UBUNTU-CVE-2023-53480

In the Linux kernel, the following vulnerability has been resolved: kobject: Add sanity check for kset-kobj.ktype in ksetregister When I register a kset in the following way: static struct kset mykset; kobjectsetname&mykset.kobj, "mykset"; ret = ksetregister&mykset; A null pointer dereference...

SUSE CVE-2025-39772

In the Linux kernel, the following vulnerability has been resolved: drm/hisilicon/hibmc: fix the hibmc loaded failed bug When hibmc loaded failed, the driver use hibmcunload to free the resource, but the mutexes in mode.config are not init, which will access an NULL pointer. Just change goto...

CVE-2025-39772 drm/hisilicon/hibmc: fix the hibmc loaded failed bug

In the Linux kernel, the following vulnerability has been resolved: drm/hisilicon/hibmc: fix the hibmc loaded failed bug When hibmc loaded failed, the driver use hibmcunload to free the resource, but the mutexes in mode.config are not init, which will access an NULL pointer. Just change goto...

CVE-2025-39772

CVE-2025-39772 affects the Linux kernel HibMC driver for Hisilicon GPUs (drm/hisilicon/hibmc). Description: when hibmc loading fails, the driver attempted to free resources via hibmc_unload, but mode.config mutexes were uninitialized, risking a NULL-pointer dereference. The fix replaces a goto cl...

wifi: ath11k: clear initialized flag for deinit-ed srng lists

...

Linux Distros Unpatched Vulnerability : CVE-2025-38601

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: clear initialized flag for deinit-ed srng lists In a number of cases we see...

Autodesk AutoCAD DGN File Parsing Uninitialized Variable Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DG...

SUSE CVE-2025-38601

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: clear initialized flag for deinit-ed srng lists In a number of cases we see kernel panics on resume due to ath11k kernel page fault, which happens under the following circumstances: 1 First ath11khaldumpsrngstats ca...

CVE-2025-38601

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: clear initialized flag for deinit-ed srng lists In a number of cases we see kernel panics on resume due to ath11k kernel page fault, which happens under the following circumstances: 1 First ath11khaldumpsrngstats ca...

AZL-66506 CVE-2025-38601 affecting package kernel for versions less than 6.6.104.2-1

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: clear initialized flag for deinit-ed srng lists In a number of cases we see kernel panics on resume due to ath11k kernel page fault, which happens under the following circumstances: 1 First ath11khaldumpsrngstats ca...

UBUNTU-CVE-2025-38601

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: clear initialized flag for deinit-ed srng lists In a number of cases we see kernel panics on resume due to ath11k kernel page fault, which happens under the following circumstances: 1 First ath11khaldumpsrngstats ca...

CVE-2025-38601 wifi: ath11k: clear initialized flag for deinit-ed srng lists

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: clear initialized flag for deinit-ed srng lists In a number of cases we see kernel panics on resume due to ath11k kernel page fault, which happens under the following circumstances: 1 First ath11khaldumpsrngstats ca...

CVE-2025-38601

Summary (CVE-2025-38601): Linux kernel ath11k SRNG deinit path bug can cause a page fault/panic on resume due to not resetting per-list initialized flags after reconfiguration. Root cause: after two resets, ath11k_hal_srng_deinit() destroys srng lists but does not clear per-list ->initialized,...

CVE-2025-38601 wifi: ath11k: clear initialized flag for deinit-ed srng lists

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: clear initialized flag for deinit-ed srng lists In a number of cases we see kernel panics on resume due to ath11k kernel page fault, which happens under the following circumstances: 1 First ath11khaldumpsrngstats ca...

openjpeg: OpenJPEG OOB heap memory write

An out-of-bounds heap memory write OOB flaw was found in OpenJPEG. A call to opjjp2readheader may lead to an OOB heap memory write when the data stream pstream is too short and pimage is not initialized...

UBUNTU-CVE-2025-38353

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix taking invalid lock on wedge If device wedges on e.g. GuC upload, the submission is not yet enabled and the state is not even initialized. Protect the wedge call so it does nothing in this case. It fixes the following...

drm/amd/display: Avoid divide by zero by initializing dummy pitch to 1

...

CVE-2025-5987

A flaw was found in libssh when using the ChaCha20 cipher with the OpenSSL library. If an attacker manages to exhaust the heap space, this error is not detected and may lead to libssh using a partially initialized cipher context. This occurs because the OpenSSL error code returned aliases with th...

PT-2025-33560

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.16.0-rc2 Description: The Linux kernel contained a flaw in the alloc tag top users function within the lib/alloc tag component. This function attempted to acquire a semaphore lock alloc tag cttype-mod lock eve...

DEBIAN-CVE-2022-50226

In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Use kzalloc for sev ioctl interfaces to prevent kernel memory leak For some sev ioctl interfaces, input may be passed that is less than or equal to SEVFWBLOBMAXSIZE, but larger than the data that PSP firmware return...