CVE-2025-37800

CVE-2025-37800 targets the Linux kernel driver core. A potential NULL pointer dereference in dev_uevent() could occur if userspace reads a uevent attribute while another thread unbinds the device, changing dev->driver from a valid pointer to NULL. The fix uses READ_ONCE() when fetching the dri...

CVE-2022-49195

In the Linux kernel, the following vulnerability has been resolved: net: dsa: fix panic on shutdown if multi-chip tree failed to probe DSA probing is atypical because a tree of devices must probe all at once, so out of N switches which call dsatreesetuproutingtable during probe, for N - 1 of them...

CVE-2024-49876 drm/xe: fix UAF around queue destruction

In the Linux kernel, the following vulnerability has been resolved: drm/xe: fix UAF around queue destruction We currently do stuff like queuing the final destruction step on a random system wq, which will outlive the driver instance. With bad timing we can teardown the driver with one or more wor...

grub2 security update

CentOS Errata and Security Advisory CESA-2015:2401 Updated grub2 packages that fix one security issue, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Low security impact. A Common Vulnerability Scori...