UBUNTU-CVE-2025-68365

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Initialize allocated memory before use KMSAN reports: Multiple uninitialized values detected: - KMSAN: uninit-value in ntfsreadhdr 3 - KMSAN: uninit-value in bcmp 3 Memory is allocated by getname, which is a wrapper for...

CVE-2023-54034

In the Linux kernel, the following vulnerability has been resolved: iommufd: Make sure to zero vfioiommutype1info before copying to user Missed a zero initialization here. Most of the struct is filled with a copyfromuser, however minsz for that copy is smaller than the actual struct by 8 bytes,...

CVE-2023-54034

In the Linux kernel, the following vulnerability has been resolved: iommufd: Make sure to zero vfioiommutype1info before copying to user Missed a zero initialization here. Most of the struct is filled with a copyfromuser, however minsz for that copy is smaller than the actual struct by 8 bytes,...

UBUNTU-CVE-2023-54028

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix the error "trying to register non-static key in rxecleanuptask" In the function rxecreateqp, rxeqpfrominit is called to initialize qp, internally things like rxeinittask are not setup until rxeqpinitreq. If an error...

UBUNTU-CVE-2023-54034

In the Linux kernel, the following vulnerability has been resolved: iommufd: Make sure to zero vfioiommutype1info before copying to user Missed a zero initialization here. Most of the struct is filled with a copyfromuser, however minsz for that copy is smaller than the actual struct by 8 bytes,...

CVE-2023-54034 iommufd: Make sure to zero vfio_iommu_type1_info before copying to user

In the Linux kernel, the following vulnerability has been resolved: iommufd: Make sure to zero vfioiommutype1info before copying to user Missed a zero initialization here. Most of the struct is filled with a copyfromuser, however minsz for that copy is smaller than the actual struct by 8 bytes,...

CVE-2023-54034

The CVE-2023-54034 issue affects the Linux kernel iommufd path where vfio_iommu_type1_info is copied to user space. The root cause is a missing zero initialization: most of the struct is copied with copy_from_user(), but minsz is smaller than the struct by 8 bytes, leaving the padding uninitializ...

CVE-2023-54028 RDMA/rxe: Fix the error "trying to register non-static key in rxe_cleanup_task"

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix the error "trying to register non-static key in rxecleanuptask" In the function rxecreateqp, rxeqpfrominit is called to initialize qp, internally things like rxeinittask are not setup until rxeqpinitreq. If an error...

CVE-2023-54016 wifi: ath12k: Fix memory leak in rx_desc and tx_desc

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fix memory leak in rxdesc and txdesc Currently when ath12kdpccdescinit is called we allocate memory to rxdescs and txdescs. In ath12kdpcccleanup, during descriptor cleanup rxdescs and txdescs memory is not freed. Th...

CVE-2023-54007 vmci_host: fix a race condition in vmci_host_poll() causing GPF

In the Linux kernel, the following vulnerability has been resolved: vmcihost: fix a race condition in vmcihostpoll causing GPF During fuzzing, a general protection fault is observed in vmcihostpoll. general protection fault, probably for non-canonical address 0xdffffc0000000019: 0000 1 PREEMPT SM...

CVE-2023-54001 staging: r8712: Fix memory leak in _r8712_init_xmit_priv()

In the Linux kernel, the following vulnerability has been resolved: staging: r8712: Fix memory leak in r8712initxmitpriv In the above mentioned routine, memory is allocated in several places. If the first succeeds and a later one fails, the routine will leak memory. This patch fixes commit...

CVE-2025-68727 ntfs3: Fix uninit buffer allocated by __getname()

In the Linux kernel, the following vulnerability has been resolved: ntfs3: Fix uninit buffer allocated by getname Fix uninit errors caused after buffer allocation given to 'de'; by initializing the buffer with zeroes. The fix was found by using KMSAN...

CVE-2025-68727

In the Linux kernel, the following vulnerability has been resolved: ntfs3: Fix uninit buffer allocated by getname Fix uninit errors caused after buffer allocation given to 'de'; by initializing the buffer with zeroes. The fix was found by using KMSAN...

CVE-2025-68728

CVE-2025-68728 applies to the Linux kernel ntfs3 path, where a KMSAN memory initialization issue could occur when a buffer returned by sb_getblk() was not brought uptodate before being used in mi_format_new. The root cause is a memory-initialization bug (uninitialized data) that could be loaded i...

CVE-2025-68726 crypto: aead - Fix reqsize handling

In the Linux kernel, the following vulnerability has been resolved: crypto: aead - Fix reqsize handling Commit afddce13ce81d "crypto: api - Add reqsize to cryptoalg" introduced crareqsize field in cryptoalg struct to replace type specific reqsize fields. It looks like this was introduced...

CVE-2025-68377

The CVE-2025-68377 issue affects the Linux kernel and is resolved by initializing ns_list_node for initial namespaces to ensure the list is always initialized for initial namespaces. The fix targets the namespace list initialization in the kernel’s initialization path; impact and exploit details ...

CVE-2025-68369 ntfs3: init run lock for extend inode

In the Linux kernel, the following vulnerability has been resolved: ntfs3: init run lock for extend inode After setting the inode mode of $Extend to a regular file, executing the truncate system call will enter the dotruncate routine, causing the runlock uninitialized error reported by syzbot...

CVE-2025-68368

In CVE-2025-68368, the Linux kernel vulnerability arises in md: init bioset in mddev_init, where IO operations before md_run() (e.g., metadata updates after sysfs writes) can trigger a NULL pointer dereference if bioset is not initialized. Repro: mdadm -CR /dev/md0 -l1 -n2 /dev/sd[cd]; echo inact...

CVE-2025-68368 md: init bioset in mddev_init

In the Linux kernel, the following vulnerability has been resolved: md: init bioset in mddevinit IO operations may be needed before mdrun, such as updating metadata after writing sysfs. Without bioset, this triggers a NULL pointer dereference as below: BUG: kernel NULL pointer dereference, addres...

CVE-2025-68368 md: init bioset in mddev_init

In the Linux kernel, the following vulnerability has been resolved: md: init bioset in mddevinit IO operations may be needed before mdrun, such as updating metadata after writing sysfs. Without bioset, this triggers a NULL pointer dereference as below: BUG: kernel NULL pointer dereference, addres...