Unbreakable Enterprise kernel security update

5.15.0-315.196.5.1 - netfilter: nftables: reject duplicate device on updates Pablo Neira Ayuso Orabug: 38744086 CVE-2025-38678 - Reapply 'cpuidle: menu: Avoid discarding useful information' Harshvardhan Jha Orabug: 38744084 - rtc: expose RTCFEATUREUPDATEINTERRUPT Alexandre Belloni Orabug: 3874408...

SUSE CVE-2025-40095

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: frndis: Refactor bind path to use free After an bind/unbind cycle, the rndis-notifyreq is left stale. If a subsequent bind fails, the unified error label attempts to free this stale request, leading to a NULL pointer...

EUVD-2025-36984

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: facm: Refactor bind path to use free After an bind/unbind cycle, the acm-notifyreq is left stale. If a subsequent bind fails, the unified error label attempts to free this stale request, leading to a NULL pointer...

CVE-2025-40095 usb: gadget: f_rndis: Refactor bind path to use __free()

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: frndis: Refactor bind path to use free After an bind/unbind cycle, the rndis-notifyreq is left stale. If a subsequent bind fails, the unified error label attempts to free this stale request, leading to a NULL pointer...

CVE-2025-40093 usb: gadget: f_ecm: Refactor bind path to use __free()

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fecm: Refactor bind path to use free After an bind/unbind cycle, the ecm-notifyreq is left stale. If a subsequent bind fails, the unified error label attempts to free this stale request, leading to a NULL pointer...

SUSE CVE-2022-50034

In the Linux kernel, the following vulnerability has been resolved: usb: cdns3 fix use-after-free at workaround 2 BUG: KFENCE: use-after-free read in listdelentryvalid+0x10/0xac cdns3wa2removeoldrequest ... kfreeprivreq-request.buf; cdns3gadgetepfreerequest&privep-endpoint, &privreq-request;...

UBUNTU-CVE-2022-50027

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix possible memory leak when failing to issue CMF WQE There is no corresponding free routine if lpfcsli4issuewqe fails to issue the CMF WQE in lpfcissuecmfsyncwqe. If retval is non-zero, then free the iocbq request...

UBUNTU-CVE-2024-57927

In the Linux kernel, the following vulnerability has been resolved: nfs: Fix oops in nfsnetfsinitrequest when copying to cache When netfslib wants to copy some data that has just been read on behalf of nfs, it creates a new write request and calls nfsnetfsinitrequest to initialise it, but with a...

CVE-2024-57927 nfs: Fix oops in nfs_netfs_init_request() when copying to cache

In the Linux kernel, the following vulnerability has been resolved: nfs: Fix oops in nfsnetfsinitrequest when copying to cache When netfslib wants to copy some data that has just been read on behalf of nfs, it creates a new write request and calls nfsnetfsinitrequest to initialise it, but with a...

PT-2025-3652 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue arises when netfslib attempts to copy data on behalf of nfs, creating a new write request and calling nfs netfs init request with a NULL file pointer, causing nfs file open...

UBUNTU-CVE-2021-3392

A use-after-free flaw was found in the MegaRAID emulator of QEMU. This issue occurs while processing SCSI I/O requests in the case of an error mptsasfreerequest that does not dequeue the request object 'req' from a pending requests queue. This flaw allows a privileged guest user to crash the QEMU...