stale CPU...

UBUNTU-CVE-2024-46822

In the Linux kernel, the following vulnerability has been resolved: arm64: acpi: Harden getcpuforacpiid against missing CPU entry In a review discussion of the changes to support vCPU hotplug where a check was added on the GICC being enabled if was online, it was noted that there is need to map...

CVE-2024-40924 drm/i915/dpt: Make DPT object unshrinkable

In the Linux kernel, the following vulnerability has been resolved: drm/i915/dpt: Make DPT object unshrinkable In some scenarios, the DPT object gets shrunk but the actual framebuffer did not and thus its still there on the DPT's vm-boundlist. Then it tries to rewrite the PTEs via a stale CPU...

CVE-2024-40924

In the Linux kernel, the following vulnerability has been resolved: drm/i915/dpt: Make DPT object unshrinkable In some scenarios, the DPT object gets shrunk but the actual framebuffer did not and thus its still there on the DPT's vm-boundlist. Then it tries to rewrite the PTEs via a stale CPU...

CVE-2023-0597

A flaw possibility of memory leak in the Linux kernel cpuentryarea mapping of X86 CPU data to memory was found in the way user can guess location of exception stacks or other important data. A local user could use this flaw to get access to some important data with expected location in memory...

CVE-2023-0597

A flaw possibility of memory leak in the Linux kernel cpuentryarea mapping of X86 CPU data to memory was found in the way user can guess location of exception stacks or other important data. A local user could use this flaw to get access to some important data with expected location in memory...

SUSE CVE-2020-29570

An issue was discovered in Xen through 4.14.x. Recording of the per-vCPU control block mapping maintained by Xen and that of pointers into the control block is reversed. The consumer assumes, seeing the former initialized, that the latter are also ready for use. Malicious or buggy guest kernels c...

CVE-2023-0597

A possible unauthorized memory access flaw was found in the Linux kernel cpuentryarea mapping of X86 CPU data to memory, where a user may guess the location of exception stacks or other important data. This issue could allow a local user to gain access to some important data with expected locatio...