CVE-2025-39979

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: fs, fix UAF in flow counter release Fix a kernel trace 1 caused by releasing an HWS action of a local flow counter in mlx5cmdhwsdeletefte, where the HWS action refcount and mutex were not initialized and the counter...

SUSE CVE-2025-39960

In the Linux kernel, the following vulnerability has been resolved: gpiolib: acpi: initialize acpigpioinfo struct Since commit 7c010d463372 "gpiolib: acpi: Make sure we fill struct acpigpioinfo", uninitialized acpigpioinfo struct are passed to acpifindgpio and later in the call stack info-quirks ...

UBUNTU-CVE-2025-39960

In the Linux kernel, the following vulnerability has been resolved: gpiolib: acpi: initialize acpigpioinfo struct Since commit 7c010d463372 "gpiolib: acpi: Make sure we fill struct acpigpioinfo", uninitialized acpigpioinfo struct are passed to acpifindgpio and later in the call stack info-quirks ...

UBUNTU-CVE-2023-53599

In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - Fix missing initialisation affecting gcm-aes-s390 Fix afalgallocareq to initialise areq-firstrsgl.sgl.sgt.sgl to point to the scatterlist array in areq-firstrsgl.sgl.sgl. Without this, the gcm-aes-s390 driver will...

CVE-2025-39931 crypto: af_alg - Set merge to zero early in af_alg_sendmsg

In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - Set merge to zero early in afalgsendmsg If an error causes afalgsendmsg to abort, ctx-merge may contain a garbage value from the previous loop. This may then trigger a crash on the next entry into afalgsendmsg whe...

EUVD-2025-22616

Malicious code in bioql PyPI...

EUVD-2025-20940

Malicious code in bioql PyPI...

EUVD-2025-6284

Malicious code in bioql PyPI...

CVE-2022-50464

In the Linux kernel, mt76 MT7915 PCI path had a refcount leak in mt7915_pci_init_hif2(); the issue stems from pci_get_device() returning a device with increased refcount and not balancing with pci_dev_put(). The fix saves the returned pci_device and ensures a pci_dev_put() is called to decrease t...

UBUNTU-CVE-2023-53421

In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Reinit blkgiostatset after clearing in blkcgresetstats When blkgalloc is called to allocate a blkcggq structure with the associated blkgiostatset's, there are 2 fields within blkgiostatset that requires proper...

UBUNTU-CVE-2022-50416

In the Linux kernel, the following vulnerability has been resolved: irqchip/wpcm450: Fix memory leak in wpcm450aicofinit If ofiomap failed, 'aic' should be freed before return. Otherwise there is a memory leak...

PT-2025-51581

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's JFS Journaled File System transaction manager. The txInit function does not properly initialize the TxBlock0.waitor waitqueue, leading to a system cra...

CVE-2023-53250

In the Linux kernel, the following vulnerability has been resolved: firmware: dmi-sysfs: Fix null-ptr-deref in dmisysfsregisterhandle KASAN reported a null-ptr-deref error: KASAN: null-ptr-deref in range 0x0000000000000008-0x000000000000000f CPU: 0 PID: 1373 Comm: modprobe Hardware name: QEMU...

CVE-2025-38691 pNFS: Fix uninited ptr deref in block/scsi layout

In the Linux kernel, the following vulnerability has been resolved: pNFS: Fix uninited ptr deref in block/scsi layout The error occurs on the third attempt to encode extents. When function exttreepreparecommit reallocates a larger buffer to retry encoding extents, the "layoutupdatepages" page arr...

comedi: Fix initialization of data for instructions that write to subdevice

...

CVE-2025-38558 usb: gadget: uvc: Initialize frame-based format color matching descriptor

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: uvc: Initialize frame-based format color matching descriptor Fix NULL pointer crash in uvcgframebasedmake due to uninitialized color matching descriptor for frame-based format which was added in commit f5e7bdd34aca...

Linux Distros Unpatched Vulnerability : CVE-2025-37772

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Fix workqueue crash in cmaneteventworkhandler struct rdmacmid has member struct...

Linux Distros Unpatched Vulnerability : CVE-2025-38309

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: drm/xe/vm: move xesvminit earlier In xevmcloseandput we need to be able to call xesvmfini,...

AZL-65771 CVE-2025-38403 affecting package kernel for versions less than 6.6.104.2-1

In the Linux kernel, the following vulnerability has been resolved: vsock/vmci: Clear the vmci transport packet properly when initializing it In vmcitransportpacketinit memset the vmcitransportpacket before populating the fields to avoid any uninitialised data being left in the structure...

CVE-2025-38387

CVE-2025-38387 affects the Linux kernel’s RDMA/mlx5 subsystem. The issue arises when an obj_event is inserted into a list before its obj_sub_list is initialized, risking a poisonous pointer if the event is loaded immediately after insertion. The referenced fix initializes obj_event->obj_sub_li...