994 matches found
mm/damon/sysfs: fix use-after-free in state_show()
...
AZL-67656 CVE-2025-39883 affecting package kernel for versions less than 6.6.112.1-1
In the Linux kernel, the following vulnerability has been resolved: mm/memory-failure: fix VMBUGONPAGEPagePoisonedpage when unpoison memory When I did memory failure tests, below panic occurs: page dumped because: VMBUGONPAGEPagePoisonedpage kernel BUG at include/linux/page-flags.h:616! Oops:...
CVE-2025-39883
CVE-2025-39883 affects the Linux kernel memory-management path mm/memory-failure, where unpoisoning memory can trigger VM_BUG_ON_PAGE(PagePoisoned(page)) due to checking PG_HWPoison flags on an uninitialized page. The root cause described in the initial and connected advisories is the uninitializ...
SUSE CVE-2025-39844
In the Linux kernel, the following vulnerability has been resolved: mm: move page table sync declarations to linux/pgtable.h During our internal testing, we started observing intermittent boot failures when the machine uses 4-level paging and has a large amount of persistent memory: BUG: unable t...
CVE-2025-39858 eth: mlx4: Fix IS_ERR() vs NULL check bug in mlx4_en_create_rx_ring
In the Linux kernel, the following vulnerability has been resolved: eth: mlx4: Fix ISERR vs NULL check bug in mlx4encreaterxring Replace NULL check with ISERR check after calling pagepoolcreate since this function returns error pointers ERRPTR. Using NULL check could lead to invalid pointer...
CVE-2023-53420
In the Linux kernel, the following vulnerability has been resolved: ntfs: Fix panic about slab-out-of-bounds caused by ntfslistxattr Here is a BUG report from syzbot: BUG: KASAN: slab-out-of-bounds in ntfslistea fs/ntfs3/xattr.c:191 inline BUG: KASAN: slab-out-of-bounds in ntfslistxattr+0x401/0x5...
CVE-2022-50419 Bluetooth: hci_sysfs: Fix attempting to call device_add multiple times
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisysfs: Fix attempting to call deviceadd multiple times deviceadd shall not be called multiple times as stated in its documentation: 'Do not call this routine or deviceregister more than once for any device structure...
CVE-2022-50386
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix user-after-free This uses l2capchanholdunlesszero after calling l2capgetchanblah to prevent the following trace: Bluetooth: l2capcore.c:static void l2capchandestroystruct kref kref Bluetooth: chan...
PT-2025-38436
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the Bluetooth subsystem, specifically in the hci sysfs component. The device add function may be called multiple times, violating its documented...
DEBIAN-CVE-2022-50371
In the Linux kernel, the following vulnerability has been resolved: led: qcom-lpg: Fix sleeping in atomic lpgbrighnessset function can sleep, while led's brightnessset callback must be non-blocking. Change LPG driver to use brightnesssetblocking instead. BUG: sleeping function called from invalid...
CVE-2023-53348 btrfs: fix deadlock when aborting transaction during relocation with scrub
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix deadlock when aborting transaction during relocation with scrub Before relocating a block group we pause scrub, then do the relocation and then unpause scrub. The relocation process requires starting and committing a...
PT-2025-38171
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw exists in the Linux kernel’s wilc1000 module related to network device unregistration. Specifically, the wilc netdev ifc init function lacks a call to unregister netdev in its...
Linux Distros Unpatched Vulnerability : CVE-2023-53287
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: cdns3: Put the cdns set active part outside the spin lock The device may be scheduled during the resume process, so this cannot appear in atomic operations...
Linux Distros Unpatched Vulnerability : CVE-2023-53187
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - btrfs: fix use-after-free of new block group that became unused If a task creates a new block group and that block group becomes unused before we finish its...
PT-2025-38175
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw exists in the Linux kernel related to skbuff socket buffer handling during pull operations. Extending the tail of a skbuff can lead to unexpected behavior when using helpers lik...
SUSE CVE-2025-39818
In the Linux kernel, the following vulnerability has been resolved: HID: intel-thc-hid: intel-thc: Fix incorrect pointer arithmetic in I2C regs save Improper use of secondary pointer &dev-i2csubipregs caused kernel crash and out-of-bounds error: BUG: KASAN: slab-out-of-bounds in...
UBUNTU-CVE-2022-50342
In the Linux kernel, the following vulnerability has been resolved: floppy: Fix memory leak in dofloppyinit A memory leak was reported when floppyallocdisk failed in dofloppyinit. unreferenced object 0xffff888115ed25a0 size 8: comm "modprobe", pid 727, jiffies 4295051278 age 25.529s hex dump firs...
UBUNTU-CVE-2023-53323
In the Linux kernel, the following vulnerability has been resolved: ext2/dax: Fix ext2setsize when len is page aligned PAGEALIGNx macro gives the next highest value which is multiple of pagesize. But if x is already page aligned then it simply returns x. So, if x passed is 0 in daxzerorange...
CVE-2023-53323 ext2/dax: Fix ext2_setsize when len is page aligned
In the Linux kernel, the following vulnerability has been resolved: ext2/dax: Fix ext2setsize when len is page aligned PAGEALIGNx macro gives the next highest value which is multiple of pagesize. But if x is already page aligned then it simply returns x. So, if x passed is 0 in daxzerorange...
CVE-2022-50343
In the Linux kernel, the following vulnerability has been resolved: rapidio: fix possible name leaks when rioadddevice fails Patch series "rapidio: fix three possible memory leaks". This patchset fixes three name leaks in error handling. - patch 1 fixes two name leaks while rioadddevice fails. -...