CVE-2023-54031 vdpa: Add queue index attr to vdpa_nl_policy for nlattr length check

In the Linux kernel, the following vulnerability has been resolved: vdpa: Add queue index attr to vdpanlpolicy for nlattr length check The vdpanlpolicy structure is used to validate the nlattr when parsing the incoming nlmsg. It will ensure the attribute being described produces a valid nlattr...

EUVD-2025-22655

Malicious code in bioql PyPI...

CVE-2025-38115 affecting package kernel for versions less than 6.6.96.1-1

CVE-2025-38115 affecting package kernel for versions less than 6.6.96.1-1. A patched version of the package is available...

CVE-2025-38220 affecting package kernel for versions less than 6.6.96.1-1

CVE-2025-38220 affecting package kernel for versions less than 6.6.96.1-1. A patched version of the package is available...

CVE-2025-38278 octeontx2-pf: QOS: Refactor TC_HTB_LEAF_DEL_LAST callback

In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: QOS: Refactor TCHTBLEAFDELLAST callback This patch addresses below issues, 1. Active traffic on the leaf node must be stopped before its send queue is reassigned to the parent. This patch resolves the issue by marki...

CVE-2025-38206 exfat: fix double free in delayed_free

In the Linux kernel, the following vulnerability has been resolved: exfat: fix double free in delayedfree The double free could happen in the following path. exfatcreateupcasetable exfatcreateupcasetable : return error exfatfreeupcasetable : free -volutbl exfatloaddefaultupcasetable : return erro...

CVE-2022-50185

In CVE-2022-50185, the Linux kernel drm/radeon path ni_set_mc_special_registers() is vulnerable to a potential buffer overflow. The last case label could write mc_reg_address[j] and mc_data[j] when j equals SMC_NISLANDS_MC_REGISTER_ARRAY_SIZE due to missing bounds checks after the last j++. The f...

CVE-2022-50020

CVE-2022-50020 affects the Linux kernel ext4 filesystem: the patch prevents online resizing to an unaligned/partial cluster boundary. The issue could cause the last resize iteration to grow the filesystem by a negative amount, tripping a BUG_ON and leaving the in-memory superblock corrupted. Conn...

CVE-2025-38054

In the Linux kernel, the following vulnerability has been resolved: ptp: ocp: Limit signal/freq counts in summary output functions The debugfs summary output could access uninitialized elements in the freqin and signalout arrays, causing NULL pointer dereferences and triggering a kernel Oops...

CVE-2025-38054

The CVE-2025-38054 issue affects the Linux kernel PTP clock framework (ocp) in debugfs summary output. It could dereference NULL or access out-of-bounds elements in freq_in[] and signal_out[] due to uninitialized elements. The fix adds per-array counters (nr_freq_in, nr_signal_out) with a maximum...

CVE-2024-46813 affecting package kernel for versions less than 6.6.90.1-1

CVE-2024-46813 affecting package kernel for versions less than 6.6.90.1-1. A patched version of the package is available...

CVE-2025-21981 affecting package kernel for versions less than 6.6.85.1-2

CVE-2025-21981 affecting package kernel for versions less than 6.6.85.1-2. An upgraded version of the package is available that resolves this issue...

CVE-2024-57981 affecting package kernel for versions less than 5.15.179.1-1

CVE-2024-57981 affecting package kernel for versions less than 5.15.179.1-1. A patched version of the package is available...

CVE-2024-36899 affecting package kernel for versions less than 5.15.179.1-1

CVE-2024-36899 affecting package kernel for versions less than 5.15.179.1-1. A patched version of the package is available...

CVE-2023-53086

The CVE-2023-53086 entry concerns the Linux kernel wifi driver mt76 in Connac where WED status was checked for non-MMIO devices. The fixed patch removes the WED check for non-MMIO (e.g., USB/SDIO), addressing a crash observed during wireless authentication/association flow. Public descriptions co...

CVE-2025-37775 ksmbd: fix the warning from __kernel_write_iter

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix the warning from kernelwriteiter 2110.972290 ------------ cut here ------------ 2110.972301 WARNING: CPU: 3 PID: 735 at fs/readwrite.c:599 kernelwriteiter+0x21b/0x280 This patch doesn't allow writing to directory...

CVE-2025-22038

In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate zero numsubauth before subauth is accessed Access psid-subauthpsid-numsubauth - 1 without checking if numsubauth is non-zero leads to an out-of-bounds read. This patch adds a validation step to ensure numsubauth !...

CVE-2023-52920 affecting package kernel for versions less than 6.6.64.2-9

CVE-2023-52920 affecting package kernel for versions less than 6.6.64.2-9. A patched version of the package is available...

CVE-2024-56599 affecting package kernel for versions less than 6.6.76.1-1

CVE-2024-56599 affecting package kernel for versions less than 6.6.76.1-1. A patched version of the package is available...

CVE-2024-49897 affecting package kernel for versions less than 6.6.64.2-9

CVE-2024-49897 affecting package kernel for versions less than 6.6.64.2-9. A patched version of the package is available...