Security Bulletin: Vulnerability in [All] linux (Kernel) affects IBM Integrated Analytics System (Sailfish) [11 CVES].

Summary The All linux Kernel package is used by IBM Integrated Analytics System . IBM Integrated Analytics System has addressed the applicable CVE CVE-2024-41093, CVE-2024-42079, CVE-2024-45018, CVE-2024-40961, CVE-2024-35839, CVE-2024-38608, CVE-2024-38586, CVE-2024-39503, CVE-2024-40984,...

Privacy-Preserving Runtime Verification

Runtime verification offers scalable solutions to improve the safety and reliability of systems. However, systems that require verification or monitoring by a third party to ensure compliance with a specification might contain sensitive information, causing privacy concerns when usual runtime...

CVE-2025-24495

Incorrect initialization of resource in the branch prediction unit for some IntelR Core™ Ultra Processors may allow an authenticated user to potentially enable information disclosure via local access...

CVE-2025-24495

Incorrect initialization of resource in the branch prediction unit for some IntelR Core™ Ultra Processors may allow an authenticated user to potentially enable information disclosure via local access...

CVE-2025-24495

Incorrect initialization of resource in the branch prediction unit for some IntelR Core™ Ultra Processors may allow an authenticated user to potentially enable information disclosure via local access...

CVE-2025-24495

Incorrect initialization of resource in the branch prediction unit for some IntelR Core™ Ultra Processors may allow an authenticated user to potentially enable information disclosure via local access...

microcode_ctl: Improper initialization in UEFI firmware OutOfBandXML module

Improper initialization in UEFI firmware OutOfBandXML module in some IntelR Processors may allow a privileged user to potentially enable information disclosure via local access...

kernel: Bluetooth: ISO: Fix multiple init when debugfs is disabled

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix multiple init when debugfs is disabled If btdebugfs is not created successfully, which happens if either CONFIGDEBUGFS or CONFIGDEBUGFSALLOWALL is unset, then isoinit returns early and does not set isoinited t...

kernel: i3c: master: Fix miss free init_dyn_addr at i3c_master_put_i3c_addrs()

A vulnerability was found in the i3cmasterputi3caddrs function in the Linux kernel's i3c driver. A memory management issue can occur due to a copy-paste error between "dynaddr" and "initdynaddr", which leads to incorrect handling of memory, potentially causing resource mismanagement and instabili...

kernel: mptcp: init: protect sched with rcu_read_lock

In the Linux kernel, the following vulnerability has been resolved: mptcp: init: protect sched with rcureadlock Enabling CONFIGPROVERCULIST with its dependence CONFIGRCUEXPERT creates this splat when an MPTCP socket is created: ============================= WARNING: suspicious RCU usage 6.12.0-rc...

kernel: octeontx2-af: Add validation before accessing cgx and lmac

A bounds-checking error was found in the Linux kernel Marvell OcteonTX2 network driver's initialization code. On systems with newer CN10K RPM or CN10KB RPMUSX hardware, a local user with privileges to initialize the driver can trigger driver probe, causing the driver to make incorrect assumptions...

kernel: vhost/vsock: always initialize seqpacket_allow

Improper handling of seqpacketallow initialization was found in the Linux kernel in drivers/vhost/vsock.c...

kernel: vdpa/mlx5: Fix invalid mr resource destroy

In the Linux kernel, the following vulnerability has been resolved: vdpa/mlx5: Fix invalid mr resource destroy Certain error paths from mlx5vdpadevadd can end up releasing mr resources which never got initialized in the first place. This patch adds the missing check in mlx5vdpadestroymrresources ...

kernel: brd: defer automatic disk creation until module initialization succeeds

In the Linux kernel, the following vulnerability has been resolved: brd: defer automatic disk creation until module initialization succeeds My colleague Wupeng found the following problems during fault injection: BUG: unable to handle page fault for address: fffffbfff809d073 PGD 6e648067 P4D...

kernel: ext4: fix access to uninitialised lock in fc replay path

In the Linux kernel, the following vulnerability has been resolved: ext4: fix access to uninitialised lock in fc replay path The following kernel trace can be triggered with fstest generic/629 when executed against a filesystem with fast-commit feature enabled: INFO: trying to register non-static...

kernel: mm/damon/core: initialize damo_filter->list from damos_new_filter()

In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: initialize damofilter-list from damosnewfilter damosnewfilter is not initializing the list field of newly allocated filter object. However, DAMON sysfs interface and DAMONRECLAIM are not initializing it after calli...

kernel: hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer

In the Linux kernel, the following vulnerability has been resolved: hvsock: Initializing vsk-trans to NULL to prevent a dangling pointer When hvs is released, there is a possibility that vsk-trans may not be initialized to NULL, which could lead to a dangling pointer. This issue is resolved by...

kernel: scsi: aacraid: Fix double-free on probe failure

In the Linux kernel, the following vulnerability has been resolved: scsi: aacraid: Fix double-free on probe failure aacprobeone calls hardware-specific init functions through the aacdriverident::init pointer, all of which eventually call down to aacinitadapter. If aacinitadapter fails after...

2402 LTSR target device stuck initializing while checking the status of Hybrid joined machines

...

Lightweight Hybrid Block-Stream Cryptographic Algorithm for the Internet of Things

In this thesis, a novel lightweight hybrid encryption algorithm named SEPAR is proposed, featuring a 16-bit block length and a 128-bit initialization vector. The algorithm is designed specifically for application in Internet of Things IoT technology devices. The design concept of this algorithm i...