UBUNTU-CVE-2025-38577

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid panic in f2fsevictinode As syzbot 1 reported as below: R10: 0000000000000100 R11: 0000000000000206 R12: 00007ffe17473450 R13: 00007f28b1c10854 R14: 000000000000dae5 R15: 00007ffe17474520 --- end trace...

CVE-2025-38579 f2fs: fix KMSAN uninit-value in extent_info usage

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix KMSAN uninit-value in extentinfo usage KMSAN reported a use of uninitialized value in isextentmergeable and isbackmergeable via the read extent tree path. The root cause is that getreadextentinfo only initializes three...

CVE-2025-38579

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix KMSAN uninit-value in extentinfo usage KMSAN reported a use of uninitialized value in isextentmergeable and isbackmergeable via the read extent tree path. The root cause is that getreadextentinfo only initializes three...

CVE-2025-38579 f2fs: fix KMSAN uninit-value in extent_info usage

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix KMSAN uninit-value in extentinfo usage KMSAN reported a use of uninitialized value in isextentmergeable and isbackmergeable via the read extent tree path. The root cause is that getreadextentinfo only initializes three...

CVE-2025-38574 pptp: ensure minimal skb length in pptp_xmit()

In the Linux kernel, the following vulnerability has been resolved: pptp: ensure minimal skb length in pptpxmit Commit aabc6596ffb3 "net: ppp: Add bound checking for skb data on pppsynctxmung" fixed pppsynctxmunge We need a similar fix in pptpxmit, otherwise we might read uninit data as reported ...

CVE-2025-38565 perf/core: Exit early on perf_mmap() fail

In the Linux kernel, the following vulnerability has been resolved: perf/core: Exit early on perfmmap fail When perfmmap fails to allocate a buffer, it still invokes the eventmapped callback of the related event. On X86 this might increase the perfrdpmcallowed reference counter. But nothing undoe...

CVE-2025-38555

The CVE CVE-2025-38555 is a use-after-free in Linux kernel USB gadget driver during composite_dev_cleanup, arising when configfs_composite_bind() frees cdev->os_desc_req on kmalloc failure but doesn’t NULL it, leading to a subsequent use of non-NULL pointer. The issue affects the usb gadget’s ...

Linux Distros Unpatched Vulnerability : CVE-2016-5243

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The tipcnlcompatlinkdump function in net/tipc/netlinkcompat.c in the Linux kernel through 4.6.3 does not properly copy a certain string, which allows local user...

Linux Distros Unpatched Vulnerability : CVE-2016-4565

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The InfiniBand aka IB stack in the Linux kernel before 4.5.3 incorrectly relies on the write system call, which allows local users to cause a denial of service...

CVE-2025-38546

In the Linux kernel, the following vulnerability has been resolved: atm: clip: Fix memory leak of struct clipvcc. ioctlATMARPMKIP allocates struct clipvcc and set it to vcc-userback. The code assumes that vccdestroysocket passes NULL skb to vcc-push when the socket is closed, and then clippush...

CVE-2025-38523

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix the smbdresponse slab to allow usercopy The handling of received data in the smbdirect client code involves using copytoiter to copy data from the smbdreponse struct's packet trailer to a folioq buffer provided by...

CVE-2025-38523

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix the smbdresponse slab to allow usercopy The handling of received data in the smbdirect client code involves using copytoiter to copy data from the smbdreponse struct's packet trailer to a folioq buffer provided by...

CVE-2025-38523

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix the smbdresponse slab to allow usercopy The handling of received data in the smbdirect client code involves using copytoiter to copy data from the smbdreponse struct's packet trailer to a folioq buffer provided by...

CVE-2025-38523

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix the smbdresponse slab to allow usercopy The handling of received data in the smbdirect client code involves using copytoiter to copy data from the smbdreponse struct's packet trailer to a folioq buffer provided by...

CVE-2025-38523 cifs: Fix the smbd_response slab to allow usercopy

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix the smbdresponse slab to allow usercopy The handling of received data in the smbdirect client code involves using copytoiter to copy data from the smbdreponse struct's packet trailer to a folioq buffer provided by...

Linux Distros Unpatched Vulnerability : CVE-2018-14625

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the Linux Kernel where an attacker may be able to have an uncontrolled read to kernel- memory from within a vm guest. A race condition betwe...

Linux Distros Unpatched Vulnerability : CVE-2021-33655

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When sending malicous data to kernel by ioctl cmd FBIOPUTVSCREENINFO,kernel will write memory out of bounds. CVE-2021-33655 Note that Nessus relies on the...

kernel: misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram()

In the Linux kernel, the following vulnerability has been resolved: misc/vmwvmci: fix an infoleak in vmcihostdoreceivedatagram struct vmcieventqp allocated by qpnotifypeer contains padding, which may carry uninitialized data to the userspace, as observed by KMSAN: BUG: KMSAN: kernel-infoleak in...

Heracles: Chosen Plaintext Attack on AMD SEV-SNP

A whitepaper discussing an attack on AMD SEV-SNP called Heracles that was able to leak kernel memory, crypto keys, and user passwords, as well as demonstrate web session hijacking...

Linux Distros Unpatched Vulnerability : CVE-2024-39301

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/9p: fix uninit-value in p9clientrpc Syzbot with the help of KMSAN reported the following error: BUG: KMSAN: uninit-value in trace9pclientres...