UBUNTU-CVE-2022-50834

In the Linux kernel, the following vulnerability has been resolved: nfc: Fix potential resource leaks nfcgetdevice take reference for the device, add missing nfcputdevice to release it when not need anymore. Also fix the style warnning by use error EOPNOTSUPP instead of ENOTSUPP...

ima: Handle error code returned by ima_filter_rule_match()

...

CVE-2023-54139 tracing/user_events: Ensure write index cannot be negative

In the Linux kernel, the following vulnerability has been resolved: tracing/userevents: Ensure write index cannot be negative The write index indicates which event the data is for and accesses a per-file array. The index is passed by user processes during write calls as the first 4 bytes. Ensure...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not properly handling the error code returned by imafilterrulematch, which could result in additional files bein...

libssh: Invalid return code for chacha20 poly1305 with OpenSSL backend

A flaw was found in libssh when using the ChaCha20 cipher with the OpenSSL library. If an attacker manages to exhaust the heap space, this error is not detected and may lead to libssh using a partially initialized cipher context. This occurs because the OpenSSL error code returned aliases with th...

CVE-2025-68316

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix invalid probe error return value After DME Link Startup, the error return value is set to the MIPI UniPro GenericErrorCode which can be 0 SUCCESS or 1 FAILURE. Upon failure during driver probe, the error code...

CVE-2025-68316 scsi: ufs: core: Fix invalid probe error return value

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix invalid probe error return value After DME Link Startup, the error return value is set to the MIPI UniPro GenericErrorCode which can be 0 SUCCESS or 1 FAILURE. Upon failure during driver probe, the error code...

CVE-2025-68316

CVE-2025-68316 affects the Linux kernel’s SCSI UFS core. The root cause was an invalid non‑negative error code propagated from ufshcd_init(), causing a failed probe to be treated as success and potentially leaving the driver in an invalid state. The available connected sources confirm the issue a...

CVE-2025-68190 drm/amdgpu/atom: Check kcalloc() for WS buffer in amdgpu_atom_execute_table_locked()

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/atom: Check kcalloc for WS buffer in amdgpuatomexecutetablelocked kcalloc may fail. When WS is non-zero and allocation fails, ectx.ws remains NULL while ectx.wssize is set, leading to a potential NULL pointer dereferen...

CVE-2025-40308

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: bcsp: receive data only if registered Currently, bcsprecv can be called even when the BCSP protocol has not been registered. This leads to a NULL pointer dereference, as shown in the following stack trace: KASAN:...

CVE-2025-40269 ALSA: usb-audio: Fix potential overflow of PCM transfer buffer

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix potential overflow of PCM transfer buffer The PCM stream data in USB-audio driver is transferred over USB URB packet buffers, and each packet size is determined dynamically. The packet sizes are limited by so...

wifi: iwlwifi: Fix error code in iwl_op_mode_dvm_start()

...

Malicious code in kns-error-code (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 800f2a399cfa77f8709d51ca0a8025493c82b93ea829c48a471cf175090104b0 The package kns-error-code was found to contain malicious code. Source: ghsa-malware bfbb83f30dda5940166bed636d96b2ffa93059f5380ee5d90a3e6310346f0a66...

MAL-2025-191120 Malicious code in kns-error-code (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 800f2a399cfa77f8709d51ca0a8025493c82b93ea829c48a471cf175090104b0 The package kns-error-code was found to contain malicious code. Source: ghsa-malware bfbb83f30dda5940166bed636d96b2ffa93059f5380ee5d90a3e6310346f0a66...

EUVD-2025-199126

Malicious code in kns-error-code npm...

CVE-2025-40200

In the Linux kernel, the following vulnerability has been resolved: Squashfs: reject negative file sizes in squashfsreadinode Syskaller reports a "WARNING in ovlcopyupfile" in overlayfs. This warning is ultimately caused because the underlying Squashfs file system returns a file with a negative...

PT-2025-49370

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's USB-audio driver related to potential overflow of the PCM transfer buffer. The issue arises because the packet sizes used for transferring PCM stream...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990244)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990244 advisory. In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix races between hole punching and AIO+DIO After commit ocfs2: return real error code in...

EUVD-2022-54739

In the Linux kernel, the following vulnerability has been resolved: drm/msm/mdp5: Return error code in mdp5piperelease when deadlock is detected mdp5getglobalstate runs the risk of hitting a -EDEADLK when acquiring the modeset lock, but currently mdp5piperelease doesn't check for if an error is...

EUVD-2017-6063

Malware in sbrugna...