DEBIAN-CVE-2025-39737

In the Linux kernel, the following vulnerability has been resolved: mm/kmemleak: avoid soft lockup in kmemleakdocleanup A soft lockup warning was observed on a relative small system x86-64 system with 16 GB of memory when running a debug kernel with kmemleak enabled. watchdog: BUG: soft lockup -...

UBUNTU-CVE-2025-39737

In the Linux kernel, the following vulnerability has been resolved: mm/kmemleak: avoid soft lockup in kmemleakdocleanup A soft lockup warning was observed on a relative small system x86-64 system with 16 GB of memory when running a debug kernel with kmemleak enabled. watchdog: BUG: soft lockup -...

UBUNTU-CVE-2025-39754

In the Linux kernel, the following vulnerability has been resolved: mm/smaps: fix race between smapshugetlbrange and migration smapshugetlbrange handles the pte without holdling ptl, and may be concurrenct with migration, leaing to BUGON in pfnswapentrytopage. The race is as follows...

CVE-2025-39736

CVE-2025-39736 : In the Linux kernel, a deadlock can occur in kmemleak when netpoll is enabled because pr_warn_once() may be called while holding kmemleak_lock, potentially triggering netpoll and reacquiring the lock. The fix moves the pr_warn_once() call out of the locked region by setting a fla...

PT-2025-42777

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.17.0-rc3 Description A flaw exists in the Linux kernel related to out-of-bounds access to shadow memory within the Kernel Memory Sanitizer KMSAN. Specifically, when running sha224 kunit on a KMSAN-enabled kerne...

KLA87445 Multiple vulnerabilities in Microsoft Products (ESU)

Multiple vulnerabilities were found in Microsoft Products Extended Security Update. Malicious users can exploit these vulnerabilities to gain privileges, bypass security restrictions, execute arbitrary code, cause denial of service, obtain sensitive information. Below is a complete list of...

Linux Distros Unpatched Vulnerability : CVE-2025-39714

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: usbtv: Lock resolution while streaming When an program is streaming ffplay and another program qv4l2 changes the TV standard from NTSC to PAL, the kernel...

CVE-2025-38718 sctp: linearize cloned gso packets in sctp_rcv

In the Linux kernel, the following vulnerability has been resolved: sctp: linearize cloned gso packets in sctprcv A cloned head skb still shares these frag skbs in fraglist with the original head skb. It's not safe to access these frag skbs. syzbot reported two use-of-uninitialized-memory bugs...

CVE-2025-38690

The CVE-2025-38690 entry applies to the Linux kernel code path drm/xe/migrate. The vulnerability concerns incorrect handling of alignment for a bounce buffer when buf+offset is not aligned to XE_CACHELINE_BYTES, which could lead to recursive retries and a stack/recursion risk. The root cause desc...

bpf: Fix oob access in cgroup local storage

...

mm/khugepaged: fix ->anon_vma race

...

f2fs: fix KMSAN uninit-value in extent_info usage

...

PT-2025-49071

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.12.0-rc5 Description The Linux kernel contains an uninitialized value issue within the hfsplus ext cache extent function. This issue was identified by syzbot and can lead to a kernel panic. The root cause is an...

Linux Distros Unpatched Vulnerability : CVE-2013-4739

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The MSM camera driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center QuIC Android contributions for MSM devices and other products, allows...

Linux Distros Unpatched Vulnerability : CVE-2025-38579

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: f2fs: fix KMSAN uninit-value in extentinfo usage KMSAN reported a use of uninitialized value...

PT-2025-49070

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.16.0-syzkaller Description The Linux kernel had an uninitialized value issue within the hfs find set zero bits function, specifically related to the HFS filesystem. The issue was identified by syzbot and involv...

Linux Distros Unpatched Vulnerability : CVE-2018-16948

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in OpenAFS before 1.6.23 and 1.8.x before 1.8.2. Several RPC server routines did not fully initialize their output variables before...

PT-2025-37981

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue where the communication buffer allocated by setup mm hdr was not contiguous, despite being expected to be by tee shm register kernel buf. This could le...

kernel: udp: Fix memory accounting leak.

A memory overflow vulnerability exists within the Linux kernel's networking subsystem. Specifically, an application can set the SORCVBUF socket option to its maximum value INTMAX, which triggers an integer overflow within the udprmemrelease function during socket closure. The udpdestructcommon...

kernel: udp: Fix memory accounting leak.

A memory overflow vulnerability exists within the Linux kernel's networking subsystem. Specifically, an application can set the SORCVBUF socket option to its maximum value INTMAX, which triggers an integer overflow within the udprmemrelease function during socket closure. The udpdestructcommon...