DEBIAN-CVE-2025-38645

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Check device memory pointer before usage Add a NULL check before accessing device memory to prevent a crash if dev-dm allocation in mlx5initonce fails...

AZL-73623 CVE-2025-38645 affecting package kernel for versions less than 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Check device memory pointer before usage Add a NULL check before accessing device memory to prevent a crash if dev-dm allocation in mlx5initonce fails...

UBUNTU-CVE-2025-38645

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Check device memory pointer before usage Add a NULL check before accessing device memory to prevent a crash if dev-dm allocation in mlx5initonce fails...

CVE-2025-38664 ice: Fix a null pointer dereference in ice_copy_and_init_pkg()

In the Linux kernel, the following vulnerability has been resolved: ice: Fix a null pointer dereference in icecopyandinitpkg Add check for the return value of devmkmemdup to prevent potential null pointer dereference...

CVE-2025-38645 net/mlx5: Check device memory pointer before usage

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Check device memory pointer before usage Add a NULL check before accessing device memory to prevent a crash if dev-dm allocation in mlx5initonce fails...

CVE-2025-38645 net/mlx5: Check device memory pointer before usage

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Check device memory pointer before usage Add a NULL check before accessing device memory to prevent a crash if dev-dm allocation in mlx5initonce fails...

CVE-2025-38645

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Check device memory pointer before usage Add a NULL check before accessing device memory to prevent a crash if dev-dm allocation in mlx5initonce fails...

CVE-2025-38645

CVE-2025-38645 affects the Linux kernel (net/mlx5). Root cause: a NULL device memory pointer (dev->dm) can be dereferenced in mlx5_init_once() if allocation fails. Fix: add a NULL check before accessing device memory to prevent a crash. Impact in docs: LOCAL attacker could crash the system; re...

OESA-2025-2055 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Fix use after free and double free on init error If the driver initialization fails, the vkmsexit function might access an uninitialized or freed...

Linux Distros Unpatched Vulnerability : CVE-2025-21888

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RDMA/mlx5: Fix a WARN during deregmr for DM type Memory regions MR of type DM device memory do not have an associated umem. In the mlx5ibderegmr -...

Linux Distros Unpatched Vulnerability : CVE-2025-38135

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - serial: Fix potential null-ptr-deref in mlbusioprobe devmioremap can return NULL on error. Currently, mlbusioprobe does not check for this case, which could...

Linux Distros Unpatched Vulnerability : CVE-2021-47416

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - phy: mdio: fix memory leak Syzbot reported memory leak in MDIO bus interface, the problem was in wrong state logic. MDIOBUSALLOCATED indicates 2 states: 1. Bus ...

CVE-2025-38378

In the Linux kernel, the following vulnerability has been resolved: HID: appletb-kbd: fix slab use-after-free bug in appletbkbdprobe In probe appletbkbdprobe a "struct appletbkbd kbd" is allocated via devmkzalloc to store touch bar keyboard related data. Later on if backlightdevicegetbyname finds...

CVE-2025-38016

In the Linux kernel, the following vulnerability has been resolved: HID: bpf: abort dispatch if device destroyed The current HID bpf implementation assumes no output report/request will go through it after hidbpfdestroydevice has been called. This leads to a bug that unplugging certain types of H...

SUSE CVE-2025-38043

In the Linux kernel, the following vulnerability has been resolved: firmware: armffa: Set dmamask for ffa devices Set dmamask for FFA devices, otherwise DMA allocation using the device pointer lead to following warning: WARNING: CPU: 1 PID: 1 at kernel/dma/mapping.c:597 dmaallocattrs+0xe0/0x124...

CVE-2024-22808

An issue in Tormach xsTECH CNC Router, PathPilot Controller v2.9.6 allows attackers to cause a Denial of Service DoS by disrupting the communication between the PathPilot controller and the CNC router via overwriting the card's name in the device memory...

CVE-2024-32905

In circread of linkdevicememorylegacy.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2024-31334

In DevmemIntFreeDefBackingPage of devicememserver.c, there is a possible arbitrary code execution due to a logic error in the code. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2019-5604

In FreeBSD 12.0-STABLE before r350246, 12.0-RELEASE before 12.0-RELEASE-p8, 11.3-STABLE before r350247, 11.3-RELEASE before 11.3-RELEASE-p1, and 11.2-RELEASE before 11.2-RELEASE-p12, the emulated XHCI device included with the bhyve hypervisor did not properly validate data provided by the guest,...

CVE-2019-5688

NVIDIA NVFlash, NVUFlash Tool prior to v5.588.0 and GPUModeSwitch Tool prior to 2019-11, NVIDIA kernel mode driver nvflash.sys, nvflsh32.sys, and nvflsh64.sys contains a vulnerability in which authenticated users with administrative privileges can gain access to device memory and registers of oth...