UBUNTU-CVE-2025-21841

In the Linux kernel, the following vulnerability has been resolved: cpufreq/amd-pstate: Fix cpufreqpolicy ref counting amdpstateupdatelimits takes a cpufreqpolicy reference but doesn't decrement the refcount in one of the exit paths, fix that...

CVE-2025-21841

CVE-2025-21841 : Linux kernel vulnerability in cpufreq/amd-pstate where amd_pstate_update_limits() takes a cpufreq_policy reference but fails to decrement the refcount on an exit path. This can lead to a use-after-free or resource mismanagement depending on refcount handling. The issue is resolve...

CVE-2025-21839

CVE-2025-21839 : Linux kernel KVM/x86 vulnerability where DR6 value for a guest could be stale when a VM-Exit occurs, due to loading guest DR6 inside the core vcpu_run() loop for DR6 while DR0–DR3 are handled outside. The fix moves the conditional loading of the hardware DR6 with the guest’s DR6 ...

CVE-2025-21839 KVM: x86: Load DR6 with guest value only before entering .vcpu_run() loop

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Load DR6 with guest value only before entering .vcpurun loop Move the conditional loading of hardware DR6 with the guest's DR6 value out of the core .vcpurun loop to fix a bug where KVM can load hardware with a stale...

CVE-2025-21839 KVM: x86: Load DR6 with guest value only before entering .vcpu_run() loop

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Load DR6 with guest value only before entering .vcpurun loop Move the conditional loading of hardware DR6 with the guest's DR6 value out of the core .vcpurun loop to fix a bug where KVM can load hardware with a stale...

kernel: ACPI: processor_idle: Fix memory leak in acpi_processor_power_exit()

In the Linux kernel, the following vulnerability has been resolved: ACPI: processoridle: Fix memory leak in acpiprocessorpowerexit After unregistering the CPU idle device, the memory associated with it is not freed, leading to a memory leak: unreferenced object 0xffff896282f6c000 size 1024: comm...

PT-2025-16766

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free vulnerability has been identified in the Linux kernel. The issue occurs while iterating the all mddevs list from md notify reboot and md exit, where list for each entry...

GO-2025-3467 `gh attestation verify` returns incorrect exit code during verification if no attestations are present in github.com/cli/cli

gh attestation verify returns incorrect exit code during verification if no attestations are present in github.com/cli/cli...

Security Bulletin: Multiple Vulnerabilities in IBM Event Processing

Summary IBM Event Processing was affected by multiple vulnerabilities. These are affecting the operator and frontend components. Vulnerability Details CVEID:CVE-2024-55565 DESCRIPTION: nanoid aka Nano ID before 5.0.9 mishandles non-integer values. 3.3.8 is also a fixed version. CWE:CWE-835: Loop...

SUSE CVE-2024-57979

In the Linux kernel, the following vulnerability has been resolved: pps: Fix a use-after-free On a board running ntpd and gpsd, I'm seeing a consistent use-after-free in sysexit from gpsd when rebooting: pps pps1: removed ------------ cut here ------------ kobject: 'null' 00000000db4bec24: is not...

DEBIAN-CVE-2025-21745

In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Fix class @blockclass's subsystem refcount leakage blkcgfillrootiostats iterates over @blockclass's devices by classdeviterinit|next, but does not end iterating with classdeviterexit, so causes the class's subsystem...

AZL-57902 CVE-2025-21745 affecting package kernel for versions less than 5.15.179.1-1

In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Fix class @blockclass's subsystem refcount leakage blkcgfillrootiostats iterates over @blockclass's devices by classdeviterinit|next, but does not end iterating with classdeviterexit, so causes the class's subsystem...

SUSE CVE-2022-49087

In the Linux kernel, the following vulnerability has been resolved: rxrpc: fix a race in rxrpcexitnet Current code can lead to the following race: CPU0 CPU1 rxrpcexitnet rxrpcpeerkeepaliveworker if rxnet-live rxnet-live = false; deltimersync&rxnet-peerkeepalivetimer;...

SUSE CVE-2022-49277

In the Linux kernel, the following vulnerability has been resolved: jffs2: fix memory leak in jffs2domountfs If jffs2buildfilesystem in jffs2domountfs returns an error, we can observe the following kmemleak report: -------------------------------------------- unreferenced object 0xffff88811b25a64...

SUSE CVE-2022-49381

In the Linux kernel, the following vulnerability has been resolved: jffs2: fix memory leak in jffs2dofillsuper If jffs2iget or dmakeroot in jffs2dofillsuper returns an error, we can observe the following kmemleak report: -------------------------------------------- unreferenced object...

SUSE CVE-2022-49611

In the Linux kernel, the following vulnerability has been resolved: x86/speculation: Fill RSB on vmexit for IBRS Prevent RSB underflow/poisoning attacks with RSB. While at it, add a bunch of comments to attempt to document the current state of tribal knowledge about RSB attacks and what exactly i...

SUSE CVE-2022-49709

In the Linux kernel, the following vulnerability has been resolved: cfi: Fix cfislowpathdiag RCU usage with cpuidle RCUNONIDLE usage during cfislowpathdiag can result in an invalid RCU state in the cpuidle code path: WARNING: CPU: 1 PID: 0 at kernel/rcu/tree.c:613 rcueqsenter+0xe4/0x138 ... Call...

AZL-58992 CVE-2024-57979 affecting package kernel for versions less than 5.15.180.1-1

In the Linux kernel, the following vulnerability has been resolved: pps: Fix a use-after-free On a board running ntpd and gpsd, I'm seeing a consistent use-after-free in sysexit from gpsd when rebooting: pps pps1: removed ------------ cut here ------------ kobject: 'null' 00000000db4bec24: is not...

UBUNTU-CVE-2024-57991

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: chan: fix soft lockup in rtw89entityrecalcmgntroles During rtw89entityrecalcmgntroles, there is a normalizing process which will re-order the list if an entry with target pattern is found. And once one is found, shou...

DEBIAN-CVE-2022-49611

In the Linux kernel, the following vulnerability has been resolved: x86/speculation: Fill RSB on vmexit for IBRS Prevent RSB underflow/poisoning attacks with RSB. While at it, add a bunch of comments to attempt to document the current state of tribal knowledge about RSB attacks and what exactly i...