kconfig-safety-check

This is a tool for checking the security hardening options of the Linux kernel. It is a Python script that can be used to analyze the configuration of a Linux kernel and identify potential security vulnerabilities. The tool is designed to support various architectures, including X8664, X8632,...

PT-2025-28071 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A reference leak issue has been identified in the Linux kernel, specifically in the HID appletb-kbd module. The problem occurs when the appletb kbd probe function attempts to get the...

OESA-2025-1730 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: crypto: iaa - Fix potential use after free bug The freedevicecompressionmodeiaadevice, devicemode function frees "devicemode" but it iss passed to...

OESA-2025-1729 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved:genirq/irqdesc: Prevent use-after-free in irqfindatorafterirqfindatorafter dereferences the interrupt descriptor which isreturned by mtfind while neither holding...

CVE-2025-38211

In the Linux kernel, the following vulnerability has been resolved: RDMA/iwcm: Fix use-after-free of work objects after cmid destruction The commit 59c68ac31e15 "iwcm: free cmid resources on the last deref" simplified cmid resource management by freeing cmid once all references to the cmid were...

CVE-2025-38187

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix a use-after-free in r535gsprpcpush The RPC container is released after being passed to r535gsprpcsend. When sending the initial fragment of a large RPC and passing the caller's RPC container, the container will b...

UBUNTU-CVE-2025-38210

In the Linux kernel, the following vulnerability has been resolved: configfs-tsm-report: Fix NULL dereference of tsmops Unlike sysfs, the lifetime of configfs objects is controlled by userspace. There is no mechanism for the kernel to find and delete all created config-items. Instead, the...

CVE-2025-38234

CVE-2025-38234 affects the Linux kernel sched/rt code. The issue is a race in push_rt_task that can race with task migration and wakeups, potentially leaving a task in a pushable list even after it has migrated or run, leading to scheduler crashes such as NULL dereferences or BUG_ON failures. A f...

CVE-2025-38233 powerpc64/ftrace: fix clobbered r15 during livepatching

In the Linux kernel, the following vulnerability has been resolved: powerpc64/ftrace: fix clobbered r15 during livepatching While r15 is clobbered always with PPCFTRACEOUTOFLINE, it is not restored in livepatch sequence leading to not so obvious fails like below: BUG: Unable to handle kernel data...

CVE-2025-38231

CVE-2025-38231 affects the Linux kernel nfsd component. The vulnerability arises when laundromat_work starts before nfsd_ssc is initialized, risking a NULL pointer dereference in nfs4_state_start_net() via nfs4_laundromat -> nfsd4_ssc_expire_umount. The documented fix moves nfsd_ssc initializa...

CVE-2025-38228 media: imagination: fix a potential memory leak in e5010_probe()

In the Linux kernel, the following vulnerability has been resolved: media: imagination: fix a potential memory leak in e5010probe Add videodevicerelease to release the memory allocated by videodevicealloc if something goes wrong...

CVE-2025-38228

In the Linux kernel, the following vulnerability has been resolved: media: imagination: fix a potential memory leak in e5010probe Add videodevicerelease to release the memory allocated by videodevicealloc if something goes wrong...

CVE-2025-38216

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Restore context entry setup order for aliased devices Commit 2031c469f816 "iommu/vt-d: Add support for static identity domain" changed the context entry setup during domain attachment from a set-and-check policy to a...

CVE-2025-38215 fbdev: Fix do_register_framebuffer to prevent null-ptr-deref in fb_videomode_to_var

In the Linux kernel, the following vulnerability has been resolved: fbdev: Fix doregisterframebuffer to prevent null-ptr-deref in fbvideomodetovar If fbaddvideomode in doregisterframebuffer fails to allocate memory for fbvideomode, it will later lead to a null-ptr dereference in fbvideomodetovar,...

CVE-2025-38216 iommu/vt-d: Restore context entry setup order for aliased devices

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Restore context entry setup order for aliased devices Commit 2031c469f816 "iommu/vt-d: Add support for static identity domain" changed the context entry setup during domain attachment from a set-and-check policy to a...

CVE-2025-38203 jfs: Fix null-ptr-deref in jfs_ioc_trim

In the Linux kernel, the following vulnerability has been resolved: jfs: Fix null-ptr-deref in jfsioctrim Syzkaller Report Oops: general protection fault, probably for non-canonical address 0xdffffc0000000087: 0000 1 KASAN: null-ptr-deref in range 0x0000000000000438-0x000000000000043f CPU: 2 UID:...

CVE-2025-38201 netfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetpipapo: clamp maximum map bucket size to INTMAX Otherwise, it is possible to hit WARNONONCE in kvmallocnodenoprof when resizing hashtable because GFPNOWARN is unset. Similar to: b541ba7d1f5a "netfilter: conntrack...

CVE-2025-38186

In the Linux kernel, the following vulnerability has been resolved: bnxten: Fix double invocation of bnxtulpstop/bnxtulpstart Before the commit under the Fixes tag below, bnxtulpstop and bnxtulpstart were always invoked in pairs. After that commit, the new bnxtulprestart can be invoked after...

CVE-2025-38180 net: atm: fix /proc/net/atm/lec handling

In the Linux kernel, the following vulnerability has been resolved: net: atm: fix /proc/net/atm/lec handling /proc/net/atm/lec must ensure safety against devlec changes. It appears it had devput calls without prior devhold, leading to imbalance and UAF...

Oracle Linux 10 : kernel (ELSA-2025-9348)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-9348 advisory. 6.12.0-55.19.1.0.10.OL10 - nvme-pci: remove two deallocate zeroes quirks Orabug: 37756650 - Add new Oracle Linux Driver Signing key 1 certificate...