7892 matches found
USN-7585-2 linux-aws-fips, linux-gcp-fips vulnerabilities
It was discovered that the CIFS network file system implementation in the Linux kernel did not properly verify the target namespace when handling upcalls. An attacker could use this to expose sensitive information. CVE-2025-2312 Several security issues were discovered in the Linux kernel. An...
USN-7585-1: Linux kernel vulnerabilities
It was discovered that the CIFS network file system implementation in the Linux kernel did not properly verify the target namespace when handling upcalls. An attacker could use this to expose sensitive information. CVE-2025-2312 Several security issues were discovered in the Linux kernel. An...
USN-7585-1 linux, linux-aws, linux-aws-5.4, linux-azure, linux-gcp, linux-gcp-5.4, linux-ibm, linux-ibm-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-xilinx-zynqmp vulnerabilities
It was discovered that the CIFS network file system implementation in the Linux kernel did not properly verify the target namespace when handling upcalls. An attacker could use this to expose sensitive information. CVE-2025-2312 Several security issues were discovered in the Linux kernel. An...
CVE-2022-50220
In the Linux kernel, the following vulnerability has been resolved: usbnet: Fix linkwatch use-after-free on disconnect usbnet uses the work usbnetdeferredkevent to perform tasks which may sleep. On disconnect, completion of the work was originally awaited in -ndostop. But in 2003, that was moved ...
Malicious code in drivers-kit (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0ba30922790421a31176c5d094f9244d7e2c5aefa5a38c9506763c5adb863f66 Any computer that has this package installed or running should be considered...
DEBIAN-CVE-2022-50144
In the Linux kernel, the following vulnerability has been resolved: soundwire: revisit driver bind/unbind and callbacks In the SoundWire probe, we store a pointer from the driver ops into the 'slave' structure. This can lead to kernel oopses when unbinding codec drivers, e.g. with the following...
CVE-2022-50144
In the Linux kernel, the following vulnerability has been resolved: soundwire: revisit driver bind/unbind and callbacks In the SoundWire probe, we store a pointer from the driver ops into the 'slave' structure. This can lead to kernel oopses when unbinding codec drivers, e.g. with the following...
CVE-2022-50220
CVE-2022-50220 is a Linux kernel vulnerability in the usbnet subsystem where a use-after-free can occur on disconnect due to linkwatch handling after unregister_netdev. The issue stems from usbnet_deferred_kevent() being awaited in a path that may access freed netdev state, potentially enabling m...
CVE-2022-50220 usbnet: Fix linkwatch use-after-free on disconnect
In the Linux kernel, the following vulnerability has been resolved: usbnet: Fix linkwatch use-after-free on disconnect usbnet uses the work usbnetdeferredkevent to perform tasks which may sleep. On disconnect, completion of the work was originally awaited in -ndostop. But in 2003, that was moved ...
CVE-2022-50174
In the Linux kernel, the following vulnerability has been resolved: net: hinic: avoid kernel hung in hinicgetstats64 When using hinic device as a bond slave device, and reading device stats of master bond device, the kernel may hung. The kernel panic calltrace as follows: Kernel panic - not...
CVE-2022-50022 drivers:md:fix a potential use-after-free bug
In the Linux kernel, the following vulnerability has been resolved: drivers:md:fix a potential use-after-free bug In line 2884, "raid5releasestripesh;" drops the reference to sh and may cause sh to be released. However, sh is subsequently used in lines 2886 "if sh-batchhead && sh != sh-batchhead"...
CVE-2022-50022
In the Linux kernel, the following vulnerability has been resolved: drivers:md:fix a potential use-after-free bug In line 2884, "raid5releasestripesh;" drops the reference to sh and may cause sh to be released. However, sh is subsequently used in lines 2886 "if sh-batchhead && sh != sh-batchhead"...
CVE-2025-38022
In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fix "KASAN: slab-use-after-free Read in ibregisterdevice" problem Call Trace: dumpstack lib/dumpstack.c:94 inline dumpstacklvl+0x116/0x1f0 lib/dumpstack.c:120 printaddressdescription mm/kasan/report.c:408 inline...
DEBIAN-CVE-2025-38009
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: disable napi on driver removal A warning on driver removal started occurring after commit 9dd05df8403b "net: warn if NAPI instance wasn't shut down". Disable tx napi before deleting it in mt76dmacleanup. WARNING: CPU:...
CVE-2025-38009
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: disable napi on driver removal A warning on driver removal started occurring after commit 9dd05df8403b "net: warn if NAPI instance wasn't shut down". Disable tx napi before deleting it in mt76dmacleanup. WARNING: CPU:...
CVE-2025-38009 wifi: mt76: disable napi on driver removal
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: disable napi on driver removal A warning on driver removal started occurring after commit 9dd05df8403b "net: warn if NAPI instance wasn't shut down". Disable tx napi before deleting it in mt76dmacleanup. WARNING: CPU:...
PT-2025-26070 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel's SoundWire driver has been resolved. The issue arises when the driver's bind and unbind operations are not properly handled, leading to potential...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: net: phy: It is now possible to allow the MDIO bus’s PM operations to initiate/stop the state machine for the phylink-controlled PHY. There are two types of DSA drivers: 1. Those that call dsaswitchsuspend and dsaswitchresume...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: Driver core: Fixed a potential NULL pointer dereferencing in devuevent. If the user space reads the “uevent” device attribute at the same time as other threads unbinds the device from its driver, changing the value of dev-driver...
Ubuntu: Security Advisory (USN-7550-7)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...