UBUNTU-CVE-2025-39881

In the Linux kernel, the following vulnerability has been resolved: kernfs: Fix UAF in polling when open file is released A use-after-free UAF vulnerability was identified in the PSI Pressure Stall Information monitoring mechanism: BUG: KASAN: slab-use-after-free in psitriggerpoll+0x3c/0x140 Read...

Stable Channel Update for ChromeOS / ChromeOS Flex

The ChromeOS Stable channel is being updated to OS version 16371.49.0 Browser version 140.0.7339.201 for most ChromeOS devices. If you find new issues, please let us know one of the following ways: 1. File a bug 2. Visit our ChromeOS communities 1. General: Chromebook Help Community 2. Beta...

Linux Distros Unpatched Vulnerability : CVE-2025-38614

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - eventpoll: Fix semi-unbounded recursion Ensure that epoll instances can never form a graph deeper than EPMAXNESTS+1 links. Currently, eploopcheckproc ensures th...

PT-2025-39138

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free UAF issue exists in the PSI Pressure Stall Information monitoring mechanism within the Linux kernel. The problem occurs when a file descriptor is accessed after it has...

SUSE CVE-2025-38614

In the Linux kernel, the following vulnerability has been resolved: eventpoll: Fix semi-unbounded recursion Ensure that epoll instances can never form a graph deeper than EPMAXNESTS+1 links. Currently, eploopcheckproc ensures that the graph is loop-free and does some recursion depth checks, but...

AZL-66533 CVE-2025-38614 affecting package kernel for versions less than 6.6.104.2-1

In the Linux kernel, the following vulnerability has been resolved: eventpoll: Fix semi-unbounded recursion Ensure that epoll instances can never form a graph deeper than EPMAXNESTS+1 links. Currently, eploopcheckproc ensures that the graph is loop-free and does some recursion depth checks, but...

CVE-2025-38614

In the Linux kernel, the following vulnerability has been resolved: eventpoll: Fix semi-unbounded recursion Ensure that epoll instances can never form a graph deeper than EPMAXNESTS+1 links. Currently, eploopcheckproc ensures that the graph is loop-free and does some recursion depth checks, but...

AZL-73878 CVE-2025-38614 affecting package kernel for versions less than 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: eventpoll: Fix semi-unbounded recursion Ensure that epoll instances can never form a graph deeper than EPMAXNESTS+1 links. Currently, eploopcheckproc ensures that the graph is loop-free and does some recursion depth checks, but...

DEBIAN-CVE-2025-38614

In the Linux kernel, the following vulnerability has been resolved: eventpoll: Fix semi-unbounded recursion Ensure that epoll instances can never form a graph deeper than EPMAXNESTS+1 links. Currently, eploopcheckproc ensures that the graph is loop-free and does some recursion depth checks, but...

CVE-2025-38614 eventpoll: Fix semi-unbounded recursion

In the Linux kernel, the following vulnerability has been resolved: eventpoll: Fix semi-unbounded recursion Ensure that epoll instances can never form a graph deeper than EPMAXNESTS+1 links. Currently, eploopcheckproc ensures that the graph is loop-free and does some recursion depth checks, but...

CVE-2025-38614

The CVE-2025-38614 entry describes a Linux kernel vulnerability in eventpoll where recursion depth in ep_loop_check_proc() could form deep trees and trigger semi-unbounded recursion. The root cause involved two shortcomings: (1) the depth checks did not consider upward paths, and (2) multiple dow...

CVE-2025-38614 eventpoll: Fix semi-unbounded recursion

In the Linux kernel, the following vulnerability has been resolved: eventpoll: Fix semi-unbounded recursion Ensure that epoll instances can never form a graph deeper than EPMAXNESTS+1 links. Currently, eploopcheckproc ensures that the graph is loop-free and does some recursion depth checks, but...

PT-2025-33812

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a flaw within the eventpoll subsystem that could allow for semi-unbounded recursion. The issue stems from insufficient depth checks when creating graph edges...

PT-2025-49437

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to the 9p protocol’s handling of file descriptors. Specifically, the p9 fd request function may not correctly kick the receive thread when EPOLL...

Linux 6.4 epoll Use-After-Free

Linux versions starting at 6.4 suffer from a use-after-free vulnerability via a race condition between epeventpollrelease and eventpollreleasefile because mutexunlock is not ownership-drop-safe...

UBUNTU-CVE-2025-38349

In the Linux kernel, the following vulnerability has been resolved: eventpoll: don't decrement ep refcount while still holding the ep mutex Jann Horn points out that epoll is decrementing the ep refcount and then doing a mutexunlock&ep-mtx; afterwards. That's very wrong, because it can lead to a...

CVE-2025-38349 eventpoll: don't decrement ep refcount while still holding the ep mutex

In the Linux kernel, the following vulnerability has been resolved: eventpoll: don't decrement ep refcount while still holding the ep mutex Jann Horn points out that epoll is decrementing the ep refcount and then doing a mutexunlock&ep-mtx; afterwards. That's very wrong, because it can lead to a...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from improperly decrementing the epoll reference count, which could lead to reuse after release...

PT-2025-30016

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's eventpoll implementation where the epoll reference count is decremented while still holding the ep mutex. This can lead to a use-after-free condition...

SUSE CVE-2025-38017

In the Linux kernel, the following vulnerability has been resolved: fs/eventpoll: fix endless busy loop after timeout has expired After commit 0a65bc27bd64 "eventpoll: Set epoll timeout if it's in the future", the following program would immediately enter a busy loop in the kernel: int main int e...