UBUNTU-CVE-2023-53234

In the Linux kernel, the following vulnerability has been resolved: watchdog: Fix kmemleak in watchdogcdevregister kmemleak reports memory leaks in watchdogdevregister, as follows: unreferenced object 0xffff888116233000 size 2048: comm ""modprobe"", pid 28147, jiffies 4353426116 age 61.741s hex...

CVE-2022-50323

CVE-2022-50323 (Linux kernel) : The vulnerability stems from skb_append_pagefrags() sensing pfmemalloc status for pages owned by user space, triggering a data race reported by KCSAN in the swap/LRU paths. The fix/mitigation is to stop sensing pfmemalloc status for these pages and to use skb_fill_...

CVE-2022-50271

CVE-2022-50271 affects the Linux kernel’s vhost/vsock code. The issue arises when copying large files over SFTP over vsock, where data sizes commonly reach 32 kB and kmalloc may allocate many 32 kB chunks, leading to a page allocation failure (example: vhost-5837). The root cause is an inefficien...

DEBIAN-CVE-2023-53184

In the Linux kernel, the following vulnerability has been resolved: arm64/sme: Set new vector length before reallocating As part of fixing the allocation of the buffer for SVE state when changing SME vector length we introduced an immediate reallocation of the SVE state, this is also done when...

DEBIAN-CVE-2023-53165

In the Linux kernel, the following vulnerability has been resolved: udf: Fix uninitialized array access for some pathnames For filenames that begin with . and are between 2 and 5 characters long, UDF charset conversion code would read uninitialized memory in the output buffer. The only practical...

CVE-2022-50249 memory: of: Fix refcount leak bug in of_get_ddr_timings()

In the Linux kernel, the following vulnerability has been resolved: memory: of: Fix refcount leak bug in ofgetddrtimings We should add the ofnodeput when breaking out of foreachchildofnode as it will automatically increase and decrease the refcount...

PT-2025-37612

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A use-after-free UAF issue was identified in the ip6mr sk done function within the Linux kernel. This occurs when addrconf init net fails, leading to the release of a pointer devconf...

mm/kmemleak: avoid soft lockup in __kmemleak_do_cleanup()

...

DEBIAN-CVE-2025-39737

In the Linux kernel, the following vulnerability has been resolved: mm/kmemleak: avoid soft lockup in kmemleakdocleanup A soft lockup warning was observed on a relative small system x86-64 system with 16 GB of memory when running a debug kernel with kmemleak enabled. watchdog: BUG: soft lockup -...

UBUNTU-CVE-2025-39737

In the Linux kernel, the following vulnerability has been resolved: mm/kmemleak: avoid soft lockup in kmemleakdocleanup A soft lockup warning was observed on a relative small system x86-64 system with 16 GB of memory when running a debug kernel with kmemleak enabled. watchdog: BUG: soft lockup -...

UBUNTU-CVE-2025-39754

In the Linux kernel, the following vulnerability has been resolved: mm/smaps: fix race between smapshugetlbrange and migration smapshugetlbrange handles the pte without holdling ptl, and may be concurrenct with migration, leaing to BUGON in pfnswapentrytopage. The race is as follows...

CVE-2025-39736

CVE-2025-39736 : In the Linux kernel, a deadlock can occur in kmemleak when netpoll is enabled because pr_warn_once() may be called while holding kmemleak_lock, potentially triggering netpoll and reacquiring the lock. The fix moves the pr_warn_once() call out of the locked region by setting a fla...

PT-2025-42777

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.17.0-rc3 Description A flaw exists in the Linux kernel related to out-of-bounds access to shadow memory within the Kernel Memory Sanitizer KMSAN. Specifically, when running sha224 kunit on a KMSAN-enabled kerne...

KLA87445 Multiple vulnerabilities in Microsoft Products (ESU)

Multiple vulnerabilities were found in Microsoft Products Extended Security Update. Malicious users can exploit these vulnerabilities to gain privileges, bypass security restrictions, execute arbitrary code, cause denial of service, obtain sensitive information. Below is a complete list of...

Linux Distros Unpatched Vulnerability : CVE-2025-39714

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: usbtv: Lock resolution while streaming When an program is streaming ffplay and another program qv4l2 changes the TV standard from NTSC to PAL, the kernel...

CVE-2025-38690

The CVE-2025-38690 entry applies to the Linux kernel code path drm/xe/migrate. The vulnerability concerns incorrect handling of alignment for a bounce buffer when buf+offset is not aligned to XE_CACHELINE_BYTES, which could lead to recursive retries and a stack/recursion risk. The root cause desc...

bpf: Fix oob access in cgroup local storage

...

mm/khugepaged: fix ->anon_vma race

...

f2fs: fix KMSAN uninit-value in extent_info usage

...

PT-2025-49071

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.12.0-rc5 Description The Linux kernel contains an uninitialized value issue within the hfsplus ext cache extent function. This issue was identified by syzbot and can lead to a kernel panic. The root cause is an...