4828 matches found
CVE-2025-37773 virtiofs: add filesystem context source name check
In the Linux kernel, the following vulnerability has been resolved: virtiofs: add filesystem context source name check In certain scenarios, for example, during fuzz testing, the source name may be NULL, which could lead to a kernel panic. Therefore, an extra check for the source name should be...
CVE-2025-37759 ublk: fix handling recovery & reissue in ublk_abort_queue()
In the Linux kernel, the following vulnerability has been resolved: ublk: fix handling recovery & reissue in ublkabortqueue Commit 8284066946e6 "ublk: grab request reference when the request is handled by userspace" doesn't grab request reference in case of recovery reissue. Then the request can ...
CVE-2025-37759
The CVE-2025-37759 issue affects the Linux kernel’s ublk driver. The root cause is that the change in the ublk_abort_queue path did not grab a request reference during recovery reissues, allowing a zc (zero-copy) request to be requeued and re-dispatched and potentially freed before io_uring could...
CVE-2025-37759 ublk: fix handling recovery & reissue in ublk_abort_queue()
In the Linux kernel, the following vulnerability has been resolved: ublk: fix handling recovery & reissue in ublkabortqueue Commit 8284066946e6 "ublk: grab request reference when the request is handled by userspace" doesn't grab request reference in case of recovery reissue. Then the request can ...
CVE-2025-23147
CVE-2025-23147 : Linux kernel i3c master/IBI handling vulnerability where an IBI can arrive before the target driver is probed, causing a NULL dereference in dev->ibi and a kernel panic. Affected component is the I3C master queue path (i3c_master_queue_ibi()); root cause is uninitialized dev-&...
CVE-2025-23147 i3c: Add NULL pointer check in i3c_master_queue_ibi()
In the Linux kernel, the following vulnerability has been resolved: i3c: Add NULL pointer check in i3cmasterqueueibi The I3C master driver may receive an IBI from a target device that has not been probed yet. In such cases, the master calls i3cmasterqueueibi to queue an IBI work task, leading to...
CVE-2025-23147 i3c: Add NULL pointer check in i3c_master_queue_ibi()
In the Linux kernel, the following vulnerability has been resolved: i3c: Add NULL pointer check in i3cmasterqueueibi The I3C master driver may receive an IBI from a target device that has not been probed yet. In such cases, the master calls i3cmasterqueueibi to queue an IBI work task, leading to...
CVE-2025-23145 mptcp: fix NULL pointer in can_accept_new_subflow
In the Linux kernel, the following vulnerability has been resolved: mptcp: fix NULL pointer in canacceptnewsubflow When testing valkey benchmark tool with MPTCP, the kernel panics in 'mptcpcanacceptnewsubflow' because subflowreq-msk is NULL. Call trace: mptcpcanacceptnewsubflow...
CVE-2025-23145 mptcp: fix NULL pointer in can_accept_new_subflow
In the Linux kernel, the following vulnerability has been resolved: mptcp: fix NULL pointer in canacceptnewsubflow When testing valkey benchmark tool with MPTCP, the kernel panics in 'mptcpcanacceptnewsubflow' because subflowreq-msk is NULL. Call trace: mptcpcanacceptnewsubflow...
PT-2025-18621 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A null pointer dereference issue has been identified in the Linux kernel, specifically in the neigh table clear function. This issue occurs when the IPv6 module is initialized but...
PT-2025-18568 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.0.0-rc1-00001-g0d9d6953d834 Description: A vulnerability in the Linux kernel has been resolved, specifically in the RISC-V architecture. The issue arises from the setup of reserved memory using the "early" cop...
PT-2025-18519 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A null pointer dereference issue has been identified in the Linux kernel, specifically in the ftrace module. The @ftrace mod is allocated by kzalloc, resulting in both members prev,nex...
PT-2025-18615 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, specifically in the btrfs file system. The issue is related to the mishandling of the tree mod log for reallocated nodes, which c...
PT-2025-18471 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.11.0 Description: A vulnerability in the Linux kernel has been resolved, related to the ethtool cmis cdb module. The issue arises from using the incorrect size of the rpl pointer in the ethtool cmis module pol...
SUSE CVE-2025-22095
In the Linux kernel, the following vulnerability has been resolved: PCI: brcmstb: Fix error path after a call to regulatorbulkget If the regulatorbulkget returns an error and no regulators are created, we need to set their number to zero. If we don't do this and the PCIe link up fails, a call to...
CVE-2025-39989
In the Linux kernel, the following vulnerability has been resolved: x86/mce: use iscopyfromuser to determine copy-from-user context Patch series "mm/hwpoison: Fix regressions in memory failure handling", v4. 1. What am I trying to do: This patchset resolves two critical regressions related to...
CVE-2025-39989 x86/mce: use is_copy_from_user() to determine copy-from-user context
In the Linux kernel, the following vulnerability has been resolved: x86/mce: use iscopyfromuser to determine copy-from-user context Patch series "mm/hwpoison: Fix regressions in memory failure handling", v4. 1. What am I trying to do: This patchset resolves two critical regressions related to...
CVE-2025-39989 x86/mce: use is_copy_from_user() to determine copy-from-user context
In the Linux kernel, the following vulnerability has been resolved: x86/mce: use iscopyfromuser to determine copy-from-user context Patch series "mm/hwpoison: Fix regressions in memory failure handling", v4. 1. What am I trying to do: This patchset resolves two critical regressions related to...
CVE-2025-22123
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid accessing uninitialized curseg syzbot reports a f2fs bug as below: F2FS-fs loop3: Stopped filesystem due to reason: 7 kworker/u8:7: attempt to access beyond end of device BUG: unable to handle page fault for...
CVE-2025-22102
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btnxpuart: Fix kernel panic during FW release This fixes a kernel panic seen during release FW in a stress test scenario where WLAN and BT FW download occurs simultaneously, and due to a HW bug, chip sends out only 1...