SUSE CVE-2025-68740

In the Linux kernel, the following vulnerability has been resolved: ima: Handle error code returned by imafilterrulematch In imamatchrules, if imafilterrulematch returns -ENOENT due to the rule being NULL, the function incorrectly skips the 'if !rc' check and sets 'result = true'. The LSM rule is...

Linux Distros Unpatched Vulnerability : CVE-2025-40260

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - schedext: Fix scxenable crash on helper kthread creation failure A crash was observed when the schedext selftests runner was terminated with Ctrl+\ while test 1...

EUVD-2022-55140

In the Linux kernel, the following vulnerability has been resolved: cachefiles: unmark inode in use in error path Unmark inode in use if error encountered. If the in-use flag leakage occurs in cachefilesopenfile, Cachefiles will complain "Inode already in use" when later another cookie with the...

EUVD-2025-11173

Malicious code in bioql PyPI...

EUVD-2024-51820

Malicious code in bioql PyPI...

EUVD-2024-51908

Malicious code in bioql PyPI...

CVE-2025-38619

In the Linux kernel, the following vulnerability has been resolved: media: ti: j721e-csi2rx: fix listdel corruption If ticsi2rxstartdma fails in ticsi2rxdmacallback, the buffer is marked done with VB2BUFSTATEERROR but is not removed from the DMA queue. This causes the same buffer to be retried in...

Linux Distros Unpatched Vulnerability : CVE-2021-47482

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: batman-adv: fix error handling Syzbot reported ODEBUG warning in batadvncmeshfree. The problem was in wrong error handling in batadvmeshinit. Before this...

SUSE CVE-2022-50138

In the Linux kernel, the following vulnerability has been resolved: RDMA/qedr: Fix potential memory leak in qedrallocmr qedrallocmr allocates a memory chunk for "mr-info.pbltable" with initmrinfo. When rdmaalloctid and rdmaregistertid fail, "mr" is released while "mr-info.pbltable" is not release...

CVE-2022-50229

CVE-2022-50229 is a Linux kernel vulnerability in the ALSA bcd2000 driver. The issue is a use-after-free (UAF) bug that occurs on the error path during probing: when snd_card_register() fails, the driver frees midi_out_urb before it is killed, enabling a UAF condition. The observed log pattern me...

CVE-2022-50127

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix error unwind in rxecreateqp In the function rxecreateqp, rxeqpfrominit is called to initialize qp, internally things like the spin locks are not setup until rxeqpinitreq. If an error occures before this point then t...

CVE-2022-50114

CVE-2022-50114 affects the Linux kernel 9p subsystem. The root cause is a refcount leak in p9_read_work() error handling when m->rreq->rc.sdata is NULL; p9_req_put must be called to avoid the leak. Affected component: net/9p (p9_read_work). The fix is documented in kernel commits (e.g., 34b...

CVE-2022-50053

CVE-2022-50053 concerns the Linux kernel iavf driver: a reset error handling path could lead to deadlock due to double napi_disable and a stuck iavf_remove when VF removal occurs during rapid resets. The fix removes the call to iavf_close in reset error handling and instead calls iavf_disable_vf ...

CVE-2022-49998

The CVE-2022-49998 entry is supported by multiple connected advisories confirming concrete fixes in the Linux kernel’s rxrpc sendmsg implementation. The issues addressed are three locking bugs in rxrpc_sendmsg: (1) rxrpc_new_client_call() should release the socket lock when returning from rxrpc_g...

CVE-2022-49953

CVE-2022-49953 concerns the Linux kernel’s iio: light cm3605 driver. The issue is an error-handling path in cm3605_probe() that, after a fix, introduced a new error-path which should jump to the existing error-handling path to avoid resource leaks. The connected sources consistently describe this...

CVE-2025-38012

CVE-2025-38012 concerns the Linux kernel vulnerability in sched_ext where bpf_iter_scx_dsq_new() may leave an uninitialized BPF iterator after an error return, causing bpf_iter_scx_dsq_next() to dereference garbage data. The patch ensures bpf_iter_scx_dsq_new() always clears kit->dsq, making n...

CVE-2022-49905

CVE-2022-49905: In the Linux kernel net/smc, smc_init() registers pernet subsystems without proper error handling, risking leaked pernet namespace. If register_pernet_subsys(&smc_net_stat_ops) or smc_nl_init() fails, &smc_net_stat_ops might not be reverted, leaving wild ops in the subsystem linke...

CVE-2022-49825

CVE-2022-49825 — Linux kernel (libata-transport) In ata_tport_add(), the return value of transport_add_device() is not checked, which can lead to a NULL pointer dereference during module removal when transport_remove_device() is called for a device that was not added. The vulnerability is resolve...

CVE-2022-49823 ata: libata-transport: fix error handling in ata_tdev_add()

In the Linux kernel, the following vulnerability has been resolved: ata: libata-transport: fix error handling in atatdevadd In atatdevadd, the return value of transportadddevice is not checked. As a result, it causes null-ptr-deref while removing the module, because transportremovedevice is calle...

CVE-2022-49824 ata: libata-transport: fix error handling in ata_tlink_add()

In the Linux kernel, the following vulnerability has been resolved: ata: libata-transport: fix error handling in atatlinkadd In atatlinkadd, the return value of transportadddevice is not checked. As a result, it causes null-ptr-deref while removing the module, because transportremovedevice is...