UBUNTU-CVE-2025-39854

In the Linux kernel, the following vulnerability has been resolved: ice: fix NULL access of tx-inuse in icelltsintr Recent versions of the E810 firmware have support for an extra interrupt to handle report of the "low latency" Tx timestamps coming from the specialized low latency firmware...

CVE-2025-39855 ice: fix NULL access of tx->in_use in ice_ptp_ts_irq

In the Linux kernel, the following vulnerability has been resolved: ice: fix NULL access of tx-inuse in iceptptsirq The E810 device has support for a "low latency" firmware interface to access and read the Tx timestamps. This interface does not use the standard Tx timestamp logic, due to the...

CVE-2025-39855 ice: fix NULL access of tx->in_use in ice_ptp_ts_irq

In the Linux kernel, the following vulnerability has been resolved: ice: fix NULL access of tx-inuse in iceptptsirq The E810 device has support for a "low latency" firmware interface to access and read the Tx timestamps. This interface does not use the standard Tx timestamp logic, due to the...

CVE-2025-39855

Summary: CVE-2025-39855 concerns the Linux kernel ICE driver (notably the E810’s low-latency TX timestamp interface). The bug occurs in ice_ptp_ts_irq() where the Tx timestamp tracker ice_ptp_tx is used before being initialized, risking NULL dereference or use-after-free if a TX timestamp interru...

CVE-2025-39854 ice: fix NULL access of tx->in_use in ice_ll_ts_intr

In the Linux kernel, the following vulnerability has been resolved: ice: fix NULL access of tx-inuse in icelltsintr Recent versions of the E810 firmware have support for an extra interrupt to handle report of the "low latency" Tx timestamps coming from the specialized low latency firmware...

CVE-2025-39854

CVE-2025-39854 affects the ice driver in the Linux kernel. The ice_ll_ts_intr() path could dereference a NULL tracker or use-after-free if the ice_ptp_tx tracker isn’t initialized. The fix gates access on the tracker’s initialized state and ensures reset clears the init flag under lock to prevent...

CVE-2025-39854 ice: fix NULL access of tx->in_use in ice_ll_ts_intr

In the Linux kernel, the following vulnerability has been resolved: ice: fix NULL access of tx-inuse in icelltsintr Recent versions of the E810 firmware have support for an extra interrupt to handle report of the "low latency" Tx timestamps coming from the specialized low latency firmware...

CVE-2025-39854 ice: fix NULL access of tx->in_use in ice_ll_ts_intr

In the Linux kernel, the following vulnerability has been resolved: ice: fix NULL access of tx-inuse in icelltsintr Recent versions of the E810 firmware have support for an extra interrupt to handle report of the "low latency" Tx timestamps coming from the specialized low latency firmware...

CVE-2025-39844 mm: move page table sync declarations to linux/pgtable.h

In the Linux kernel, the following vulnerability has been resolved: mm: move page table sync declarations to linux/pgtable.h During our internal testing, we started observing intermittent boot failures when the machine uses 4-level paging and has a large amount of persistent memory: BUG: unable t...

PT-2025-38562

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the ice ptp ts irq function where it does not check if the timestamp tracker is initialized before its first access. This can lead to a NULL pointer...

PT-2025-38551

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to page table synchronization during vmemmap initialization. Specifically, the optimized path within vmemmap populate compound pages skips...

Ashlar-Vellum Cobalt Code Execution Vulnerability

Ashlar-Vellum Cobalt is a 3D modeling software developed by Ashlar Vellum, which supports Windows and Mac systems, and is mainly used for 3D modeling and CAD drawing in industrial product design, architectural design and other fields. A code execution vulnerability exists in Ashlar-Vellum Cobalt,...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to check the tracker initialization state, which could result in a null pointer dereference or reu...

SUSE CVE-2022-50387

In the Linux kernel, the following vulnerability has been resolved: net: hinic: fix the issue of CMDQ memory leaks When hinicsetcmdqdepth fails in hinicinitcmdqs, the cmdq memory is not released correctly. Fix it...

SUSE CVE-2022-50414

In the Linux kernel, the following vulnerability has been resolved: scsi: fcoe: Fix transport not deattached when fcoeifinit fails fcoeinit calls fcoetransportattach&fcoeswtransport, but when fcoeifinit fails, &fcoeswtransport is not detached and leaves freed &fcoeswtransport on fcoetransports...

SUSE CVE-2022-50416

In the Linux kernel, the following vulnerability has been resolved: irqchip/wpcm450: Fix memory leak in wpcm450aicofinit If ofiomap failed, 'aic' should be freed before return. Otherwise there is a memory leak...

CVE-2023-53421

In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Reinit blkgiostatset after clearing in blkcgresetstats When blkgalloc is called to allocate a blkcggq structure with the associated blkgiostatset's, there are 2 fields within blkgiostatset that requires proper...

CVE-2022-50414

In the Linux kernel, the following vulnerability has been resolved: scsi: fcoe: Fix transport not deattached when fcoeifinit fails fcoeinit calls fcoetransportattachswtransport, but when fcoeifinit fails, swtransport is not detached and leaves freed swtransport on fcoetransports list. This causes...

CVE-2023-53435

In the Linux kernel, the following vulnerability has been resolved: cassini: Fix a memory leak in the error handling path of casinitone cassaturnfirmwareinit allocates some memory using vmalloc. This memory is freed in the .remove function but not it the error handling path of the probe. Add the...

CVE-2023-53421

In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Reinit blkgiostatset after clearing in blkcgresetstats When blkgalloc is called to allocate a blkcggq structure with the associated blkgiostatset's, there are 2 fields within blkgiostatset that requires proper...