CVE-2025-40352

In the Linux kernel, the following vulnerability has been resolved: platform/mellanox: mlxbf-pmc: add sysfsattrinit to countclock init The lock-related debug logic CONFIGLOCKSTAT in the kernel is noting the following warning when the BlueField-3 SOC is booted: BUG: key ffff00008a3402a8 has not be...

CVE-2025-40352

The CVE-2025-40352 entry concerns a Linux kernel issue in the Mellanox mlxbf-pmc driver. The vulnerability arises from missing initialization of the count_clock data structure’s sysfs attributes, which triggers a lockdep-related warning (CONFIG_LOCK_STAT) during BlueField-3 boot, specifically a m...

CVE-2025-40352 platform/mellanox: mlxbf-pmc: add sysfs_attr_init() to count_clock init

In the Linux kernel, the following vulnerability has been resolved: platform/mellanox: mlxbf-pmc: add sysfsattrinit to countclock init The lock-related debug logic CONFIGLOCKSTAT in the kernel is noting the following warning when the BlueField-3 SOC is booted: BUG: key ffff00008a3402a8 has not be...

SUSE-SU-2025:21222-1 Security update for gnutls

This update for gnutls fixes the following issues: - CVE-2025-9820: Fixed buffer overflow in gnutlspkcs11tokeninit bsc1254132...

PT-2025-51568

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The mlxbf pmc driver in the Linux kernel does not call sysfs attr init during the initialization of the "count clock" data structure. This causes a warning related to lock-related debug...

CLSA-2025-1765478656 lasso: Fix of CVE-2025-47151

CVE-2025-47151: fix type confusion vulnerability in the lassonodeimplinitfromxml functionality...

Linux Distros Unpatched Vulnerability : CVE-2022-50657

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - riscv: mm: add missing memcpy in kasaninit Hi Atish, It seems that the panic is due to the missing memcpy during kasaninit. Could you please check whether this...

Unity Linux 20.1050e Security Update: kernel (UTSA-2025-991124)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991124 advisory. In the Linux kernel, the following vulnerability has been resolved: virtioconsole: eliminate anonymous moduleinit & moduleexit Eliminate anonymous moduleinit and...

SUSE SLES12 Security Update : gnutls (SUSE-SU-2025:4346-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2025:4346-1 advisory. - CVE-2025-9820: Fixed buffer overflow in gnutlspkcs11tokeninit. bsc1254132 Tenable has extracted the preceding description block directly from the SUS...

CVE-2023-53787

In the Linux kernel, the following vulnerability has been resolved: regulator: da9063: fix null pointer deref with partial DT config When some of the da9063 regulators do not have corresponding DT nodes a null pointer dereference occurs on boot because such regulators have no initdata causing the...

CVE-2023-53832

A null pointer dereference flaw was found in the Linux kernel's RAID10 implementation. When recovery is skipped on a clean array, initresync is called but closesync is not, leaving conf-havereplacement incorrectly set to 0. If a replacement device is later added and recovery is triggered, replbio...

SUSE CVE-2022-50646

In the Linux kernel, the following vulnerability has been resolved: scsi: hpsa: Fix possible memory leak in hpsainitone The hpdaallocctlrinfo allocates h and its field replymap. However, in hpsainitone, if allocpercpu failed, the hpsainitone jumps to clean1 directly, which frees h and leaks the...

SUSE CVE-2022-50657

In the Linux kernel, the following vulnerability has been resolved: riscv: mm: add missing memcpy in kasaninit Hi Atish, It seems that the panic is due to the missing memcpy during kasaninit. Could you please check whether this patch is helpful? When doing kasanpopulate, the new allocated...

SUSE CVE-2023-53787

In the Linux kernel, the following vulnerability has been resolved: regulator: da9063: fix null pointer deref with partial DT config When some of the da9063 regulators do not have corresponding DT nodes a null pointer dereference occurs on boot because such regulators have no initdata causing the...

EUVD-2023-60159

In the Linux kernel, the following vulnerability has been resolved: drm/msm: fix NULL-deref on snapshot tear down In case of early initialisation errors and on platforms that do not use the DPU controller, the deinitilisation code can be called with the kms pointer set to NULL. Patchwork:...

EUVD-2022-55748

In the Linux kernel, the following vulnerability has been resolved: riscv: mm: add missing memcpy in kasaninit Hi Atish, It seems that the panic is due to the missing memcpy during kasaninit. Could you please check whether this patch is helpful? When doing kasanpopulate, the new allocated...

CVE-2025-48623

In initpkvmhypvcpu of pkvm.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

DEBIAN-CVE-2023-53849

In the Linux kernel, the following vulnerability has been resolved: drm/msm: fix workqueue leak on bind errors Make sure to destroy the workqueue also in case of early errors during bind e.g. a subcomponent failing to bind. Since commit c3b790ea07a1 "drm: Manage drmmodeconfiginit with drmm" the...

DEBIAN-CVE-2023-53837

In the Linux kernel, the following vulnerability has been resolved: drm/msm: fix NULL-deref on snapshot tear down In case of early initialisation errors and on platforms that do not use the DPU controller, the deinitilisation code can be called with the kms pointer set to NULL. Patchwork:...

CVE-2023-53837

In the Linux kernel, the following vulnerability has been resolved: drm/msm: fix NULL-deref on snapshot tear down In case of early initialisation errors and on platforms that do not use the DPU controller, the deinitilisation code can be called with the kms pointer set to NULL. Patchwork:...