CVE-2023-53082 vp_vdpa: fix the crash in hot unplug with vp_vdpa

In the Linux kernel, the following vulnerability has been resolved: vpvdpa: fix the crash in hot unplug with vpvdpa While unplugging the vpvdpa device, it triggers a kernel panic The root cause is: vdpamgmtdevunregister will accesses modern devices which will cause a use after free. So need to...

CVE-2023-53082

CVE-2023-53082 affects the Linux kernel’s VP_VDPA/VDPA path. The root cause is a use-after-free when unplugging a vp_vdpa device, caused by vdpa_mgmtdev_unregister() accessing modern devices during removal, leading to a crash observed as a kernel panic. The patches fix the crash by changing the s...

CVE-2023-53082 vp_vdpa: fix the crash in hot unplug with vp_vdpa

In the Linux kernel, the following vulnerability has been resolved: vpvdpa: fix the crash in hot unplug with vpvdpa While unplugging the vpvdpa device, it triggers a kernel panic The root cause is: vdpamgmtdevunregister will accesses modern devices which will cause a use after free. So need to...

CVE-2023-53047

CVE-2023-53047 describes a race condition in the Linux kernel module amdtee_open_session that could lead to use-after-free if a concurrent amdtee_close_session releases sess while a session is being populated. The advisories indicate the fix is to set sess->sess_mask as the last step in amdtee...

CVE-2023-53047 tee: amdtee: fix race condition in amdtee_open_session

In the Linux kernel, the following vulnerability has been resolved: tee: amdtee: fix race condition in amdteeopensession There is a potential race condition in amdteeopensession that may lead to use-after-free. For instance, in amdteeopensession after sess-sessmask is set, and before setting:...

CVE-2023-53047 tee: amdtee: fix race condition in amdtee_open_session

In the Linux kernel, the following vulnerability has been resolved: tee: amdtee: fix race condition in amdteeopensession There is a potential race condition in amdteeopensession that may lead to use-after-free. For instance, in amdteeopensession after sess-sessmask is set, and before setting:...

CVE-2023-53046 Bluetooth: Fix race condition in hci_cmd_sync_clear

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix race condition in hcicmdsyncclear There is a potential race condition in hcicmdsyncwork and hcicmdsyncclear, and could lead to use-after-free. For instance, hcicmdsyncwork is added to the 'reqworkqueue' after...

CVE-2023-53046 Bluetooth: Fix race condition in hci_cmd_sync_clear

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix race condition in hcicmdsyncclear There is a potential race condition in hcicmdsyncwork and hcicmdsyncclear, and could lead to use-after-free. For instance, hcicmdsyncwork is added to the 'reqworkqueue' after...

SUSE CVE-2025-23147

In the Linux kernel, the following vulnerability has been resolved: i3c: Add NULL pointer check in i3cmasterqueueibi The I3C master driver may receive an IBI from a target device that has not been probed yet. In such cases, the master calls i3cmasterqueueibi to queue an IBI work task, leading to...

SUSE CVE-2025-37759

In the Linux kernel, the following vulnerability has been resolved: ublk: fix handling recovery & reissue in ublkabortqueue Commit 8284066946e6 "ublk: grab request reference when the request is handled by userspace" doesn't grab request reference in case of recovery reissue. Then the request can ...

SUSE CVE-2025-37773

In the Linux kernel, the following vulnerability has been resolved: virtiofs: add filesystem context source name check In certain scenarios, for example, during fuzz testing, the source name may be NULL, which could lead to a kernel panic. Therefore, an extra check for the source name should be...

PT-2025-18846 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.14.0-252.el9.x86 64 Description: A vulnerability in the Linux kernel has been resolved, which was causing a kernel panic when unplugging the vp vdpa device. The root cause of the issue is a use-after-free erro...

DEBIAN-CVE-2022-49904

In the Linux kernel, the following vulnerability has been resolved: net, neigh: Fix null-ptr-deref in neightableclear When IPv6 module gets initialized but hits an error in the middle, kenel panic with: KASAN: null-ptr-deref in range 0x0000000000000598-0x000000000000059f CPU: 1 PID: 361 Comm:...

CVE-2022-49904

In the Linux kernel, the following vulnerability has been resolved: net, neigh: Fix null-ptr-deref in neightableclear When IPv6 module gets initialized but hits an error in the middle, kenel panic with: KASAN: null-ptr-deref in range 0x0000000000000598-0x000000000000059f CPU: 1 PID: 361 Comm:...

DEBIAN-CVE-2022-49851

In the Linux kernel, the following vulnerability has been resolved: riscv: fix reserved memory setup Currently, RISC-V sets up reserved memory using the "early" copy of the device tree. As a result, when trying to get a reserved memory region using ofreservedmemlookup, the pointer to reserved...

CVE-2022-49851

In the Linux kernel, the following vulnerability has been resolved: riscv: fix reserved memory setup Currently, RISC-V sets up reserved memory using the "early" copy of the device tree. As a result, when trying to get a reserved memory region using ofreservedmemlookup, the pointer to reserved...

UBUNTU-CVE-2022-49851

In the Linux kernel, the following vulnerability has been resolved: riscv: fix reserved memory setup Currently, RISC-V sets up reserved memory using the "early" copy of the device tree. As a result, when trying to get a reserved memory region using ofreservedmemlookup, the pointer to reserved...

UBUNTU-CVE-2022-49886

In the Linux kernel, the following vulnerability has been resolved: x86/tdx: Panic on bad configs that VE on "private" memory access All normal kernel memory is "TDX private memory". This includes everything from kernel stacks to kernel text. Handling exceptions on arbitrary accesses to kernel...

CVE-2025-37791

In the Linux kernel, the following vulnerability has been resolved: ethtool: cmiscdb: use correct rpl size in ethtoolcmismodulepoll rpl is passed as a pointer to ethtoolcmismodulepoll, so the correct size of rpl is sizeofrpl which should be just 1 byte. Using the pointer size instead can cause...

DEBIAN-CVE-2025-37791

In the Linux kernel, the following vulnerability has been resolved: ethtool: cmiscdb: use correct rpl size in ethtoolcmismodulepoll rpl is passed as a pointer to ethtoolcmismodulepoll, so the correct size of rpl is sizeofrpl which should be just 1 byte. Using the pointer size instead can cause...