995 matches found
kernel: md/raid10: fix null-ptr-deref in raid10_sync_request
A null pointer dereference flaw was found in the Linux kernel's RAID10 implementation. When recovery is skipped on a clean array, initresync is called but closesync is not, leaving conf-havereplacement incorrectly set to 0. If a replacement device is later added and recovery is triggered, replbio...
kernel: mm/mempolicy: fix uninit-value in mpol_rebind_policy()
In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: fix uninit-value in mpolrebindpolicy mpolsetnodemaskmm/mempolicy.c does not set up nodemask when pol-mode is MPOLLOCAL. Check pol-mode before access pol-w.cpusetmemsallowed in mpolrebindpolicymm/mempolicy.c. BUG:...
SUSE-SU-2023:4095-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2023-1206: Fixed a hash collision flaw in the IPv6 connection lookup table. A user located in the local network or with a high bandwidth connection can...
Kernel: netfilter: nf_tables_newrule when adding a rule with nfta_rule_chain_id leads to use-after-free
...
PT-2025-53067
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.5.0-rc1+ 279 Description The Linux kernel contains a flaw in the ext4 file system implementation, specifically within the ext4 mb new inode pa function. A calculation error during extent allocation can lead to ...
PT-2025-53058
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.5.0-rc1-dirty 1236 Description A flaw exists in the Linux kernel's iommufd subsystem related to handling batch carry operations. Specifically, the end variable was not being set correctly, leading to a potentia...
PT-2025-52984
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's IIO core that can lead to an invalid memory access when a device lacks a parent. A commit intended to improve label retrieval during device registrati...
kernel: use-after-free in l2cap_connect and l2cap_le_connect_req in net/bluetooth/l2cap_core.c
A use-after-free flaw was found in the Linux kernel's implementation of logical link control and adaptation protocol L2CAP, part of the Bluetooth stack in the l2capconnect and l2capleconnectreq functions. An attacker with physical access within the range of standard Bluetooth transmission could...
Important: kernel security and bug fix update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: use-after-free vulnerability in the perfgroupdetach function of the Linux Kernel Performance Events CVE-2023-2235 kernel: netfilter: use-after-free in nftables when processing batch...
Exploit for Improper Validation of Array Index in Linux Linux_Kernel
CVE-2023-2008 Proof of concept exploit for CVE-2023-2008, a b...
kernel: net/mlx5: Fix possible use-after-free in async command interface
A flaw was found in the net/mlx5 subsystem of the Linux kernel where a race condition in the asynchronous command interface can lead to a use-after-free condition. The function mlx5cmdcleanupasyncctx may return before all callback handlers have completed, allowing the context to be freed while...
kernel: ASoC: pxa: fix null-pointer dereference in filter()
A flaw was found in the Linux kernel ASoC pxa audio driver. The function filter used kasprintf to allocate a formatted string but did not check whether the allocation succeeded before passing the result to strcmp. If memory allocation fails and kasprintf returns NULL, this results in a NULL point...
kernel: dm cache: free background tracker's queued work in btracker_destroy
A memory leak was found in the device-mapper cache target in the Linux kernel. The btrackerdestroy function fails to free queued work items from the background tracker before destroying the slab cache. This triggers a BUG when kmemcacheshutdown finds objects still remaining...
kernel: ext4: kernel bug in ext4_write_inline_data_end()
A flaw was found in the openEuler kernel in Linux filesystem modules that allows an integer overflow via mounting a corrupted filesystem. This issue affects the openEuler kernel in versions from 4.19.90 through 4.19.90-2401.3 and 5.10.0-60.18.0 through 5.10.0-183.0.0...
kernel: net/mlx5: Fix possible use-after-free in async command interface
A flaw was found in the net/mlx5 subsystem of the Linux kernel where a race condition in the asynchronous command interface can lead to a use-after-free condition. The function mlx5cmdcleanupasyncctx may return before all callback handlers have completed, allowing the context to be freed while...
kernel: scsi: target: iscsi: Fix a race condition between login_work and the login thread
In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsi: Fix a race condition between loginwork and the login thread In case a malicious initiator sends some random data immediately after a login PDU; the iscsitargetskdataready callback will schedule the loginwork...
PT-2025-26062 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, related to the RDMA/siw component. The issue occurs when the siw recv mpa rr function returns -EAGAIN, indicating that the MPA...
CVE-2023-0210
A bug affects the Linux kernel’s ksmbd NTLMv2 authentication and is known to crash the OS immediately in Linux-based systems...
SUSE CVE-2006-0554
Linux kernel 2.6 before 2.6.15.5 allows local users to obtain sensitive information via a crafted XFS ftruncate call, which may return stale data...
SUSE CVE-2009-1298
The ipfragreasm function in net/ipv4/ipfragment.c in the Linux kernel 2.6.32-rc8, and 2.6.29 and later versions before 2.6.32, calls IPINCSTATSBH with an incorrect argument, which allows remote attackers to cause a denial of service NULL pointer dereference and hang via long IP packets, possibly...