kernel: ovl: fix UAF in ovl_dentry_update_reval by moving dput() in ovl_link_up

A use after free vulnerability exists in the linux kernel such that dputupper is being called before ovldentryupdatereval, while upper-dflags was still accessed in ovldentryremote...

SUSE CVE-2025-37983

In the Linux kernel, the following vulnerability has been resolved: qibfs: fix another leak failure to allocate inode = leaked dentry... this one had been there since the initial merge; to be fair, if we are that far OOM, the odds of failing at that particular allocation are low...

SUSE CVE-2025-37988

In the Linux kernel, the following vulnerability has been resolved: fix a couple of races in MNTTREEBENEATH handling by domovemount Normally dolockmountpath, is locking a mountpoint pinned by path and at the time when matching unlockmount unlocks that location it is still pinned by the same thing...

DEBIAN-CVE-2025-37983

In the Linux kernel, the following vulnerability has been resolved: qibfs: fix another leak failure to allocate inode = leaked dentry... this one had been there since the initial merge; to be fair, if we are that far OOM, the odds of failing at that particular allocation are low...

DEBIAN-CVE-2025-37988

In the Linux kernel, the following vulnerability has been resolved: fix a couple of races in MNTTREEBENEATH handling by domovemount Normally dolockmountpath, is locking a mountpoint pinned by path and at the time when matching unlockmount unlocks that location it is still pinned by the same thing...

UBUNTU-CVE-2025-37983

In the Linux kernel, the following vulnerability has been resolved: qibfs: fix another leak failure to allocate inode = leaked dentry... this one had been there since the initial merge; to be fair, if we are that far OOM, the odds of failing at that particular allocation are low...

UBUNTU-CVE-2025-37988

In the Linux kernel, the following vulnerability has been resolved: fix a couple of races in MNTTREEBENEATH handling by domovemount Normally dolockmountpath, is locking a mountpoint pinned by path and at the time when matching unlockmount unlocks that location it is still pinned by the same thing...

CVE-2025-37983 qibfs: fix _another_ leak

In the Linux kernel, the following vulnerability has been resolved: qibfs: fix another leak failure to allocate inode = leaked dentry... this one had been there since the initial merge; to be fair, if we are that far OOM, the odds of failing at that particular allocation are low...

DEBIAN-CVE-2025-37954

In the Linux kernel, the following vulnerability has been resolved: smb: client: Avoid race in opencacheddir with lease breaks A pre-existing valid cfid returned from findorcreatecacheddir might race with a lease break, meaning opencacheddir doesn't consider it valid, and thinks it's...

UBUNTU-CVE-2025-37954

In the Linux kernel, the following vulnerability has been resolved: smb: client: Avoid race in opencacheddir with lease breaks A pre-existing valid cfid returned from findorcreatecacheddir might race with a lease break, meaning opencacheddir doesn't consider it valid, and thinks it's...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to release dentry when allocating an inode fails, which could lead to a memory leak...

kernel: cachefiles: fix dentry leak in cachefiles_open_file()

In the Linux kernel, the following vulnerability has been resolved: cachefiles: fix dentry leak in cachefilesopenfile A dentry leak may be caused when a lookup cookie and a cull are concurrent: P1 | P2 ----------------------------------------------------------- cachefileslookupcookie...

kernel: fs/inode: Prevent dump_mapping() accessing invalid dentry.d_name.name

In the Linux kernel, the following vulnerability has been resolved: fs/inode: Prevent dumpmapping accessing invalid dentry.dname.name It's observed that a crash occurs during hot-remove a memory device, in which user is accessing the hugetlb. See calltrace as following: ------------ cut here...

kernel: exfat: fix potential deadlock on __exfat_get_dentry_set

A potential deadlock on exfatgetdentryset was found in the Linux kernel. This may lead to decreased Availability...

kernel: exfat: fix the infinite loop in exfat_readdir()

In the Linux kernel, the following vulnerability has been resolved: exfat: fix the infinite loop in exfatreaddir If the file system is corrupted so that a cluster is linked to itself in the cluster chain, and there is an unused directory entry in the cluster, 'dentry' will not be incremented,...

kernel: ovl: Filter invalid inodes with missing lookup function

In the Linux kernel, the following vulnerability has been resolved: ovl: Filter invalid inodes with missing lookup function Add a check to the ovldentryweird function to prevent the processing of directory inodes that lack the lookup function. This is important because such inodes can cause error...

PT-2025-22215

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition in the Linux kernel's SMB client can occur when a pre-existing valid cfid returned from find or create cached dir might race with a lease break. This can cause open cach...

SUSE CVE-2025-23150

In the Linux kernel, the following vulnerability has been resolved: ext4: fix off-by-one error in dosplit Syzkaller detected a use-after-free issue in ext4insertdentry that was caused by out-of-bounds access due to incorrect splitting in dosplit. BUG: KASAN: use-after-free in...

DEBIAN-CVE-2025-23150

In the Linux kernel, the following vulnerability has been resolved: ext4: fix off-by-one error in dosplit Syzkaller detected a use-after-free issue in ext4insertdentry that was caused by out-of-bounds access due to incorrect splitting in dosplit. BUG: KASAN: use-after-free in...

SUSE-SU-2025:20283-1 Security update for the Linux Kernel

The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-27415: netfilter: brnetfilter: skip conntrack input hook for promisc packets bsc1224757. - CVE-2024-50038: netfilter: xtables: fix typo causin...