CVE-2025-38142 hwmon: (asus-ec-sensors) check sensor index in read_string()

In the Linux kernel, the following vulnerability has been resolved: hwmon: asus-ec-sensors check sensor index in readstring Prevent a potential invalid memory access when the requested sensor is not found. findecsensorindex may return a negative value e.g. -ENOENT, but its result was used without...

CVE-2025-38125

The CVE (CVE-2025-38125) affects the Linux kernel’s net: stmmac driver, where a 0 ptp_rate could propagate to EST configuration, causing a division by zero. The fix adds a guard to ensure ptp_rate is non-zero before configuring EST, with an error path if zero is encountered. According to SUSE/Ope...

SUSE CVE-2022-50215

In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Allow waiting for commands to complete on removed device When a SCSI device is removed while in active use, currently sg will immediately return -ENODEV on any attempt to wait for active commands that were sent before t...

CVE-2025-6170

A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files. When a user inputs an overly long command, the program does not check the input size properly, which can cause it to crash. This issue might allow attackers to run harmful code in rare...

NewStart CGSL MAIN 7.02 : openssh Vulnerability (NS-SA-2025-0089)

The remote NewStart CGSL host, running version MAIN 7.02, has openssh packages installed that are affected by a vulnerability: - A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a...

CVE-2025-37930

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: Fix WARNON in nouveaufencecontextkill Nouveau is mostly designed in a way that it's expected that fences only ever get signaled through nouveaufencesignal. However, in at least one other place, nouveaufencedone, can...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates from an error code set in nouveaufencecontextkill for a signalized fence...

kernel: NFSD: Limit the number of concurrent async COPY operations

In the Linux kernel, the following vulnerability has been resolved: NFSD: Limit the number of concurrent async COPY operations Nothing appears to limit the number of concurrent async COPY operations that clients can start. In addition, AFAICT each async COPY can copy an unlimited number of 4MB...

CVE-2025-37837 iommu/tegra241-cmdqv: Fix warnings due to dmam_free_coherent()

In the Linux kernel, the following vulnerability has been resolved: iommu/tegra241-cmdqv: Fix warnings due to dmamfreecoherent Two WARNINGs are observed when SMMU driver rolls back upon failure: arm-smmu-v3.9.auto: Failed to register iommu arm-smmu-v3.9.auto: probe with driver arm-smmu-v3 failed...

CVE-2024-49841

Memory corruption during memory assignment to headless peripheral VM due to incorrect error code handling...

CVE-2024-49841

Memory corruption during memory assignment to headless peripheral VM due to incorrect error code handling...

CVE-2024-49841

CVE-2024-49841 describes memory corruption during memory assignment to a headless peripheral VM stemming from incorrect error code handling in Qualcomm components (closed-source). The CVE is tracked in multiple feeds (NVD, Red Hat), with a CVSS v3.1 base score of 7.8 (HIGH), local attack vector, ...

Bluetooth: Fix error code in chan_alloc_skb_cb()

...

CVE-2023-53141

In the Linux kernel, the following vulnerability has been resolved: ila: do not generate empty messages in ilaxlatnlcmdgetmapping ilaxlatnlcmdgetmapping generates an empty skb, triggerring a recent sanity check 1. Instead, return an error code, so that user space can get it. 1 skbassertlen WARNIN...

DEBIAN-CVE-2023-53038

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Check kzalloc in lpfcsli4cgnparamsread If kzalloc fails in lpfcsli4cgnparamsread, then we rely on lpfcreadobject's routine to NULL check pdata. Currently, an early return error is thrown from lpfcreadobject to protect...

CVE-2023-53141 ila: do not generate empty messages in ila_xlat_nl_cmd_get_mapping()

In the Linux kernel, the following vulnerability has been resolved: ila: do not generate empty messages in ilaxlatnlcmdgetmapping ilaxlatnlcmdgetmapping generates an empty skb, triggerring a recent sanity check 1. Instead, return an error code, so that user space can get it. 1 skbassertlen WARNIN...

CVE-2023-53141

CVE-2023-53141 is a Linux kernel vulnerability described in the Unity/Nessus materials. The issue is in ila_xlat_nl_cmd_get_mapping() for IPv6 ila (used by netlink): it can generate an empty skb, which would trigger a sanity check. The fix is to return an error code instead of generating an empty...

CVE-2023-53141 ila: do not generate empty messages in ila_xlat_nl_cmd_get_mapping()

In the Linux kernel, the following vulnerability has been resolved: ila: do not generate empty messages in ilaxlatnlcmdgetmapping ilaxlatnlcmdgetmapping generates an empty skb, triggerring a recent sanity check 1. Instead, return an error code, so that user space can get it. 1 skbassertlen WARNIN...

PT-2025-18905 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to the fixed version Description: A vulnerability in the Linux kernel has been resolved, where the ila xlat nl cmd get mapping function generates an empty message, triggering a sanity check. This issue is resolved ...

CVE-2025-22096

In the Linux kernel, the following vulnerability has been resolved: drm/msm/gem: Fix error code msmparsedeps The SUBMITERROR macro turns the error code negative. This extra '-' operation turns it back to positive EINVAL again. The error code is passed to ERRPTR and since positive values are not a...