RHSA-2025:4341 Red Hat Security Advisory: kernel security update

Bulletin has no description...

kernel security update

5.14.0-503.40.15.OL9 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...

Security Bulletin: IBM Technical Suppport Appliance - possible security flaws or denial of service

Summary Several fixes to the Linux kernel for reported issues related to various security vulnerabilities such as denial of service, unauthorized access, or leakage of sensitive data. Vulnerability Details CVEID:CVE-2024-53088 DESCRIPTION: In the Linux kernel, the following vulnerability has been...

USN-7468-1 linux-azure-nvidia vulnerabilities

Michael Randrianantenaina discovered that the Bluetooth driver in the Linux Kernel contained an improper access control vulnerability. A nearby attacker could use this to connect a rougue device and possibly execute arbitrary code. CVE-2024-8805 Attila Szász discovered that the HFS+ file system...

Ubuntu 24.04 LTS : Linux kernel (Azure, N-Series) vulnerabilities (USN-7468-1)

"The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7468-1 advisory. Michael Randrianantenaina discovered that the Bluetooth driver in the Linux Kernel contained an improper access control vulnerability. A nearby attacker...

CVE-2025-27087

A vulnerability in the kernel of the Cray Operating System COS could allow an attacker to perform a local Denial of Service DoS attack...

RHEL 9 : kernel (RHSA-2025:3937)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:3937 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: ALSA: usb-audio: Fix out of bounds read...

CVE-2025-39735

In the Linux kernel, the following vulnerability has been resolved: jfs: fix slab-out-of-bounds read in eaget During the "sizecheck" label in eaget, the code checks if the extended attribute list xattr size matches easize. If not, it logs "eaget: invalid extended attribute" and calls printhexdump...

CVE-2025-38104 drm/amdgpu: Replace Mutex with Spinlock for RLCG register access to avoid Priority Inversion in SRIOV

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Replace Mutex with Spinlock for RLCG register access to avoid Priority Inversion in SRIOV RLCG Register Access is a way for virtual functions to safely access GPU registers in a virtualized environment., including TLB...

CVE-2021-47671

In the Linux kernel, the following vulnerability has been resolved: can: etases58x: es58xrxerrmsg: fix memory leak in error path In es58xrxerrmsg, if can-dosetmode fails, the function directly returns without calling netifrxskb. This means that the skb previously allocated by alloccanerrskb is no...

Security update for the Linux Kernel

The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2023-52927: netfilter: allow exp not to be removed in nfctfindexpectation bsc1239644. CVE-2024-26708: mptcp: fix inconsistent state on fastopen race...

PT-2025-28008 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel versions 6.14.0 and later Description: The issue is related to the powerpc64/ftrace component of the Linux kernel, where the register r15 is clobbered during livepatching and not restored, leading to potential kernel crashes. Thi...

CVE-2025-22092

In the Linux kernel, the following vulnerability has been resolved: PCI: Fix NULL dereference in SR-IOV VF creation error path Clean up when virtfn setup fails to prevent NULL pointer dereference during device removal. The kernel oops below occurred due to incorrect error handling flow when...

CVE-2025-22073

In the Linux kernel, the following vulnerability has been resolved: spufs: fix a leak on spufsnewfile failure It's called from spufsfilldir, and caller of that will do spufsrmdir in case of failure. That does remove everything we'd managed to create, but... the problem dentry is still negative...

CVE-2025-22127

CVE-2025-22127 affects the Linux kernel F2FS. The issue could cause a kernel hang when a compressed file system operation triggers IO errors during load of the error table to a dm device, while f2fs_write_data_pages holds the writepages lock. Root cause described: IO error looping in f2fs_prepare...

CVE-2025-22123

CVE-2025-22123 relates to the Linux kernel’s F2FS filesystem. The issue arises when a faulty allocator path introduced by a commit (FAULT_NO_SEGMENT) may set curseg->segno to NULL_SEGNO while CP_ERROR_FLAG is set. This can lead to a page fault path where f2fs_write_inode() traverses a sequence...

CVE-2025-22115 btrfs: fix block group refcount race in btrfs_create_pending_block_groups()

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix block group refcount race in btrfscreatependingblockgroups Block group creation is done in two phases, which results in a slightly unintuitive property: a block group can be allocated/deallocated from after...

CVE-2025-22089 RDMA/core: Don't expose hw_counters outside of init net namespace

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Don't expose hwcounters outside of init net namespace Commit 467f432a521a "RDMA/core: Split port and device counter sysfs attributes" accidentally almost exposed hw counters to non-init net namespaces. It didn't expose...

CVE-2025-22085

CVE-2025-22085 affects the Linux kernel RDMA/core. The description documents a use-after-free (slab) in the netlink/name rename path, caused by a use-after-free in nla_put during device-name rename handling. The issue manifests as a slab-use-after-free Read in nla_put, traced through netlink/nlde...

CVE-2025-22077

CVE-2025-22077 relates to the Linux kernel CIFS/SMB client TCP timer deadlock fix. The description explains that a prior patch intended to fix a null-pointer dereference (related to CVE-2024-54680) was reverted, which in turn revived a real issue with TCP sockets for CIFS connections. The root ca...