CVE-2025-38472 netfilter: nf_conntrack: fix crash due to removal of uninitialised entry

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntrack: fix crash due to removal of uninitialised entry A crash in conntrack was reported while trying to unlink the conntrack entry from the hash bucket list: exception RIP: nfctdeletefromlists+172 .. 7...

CVE-2025-38471 tls: always refresh the queue when reading sock

In the Linux kernel, the following vulnerability has been resolved: tls: always refresh the queue when reading sock After recent changes in net-next TCP compacts skbs much more aggressively. This unearthed a bug in TLS where we may try to operate on an old skb when checking if all skbs in the que...

RHSA-2025:11810 Red Hat Security Advisory: kernel security update

Bulletin has no description...

Moderate: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

kernel: wifi: iwlwifi: limit printed string from FW file

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: limit printed string from FW file There's no guarantee here that the file is always with a NUL-termination, so reading the string may read beyond the end of the TLV. If that's the last TLV in the file, it can perha...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

kernel security update

4.18.0-553.64.110.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...

ALSA-2025:11850 Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: wifi: iwlwifi: limit printed string from FW file CVE-2025-21905 kernel: sched/fair: Fix potential memory corruption in childcfsrqonlist CVE-2025-21919 kernel: ftrace: Fix NULL pointer...

RHEL 8 : kernel (RHSA-2025:11850)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:11850 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: wifi: iwlwifi: limit printed...

ALSA-2025:11851 Moderate: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: wifi: iwlwifi: limit printed string from FW file CVE-2025-21905 kernel: sched/fair: Fix potential memory corruption in...

ALSA-2025:11855 Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: RDMA/mlx5: Fix pagesize variable overflow CVE-2025-22091 kernel: ext4: fix out-of-bound read in ext4xattrinodedecrefall CVE-2025-22121 kernel: netsched: hfsc: Fix a UAF vulnerability in...

ALSA-2025:11861 Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: media: uvcvideo: Fix double free in error path CVE-2024-57980 kernel: wifi: iwlwifi: limit printed string from FW file CVE-2025-21905 kernel: RDMA/mlx5: Fix pagesize variable overflow...

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: media: uvcvideo: Fix double free in error path CVE-2024-57980 kernel: wifi: iwlwifi: limit printed string from FW file CVE-2025-21905 kernel: RDMA/mlx5: Fix pagesize variable overflow...

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: wifi: iwlwifi: limit printed string from FW file CVE-2025-21905 kernel: sched/fair: Fix potential memory corruption in childcfsrqonlist CVE-2025-21919 kernel: ftrace: Fix NULL pointer...

CVE-2025-38465 netlink: Fix wraparounds of sk->sk_rmem_alloc.

In the Linux kernel, the following vulnerability has been resolved: netlink: Fix wraparounds of sk-skrmemalloc. Netlink has this pattern in some places if atomicread&sk-skrmemalloc sk-skrcvbuf atomicaddskb-truesize, &sk-skrmemalloc; , which has the same problem fixed by commit 5a465a0da13e "udp:...

CVE-2025-38461

In the Linux kernel, the following vulnerability has been resolved: vsock: Fix transport TOCTOU Transport assignment may race with module unload. Protect newtransport from becoming a stale pointer. This also takes care of an insecure call in vsockuselocaltransport; add a lockdep assert. BUG: unab...

CVE-2025-38460

In the Linux kernel, the following vulnerability has been resolved: atm: clip: Fix potential null-ptr-deref in toatmarpd. atmarpd is protected by RTNL since commit f3a0592b37b8 "ATM: clip causes unregister hang". However, it is not enough because toatmarpd is called without RTNL, especially...

CVE-2025-38454 ALSA: ad1816a: Fix potential NULL pointer deref in snd_card_ad1816a_pnp()

In the Linux kernel, the following vulnerability has been resolved: ALSA: ad1816a: Fix potential NULL pointer deref in sndcardad1816apnp Use prwarn instead of devwarn when 'pdev' is NULL to avoid a potential NULL pointer dereference...

CVE-2025-38452 net: ethernet: rtsn: Fix a null pointer dereference in rtsn_probe()

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: rtsn: Fix a null pointer dereference in rtsnprobe Add check for the return value of rcargen4ptpalloc to prevent potential null pointer dereference...

CVE-2025-38437

CVE-2025-38437 : In the Linux kernel, a use-after-free in ksmbd during oplock/lease break ack was fixed. If ksmbd_iov_pin_rsp returns an error, use-after-free can occur by accessing opinfo->state and opinfo_put, and ksmbd_fd_put could be called twice. The vulnerability affects the ksmbd compon...