CVE-2023-53666

In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd938x: fix missing mbhc init error handling MBHC initialisation can fail so add the missing error handling to avoid dereferencing an error pointer when later configuring the jack: Unable to handle kernel paging...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987282)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987282 advisory. In the Linux kernel, the following vulnerability has been resolved: efi: fix NULL-deref in init error path In cases where runtime services are not supported or have...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-398625)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-398625 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable: initialise extack before use Fix missing initialisation of extack in flow...

CVE-2023-53599

CVE-2023-53599: In the Linux kernel, the af_alg crypto path for gcm-aes-s390 had a missing initialisation in af_alg_alloc_areq. The bug could cause an oops when gcm_walk_start() runs on req->dst because req->dst was incorrectly set from areq->first_rsgl.sgl.sgl by _aead_recvmsg() calling...

CVE-2023-53599 crypto: af_alg - Fix missing initialisation affecting gcm-aes-s390

In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - Fix missing initialisation affecting gcm-aes-s390 Fix afalgallocareq to initialise areq-firstrsgl.sgl.sgt.sgl to point to the scatterlist array in areq-firstrsgl.sgl.sgl. Without this, the gcm-aes-s390 driver will...

EUVD-2022-55374

Malicious code in bioql PyPI...

SUSE CVE-2025-39739

In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu-qcom: Add SM6115 MDSS compatible Add the SM6115 MDSS compatible to clients compatible list, as it also needs that workaround. Without this workaround, for example, QRB4210 RB2 which is based on SM4250/SM6115...

CVE-2025-38737 cifs: Fix oops due to uninitialised variable

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix oops due to uninitialised variable Fix smb3inittransformrq to initialise buffer to NULL before calling netfsallocfolioqbuffer as netfs assumes it can append to the buffer it is given. Setting it to NULL means it should...

PT-2025-36267

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains an issue in the CIFS implementation where the smb3 init transform rq function does not initialize a buffer to NULL before calling netfs alloc folioq buffer...

Linux Distros Unpatched Vulnerability : CVE-2024-44945

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlink: Initialise extack before use in ACKs Add missing extack initialisation...

Linux Distros Unpatched Vulnerability : CVE-2021-47093

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: platform/x86: intelpmccore: fix memleak on registration failure In case device registration...

DEBIAN-CVE-2025-37971

In the Linux kernel, the following vulnerability has been resolved: staging: bcm2835-camera: Initialise dev in v4l2dev Commit 42a2f6664e18 "staging: vc04services: Move global gstate to vchiqstate" changed mmalinit to pass dev-v4l2dev.dev to vchiqmmalinit, however nothing iniitialised dev-v4l2dev,...

SUSE CVE-2023-52929

In the Linux kernel, the following vulnerability has been resolved: nvmem: core: fix cleanup after devsetname If devsetname fails, we leak nvmem-wpgpio as the cleanup does not put this. While a minimal fix for this would be to add the gpiodput call, we can do better if we split deviceregister, an...

CVE-2025-0714

The vulnerability exists in the password storage of Mobateks MobaXterm in versions below 25.0. MobaXTerm uses an initialisation vector IV consisting only of zero bytes and a master key to encrypt each password individually. In the default configuration, on opening MobaXTerm, the user is prompted...

Azure Linux 3.0 Security Update: kernel (CVE-2024-45018)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-45018 advisory. - In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable: initialise extack...

kernel: netfilter: flowtable: initialise extack before use

In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable: initialise extack before use Fix missing initialisation of extack in flow offload...

kernel: serial: sc16is7xx: setup GPIO controller later in probe

In the Linux kernel, the following vulnerability has been resolved: serial: sc16is7xx: setup GPIO controller later in probe The GPIO controller component of the sc16is7xx driver is setup too early, which can result in a race condition where another device tries to utilise the GPIO lines before th...

kernel: nfsd: initialise nfsd_info.mutex early.

In the Linux kernel, the following vulnerability has been resolved: nfsd: initialise nfsdinfo.mutex early. nfsdinfo.mutex can be dereferenced by svcpoolstatsstart immediately after the new netns is created. Currently this can trigger an oops. Move the initialisation earlier before it can possibly...

CVE-2024-50239 phy: qcom: qmp-usb-legacy: fix NULL-deref on runtime suspend

In the Linux kernel, the following vulnerability has been resolved: phy: qcom: qmp-usb-legacy: fix NULL-deref on runtime suspend Commit 413db06c05e7 "phy: qcom-qmp-usb: clean up probe initialisation" removed most users of the platform device driver data from the qcom-qmp-usb driver, but mistakenl...

kernel: netfilter: flowtable: initialise extack before use

In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable: initialise extack before use Fix missing initialisation of extack in flow offload...