RHEL 8 : kernel (RHSA-2025:13960)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:13960 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: drm/vkms: Fix use after free...

SUSE CVE-2025-38507

In the Linux kernel, the following vulnerability has been resolved: HID: nintendo: avoid bluetooth suspend/resume stalls Ensure we don't stall or panic the kernel when using bluetooth-connected controllers. This was reported as an issue on android devices using kernel 6.6 due to the resume hook...

SUSE CVE-2025-38533

In the Linux kernel, the following vulnerability has been resolved: net: libwx: fix the using of Rx buffer DMA The wxrxbuffer structure contained two DMA address fields: 'dma' and 'pagedma'. However, only 'pagedma' was actually initialized and used to program the Rx descriptor. But 'dma' was...

CVE-2025-38546

In the Linux kernel, the following vulnerability has been resolved: atm: clip: Fix memory leak of struct clipvcc. ioctlATMARPMKIP allocates struct clipvcc and set it to vcc-userback. The code assumes that vccdestroysocket passes NULL skb to vcc-push when the socket is closed, and then clippush...

CVE-2025-38525

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix irq-disabled in localbhenable The rxrpcassessMTUsize function calls down into the IP layer to find out the MTU size for a route. When accepting an incoming call, this is called from rxrpcnewincomingcall which holds...

CVE-2025-38546

CVE-2025-38546 (Linux kernel: ATM clip memory leak) The vulnerability is in the ATM subsystem’s clip code. The ioctl ATMARPD_CTRL path assigns NULL to vcc->push(), which breaks the expected cleanup path and leaks memory for the allocated struct clip_vcc during ATMARP handling. The root cause i...

CVE-2025-38541

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7925: Fix null-ptr-deref in mt7925thermalinit devmkasprintf returns NULL on error. Currently, mt7925thermalinit does not check for this case, which results in a NULL pointer dereference. Add NULL check after...

UBUNTU-CVE-2025-38517

In the Linux kernel, the following vulnerability has been resolved: lib/alloctag: do not acquire non-existent lock in alloctagtopusers alloctagtopusers attempts to lock alloctagcttype-modlock even when the alloctagcttype is not allocated because: 1 alloc tagging is disabled because mem profiling ...

CVE-2025-38525 rxrpc: Fix irq-disabled in local_bh_enable()

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix irq-disabled in localbhenable The rxrpcassessMTUsize function calls down into the IP layer to find out the MTU size for a route. When accepting an incoming call, this is called from rxrpcnewincomingcall which holds...

CVE-2025-38525

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix irq-disabled in localbhenable The rxrpcassessMTUsize function calls down into the IP layer to find out the MTU size for a route. When accepting an incoming call, this is called from rxrpcnewincomingcall which holds...

CVE-2025-38507 HID: nintendo: avoid bluetooth suspend/resume stalls

In the Linux kernel, the following vulnerability has been resolved: HID: nintendo: avoid bluetooth suspend/resume stalls Ensure we don't stall or panic the kernel when using bluetooth-connected controllers. This was reported as an issue on android devices using kernel 6.6 due to the resume hook...

CVE-2025-38507

In the Linux kernel, the following vulnerability has been resolved: HID: nintendo: avoid bluetooth suspend/resume stalls Ensure we don't stall or panic the kernel when using bluetooth-connected controllers. This was reported as an issue on android devices using kernel 6.6 due to the resume hook...

CVE-2025-38507 HID: nintendo: avoid bluetooth suspend/resume stalls

In the Linux kernel, the following vulnerability has been resolved: HID: nintendo: avoid bluetooth suspend/resume stalls Ensure we don't stall or panic the kernel when using bluetooth-connected controllers. This was reported as an issue on android devices using kernel 6.6 due to the resume hook...

PT-2025-33584 · Mt76 +2 · Mt76 +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a flaw in the mt7925 thermal init function within the mt76 and mt7925 modules. The devm kasprintf function can return NULL on error, and the code does not che...

PT-2025-33568

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw exists in the Linux kernel related to interrupt handling within the rxrpc subsystem. Specifically, the rxrpc assess MTU size function, called from rxrpc new incoming call, can...

SUSE SLES15 / openSUSE 15 Security Update : podman (SUSE-SU-2025:02808-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:02808-1 advisory. - CVE-2025-6032: Fixed machine init command failing to verify TLS certificate bsc1245320 Tenable has extracted the preceding...

Security update for podman

This update for podman fixes the following issues: CVE-2025-6032: Fixed machine init command failing to verify TLS certificate bsc1245320 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can r...

SUSE-SU-2025:02807-1 Security update for podman

This update for podman fixes the following issues: - CVE-2025-6032: Fixed machine init command failing to verify TLS certificate bsc1245320...

Security update for podman

This update for podman fixes the following issues: CVE-2025-6032: Fixed machine init command failing to verify TLS certificate bsc1245320 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can r...

Linux Distros Unpatched Vulnerability : CVE-2025-38231

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: nfsd: Initialize ssc before laundromatwork to prevent NULL dereference In nfs4statestartnet,...