PlayStation: Double fdrop on a socket through sys_netcontrol

The netcontrol syscall in the kernel had a vulnerability where the socket file descriptor was not properly validated when removing a socket from a netevent structure. This allowed an attacker to cause a double fdrop on a socket, potentially leading to a use-after-free condition...

kernel: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue()

A flaw was found in the HFSC queueing discipline implementation in the Linux kernel. When a packet is enqueued and the child qdisc's peek function is called before properly updating the HFSC queue's length and backlog counters, a race condition can occur. In some cases, the peek operation may...

UBUNTU-CVE-2025-38620

In the Linux kernel, the following vulnerability has been resolved: zloop: fix KASAN use-after-free of tag set When a zoned loop device, or zloop device, is removed, KASAN enabled kernel reports "BUG KASAN use-after-free" in blkmqfreetagset. The BUG happens because zloopctlremove calls putdisk,...

SUSE CVE-2025-38569

In the Linux kernel, the following vulnerability has been resolved: benet: fix BUG when creating VFs benet crashes as soon as SRIOV VFs are created: kernel BUG at mm/vmalloc.c:3457! Oops: invalid opcode: 0000 1 SMP KASAN NOPTI CPU: 4 UID: 0 PID: 7408 Comm: test.sh Kdump: loaded Not tainted 6.16.0...

CVE-2025-38598 drm/amdgpu: fix use-after-free in amdgpu_userq_suspend+0x51a/0x5a0

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix use-after-free in amdgpuuserqsuspend+0x51a/0x5a0 +0.000020 BUG: KASAN: slab-use-after-free in amdgpuuserqsuspend+0x51a/0x5a0 amdgpu +0.000817 Read of size 8 at addr ffff88812eec8c58 by task amdpciunplug/1733...

CVE-2025-38569 benet: fix BUG when creating VFs

In the Linux kernel, the following vulnerability has been resolved: benet: fix BUG when creating VFs benet crashes as soon as SRIOV VFs are created: kernel BUG at mm/vmalloc.c:3457! Oops: invalid opcode: 0000 1 SMP KASAN NOPTI CPU: 4 UID: 0 PID: 7408 Comm: test.sh Kdump: loaded Not tainted 6.16.0...

kernel: tls: always refresh the queue when reading sock

In the Linux kernel, the following vulnerability has been resolved: tls: always refresh the queue when reading sock After recent changes in net-next TCP compacts skbs much more aggressively. This unearthed a bug in TLS where we may try to operate on an old skb when checking if all skbs in the que...

Linux Distros Unpatched Vulnerability : CVE-2016-5243

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The tipcnlcompatlinkdump function in net/tipc/netlinkcompat.c in the Linux kernel through 4.6.3 does not properly copy a certain string, which allows local user...

Linux Distros Unpatched Vulnerability : CVE-2025-38433

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: riscv: fix runtime constant support for nommu kernels the runtimefixup32 function does not...

DEBIAN-CVE-2025-38544

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix bug due to prealloc collision When userspace is using AFRXRPC to provide a server, it has to preallocate incoming calls and assign to them call IDs that will be used to thread related recvmsg and sendmsg together. The...

UBUNTU-CVE-2025-38524

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix recv-recv race of completed call If a call receives an event such as incoming data, the call gets placed on the socket's queue and a thread in recvmsg can be awakened to go and process it. Once the thread has picked up...

DEBIAN-CVE-2025-38503

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix assertion when building free space tree When building the free space tree with the block group tree feature enabled, we can hit an assertion failure like this: BTRFS info device loop0 state M: rebuilding free space tre...

CVE-2025-38516 pinctrl: qcom: msm: mark certain pins as invalid for interrupts

In the Linux kernel, the following vulnerability has been resolved: pinctrl: qcom: msm: mark certain pins as invalid for interrupts On some platforms, the UFS-reset pin has no interrupt logic in TLMM but is nevertheless registered as a GPIO in the kernel. This enables the user-space to trigger a...

CVE-2025-38503

CVE-2025-38503 : Linux kernel BTRFS vulnerability with block_group_tree enabled can trigger an assertion while rebuilding the free space tree, causing a kernel BUG and machine halt. The issue occurs when processing an empty block group (no extents/items) and a ret value of 1 is returned by btrfs_...

CVE-2025-38503

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix assertion when building free space tree When building the free space tree with the block group tree feature enabled, we can hit an assertion failure like this: BTRFS info device loop0 state M: rebuilding free space tre...

Linux Distros Unpatched Vulnerability : CVE-2021-47127

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ice: track AFXDP ZC enabled queues in bitmap Commit c7a219048e45 ice: Remove xskbuffpool fro...

Linux Distros Unpatched Vulnerability : CVE-2025-38222

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ext4: inline: fix len overflow in ext4prepareinlinedata When running the following code on an ext4 filesystem with inlinedata feature enabled, it will lead to...

Linux Distros Unpatched Vulnerability : CVE-2023-53034

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ntbhwswitchtec: Fix shift-out-of- bounds in switchtecntbmwsettrans There is a kernel API...

Linux Distros Unpatched Vulnerability : CVE-2024-26636

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - llc: make llcuisendmsg more robust against bonding changes syzbot was able to trick llcuisendmsg, allocating an skb with no headroom, but subsequently trying to...

Linux Distros Unpatched Vulnerability : CVE-2025-38040

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - serial: mctrlgpio: split disablems into sync and nosync APIs The following splat has been observed on a SAMA5D27 platform using atmelserial: BUG: sleeping...