95 matches found
CVE-2025-37897
In the Linux kernel, the following vulnerability has been resolved: wifi: plfxlc: Remove erroneous assert in plfxlcmacrelease plfxlcmacrelease asserts that mac-lock is held. This assertion is incorrect, because even if it was possible, it would not be the valid behaviour. The function is used whe...
CVE-2025-37841 pm: cpupower: bench: Prevent NULL dereference on malloc failure
In the Linux kernel, the following vulnerability has been resolved: pm: cpupower: bench: Prevent NULL dereference on malloc failure If malloc returns NULL due to low memory, 'config' pointer can be NULL. Add a check to prevent NULL dereference...
Azure Linux 3.0 Security Update: kernel (CVE-2024-57911)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-57911 advisory. - In the Linux kernel, the following vulnerability has been resolved: iio: dummy: iiosimplydummybuffer: fix...
Azure Linux 3.0 Security Update: kernel (CVE-2024-57951)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-57951 advisory. - In the Linux kernel, the following vulnerability has been resolved: hrtimers: Handle CPU state correctly on...
CVE-2023-53134
In the Linux kernel, the following vulnerability has been resolved: bnxten: Avoid order-5 memory allocation for TPA data The driver needs to keep track of all the possible concurrent TPA GRO/LRO completions on the aggregation ring. On P5 chips, the maximum number of concurrent TPA is 256 and the...
CVE-2023-53109
In the Linux kernel, the following vulnerability has been resolved: net: tunnels: annotate lockless accesses to dev-neededheadroom IP tunnels can apparently update dev-neededheadroom in their xmit path. This patch takes care of three tunnels xmit, and also the core LLRESERVEDSPACE and...
CVE-2022-49827
In the Linux kernel, the following vulnerability has been resolved: drm: Fix potential null-ptr-deref in drmvblankdestroyworker drmvblankinit call drmmaddactionorreset with drmvblankinitrelease as action. If drmmaddaction failed, will directly call drmvblankinitrelease with the vblank whose worke...
CVE-2025-37778
CVE-2025-37778 affects the Linux kernel’s ksmbd/kerberos path. The issue is a dangling pointer in krb_authenticate: it frees sess->user and may not null it; ksmbd_krb5_authenticate reinitialises sess->user, but may return without doing so, causing smb2_sess_setup to access freed memory. The...
CVE-2025-21853 affecting package kernel for versions less than 6.6.82.1-1
CVE-2025-21853 affecting package kernel for versions less than 6.6.82.1-1. An upgraded version of the package is available that resolves this issue...
CVE-2023-52983
In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix uaf for bfqq in bicsetbfqq After commit 64dc8c732f5c "block, bfq: fix possible uaf for 'bfqq-bic'", bic-bfqq will be accessed in bicsetbfqq, however, in some context bic-bfqq will be freed, and bicsetbfqq is calle...
CVE-2023-52998
In the Linux kernel, the following vulnerability has been resolved: net: fec: Use pagepoolputfullpage when freeing rx buffers The pagepoolreleasepage was used when freeing rx buffers, and this function just unmaps the page if mapped and does not recycle the page. So after hundreds of down/up the...
Azure Linux 3.0 Security Update: kernel (CVE-2024-55916)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-55916 advisory. - In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: util: Avoid accessing a...
Azure Linux 3.0 Security Update: kernel (CVE-2024-56595)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-56595 advisory. - In the Linux kernel, the following vulnerability has been resolved: jfs: add a check to prevent array-...
Azure Linux 3.0 Security Update: kernel (CVE-2024-56648)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-56648 advisory. - In the Linux kernel, the following vulnerability has been resolved: net: hsr: avoid potential out-of-bound...
Azure Linux 3.0 Security Update: kernel (CVE-2024-53096)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-53096 advisory. - In the Linux kernel, the following vulnerability has been resolved: mm: resolve faulty mmapregion error path...
Linux kernel panfrost module memory misreference vulnerability
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel suffers from a memory misreference vulnerability that originates from the panfrost module's job structure referencing panfrostpriv to obtain the MMU environment,...
CVE-2025-21787 team: better TEAM_OPTION_TYPE_STRING validation
In the Linux kernel, the following vulnerability has been resolved: team: better TEAMOPTIONTYPESTRING validation syzbot reported following splat 1 Make sure user-provided data contains one nul byte. 1 BUG: KMSAN: uninit-value in stringnocheck lib/vsprintf.c:633 inline BUG: KMSAN: uninit-value in...
CVE-2022-49703 scsi: ibmvfc: Store vhost pointer during subcrq allocation
In the Linux kernel, the following vulnerability has been resolved: scsi: ibmvfc: Store vhost pointer during subcrq allocation Currently the back pointer from a queue to the vhost adapter isn't set until after subcrq interrupt registration. The value is available when a queue is first allocated a...
CVE-2022-49628
Linux kernel CVE-2022-49628 concerns the net: stmmac driver leaking resources during probe. Connected documents confirm the vulnerability and provide a fix: two error paths in probe are corrected to clean up before returning, addressing leaks in the probe sequence. The affected component is the L...
CVE-2022-49069 drm/amd/display: Fix by adding FPU protection for dcn30_internal_validate_bw
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix by adding FPU protection for dcn30internalvalidatebw Why Below general protection fault observed when WebGL Aquarium is run for longer duration. If drm debug logs are enabled and set to 0x1f then the issue is...