UBUNTU-CVE-2025-21806

In the Linux kernel, the following vulnerability has been resolved: net: let net.core.devweight always be non-zero The following problem was encountered during stability test: NULL netdevice: NAPI poll function processbacklog+0x0/0x530 \ returned 1, exceeding its budget of 0. ------------ cut her...

UBUNTU-CVE-2025-21810

In the Linux kernel, the following vulnerability has been resolved: driver core: class: Fix wild pointer dereferences in API classdeviternext There are a potential wild pointer dereferences issue regarding APIs classdeviterinit|next|exit, as explained by below typical usage: // All members of @it...

CVE-2025-21806 net: let net.core.dev_weight always be non-zero

In the Linux kernel, the following vulnerability has been resolved: net: let net.core.devweight always be non-zero The following problem was encountered during stability test: NULL netdevice: NAPI poll function processbacklog+0x0/0x530 \ returned 1, exceeding its budget of 0. ------------ cut her...

DEBIAN-CVE-2025-21783

In the Linux kernel, the following vulnerability has been resolved: gpiolib: Fix crash on error in gpiochipgetngpios The gpiochipgetngpios uses chip macros to print messages. However these macros rely on gpiodev to be initialised and set, which is not the case when called via bgpioinit. In such a...

DEBIAN-CVE-2025-21772

In the Linux kernel, the following vulnerability has been resolved: partitions: mac: fix handling of bogus partition table Fix several issues in partition probing: - The bailout for a bad partoffset must use putdevsector, since the preceding readpartsector succeeded. - If the partition table clai...

AZL-57902 CVE-2025-21745 affecting package kernel for versions less than 5.15.179.1-1

In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Fix class @blockclass's subsystem refcount leakage blkcgfillrootiostats iterates over @blockclass's devices by classdeviterinit|next, but does not end iterating with classdeviterexit, so causes the class's subsystem...

UBUNTU-CVE-2025-21772

In the Linux kernel, the following vulnerability has been resolved: partitions: mac: fix handling of bogus partition table Fix several issues in partition probing: - The bailout for a bad partoffset must use putdevsector, since the preceding readpartsector succeeded. - If the partition table clai...

SUSE CVE-2022-49046

In the Linux kernel, the following vulnerability has been resolved: i2c: dev: check return value when calling devsetname If devsetname fails, the devname is null, check the return value of devsetname to avoid the null-ptr-deref...

SUSE CVE-2022-49310

In the Linux kernel, the following vulnerability has been resolved: char: xillybus: fix a refcount leak in cleanupdev usbgetdev is called in xillyusbprobe. So it is better to call usbputdev before xdev is released...

SUSE CVE-2022-49389

In the Linux kernel, the following vulnerability has been resolved: usb: usbip: fix a refcount leak in stubprobe usbgetdev is called in stubdevicealloc. When stubprobe fails after that, usbputdev needs to be called to release the reference. Fix this by moving usbputdev to sdevfree error path...

SUSE CVE-2022-49390

In the Linux kernel, the following vulnerability has been resolved: macsec: fix UAF bug for realdev Create a new macsec device but not get reference to realdev. That can not ensure that realdev is freed after macsec. That will trigger the UAF bug for realdev as following:...

SUSE CVE-2022-49424

In the Linux kernel, the following vulnerability has been resolved: iommu/mediatek: Fix NULL pointer dereference when printing devname When larbdev is NULL in the case I hit, the node is incorrectly set iommus = , it will cause devicelinkadd fail and kernel crashes when we try to print...

SUSE CVE-2022-49469

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix anondev leak in createsubvol When btrfsqgroupinherit, btrfsalloctreeblock, or btrfsinsertroot fail in createsubvol, we return without freeing anondev. Reorganize the error handling in createsubvol to fix this...

SUSE CVE-2022-49535

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix null pointer dereference after failing to issue FLOGI and PLOGI If lpfcissueelsflogi fails and returns non-zero status, the node reference count is decremented to trigger the release of the nodelist structure...

CVE-2025-21769 ptp: vmclock: Add .owner to vmclock_miscdev_fops

In the Linux kernel, the following vulnerability has been resolved: ptp: vmclock: Add .owner to vmclockmiscdevfops Without the .owner field, the module can be unloaded while /dev/vmclock0 is open, leading to an oops...

UBUNTU-CVE-2024-57980

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fix double free in error path If the uvcstatusinit function fails to allocate the inturb, it will free the dev-status pointer but doesn't reset the pointer to NULL. This results in the kfree call in...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the failure to properly handle the aedev node when uninstalling drivers in parallel, which could lead to a...

DEBIAN-CVE-2022-49711

In the Linux kernel, the following vulnerability has been resolved: bus: fsl-mc-bus: fix KASAN use-after-free in fslmcbusremove In fslmcbusremove, mc-rootmcbusdev-mcio is passed to fsldestroymcio. However, mc-rootmcbusdev is already freed in fslmcdeviceremove. Then reference to mc-rootmcbusdev-mc...

CVE-2022-49535

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix null pointer dereference after failing to issue FLOGI and PLOGI If lpfcissueelsflogi fails and returns non-zero status, the node reference count is decremented to trigger the release of the nodelist structure...

DEBIAN-CVE-2022-49535

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix null pointer dereference after failing to issue FLOGI and PLOGI If lpfcissueelsflogi fails and returns non-zero status, the node reference count is decremented to trigger the release of the nodelist structure...