LSN-0118-1 Kernel Live Patch Security Notice

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in async decryption Doing an async decryption large read crashes with a slab-use-after-free way down in the crypto API. In the Linux kernel, the following vulnerability has been resolved: padata: avoid UAF fo...

LSN-0118-1: Kernel Live Patch Security Notice

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in async decryption Doing an async decryption large read crashes with a slab-use-after-free way down in the crypto API. In the Linux kernel, the following vulnerability has been resolved: padata: avoid UAF fo...

RLSA-2025:16880 Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: netfilter: nfconntrack: fix crash due to removal of uninitialised entry CVE-2025-38472 kernel: smb: client: fix use-after-free in cifsoplockbreak CVE-2025-38527 kernel: sctp: linearize...

RockyLinux 10 : kernel (RLSA-2025:16904)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:16904 advisory. kernel: fs: export anoninodemakesecureinode and fix secretmem LSM bypass CVE-2025-38396 kernel: smb: client: fix use-after-free in cifsoplockbreak...

EUVD-2025-31205

Malicious code in bioql PyPI...

Oracle Linux 9 : kernel (ELSA-2025-16880)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-16880 advisory. - iouring/futex: ensure iofutexwait cleans up properly on failure CKI Backport Bot RHEL-114335 CVE-2025-39698 - selftests: tls: add tests for...

kernel: io_uring/futex: ensure io_futex_wait() cleans up properly on failure

In the Linux kernel, the following vulnerability has been resolved: iouring/futex: ensure iofutexwait cleans up properly on failure The iofutexdata is allocated upfront and assigned to the iokiocb asyncdata field, but the request isn't marked with REQFASYNCDATA at that point. Those two should...

kernel: io_uring/futex: ensure io_futex_wait() cleans up properly on failure

In the Linux kernel, the following vulnerability has been resolved: iouring/futex: ensure iofutexwait cleans up properly on failure The iofutexdata is allocated upfront and assigned to the iokiocb asyncdata field, but the request isn't marked with REQFASYNCDATA at that point. Those two should...

RHEL 10 : kernel (RHSA-2025:16904)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:16904 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: fs: export...

Linux Distros Unpatched Vulnerability : CVE-2025-39698

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - iouring/futex: ensure iofutexwait cleans up properly on failure The iofutexdata is allocated upfront and assigned to the iokiocb asyncdata field, but the reques...

DEBIAN-CVE-2025-39698

In the Linux kernel, the following vulnerability has been resolved: iouring/futex: ensure iofutexwait cleans up properly on failure The iofutexdata is allocated upfront and assigned to the iokiocb asyncdata field, but the request isn't marked with REQFASYNCDATA at that point. Those two should...

CVE-2025-39698

CVE-2025-39698 concerns the Linux kernel io_uring/futex cleanup: io_futex_data is allocated upfront and wired into io_kiocb.async_data, but the request flag REQ_F_ASYNC_DATA may not be set at that time. On failure, the futex handler frees the data but may not clear async_data, so the data and fla...

CVE-2025-39698 io_uring/futex: ensure io_futex_wait() cleans up properly on failure

In the Linux kernel, the following vulnerability has been resolved: iouring/futex: ensure iofutexwait cleans up properly on failure The iofutexdata is allocated upfront and assigned to the iokiocb asyncdata field, but the request isn't marked with REQFASYNCDATA at that point. Those two should...