6570 matches found
Moderate: kernel-rt security update
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: wifi: iwlwifi: limit printed string from FW file CVE-2025-21905 kernel: sched/fair: Fix potential memory corruption in...
SUSE CVE-2025-38441
In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable: account for Ethernet header in nfflowpppoeproto syzbot found a potential access to uninit-value in nfflowpppoeproto Blamed commit forgot the Ethernet header. BUG: KMSAN: uninit-value in...
CVE-2025-38444 raid10: cleanup memleak at raid10_make_request
In the Linux kernel, the following vulnerability has been resolved: raid10: cleanup memleak at raid10makerequest If raid10readrequest or raid10writerequest registers a new request and the REQNOWAIT flag is set, the code does not free the malloc from the mempool. unreferenced object...
CVE-2025-38428 Input: ims-pcu - check record size in ims_pcu_flash_firmware()
In the Linux kernel, the following vulnerability has been resolved: Input: ims-pcu - check record size in imspcuflashfirmware The "len" variable comes from the firmware and we generally do trust firmware, but it's always better to double check. If the "len" is too large it could result in memory...
CVE-2025-38417
In the Linux kernel, the following vulnerability has been resolved: ice: fix eswitch code memory leak in reset scenario Add simple eswitch mode checker in attaching VF procedure and allocate required port representor memory structures only in switchdev mode. The reset flows triggers VF if present...
UBUNTU-CVE-2025-38381
In the Linux kernel, the following vulnerability has been resolved: Input: cs40l50-vibra - fix potential NULL dereference in cs40l50uploadowt The cs40l50uploadowt function allocates memory via kmalloc without checking for allocation failure, which could lead to a NULL pointer dereference. Return...
CVE-2025-38401 mtk-sd: Prevent memory corruption from DMA map failure
In the Linux kernel, the following vulnerability has been resolved: mtk-sd: Prevent memory corruption from DMA map failure If msdcpreparedata fails to map the DMA region, the request is not prepared for data receiving, but msdcstartdata proceeds the DMA with previous setting. Since this will lead...
CVE-2025-38398
In the Linux kernel, the following vulnerability has been resolved: spi: spi-qpic-snand: reallocate BAM transactions Using the mtdnandbiterrs module for testing the driver occasionally results in weird things like below. 1. swiotlb mapping fails with the following message: 85.926216 qcomsnand...
OESA-2025-1872 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Treat NX as a valid SPTE bit for NPT Treat the NX bit as valid when using NPT, as KVM will set the NX bit when the NX huge page mitigation is enabl...
UBUNTU-CVE-2025-38344
In the Linux kernel, the following vulnerability has been resolved: ACPICA: fix acpi parse and parseext cache leaks ACPICA commit 8829e70e1360c81e7a5a901b5d4f48330e021ea5 I'm Seunghun Han, and I work for National Security Research Institute of South Korea. I have been doing a research on ACPI and...
PT-2025-31090
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.1.147 bookworm, 6.12.41 trixie, and 5.10.244 bullseye. Linux kernel version 6.6.101 Description The Linux kernel contains vulnerabilities that could lead to privilege escalation, denial of service, or informati...
DEBIAN-CVE-2025-38258
In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs-schemes: free old damonsysfsschemefilter-memcgpath on write memcgpathstore assigns a newly allocated memory buffer to filter-memcgpath, without deallocating the previously allocated and assigned memory buffer. As a...
UBUNTU-CVE-2025-38258
In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs-schemes: free old damonsysfsschemefilter-memcgpath on write memcgpathstore assigns a newly allocated memory buffer to filter-memcgpath, without deallocating the previously allocated and assigned memory buffer. As a...
PT-2025-28886
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A memory leak exists in the Linux kernel due to improper memory management within the memcg path store function. Specifically, the function allocates a new memory buffer for filter-mem...
CVE-2025-38178
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
CVE-2025-27021
The misconfiguration in the sudoers configuration of the operating system in Infinera G42 version R6.1.3 allows low privileged OS users to read/write physical memory via devmem command line tool. This could allow sensitive information disclosure, denial of service, and privilege escalation by...
AZL-70645 CVE-2025-38162 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetpipapo: prevent overflow in lookup table allocation When calculating the lookup table size, ensure the following multiplication does not overflow: - desc-fieldlen maximum value is U8MAX multiplied by...
UBUNTU-CVE-2025-38153
In the Linux kernel, the following vulnerability has been resolved: net: usb: aqc111: fix error handling of usbnet read calls Syzkaller, courtesy of syzbot, identified an error see report 1 in aqc111 driver, caused by incomplete sanitation of usb read calls' results. This problem is quite similar...
CVE-2025-27021
The misconfiguration in the sudoers configuration of the operating system in Infinera G42 version R6.1.3 allows low privileged OS users to read/write physical memory via devmem command line tool. This could allow sensitive information disclosure, denial of service, and privilege escalation by...
CVE-2025-27021
The misconfiguration in the sudoers configuration of the operating system in Infinera G42 version R6.1.3 allows low privileged OS users to read/write physical memory via devmem command line tool. This could allow sensitive information disclosure, denial of service, and privilege escalation by...