UBUNTU-CVE-2025-56226

Libsndfile =1.2.2 contains a memory leak vulnerability in the mpegl3encoderinit function within the mpegl3encode.c file...

CVE-2025-71143

In the Linux kernel, the following vulnerability has been resolved: clk: samsung: exynos-clkout: Assign .num before accessing .hws Commit f316cdff8d67 "clk: Annotate struct clkhwonecelldata with countedby" annotated the hws member of 'struct clkhwonecelldata' with countedby, which informs the...

CVE-2025-71131

In the Linux kernel, the following vulnerability has been resolved: crypto: seqiv - Do not use req-iv after cryptoaeadencrypt As soon as cryptoaeadencrypt is called, the underlying request may be freed by an asynchronous completion. Thus dereferencing req-iv after it returns is invalid. Instead o...

CVE-2025-71131 crypto: seqiv - Do not use req->iv after crypto_aead_encrypt

In the Linux kernel, the following vulnerability has been resolved: crypto: seqiv - Do not use req-iv after cryptoaeadencrypt As soon as cryptoaeadencrypt is called, the underlying request may be freed by an asynchronous completion. Thus dereferencing req-iv after it returns is invalid. Instead o...

CVE-2025-71130

In the Linux kernel, the following vulnerability has been resolved: drm/i915/gem: Zero-initialize the eb.vma array in i915gemdoexecbuffer Initialize the eb.vma array with values of 0 when the eb structure is first set up. In particular, this sets the eb-vmai.vma pointers to NULL, simplifying...

CVE-2025-71128 erspan: Initialize options_len before referencing options.

In the Linux kernel, the following vulnerability has been resolved: erspan: Initialize optionslen before referencing options. The struct iptunnelinfo has a flexible array member named options that is protected by a countedbyoptionslen attribute. The compiler will use this information to enforce...

CVE-2025-71115 um: init cpu_tasks[] earlier

In the Linux kernel, the following vulnerability has been resolved: um: init cputasks earlier This is currently done in umlfinishsetup, but e.g. with KCOV enabled we'll crash because some init code can call into e.g. memparse, which has coverage annotations, and then the checks in checkkcovmode...

CVE-2025-71115

CVE-2025-71115 pertains to the Linux kernel where cpu_tasks[] is not initialized early enough, causing a NULL current in certain init paths (notably with KCOV enabled) and potential crashes. The available connected docs confirm the vulnerability arises from initializing cpu_tasks[] in uml_finishs...

CVE-2025-71115

In the Linux kernel, the following vulnerability has been resolved: um: init cputasks earlier This is currently done in umlfinishsetup, but e.g. with KCOV enabled we'll crash because some init code can call into e.g. memparse, which has coverage annotations, and then the checks in checkkcovmode...

CVE-2025-71115

In the Linux kernel, the following vulnerability has been resolved: um: init cputasks earlier This is currently done in umlfinishsetup, but e.g. with KCOV enabled we'll crash because some init code can call into e.g. memparse, which has coverage annotations, and then the checks in checkkcovmode...

CVE-2025-71113

In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - zero initialize memory allocated via sockkmalloc Several crypto user API contexts and requests allocated with sockkmalloc were left uninitialized, relying on callers to set fields explicitly. This resulted in the...

CVE-2025-71113 crypto: af_alg - zero initialize memory allocated via sock_kmalloc

In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - zero initialize memory allocated via sockkmalloc Several crypto user API contexts and requests allocated with sockkmalloc were left uninitialized, relying on callers to set fields explicitly. This resulted in the...

CVE-2025-71113 crypto: af_alg - zero initialize memory allocated via sock_kmalloc

In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - zero initialize memory allocated via sockkmalloc Several crypto user API contexts and requests allocated with sockkmalloc were left uninitialized, relying on callers to set fields explicitly. This resulted in the...

CVE-2025-71113

In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - zero initialize memory allocated via sockkmalloc Several crypto user API contexts and requests allocated with sockkmalloc were left uninitialized, relying on callers to set fields explicitly. This resulted in the...

CVE-2025-71113

The CVE-2025-71113 issue is in the Linux kernel crypto af_alg path. Several crypto user API contexts and requests allocated with sock_kmalloc() were left uninitialized, which could cause uninitialized data to be used in certain error paths or when new fields are added. The root cause is missing z...

SUSE CVE-2025-71064

In the Linux kernel, the following vulnerability has been resolved: net: hns3: using the numtqps in the vf driver to apply for resources Currently, hdev-htqp is allocated using hdev-numtqps, and kinfo-tqp is allocated using kinfo-numtqps. However, kinfo-numtqps is set to minnewtqps, hdev-numtqps;...

kernel: libceph: fix potential use-after-free in have_mon_and_osd_map()

A use-after-free vulnerability was found in the Ceph client session initialization in the Linux kernel. The havemonandosdmap function checks map epochs without holding the appropriate locks, racing with concurrent map updates that free the old map. This can result in dereferencing freed memory...

ROS-20260114-7317

A vulnerability in the Linux operating system kernel is related to memory initialization errors. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not properly initializing the number of elements before accessing an array, which could result in an...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from memory allocated via sockkmalloc being uninitialized to zero, which could lead to the use of uninitialized...