kernel: dlm: fix plock invalid read

In the Linux kernel, the following vulnerability has been resolved: dlm: fix plock invalid read This patch fixes an invalid read showed by KASAN. A unlock will allocate a "struct plockop" and a followed sendop will append it to a global sendlist data structure. In some cases a followed devread...

CVE-2025-38088 powerpc/powernv/memtrace: Fix out of bounds issue in memtrace mmap

In the Linux kernel, the following vulnerability has been resolved: powerpc/powernv/memtrace: Fix out of bounds issue in memtrace mmap memtrace mmap issue has an out of bounds issue. This patch fixes the by checking that the requested mapping region size should stay within the allocated region si...

SUSE SLES12 Security Update : kernel (Live Patch 56 for SLE 12 SP5) (SUSE-SU-2025:02095-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02095-1 advisory. This update for the Linux Kernel 4.12.14-122216 fixes several issues. The following security issues were fixed: - CVE-2024-56601: net: inet: d...

SUSE CVE-2022-50065

In the Linux kernel, the following vulnerability has been resolved: virtionet: fix memory leak inside XPDTX with mergeable When we call xdpconvertbufftoframe to get xdpf, if it returns NULL, we should check if xdppage was allocated by xdplinearizepage. If it is newly allocated, it should be freed...

CVE-2022-50020

In the Linux kernel, the following vulnerability has been resolved: ext4: avoid resizing to a partial cluster size This patch avoids an attempt to resize the filesystem to an unaligned cluster boundary. An online resize to a size that is not integral to cluster size results in the last iteration...

DEBIAN-CVE-2022-49992

In the Linux kernel, the following vulnerability has been resolved: mm/mprotect: only reference swap pfn page if type match Yu Zhao reported a bug after the commit "mm/swap: Add swpoffsetpfn to fetch PFN from swap entry" added a check in swpoffsetpfn for swap type 1: kernel BUG at...

CVE-2022-50052 ASoC: Intel: avs: Fix potential buffer overflow by snprintf()

In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Fix potential buffer overflow by snprintf snprintf returns the would-be-filled size when the string overflows the given buffer size, hence using this value may result in a buffer overflow although it's...

CVE-2022-50020 ext4: avoid resizing to a partial cluster size

In the Linux kernel, the following vulnerability has been resolved: ext4: avoid resizing to a partial cluster size This patch avoids an attempt to resize the filesystem to an unaligned cluster boundary. An online resize to a size that is not integral to cluster size results in the last iteration...

DEBIAN-CVE-2025-38010

In the Linux kernel, the following vulnerability has been resolved: phy: tegra: xusb: Use a bitmask for UTMI pad power state tracking The current implementation uses biaspadenable as a reference count to manage the shared bias pad for all UTMI PHYs. However, during system suspension with connecte...

CLSA-2025-1750168919 kernel: Fix of 6 CVEs

pfifotailenqueue: Drop new packet when sch-limit == 0 CVE-2025-21702 - xfs: add bounds checking to xlogrecoverprocessdata CVE-2024-41014 - netfilter: validate user input for expected length CVE-2024-35896 - nfs: fix UAF in direct writes CVE-2024-26958 - Squashfs: check the inode number is not the...

kernel: wifi: cfg80211: cancel wiphy_work before freeing wiphy

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: cancel wiphywork before freeing wiphy A wiphywork can be queued from the moment the wiphy is allocated and initialized i.e. wiphynewnm. When a wiphywork is queued, the rdev::wiphywork is getting queued. If wiphyfr...

RHEL 9 : kpatch-patch-5_14_0-570_17_1 (RHSA-2025:9068)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:9068 advisory. This is a kernel live patch module which can be loaded by the kpatch command line utility to modify the code of a running kernel. This patch module i...

Security update for the Linux Kernel (Live Patch 8 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506002338 fixes several issues. The following security issues were fixed: CVE-2025-21680: pktgen: Avoid out-of-bounds access in getimixentries bsc1236701. CVE-2024-58013: Bluetooth: MGMT: Fix slab-use-after-free Read in mgmtremoveadvmonitorsync bsc1239096...

Important: kernel-livepatch-4.14.355-276.618

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: nilfs2: protect access to buffers with no active references CVE-2025-21811 Affected Packages: kernel-livepatch-4.14.355-276.618 Issue Correction: Please ensure you have live patching enabled. Run yum update...

Security Bulletin: The following vulnerabilities that can affect IBM Storage Scale System are now included (CVE-2023-52486 CVE-2023-52881)

Summary The following vulnerabilities that can affect IBM Storage Scale System and could provide weaker than expected security are now fixed CVE-2023-52486 CVE-2023-52881. Vulnerability Details CVEID:CVE-2023-52881 DESCRIPTION: In the Linux kernel, the following vulnerability has been resolved:...

CVE-2025-38000 sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue()

In the Linux kernel, the following vulnerability has been resolved: schhfsc: Fix qlen accounting bug when using peek in hfscenqueue When enqueuing the first packet to an HFSC class, hfscenqueue calls the child qdisc's peek operation before incrementing sch-q.qlen and sch-qstats.backlog. If the...

CVE-2025-37998 openvswitch: Fix unsafe attribute parsing in output_userspace()

In the Linux kernel, the following vulnerability has been resolved: openvswitch: Fix unsafe attribute parsing in outputuserspace This patch replaces the manual Netlink attribute iteration in outputuserspace with nlaforeachnested, which ensures that only well-formed attributes are processed...

kernel: cifs: Fix integer overflow while processing acregmax mount option

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix integer overflow while processing acregmax mount option User-provided mount parameter acregmax of type u32 is intended to have an upper limit, but before it is validated, the value is converted from seconds to jiffies...

UBUNTU-CVE-2025-37965

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix invalid context error in dml helper Why "BUG: sleeping function called from invalid context" error. after: "drm/amd/display: Protect FPU in dml2validate/dml21validate" The populatedmlplanecfgfromplanestate us...

DEBIAN-CVE-2025-37915

In the Linux kernel, the following vulnerability has been resolved: netsched: drr: Fix double list add in class with netem as child qdisc As described in Gerrard's report 1, there are use cases where a netem child qdisc will make the parent qdisc's enqueue callback reentrant. In the case of drr,...