CVE-2023-54011

The CVE-2023-54011 issue in the Linux kernel relates to the SCSI mpi3mr subsystem. Root cause: a KASAN-detected flaw caused incorrect write sizing, using 64-byte writes instead of the correct 32-byte size. Impact was mitigated by a kernel fix applied to the mpi3mr driver, correcting the write siz...

CVE-2025-68365 fs/ntfs3: Initialize allocated memory before use

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Initialize allocated memory before use KMSAN reports: Multiple uninitialized values detected: - KMSAN: uninit-value in ntfsreadhdr 3 - KMSAN: uninit-value in bcmp 3 Memory is allocated by getname, which is a wrapper for...

CVE-2025-68365

CVE-2025-68365 affects the Linux kernel ntfs3 code. The issue is an uninitialized memory use in fs/ntfs3 where memory allocated by __getname() (kmem_cache_alloc()) is used before being cleared. The documented fix is to allocate and clear memory with kmem_cache_zalloc(). The CVSS_base from the pro...

PT-2025-53131

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a memory leak in the kexec functionality related to the ELF header buffer. The issue is identified by the kmemleak detector and occurs during the elf kexec load...

PT-2025-53037

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Linux kernel related to the idmouse driver. Specifically, within the idmouse create image function, a failure in any ftip command can lead to uninitialized data in...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to free memory allocated for calculating replay slots in the ocfs2mountvolume function, which coul...

Linux Distros Unpatched Vulnerability : CVE-2025-68365

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fs/ntfs3: Initialize allocated memory before use KMSAN reports: Multiple uninitialized values detected: - KMSAN: uninit-value in ntfsreadhdr 3 - KMSAN:...

PT-2025-53145

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak was identified within the orangefs module in the Linux kernel, specifically in the orangefs prepare debugfs help string function. This leak occurs during the insertion and...

PT-2025-52901

Name of the Vulnerable Software and Affected Versions Linux Kernel affected versions not specified Description The Linux kernel’s NTFS3 filesystem component contains a flaw where allocated memory is not initialized before use. This issue is identified through Kernel Memory Sanitizer KMSAN reports...

kernel: mm/memory-failure: fix VM_BUG_ON_PAGE(PagePoisoned(page)) when unpoison memory

A use-after-free memory bug exists in the linux kernel, such that unpoisonmemory tries to check the PGHWPoison flags of an uninitialized page. So VMBUGONPAGEPagePoisonedpage is triggered, leading to damage to the system availability and integrity...

SUSE CVE-2025-68219

In the Linux kernel, the following vulnerability has been resolved: cifs: fix memory leak in smb3fscontextparseparam error path Add proper cleanup of ctx-source and fc-source to the cifsparsemounterr error handler. This ensures that memory allocated for the source strings is correctly freed on al...

SUSE CVE-2025-68235

In the Linux kernel, the following vulnerability has been resolved: nouveau/firmware: Add missing kfree of nvkmfalconfw::boot nvkmfalconfw::boot is allocated, but no one frees it. This causes a kmemleak warning. Make sure this data is deallocated...

CVE-2025-68309 PCI/AER: Fix NULL pointer access by aer_info

In the Linux kernel, the following vulnerability has been resolved: PCI/AER: Fix NULL pointer access by aerinfo The kzallocGFPKERNEL may return NULL, so all accesses to aerinfo-xxx will result in kernel panic. Fix it...

CVE-2025-68288

CVE-2025-68288 affects the Linux kernel USB storage path (SCSI generic /dev/sg) where a memory leak occurs in the bulk transport path when a data phase is skipped. The issue arises when the host extracts/validates the Command Status Wrapper (CSW) from the sg buffer but fails to clear it, leaving ...

CVE-2025-68260 rust_binder: fix race condition on death_list

In the Linux kernel, the following vulnerability has been resolved: rustbinder: fix race condition on deathlist Rust Binder contains the following unsafe operation: // SAFETY: A NodeDeath is never inserted into the death list // of any node other than its owner, so it is either in this // death...

CVE-2025-68235 nouveau/firmware: Add missing kfree() of nvkm_falcon_fw::boot

In the Linux kernel, the following vulnerability has been resolved: nouveau/firmware: Add missing kfree of nvkmfalconfw::boot nvkmfalconfw::boot is allocated, but no one frees it. This causes a kmemleak warning. Make sure this data is deallocated...

CVE-2025-68211

CVE-2025-68211 (Linux kernel, KSM) is addressed by a patch that changes scan_get_next_rmap_item from per-address walking to a range walk using walk_page_range, allowing KSMD to skip unmapped holes in large VMAs. The fix targets inefficiency where KSMD would otherwise scan vast address spaces with...

CVE-2025-68211 ksm: use range-walk function to jump over holes in scan_get_next_rmap_item

In the Linux kernel, the following vulnerability has been resolved: ksm: use range-walk function to jump over holes in scangetnextrmapitem Currently, scangetnextrmapitem walks every page address in a VMA to locate mergeable pages. This becomes highly inefficient when scanning large virtual memory...

CVE-2025-40351 hfsplus: fix KMSAN uninit-value issue in hfsplus_delete_cat()

In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix KMSAN uninit-value issue in hfsplusdeletecat The syzbot reported issue in hfsplusdeletecat: 70.682285 T9333 ===================================================== 70.682943 T9333 BUG: KMSAN: uninit-value in...

Linux Distros Unpatched Vulnerability : CVE-2025-68211

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ksm: use range-walk function to jump over holes in scangetnextrmapitem Currently, scangetnextrmapitem walks every page address in a VMA to locate mergeable...