SUSE CVE-2025-22038

In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate zero numsubauth before subauth is accessed Access psid-subauthpsid-numsubauth - 1 without checking if numsubauth is non-zero leads to an out-of-bounds read. This patch adds a validation step to ensure numsubauth !...

DEBIAN-CVE-2020-36789

In the Linux kernel, the following vulnerability has been resolved: can: dev: cangetechoskb: prevent call to kfreeskb in hard IRQ context If a driver calls cangetechoskb during a hardware IRQ which is often, but not always, the case, the 'WARNONinirq' in net/core/skbuff.cskbreleaseheadstate might...

UBUNTU-CVE-2020-36789

In the Linux kernel, the following vulnerability has been resolved: can: dev: cangetechoskb: prevent call to kfreeskb in hard IRQ context If a driver calls cangetechoskb during a hardware IRQ which is often, but not always, the case, the 'WARNONinirq' in net/core/skbuff.cskbreleaseheadstate might...

AZL-69616 CVE-2025-22124 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: md/md-bitmap: fix wrong bitmaplimit for clustermd when write sb In clustermd, separate write-intent-bitmaps are used for each cluster node: 0 4k 8k 12k ------------------------------------------------------------------- | idle | ...

DEBIAN-CVE-2025-22063

In the Linux kernel, the following vulnerability has been resolved: netlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets When calling netlblconnsetattr, addr-safamily is used to determine the function behavior. If sk is an IPv4 socket, but the connect function is called with an...

AZL-61448 CVE-2025-22033 affecting package kernel for versions less than 6.6.92.2-1

In the Linux kernel, the following vulnerability has been resolved: arm64: Don't call NULL in docompatalignmentfixup doalignmentt32tohandler only fixes up alignment faults for specific instructions; it returns NULL otherwise e.g. LDREX. When that's the case, signal to the caller that it needs to...

CVE-2025-22106 vmxnet3: unregister xdp rxq info in the reset path

In the Linux kernel, the following vulnerability has been resolved: vmxnet3: unregister xdp rxq info in the reset path vmxnet3 does not unregister xdp rxq info in the vmxnet3resetwork code path as vmxnet3rqdestroy is not invoked in this code path. So, we get below message with a backtrace. Missin...

CVE-2025-22085 RDMA/core: Fix use-after-free when rename device name

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fix use-after-free when rename device name Syzbot reported a slab-use-after-free with the following call trace: ================================================================== BUG: KASAN: slab-use-after-free in...

CVE-2025-22040

CVE-2025-22040 affects the Linux kernel ksmbd multichannel path. A race between session setup and ksmbd_sessions_deregister can free a session before its connection is added to the session’s channel list. The fix adds a reference-count check before freeing the session. Documented impact is high (...

CVE-2025-22038 ksmbd: validate zero num_subauth before sub_auth is accessed

In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate zero numsubauth before subauth is accessed Access psid-subauthpsid-numsubauth - 1 without checking if numsubauth is non-zero leads to an out-of-bounds read. This patch adds a validation step to ensure numsubauth !...

DEBIAN-CVE-2024-58092

In the Linux kernel, the following vulnerability has been resolved: nfsd: fix legacy client tracking initialization Get rid of the nfsd4legacytrackingops-init call in checkforlegacymethods. That will be handled in the caller nfsd4clienttrackinginit. Otherwise, we'll wind up calling...

DEBIAN-CVE-2025-22023

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Don't skip on Stopped - Length Invalid Up until commit d56b0b2ab142 "usb: xhci: ensure skipped isoc TDs are returned when isoc ring is stopped" in v6.11, the driver didn't skip missed isochronous TDs when handling...

Important: kernel-livepatch-4.14.355-275.582

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: hvsock: Initializing vsk-trans to NULL to prevent a dangling pointer CVE-2024-53103 In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free when attempting to join an aborted...

SUSE-SU-2025:1262-1 Security update for the Linux Kernel (Live Patch 45 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059164 fixes several issues. The following security issues were fixed: - CVE-2022-49014: net: tun: Fix use-after-free in tundetach bsc1232818. - CVE-2022-49563: crypto: qat - add param check for RSA bsc1238788. - CVE-2022-49564: crypto: qat - add param...

Security update for the Linux Kernel (Live Patch 48 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059174 fixes several issues. The following security issues were fixed: CVE-2022-49014: net: tun: Fix use-after-free in tundetach bsc1232818. CVE-2022-49563: crypto: qat - add param check for RSA bsc1238788. CVE-2022-49564: crypto: qat - add param check...

Security update for the Linux Kernel (Live Patch 49 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059179 fixes several issues. The following security issues were fixed: CVE-2022-49014: net: tun: Fix use-after-free in tundetach bsc1232818. CVE-2022-49563: crypto: qat - add param check for RSA bsc1238788. CVE-2022-49564: crypto: qat - add param check...

Security update for the Linux Kernel (Live Patch 60 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122228 fixes one issue. The following security issue was fixed: CVE-2022-48791: Fix use-after-free for aborted TMF sastask bsc1228002 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...

UBUNTU-CVE-2025-21898

In the Linux kernel, the following vulnerability has been resolved: ftrace: Avoid potential division by zero in functionstatshow Check whether denominator expression x x - 1 1000 mod 2^32, 2^64 produce zero and skip stddev computation in that case. For now don't care about rec-counter rec-counter...

CVE-2025-21982 pinctrl: nuvoton: npcm8xx: Add NULL check in npcm8xx_gpio_fw

In the Linux kernel, the following vulnerability has been resolved: pinctrl: nuvoton: npcm8xx: Add NULL check in npcm8xxgpiofw devmkasprintf calls can return null pointers on failure. But the return values were not checked in npcm8xxgpiofw. Add NULL check in npcm8xxgpiofw, to handle kernel NULL...

CVE-2025-21952 HID: corsair-void: Update power supply values with a unified work handler

In the Linux kernel, the following vulnerability has been resolved: HID: corsair-void: Update power supply values with a unified work handler corsairvoidprocessreceiver can be called from an interrupt context, locking batterymutex in it was causing a kernel panic. Fix it by moving the critical...