4826 matches found
CVE-2025-38445
CVE-2025-38445 covers a Linux kernel issue in md/raid1 where raid1_reshape allocated a mempool on the stack and assigned it to conf->r1bio_pool, causing conf->r1bio_pool.wait.head to reference a stack address. Subsequent access in raid1_read_request/raid1_write_request paths could trigger a...
CVE-2025-38445 md/raid1: Fix stack memory use after return in raid1_reshape
In the Linux kernel, the following vulnerability has been resolved: md/raid1: Fix stack memory use after return in raid1reshape In the raid1reshape function, newpool is allocated on the stack and assigned to conf-r1biopool. This results in conf-r1biopool.wait.head pointing to a stack address...
CVE-2025-38445
In the Linux kernel, the following vulnerability has been resolved: md/raid1: Fix stack memory use after return in raid1reshape In the raid1reshape function, newpool is allocated on the stack and assigned to conf-r1biopool. This results in conf-r1biopool.wait.head pointing to a stack address...
CVE-2025-38442 block: reject bs > ps block devices when THP is disabled
In the Linux kernel, the following vulnerability has been resolved: block: reject bs ps block devices when THP is disabled If THP is disabled and when a block device with logical block size page size is present, the following null ptr deref panic happens during boot: 13.2 mK AOSAN: null-ptr-deref...
CVE-2025-38433
In the Linux kernel, the following vulnerability has been resolved: riscv: fix runtime constant support for nommu kernels the runtimefixup32 function does not handle the case where val is zero correctly as might occur when patching a nommu kernel and referring to a physical address below the 4GiB...
UBUNTU-CVE-2025-38433
In the Linux kernel, the following vulnerability has been resolved: riscv: fix runtime constant support for nommu kernels the runtimefixup32 function does not handle the case where val is zero correctly as might occur when patching a nommu kernel and referring to a physical address below the 4GiB...
CVE-2025-38433
CVE-2025-38433 concerns a Linux kernel issue on riscv nommu kernels where the function __runtime_fixup_32 fails to handle a zero-valued upper 32 bits during patching, potentially producing garbage in the pointer’s upper half and causing a kernel panic when accessed. The fixed logic adjusts the co...
CVE-2025-38433 riscv: fix runtime constant support for nommu kernels
In the Linux kernel, the following vulnerability has been resolved: riscv: fix runtime constant support for nommu kernels the runtimefixup32 function does not handle the case where val is zero correctly as might occur when patching a nommu kernel and referring to a physical address below the 4GiB...
CVE-2025-38433
In the Linux kernel, the following vulnerability has been resolved: riscv: fix runtime constant support for nommu kernels the runtimefixup32 function does not handle the case where val is zero correctly as might occur when patching a nommu kernel and referring to a physical address below the 4GiB...
CVE-2025-38433 riscv: fix runtime constant support for nommu kernels
In the Linux kernel, the following vulnerability has been resolved: riscv: fix runtime constant support for nommu kernels the runtimefixup32 function does not handle the case where val is zero correctly as might occur when patching a nommu kernel and referring to a physical address below the 4GiB...
CVE-2025-38433
In the Linux kernel, the following vulnerability has been resolved: riscv: fix runtime constant support for nommu kernels the runtimefixup32 function does not handle the case where val is zero correctly as might occur when patching a nommu kernel and referring to a physical address below the 4GiB...
DEBIAN-CVE-2025-38369
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Check availability of workqueue allocated by idxd wq driver before using Running IDXD workloads in a container with the /dev directory mounted can trigger a call trace or even a kernel panic when the parent proce...
CVE-2025-38369
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Check availability of workqueue allocated by idxd wq driver before using Running IDXD workloads in a container with the /dev directory mounted can trigger a call trace or even a kernel panic when the parent proce...
CVE-2025-38369
CVE-2025-38369 affects the Linux kernel DMA engine idxd path. Under certain container configurations running IDXD workloads with /dev mounted can trigger a call trace or kernel panic when the parent process of the container is terminated. Root cause described: Docker’s mount replication propagati...
CVE-2025-38369
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Check availability of workqueue allocated by idxd wq driver before using Running IDXD workloads in a container with the /dev directory mounted can trigger a call trace or even a kernel panic when the parent proce...
CVE-2025-38369 dmaengine: idxd: Check availability of workqueue allocated by idxd wq driver before using
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Check availability of workqueue allocated by idxd wq driver before using Running IDXD workloads in a container with the /dev directory mounted can trigger a call trace or even a kernel panic when the parent proce...
PT-2025-30840 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The runtime fixup 32 function does not correctly handle cases where val is zero, potentially leading to an invalid pointer and a kernel panic when accessing it. This occurs because the...
PT-2025-31085
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to the bpf arch text poke function within the s390/bpf subsystem. A previous fix, introduced by commit c730fce7c70c, was inadvertently removed b...
PT-2025-31089
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.15.3-200.fc42 Description A flaw exists in the Linux kernel’s timerlat dump stack function within the tracing/osnoise subsystem. The issue stems from an incorrect order of operations when constructing the ftrac...
PT-2025-31086
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw was identified in the Linux kernel's networking subsystem, specifically within the libwx component. The issue involves a redundant call to page pool put full page, which should on...