CVE-2022-50339 Bluetooth: avoid hci_dev_test_and_set_flag() in mgmt_init_hdev()

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: avoid hcidevtestandsetflag in mgmtinithdev syzbot is again reporting attempt to cancel uninitialized work at mgmtindexremoved 1, for setting of HCIMGMT flag from mgmtinithdev from hcimgmtcmd from hcisocksendmsg can rac...

CVE-2022-50340 media: vimc: Fix wrong function called when vimc_init() fails

In the Linux kernel, the following vulnerability has been resolved: media: vimc: Fix wrong function called when vimcinit fails In vimcinit, when platformdriverregister&vimcpdrv fails, platformdriverunregister&vimcpdrv is wrongly called rather than platformdeviceunregister&vimcpdev, which causes...

CVE-2022-50340 media: vimc: Fix wrong function called when vimc_init() fails

In the Linux kernel, the following vulnerability has been resolved: media: vimc: Fix wrong function called when vimcinit fails In vimcinit, when platformdriverregister&vimcpdrv fails, platformdriverunregister&vimcpdrv is wrongly called rather than platformdeviceunregister&vimcpdev, which causes...

CVE-2022-50340 media: vimc: Fix wrong function called when vimc_init() fails

In the Linux kernel, the following vulnerability has been resolved: media: vimc: Fix wrong function called when vimcinit fails In vimcinit, when platformdriverregister&vimcpdrv fails, platformdriverunregister&vimcpdrv is wrongly called rather than platformdeviceunregister&vimcpdev, which causes...

CVE-2022-50339 Bluetooth: avoid hci_dev_test_and_set_flag() in mgmt_init_hdev()

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: avoid hcidevtestandsetflag in mgmtinithdev syzbot is again reporting attempt to cancel uninitialized work at mgmtindexremoved 1, for setting of HCIMGMT flag from mgmtinithdev from hcimgmtcmd from hcisocksendmsg can rac...

CVE-2022-50340

CVE-2022-50340 affects the vimc hardware-media driver in the Linux kernel. The issue arises in vimc_init(): if platform_driver_register(&vimc_pdrv) fails, the code incorrectly calls platform_driver_unregister(&vimc_pdrv) instead of platform_device_unregister(&vimc_pdev), causing a kernel warning ...

CVE-2025-36244

CVE-2025-36244 : IBM AIX/VIOS Kerberos vulnerability allowing a local user to write to arbitrary files with root privileges due to improper initialization of critical variables. Affected: AIX 7.2, 7.3; VIOS 3.1, 4.1; vulnerable fileset: krb5.client.rte (1.16.1.0–1.16.1.7). CVSS base score 7.4 (HI...

CVE-2025-36244 IBM AIX privilege escalation

IBM AIX 7.2, 7.3, IBM VIOS 3.1, and 4.1, when configured to use Kerberos network authentication, could allow a local user to write to files on the system with root privileges due to improper initialization of critical variables...

UBUNTU-CVE-2025-39812

In the Linux kernel, the following vulnerability has been resolved: sctp: initialize more fields in sctpv6fromsk syzbot found that sin6scopeid was not properly initialized, leading to undefined behavior. Clear sin6scopeid and sin6flowinfo. BUG: KMSAN: uninit-value in sctpv6cmpaddr+0x887/0x8c0...

CVE-2025-39830 net/mlx5: HWS, Fix memory leak in hws_pool_buddy_init error path

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: HWS, Fix memory leak in hwspoolbuddyinit error path In the error path of hwspoolbuddyinit, the buddy allocator cleanup doesn't free the allocator structure itself, causing a memory leak. Add the missing kfree to properl...

CVE-2025-39812 sctp: initialize more fields in sctp_v6_from_sk()

In the Linux kernel, the following vulnerability has been resolved: sctp: initialize more fields in sctpv6fromsk syzbot found that sin6scopeid was not properly initialized, leading to undefined behavior. Clear sin6scopeid and sin6flowinfo. BUG: KMSAN: uninit-value in sctpv6cmpaddr+0x887/0x8c0...

UBUNTU-CVE-2023-53278

In the Linux kernel, the following vulnerability has been resolved: ubifs: Fix memory leak in ubifssysfsinit When insmod ubifs.ko, a kmemleak reported as below: unreferenced object 0xffff88817fb1a780 size 8: comm "insmod", pid 25265, jiffies 4295239702 age 100.130s hex dump first 8 bytes: 75 62 6...

CVE-2023-53284 drm/msm/dpu: check for null return of devm_kzalloc() in dpu_writeback_init()

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: check for null return of devmkzalloc in dpuwritebackinit Because of the possilble failure of devmkzalloc, dpuwbconn might be NULL and will cause null pointer dereference later. Therefore, it might be better to check ...

CVE-2023-53278

CVE-2023-53278 affects the Linux kernel in the ubifs subsystem, specifically a memory leak in ubifs_sysfs_init() that occurs when insmod ubifs.ko is loaded. The entry states the vulnerability has been resolved via a fix for the memory leak, with the observable kmemleak report and backtrace indica...

CVE-2023-53278 ubifs: Fix memory leak in ubifs_sysfs_init()

In the Linux kernel, the following vulnerability has been resolved: ubifs: Fix memory leak in ubifssysfsinit When insmod ubifs.ko, a kmemleak reported as below: unreferenced object 0xffff88817fb1a780 size 8: comm "insmod", pid 25265, jiffies 4295239702 age 100.130s hex dump first 8 bytes: 75 62 6...

PT-2025-38008

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a flaw related to Bluetooth functionality. Specifically, a race condition can occur within the mgmt init hdev function due to the lack of serialization via hc...

PT-2025-37994

Name of the Vulnerable Software and Affected Versions: IBM AIX versions 7.2 through 7.3 IBM VIOS versions 3.1 through 4.1 Description: IBM AIX and VIOS, when configured to use Kerberos network authentication, may allow a local user to gain root privileges by writing to files on the system due to...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a race condition between the HCIMGMT flag setting and the initialization of a work queue, which could lead t...

PT-2025-38011

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A memory leak was identified in the do floppy init function within the Linux kernel. The leak occurs when floppy alloc disk fails during initialization, specifically when allocating di...

PT-2025-38015

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability exists in the Linux kernel related to the ext4 rename function. Specifically, the issue arises when renaming files and involves failing to initialize quota information...