SUSE CVE-2025-39681

In the Linux kernel, the following vulnerability has been resolved: x86/cpu/hygon: Add missing resctrlcpudetect in bspinit helper Since 923f3a2b48bd "x86/resctrl: Query LLC monitoring properties once during boot" resctrlcpudetect has been moved from common CPU initialization code to the...

DEBIAN-CVE-2025-39723

In the Linux kernel, the following vulnerability has been resolved: netfs: Fix unbuffered write error handling If all the subrequests in an unbuffered write stream fail, the subrequest collector doesn't update the stream-transferred value and it retains its initial LONGMAX value. Unfortunately, i...

AZL-66953 CVE-2025-39684 affecting package kernel for versions less than 6.6.104.2-1

In the Linux kernel, the following vulnerability has been resolved: comedi: Fix use of uninitialized memory in doinsnioctl and doinsnlistioctl syzbot reports a KMSAN kernel-infoleak in doinsnioctl. A kernel buffer is allocated to hold insn-n samples each of which is an unsigned int. For some...

DEBIAN-CVE-2025-38736

In the Linux kernel, the following vulnerability has been resolved: net: usb: asixdevices: Fix PHY address mask in MDIO bus initialization Syzbot reported shift-out-of-bounds exception on MDIO bus initialization. The PHY address should be masked to 5 bits 0-31. Without this mask, invalid PHY...

CVE-2025-38736

In the Linux kernel, the following vulnerability has been resolved: net: usb: asixdevices: Fix PHY address mask in MDIO bus initialization Syzbot reported shift-out-of-bounds exception on MDIO bus initialization. The PHY address should be masked to 5 bits 0-31. Without this mask, invalid PHY...

UBUNTU-CVE-2025-39681

In the Linux kernel, the following vulnerability has been resolved: x86/cpu/hygon: Add missing resctrlcpudetect in bspinit helper Since 923f3a2b48bd "x86/resctrl: Query LLC monitoring properties once during boot" resctrlcpudetect has been moved from common CPU initialization code to the...

UBUNTU-CVE-2025-39709

In the Linux kernel, the following vulnerability has been resolved: media: venus: protect against spurious interrupts during probe Make sure the interrupt handler is initialized before the interrupt is registered. If the IRQ is registered before hficreate, it's possible that an interrupt fires...

CVE-2025-39723

CVE-2025-39723 affects the Linux kernel netfs unbuffered write path. When all subrequests in an unbuffered write stream fail, stream->transferred could remain LONG_MAX, and wreq->transferred could be updated to that value, causing write_iter() to report an erroneous non‑zero transfer and tr...

CVE-2025-39709

CVE-2025-39709 : In the Linux kernel, the Venus media driver risked a NULL dereference if an IRQ fired before the interrupt handler was fully initialized. The fix ensures the interrupt handler is initialized before the IRQ is registered, preventing spurious interrupts during probe (noted on Rb3Ge...

PT-2025-46622

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contained a flaw in the block I/O throttling mechanism. Specifically, a race condition existed during throttle policy activation, potentially leading to a NULL pointer...

SUSE CVE-2025-38695

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Check for hdwq null ptr when cleaning up lpfcvport structure If a call to lpfcsli4readrev from lpfcsli4hbasetup fails, the resultant cleanup routine lpfcsli4vportdeletefcpxriaborted may occur before sli4hba.hdwqs are...

CVE-2025-38695

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Check for hdwq null ptr when cleaning up lpfcvport structure If a call to lpfcsli4readrev from lpfcsli4hbasetup fails, the resultant cleanup routine lpfcsli4vportdeletefcpxriaborted may occur before sli4hba.hdwqs are...

DEBIAN-CVE-2025-38695

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Check for hdwq null ptr when cleaning up lpfcvport structure If a call to lpfcsli4readrev from lpfcsli4hbasetup fails, the resultant cleanup routine lpfcsli4vportdeletefcpxriaborted may occur before sli4hba.hdwqs are...

AZL-66818 CVE-2025-38695 affecting package kernel for versions less than 6.6.104.2-1

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Check for hdwq null ptr when cleaning up lpfcvport structure If a call to lpfcsli4readrev from lpfcsli4hbasetup fails, the resultant cleanup routine lpfcsli4vportdeletefcpxriaborted may occur before sli4hba.hdwqs are...

AZL-73926 CVE-2025-38695 affecting package kernel for versions less than 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Check for hdwq null ptr when cleaning up lpfcvport structure If a call to lpfcsli4readrev from lpfcsli4hbasetup fails, the resultant cleanup routine lpfcsli4vportdeletefcpxriaborted may occur before sli4hba.hdwqs are...

UBUNTU-CVE-2025-38695

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Check for hdwq null ptr when cleaning up lpfcvport structure If a call to lpfcsli4readrev from lpfcsli4hbasetup fails, the resultant cleanup routine lpfcsli4vportdeletefcpxriaborted may occur before sli4hba.hdwqs are...

CVE-2025-38700 scsi: libiscsi: Initialize iscsi_conn->dd_data only if memory is allocated

In the Linux kernel, the following vulnerability has been resolved: scsi: libiscsi: Initialize iscsiconn-dddata only if memory is allocated In case of an ibfastregmr allocation failure during iSER setup, the machine hits a panic because iscsiconn-dddata is initialized unconditionally, even when n...

CVE-2025-38695 scsi: lpfc: Check for hdwq null ptr when cleaning up lpfc_vport structure

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Check for hdwq null ptr when cleaning up lpfcvport structure If a call to lpfcsli4readrev from lpfcsli4hbasetup fails, the resultant cleanup routine lpfcsli4vportdeletefcpxriaborted may occur before sli4hba.hdwqs are...

CVE-2025-38695

CVE-2025-38695 affects the Linux kernel SCSI lpfc, where lpfc_sli4_vport cleanup can run before sli4_hba.hdwqs are allocated if lpfc_sli4_read_rev() fails. This may cause a NULL pointer dereference when acquiring abts_io_buf_list_lock for the first hardware queue. The fix adds a NULL pointer chec...

CVE-2025-38691 pNFS: Fix uninited ptr deref in block/scsi layout

In the Linux kernel, the following vulnerability has been resolved: pNFS: Fix uninited ptr deref in block/scsi layout The error occurs on the third attempt to encode extents. When function exttreepreparecommit reallocates a larger buffer to retry encoding extents, the "layoutupdatepages" page arr...