kernel: drm/vkms: Fix use after free and double free on init error

In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Fix use after free and double free on init error If the driver initialization fails, the vkmsexit function might access an uninitialized or freed defaultconfig pointer and it might double free it. Fix both possible erro...

kernel: OPP: fix dev_pm_opp_find_bw_*() when bandwidth table not initialized

In the Linux kernel, the following vulnerability has been resolved: OPP: fix devpmoppfindbw when bandwidth table not initialized If a driver calls devpmoppfindbwceil/floor the retrieve bandwidth from the OPP table but the bandwidth table was not created because the interconnect properties were...

kernel: zram: fix NULL pointer in comp_algorithm_show()

In the Linux kernel, the following vulnerability has been resolved: zram: fix NULL pointer in compalgorithmshow LTP reported a NULL pointer dereference as followed: CPU: 7 UID: 0 PID: 5995 Comm: cat Kdump: loaded Not tainted 6.12.0-rc6+ 3 Hardware name: QEMU KVM Virtual Machine, BIOS 0.0.0...

kernel: vxlan: check vxlan_vnigroup_init() return value

In the Linux kernel, the following vulnerability has been resolved: vxlan: check vxlanvnigroupinit return value vxlaninit must check vxlanvnigroupinit success otherwise a crash happens later, spotted by syzbot. Oops: general protection fault, probably for non-canonical address 0xdffffc000000002c:...

kernel: crypto: tegra - do not transfer req when tegra init fails

In the Linux kernel, the following vulnerability has been resolved: crypto: tegra - do not transfer req when tegra init fails The tegracmacinit or tegrashainit function may return an error when memory is exhausted. It should not transfer the request when they return an error...

kernel: Linux kernel: Denial of Service in Bluetooth HCI UART driver via null pointer dereference

A flaw was found in the Linux kernel's Bluetooth HCI UART driver. A race condition exists where the hciuartwritework function may attempt to access uninitialized private data if a TTY write wakeup occurs during the protocol initialization phase. This can lead to a NULL pointer dereference,...

kernel: sched_ext: bpf_iter_scx_dsq_new() should always initialize iterator

In the Linux kernel, the following vulnerability has been resolved: schedext: bpfiterscxdsqnew should always initialize iterator BPF programs may call next and destroy on BPF iterators even after new returns an error value e.g. bpfforeach macro ignores error returns from new. bpfiterscxdsqnew cou...

PT-2025-51635

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue in the pinctrl subsystem, specifically within the s32cc driver. The s32 pinctrl desc structure is allocated using devm kmalloc, but not all of its fiel...

Prototype Pollution

node-cube is vulnerable to Prototype Pollution. The vulnerability is due to improper validation of user-supplied input during the prototype chain initialization process, which allows an attacker to inject malicious properties into built-in object prototypes, potentially leading to denial of servi...

RockyLinux 9 : kernel (RLSA-2025:19105)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:19105 advisory. kernel: vsock/virtio: Validate length in packet header before skbput CVE-2025-39718 kernel: NFS: Fix filehandle bounds checking in nfsfhtodentry...

kernel: pstore/ram: Check start of empty przs during init

An out of bounds array vulnerability exists in the linux kernel, such that a missing check on the start field of a PRZ persistent ram zone during initialization leads to damage to the availability and integrity of the system...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990439)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990439 advisory. In the Linux kernel, the following vulnerability has been resolved: hid: cp2112: Fix duplicate workqueue initialization Previously the cp2112 driver called...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990436)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990436 advisory. In the Linux kernel, the following vulnerability has been resolved: sit: do not call ipip6devfree from sitinitnet ipip6devfree is sit dev-privdestructor, already...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990621)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990621 advisory. In the Linux kernel, the following vulnerability has been resolved: virtioconsole: eliminate anonymous moduleinit & moduleexit Eliminate anonymous moduleinit and...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990539)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990539 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: initialize registers in nftdochain Initialize registers to avoid stack leak...

AZL-69863 CVE-2025-47151 affecting package lasso 2.8.0-1

A type confusion vulnerability exists in the lassonodeimplinitfromxml functionality of Entr'ouvert Lasso 2.5.1 and 2.8.2. A specially crafted SAML response can lead to an arbitrary code execution. An attacker can send a malformed SAML response to trigger this vulnerability...

CVE-2025-47151

A type confusion vulnerability exists in the lassonodeimplinitfromxml functionality of Entr'ouvert Lasso 2.5.1 and 2.8.2. A specially crafted SAML response can lead to an arbitrary code execution. An attacker can send a malformed SAML response to trigger this vulnerability...

CVE-2025-46784

A denial of service vulnerability exists in the lassonodeinitfrommessagewithformat functionality of Entr'ouvert Lasso 2.5.1. A specially crafted SAML response can lead to a memory depletion, resulting in denial of service. An attacker can send a malformed SAML response to trigger this vulnerabili...

CVE-2025-11690

An Insecure Direct Object Reference IDOR vulnerability exists in the vehicleId parameter, allowing unauthorized access to sensitive information of other users’ vehicles. Exploiting this issue enables an attacker to retrieve data such as GPS coordinates, encryption keys, initialization vectors,...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988751)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988751 advisory. In the Linux kernel, the following vulnerability has been resolved: video: fbdev: smscufx: Fix null-ptr-deref in ufxusbprobe I got a null-ptr-deref report: BUG: kern...