CVE-2025-39908 net: dev_ioctl: take ops lock in hwtstamp lower paths

In the Linux kernel, the following vulnerability has been resolved: net: devioctl: take ops lock in hwtstamp lower paths ndo hwtstamp callbacks are expected to run under the per-device ops lock. Make the lower get/set paths consistent with the rest of ndo invocations. Kernel log: WARNING: CPU: 13...

DEBIAN-CVE-2025-38462

In the Linux kernel, the following vulnerability has been resolved: vsock: Fix transportg2h,h2g TOCTOU vsockfindcid and vsockdevdoioctl may race with module unload. transportg2h,h2g may become NULL after the NULL check. Introduce vsocktransportlocalcid to protect from a potential null-ptr-deref...

CVE-2023-53059 platform/chrome: cros_ec_chardev: fix kernel data leak from ioctl

In the Linux kernel, the following vulnerability has been resolved: platform/chrome: crosecchardev: fix kernel data leak from ioctl It is possible to peep kernel page's data by providing larger insize in struct croseccommand1 when invoking EC host commands. Fix it by using zeroed memory. 1:...

CVE-2022-49788 misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram()

In the Linux kernel, the following vulnerability has been resolved: misc/vmwvmci: fix an infoleak in vmcihostdoreceivedatagram struct vmcieventqp allocated by qpnotifypeer contains padding, which may carry uninitialized data to the userspace, as observed by KMSAN: BUG: KMSAN: kernel-infoleak in...

UBUNTU-CVE-2022-49122

In the Linux kernel, the following vulnerability has been resolved: dm ioctl: prevent potential spectre v1 gadget It appears like cmd could be a Spectre v1 gadget as it's supplied by a user and used as an array index. Prevent the contents of kernel memory from being leaked to userspace via...

CVE-2021-47086

In the Linux kernel, the following vulnerability has been resolved: phonet/pep: refuse to enable an unbound pipe This ioctl implicitly assumed that the socket was already bound to a valid local socket name, i.e. Phonet object. If the socket was not bound, two separate problems would occur: 1 We'd...

Unbreakable Enterprise kernel-container security update

4.14.35-2047.504.2.el7 - md/raid1: properly indicate failure when ending a failed write request Paul Clements Orabug: 32887159 - video: hypervfb: Add ratelimit on error message Michael Kelley Orabug: 32856879 - Drivers: hv: vmbus: Initialize unloadevent statically Andrea Parri Microsoft Orabug:...

Unbreakable Enterprise kernel security update

5.4.17-2102.202.5 - sctp: delay autoasconf init until binding the first addr Xin Long Orabug: 32907967 CVE-2021-23133 CVE-2021-23133 - dm ioctl: fix out of bounds array access when no devices Mikulas Patocka Orabug: 32860491 CVE-2021-31916 - uek-rpm: update kABI lists for the new symbols Saeed...

Unbreakable Enterprise kernel security update

4.14.35-1844.1.3 - net: rds: fix rdsibsysctlmaxrecvallocation error Zhu Yanjun Orabug: 29003422 - nfs: dont dirty kernel pages read by direct-io Dave Kleikamp Orabug: 29122062 - KVM: X86: Fix scan ioapic use-before-initialization Wanpeng Li Orabug: 29026132 CVE-2018-19407 - hugetlb: take PMD...

openSUSE Security Update : fuse (openSUSE-2015-401)

Update to version 2.9.4 - fix exec environment for mount and umount bsc931452, CVE-2015-3202 - properly restore the default signal handler - fix directory file handle passed toioctl method. - fix for uids/gids larger than 2147483647 - initialize stat buffer passed to getattr and fgetattr...