SUSE CVE-2023-53388

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Clean dangling pointer on bind error path mtkdrmbind can fail, in which case drmdevput is called, destroying the drmdevice object. However a pointer to it was still being held in the private object, and that pointer...

CVE-2025-39844

CVE-2025-39844 relates to a Linux kernel memory-management bug where page-table synchronization was not consistently performed when vmemmap spans multiple PGD entries. The issue caused intermittent boot failures and a kernel panic (notably on 4-level paging with large persistent memory) due to a ...

Linux Distros Unpatched Vulnerability : CVE-2022-50390

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/ttm: fix undefined behavior in bit shift for TTMTTFLAGPRIVPOPULATED Shifting signed 32-bit value by 31 bits is undefined, so changing significant bit to...

SUSE CVE-2022-50274

In the Linux kernel, the following vulnerability has been resolved: media: dvbdev: adopts refcnt to avoid UAF dvbunregisterdevice is known that prone to use-after-free. That is, the cleanup from dvbunregisterdevice releases the dvbdevice even if there are pointers stored in file-privatedata still...

CVE-2023-53428

In the Linux kernel, the following vulnerability has been resolved: powercap: armscmi: Remove recursion while parsing zones Powercap zones can be defined as arranged in a hierarchy of trees and when registering a zone with powercapregisterzone, the kernel powercap subsystem expects this to happen...

UBUNTU-CVE-2022-50401

In the Linux kernel, the following vulnerability has been resolved: nfsd: under NFSv4.1, fix double svcxprtput on rpccreate failure On error situation clp-clcbconn.cbxprt should not be given a reference to the xprt otherwise both client cleanup and the error handling path of the caller call to pu...

CVE-2023-53431 scsi: ses: Handle enclosure with just a primary component gracefully

In the Linux kernel, the following vulnerability has been resolved: scsi: ses: Handle enclosure with just a primary component gracefully This reverts commit 3fe97ff3d949 "scsi: ses: Don't attach if enclosure has no components" and introduces proper handling of case where there are no detected...

DEBIAN-CVE-2023-53369

In the Linux kernel, the following vulnerability has been resolved: net: dcb: choose correct policy to parse DCBATTRBCN The dcbnlbcnsetcfg uses erroneous policy to parse tbDCBATTRBCN, which is introduced in commit 859ee3c43812 "DCB: Add support for DCB BCN". Please see the comment in below code...

UBUNTU-CVE-2022-50389

In the Linux kernel, the following vulnerability has been resolved: tpm: tpmcrb: Add the missed acpiputtable to fix memory leak In crbacpiadd, we get the TPM2 table to retrieve information like start method, and then assign them to the priv data, so the TPM2 table is not used after the init, shou...

CVE-2023-53410 USB: ULPI: fix memory leak with using debugfs_lookup()

In the Linux kernel, the following vulnerability has been resolved: USB: ULPI: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremove instead whi...

CVE-2023-53372 sctp: fix a potential overflow in sctp_ifwdtsn_skip

In the Linux kernel, the following vulnerability has been resolved: sctp: fix a potential overflow in sctpifwdtsnskip Currently, when traversing ifwdtsn skips with sctpwalkifwdtsn, it only checks the pos against the end of the chunk. However, the data left for the last pos may be sizeofstruct...

CVE-2023-53372 sctp: fix a potential overflow in sctp_ifwdtsn_skip

In the Linux kernel, the following vulnerability has been resolved: sctp: fix a potential overflow in sctpifwdtsnskip Currently, when traversing ifwdtsn skips with sctpwalkifwdtsn, it only checks the pos against the end of the chunk. However, the data left for the last pos may be sizeofstruct...

SUSE CVE-2022-50243

In the Linux kernel, the following vulnerability has been resolved: sctp: handle the error returned from sctpauthasocinitactivekey When it returns an error from sctpauthasocinitactivekey, the activekey is actually not updated. The old shkey will be freeed while it's still used as active key in...

SUSE CVE-2023-53358

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix racy issue under cocurrent smb2 tree disconnect There is UAF issue under cocurrent smb2 tree disconnect. This patch introduce TREECONNEXPIRE flags for tcon to avoid cocurrent access...

CVE-2023-53361 LoongArch: mm: Add p?d_leaf() definitions

In the Linux kernel, the following vulnerability has been resolved: LoongArch: mm: Add p?dleaf definitions When I do LTP test, LTP test case ksm06 caused panic at breakksmpmdentry - pmdleaf Huge page table but False - ptepresent panic The reason is pmdleaf is not defined, So like commit...

CVE-2023-53347

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Handle pairing of E-switch via uplink un/load APIs In case user switch a device from switchdev mode to legacy mode, mlx5 first unpair the E-switch and afterwards unload the uplink vport. From the other hand, in case use...

CVE-2023-53335

CVE-2023-53335 is a Linux kernel vulnerability in the RDMA/cxgb4 path. The issue is a potential NULL pointer dereference in pass_establish() when get_ep_from_tid() fails to yield a non-NULL ep, leading to dereference of ep. A patch introduced a sanity check to prevent this NULL dereference. The d...

CVE-2022-50371 led: qcom-lpg: Fix sleeping in atomic

In the Linux kernel, the following vulnerability has been resolved: led: qcom-lpg: Fix sleeping in atomic lpgbrighnessset function can sleep, while led's brightnessset callback must be non-blocking. Change LPG driver to use brightnesssetblocking instead. BUG: sleeping function called from invalid...

RHSA-2025:16008 Red Hat Security Advisory: kpatch-patch-4_18_0-477_107_1, kpatch-patch-4_18_0-477_67_1, kpatch-patch-4_18_0-477_81_1, kpatch-patch-4_18_0-477_89_1, and kpatch-patch-4_18_0-477_97_1 security update

Bulletin has no description...

Important: Red Hat Security Advisory: kpatch-patch-4_18_0-372_118_1, kpatch-patch-4_18_0-372_131_1, kpatch-patch-4_18_0-372_137_1, kpatch-patch-4_18_0-372_145_1, and kpatch-patch-4_18_0-372_158_1 security update

An update for multiple packages is now available for Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...