DEBIAN-CVE-2022-50640

In the Linux kernel, the following vulnerability has been resolved: mmc: core: Fix kernel panic when remove non-standard SDIO card SDIO tuple is only allocated for standard SDIO card, especially it causes memory corruption issues when the non-standard SDIO card has removed, which is because the...

SUSE CVE-2023-53749

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2023-53788 ALSA: hda/ca0132: fixup buffer overrun at tuning_ctl_set()

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda/ca0132: fixup buffer overrun at tuningctlset tuningctlset might have buffer overrun at X if it didn't break from loop by matching A. static int tuningctlset... for i = 0; i TUNINGCTLSCOUNT; i++ A if nid ==...

PT-2025-49728

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s drm/msm subsystem related to snapshot tear down. Specifically, the deinitialization code can be invoked with a NULL kms pointer in scenarios involving...

PT-2025-49671

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The irdma driver within the Linux kernel could use a number of MSIX vectors exceeding the number of online CPUs plus one. This resulted in a kernel warning when attempting to update the...

CVE-2023-53753

CVE-2023-53753 affects the Linux kernel: drm/amd/display mapping fixes a non-allocated address bug that could map an out-of-bounds GPIO register, with patching details shown in OSV entries (Root:Ubuntu-22.04, Debian-11) confirming multi-distro remediation. The OSV pages note that Root:Ubuntu 22.0...

DEBIAN-CVE-2025-40307

In the Linux kernel, the following vulnerability has been resolved: exfat: validate cluster allocation bits of the allocation bitmap syzbot created an exfat image with cluster bits not set for the allocation bitmap. exfat-fs reads and uses the allocation bitmap without checking this. The problem ...

UBUNTU-CVE-2025-40306

In the Linux kernel, the following vulnerability has been resolved: orangefs: fix xattr related buffer overflow... Willy Tarreau forwarded me a message from Disclosure with the following warning: The helper xattrkey uses the pointer variable in the loop condition rather than dereferencing it. As...

CVE-2025-40318 Bluetooth: hci_sync: fix race in hci_cmd_sync_dequeue_once

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisync: fix race in hcicmdsyncdequeueonce hcicmdsyncdequeueonce does lookup and then cancel the entry under two separate lock sections. Meanwhile, hcicmdsyncwork can also delete the same entry, leading to double listd...

Linux Distros Unpatched Vulnerability : CVE-2025-40287

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - exfat: fix improper check of dentry.stream.validsize We found an infinite loop bug in the exFAT file system that can lead to a Denial-of-Service DoS condition...

EUVD-2025-201568

In the Linux kernel, the following vulnerability has been resolved: exfat: fix improper check of dentry.stream.validsize We found an infinite loop bug in the exFAT file system that can lead to a Denial-of-Service DoS condition. When a dentry in an exFAT filesystem is malformed, the following syst...

CVE-2025-40273 NFSD: free copynotify stateid in nfs4_free_ol_stateid()

In the Linux kernel, the following vulnerability has been resolved: NFSD: free copynotify stateid in nfs4freeolstateid Typically copynotify stateid is freed either when parent's stateid is being close/freed or in nfsd4laundromat if the stateid hasn't been used in a lease period. However, in case...

SUSE CVE-2025-40215

In the Linux kernel, the following vulnerability has been resolved: xfrm: delete x-tunnel as we delete x The ipcomp fallback tunnels currently get deleted from the various lists and hashtables as the last user state that needed that fallback is destroyed not deleted. If a reference to that user...

UBUNTU-CVE-2025-40245

In the Linux kernel, the following vulnerability has been resolved: nios2: ensure that memblock.currentlimit is set when setting pfn limits On nios2, with CONFIGFLATMEM set, the kernel relies on memblockgetcurrentlimit to determine the limits of memmap, in particular for maxlowpfn. Unfortunately,...

CVE-2025-40235 btrfs: directly free partially initialized fs_info in btrfs_check_leaked_roots()

In the Linux kernel, the following vulnerability has been resolved: btrfs: directly free partially initialized fsinfo in btrfscheckleakedroots If fsinfo-supercopy or fsinfo-superforcommit allocated failed in btrfsgettreesubvol, then no need to call btrfsfreefsinfo. Otherwise btrfscheckleakedroots...

EUVD-2025-201231

In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: catch commit test ctx alloc failure Patch series "mm/damon/sysfs: fix commit test damonctx deallocation". DAMON sysfs interface dynamically allocates and uses a damonctx object for testing if given inputs for onli...

CVE-2025-40228 mm/damon/sysfs: catch commit test ctx alloc failure

In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: catch commit test ctx alloc failure Patch series "mm/damon/sysfs: fix commit test damonctx deallocation". DAMON sysfs interface dynamically allocates and uses a damonctx object for testing if given inputs for onli...

USN-7910-1 linux-azure-fips vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

SUSE SLES15 Security Update : kernel (Live Patch 15 for SUSE Linux Enterprise 15 SP6) (SUSE-SU-2025:4275-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2025:4275-1 advisory. This update for the SUSE Linux Enterprise kernel 6.4.0-150600.23.70 fixes one security issue The following security issue was fixed: - CVE-2025-38616:...

SUSE SLES15 Security Update : kernel (Live Patch 23 for SUSE Linux Enterprise 15 SP5) (SUSE-SU-2025:4255-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4255-1 advisory. This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.94 fixes various security issues The following security issues were fixed: -...