UBUNTU-CVE-2026-45864

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: prevent infinite loops caused by the next valid being the same When processing valid within the range valid : pos, if valid cannot be retrieved correctly, for example, if the retrieved valid value is always the same, th...

CVE-2026-31472 xfrm: iptfs: validate inner IPv4 header length in IPTFS payload

In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: validate inner IPv4 header length in IPTFS payload Add validation of the inner IPv4 packet totlen and ihl fields parsed from decrypted IPTFS payloads in inputprocesspayload. A crafted ESP packet containing an inner...

EUVD-2025-15842

Malicious code in bioql PyPI...

EUVD-2025-15857

Malicious code in bioql PyPI...

CVE-2025-38692

CVE-2025-38692 refers to a Linux kernel exFAT fix validating cluster chains to prevent infinite loops during directory operations. The patch adds loop-break checks for conditions in exfat_count_dir_entries, exfat_create_upcase_table, exfat_load_bitmap, exfat_find_dir_entry, and exfat_check_dir_em...

CVE-2025-37942

In the Linux kernel, the following vulnerability has been resolved: HID: pidff: Make sure to fetch pool before checking SIMULTANEOUSMAX As noted by Anssi some 20 years ago, pool report is sometimes messed up. This worked fine on many devices but casued oops on VRS DirectForce PRO. Here, we're...

CVE-2025-37970

In the Linux kernel, the following vulnerability has been resolved: iio: imu: stlsm6dsx: fix possible lockup in stlsm6dsxreadfifo Prevent stlsm6dsxreadfifo from falling in an infinite loop in case patternlen is equal to zero and the device FIFO is not empty...

CVE-2025-37970

CVE-2025-37970 affects the Linux kernel IIO imu driver st_lsm6dsx_read_fifo. The root cause is a possible infinite loop when pattern_len is zero and the device FIFO is not empty, leading to a local lockup and availability impact. The vulnerability is addressed by a fix in the kernel (as described...

CVE-2025-37970 iio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_fifo

In the Linux kernel, the following vulnerability has been resolved: iio: imu: stlsm6dsx: fix possible lockup in stlsm6dsxreadfifo Prevent stlsm6dsxreadfifo from falling in an infinite loop in case patternlen is equal to zero and the device FIFO is not empty...

CVE-2025-37969 iio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_tagged_fifo

In the Linux kernel, the following vulnerability has been resolved: iio: imu: stlsm6dsx: fix possible lockup in stlsm6dsxreadtaggedfifo Prevent stlsm6dsxreadtaggedfifo from falling in an infinite loop in case patternlen is equal to zero and the device FIFO is not empty...

CVE-2025-37969

In CVE-2025-37969, the Linux kernel vulnerable component is the IIO IMU driver st_lsm6dsx (read_tagged_fifo). The issue allows a potential lockup when pattern_len is zero and the device FIFO is not empty, risking an infinite loop and elevated availability impact. The vulnerability has been fixed ...

CVE-2025-37942 HID: pidff: Make sure to fetch pool before checking SIMULTANEOUS_MAX

In the Linux kernel, the following vulnerability has been resolved: HID: pidff: Make sure to fetch pool before checking SIMULTANEOUSMAX As noted by Anssi some 20 years ago, pool report is sometimes messed up. This worked fine on many devices but casued oops on VRS DirectForce PRO. Here, we're...

CVE-2025-37942

CVE-2025-37942 is described in connected advisories as a Linux kernel issue within the HID: pidff path. The root cause reported is “Make sure to fetch pool before checking SIMULTANEOUS_MAX,” indicating a logic/fence-check or data handling problem in pool management related to HID: pidff. Affected...

CVE-2025-37859

In the Linux kernel, the following vulnerability has been resolved: pagepool: avoid infinite loop to schedule delayed worker We noticed the kworker in pagepoolreleaseretry was waken up repeatedly and infinitely in production because of the buggy driver causing the inflight less than 0 and warning...

CVE-2023-53026

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fix ib block iterator counter overflow When registering a new DMA MR after selecting the best aligned page size for it, we iterate over the given sglist to split each entry to smaller, aligned to the selected page size...

K000150488: Multiple Wireshark/tshark vulnerabilities

Security Advisory Description CVE-2020-26575 In Wireshark through 3.2.7, the Facebook Zero Protocol aka FBZERO dissector could enter an infinite loop. This was addressed in epan/dissectors/packet-fbzero.c by correcting the implementation of offset advancement. CVE-2018-14339 In Wireshark 2.6.0 to...

Unbreakable Enterprise kernel security update

5.4.17-2136.341.3.1 - Revert 'NFSD: Limit the number of concurrent async COPY operations' Sherry Yang Orabug: 37667080 5.4.17-2136.341.3 - iouring: fix possible deadlock in ioregisteriowqmaxworkers Hagar Hemdan Orabug: 37565787 - iouring/rw: fix missing NOWAIT check for ODIRECT start write Jens...

CVE-2022-49097 NFS: Avoid writeback threads getting stuck in mempool_alloc()

In the Linux kernel, the following vulnerability has been resolved: NFS: Avoid writeback threads getting stuck in mempoolalloc In a low memory situation, allow the NFS writeback code to fail without getting stuck in infinite loops in mempoolalloc...

CVE-2025-21667

In the Linux kernel, the following vulnerability has been resolved: iomap: avoid avoid truncating 64-bit offset to 32 bits on 32-bit kernels, iomapwritedelallocscan was inadvertently using a 32-bit position due to folionextindex returning an unsigned long. This could lead to an infinite loop when...

CVE-2023-52625 drm/amd/display: Refactor DMCUB enter/exit idle interface

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Refactor DMCUB enter/exit idle interface Why We can hang in place trying to send commands when the DMCUB isn't powered on. How We need to exit out of the idle state prior to sending a command, but the process tha...