CVE-2023-54138 drm/msm: fix NULL-deref on irq uninstall

In the Linux kernel, the following vulnerability has been resolved: drm/msm: fix NULL-deref on irq uninstall In case of early initialisation errors and on platforms that do not use the DPU controller, the deinitilisation code can be called with the kms pointer set to NULL. Patchwork:...

CVE-2023-54118 serial: sc16is7xx: setup GPIO controller later in probe

In the Linux kernel, the following vulnerability has been resolved: serial: sc16is7xx: setup GPIO controller later in probe The GPIO controller component of the sc16is7xx driver is setup too early, which can result in a race condition where another device tries to utilise the GPIO lines before th...

CVE-2022-50780 net: fix UAF issue in nfqnl_nf_hook_drop() when ops_init() failed

In the Linux kernel, the following vulnerability has been resolved: net: fix UAF issue in nfqnlnfhookdrop when opsinit failed When the opsinit interface is invoked to initialize the net, but ops-init fails, data is released. However, the ptr pointer in net-gen is invalid. In this case, when...

CVE-2022-50780

CVE-2022-50780 is a Linux kernel vulnerability described across multiple sources as a use-after-free (UAF) in nfqnl_nf_hook_drop(), triggered when ops_init() fails during net namespace setup. The root cause, as documented, is that data allocated during setup_net() is freed when ops->init() fai...

CVE-2022-50766

Summary: CVE-2022-50766 is a Linux kernel vulnerability in the Btrfs path. Reported to affect the Btrfs init flow, where generation data was incorrectly handled in btrfs_init_new_buffer, leading to uninitialized reads in btrfs_clean_tree_block. The root cause is that btrfs_set_header_generation()...

CVE-2022-50737 fs/ntfs3: Validate index root when initialize NTFS security

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Validate index root when initialize NTFS security This enhances the sanity check for $SDH and $SII while initializing NTFS security, guarantees these index root are legit. 162.459513 BUG: KASAN: use-after-free in...

CVE-2022-50737 fs/ntfs3: Validate index root when initialize NTFS security

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Validate index root when initialize NTFS security This enhances the sanity check for $SDH and $SII while initializing NTFS security, guarantees these index root are legit. 162.459513 BUG: KASAN: use-after-free in...

CVE-2022-50737

CVE-2022-50737 relates to the Linux kernel ntfs3 subsystem. The connected materials describe a fix for validating the NTFS security index roots during NTFS security initialization, addressing a use-after-free scenario illustrated by a KASAN report when mounting NTFS. The resolution enforces that ...

EUVD-2025-205071

In the Linux kernel, the following vulnerability has been resolved: crypto: aead - Fix reqsize handling Commit afddce13ce81d "crypto: api - Add reqsize to cryptoalg" introduced crareqsize field in cryptoalg struct to replace type specific reqsize fields. It looks like this was introduced...

EUVD-2025-205077

In the Linux kernel, the following vulnerability has been resolved: ns: initialize nslistnode for initial namespaces Make sure that the list is always initialized for initial namespaces...

EUVD-2025-205085

In the Linux kernel, the following vulnerability has been resolved: ntfs3: init run lock for extend inode After setting the inode mode of $Extend to a regular file, executing the truncate system call will enter the dotruncate routine, causing the runlock uninitialized error reported by syzbot...

CVE-2023-54059 soc: mediatek: mtk-svs: Enable the IRQ later

In the Linux kernel, the following vulnerability has been resolved: soc: mediatek: mtk-svs: Enable the IRQ later If the system does not come from reset like when is booted via kexec, the peripheral might triger an IRQ before the data structures are initialised. 0.227710 Unable to handle kernel NU...

CVE-2022-50727

Technical details for CVE-2022-50727 are not publicly provided in the supplied documents. Monitor for updates from the connected advisories and vendor/security bulletins.

CVE-2025-68726

In the Linux kernel, the following vulnerability has been resolved: crypto: aead - Fix reqsize handling Commit afddce13ce81d "crypto: api - Add reqsize to cryptoalg" introduced crareqsize field in cryptoalg struct to replace type specific reqsize fields. It looks like this was introduced...

CVE-2025-68377

In the Linux kernel, the following vulnerability has been resolved: ns: initialize nslistnode for initial namespaces Make sure that the list is always initialized for initial namespaces...

UBUNTU-CVE-2025-68368

In the Linux kernel, the following vulnerability has been resolved: md: init bioset in mddevinit IO operations may be needed before mdrun, such as updating metadata after writing sysfs. Without bioset, this triggers a NULL pointer dereference as below: BUG: kernel NULL pointer dereference, addres...

UBUNTU-CVE-2025-68377

In the Linux kernel, the following vulnerability has been resolved: ns: initialize nslistnode for initial namespaces Make sure that the list is always initialized for initial namespaces...

CVE-2025-68377

In the Linux kernel, the following vulnerability has been resolved: ns: initialize nslistnode for initial namespaces Make sure that the list is always initialized for initial namespaces...

CVE-2025-68365

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Initialize allocated memory before use KMSAN reports: Multiple uninitialized values detected: - KMSAN: uninit-value in ntfsreadhdr 3 - KMSAN: uninit-value in bcmp 3 Memory is allocated by getname, which is a wrapper for...

CVE-2025-68365

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Initialize allocated memory before use KMSAN reports: Multiple uninitialized values detected: - KMSAN: uninit-value in ntfsreadhdr 3 - KMSAN: uninit-value in bcmp 3 Memory is allocated by getname, which is a wrapper for...