kernel: ipv6: ensure sane device mtu in tunnels

A flaw was found in the Linux kernel’s IPv6 networking code affecting the handling of IPv6 GRE tunnels. Under certain conditions, an IPv6 tunnel configuration could result in an invalid MTU Maximum Transmission Unit value being written to a network device without sanitization. Because the MTU val...

kernel: gfs2: NULL pointer dereference in gfs2_evict_inode()

A NULL pointer dereference flaw was found in the gfs2 file system in the Linux kernel. This issue occurs on corrupt gfs2 file systems when the evict code tries to reference the journal descriptor structure after it has been freed and set to NULL. This flaw allows a privileged local user to cause ...

PT-2025-38440

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel where the blkg iostat set structure is not properly re-initialized after being cleared in the blkcg reset stats function. This occurs when blkg alloc is...

kernel: bpf: Skip task with pid=1 in send_signal_common()

In the Linux kernel, the following vulnerability has been resolved: bpf: Skip task with pid=1 in sendsignalcommon The following kernel panic can be triggered when a task with pid=1 attaches a prog that attempts to send killing signal to itself, also see 1 for more details: Kernel panic - not...

kernel: HID: intel-ish-hid: Fix kernel panic during warm reset

In the Linux kernel, the following vulnerability has been resolved: HID: intel-ish-hid: Fix kernel panic during warm reset During warm reset device-fwclient is set to NULL. If a bus driver is registered after this NULL setting and before new firmware clients are enumerated by ISHTP, kernel panic...

kernel: locking/csd_lock: Change csdlock_debug from early_param to __setup

A null pointer dereference exists in the linux kernel such that with CONFIGSPARSEMEMVMEMMAP=n, nrtosection is called in statickeyenable and returns NULL, resulting in a kernal panic...

kernel: scsi: storvsc: Fix handling of virtual Fibre Channel timeouts

In the Linux kernel, the following vulnerability has been resolved: scsi: storvsc: Fix handling of virtual Fibre Channel timeouts Hyper-V provides the ability to connect Fibre Channel LUNs to the host system and present them in a guest VM as a SCSI device. I/O to the vFC device is handled by the...

kernel: octeontx2-af: Add validation for lmac type

A flaw was found in the octeontx2-af network driver within the Linux kernel where insufficient validation of the lmactypeid field from firmware during a physical link change can result in a kernel panic. Firmware may report an invalid lmactypeid, and because the kernel previously derived an...

kernel: gfs2: NULL pointer dereference in gfs2_evict_inode()

A NULL pointer dereference flaw was found in the gfs2 file system in the Linux kernel. This issue occurs on corrupt gfs2 file systems when the evict code tries to reference the journal descriptor structure after it has been freed and set to NULL. This flaw allows a privileged local user to cause ...

kernel: ptdma: pt_core_execute_cmd() should use spinlock

In the Linux kernel, the following vulnerability has been resolved: ptdma: ptcoreexecutecmd should use spinlock The interrupt handler ptcoreirqhandler of the ptdma driver can be called from interrupt context. The code flow in this function can lead down to ptcoreexecutecmd which will attempt to...

kernel: dmaengine: qcom-adm: fix wrong sizeof config in slave_config

A logic error was found in the Linux kernel Qualcomm ADM DMA engine driver's slave configuration handling. A local user with privileges to configure DMA operations can trigger DMA slave setup on Qualcomm ADM hardware, causing the driver to use an incorrect size comparison pointer size instead of...

kernel: Linux kernel KVM: Denial of Service due to incorrect kvm_arm_init failure handling in finalize_pkvm

A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM for arm64 architectures. This vulnerability arises from a lack of synchronization between the finalizepkvm and kvmarminit initialization calls. A local attacker with low privileges could exploit this by triggering a scenario...

PT-2025-13359 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the ptdma driver in the Linux kernel. Specifically, the interrupt handler pt core irq handler can lead to a call to pt core execute cmd, which attempts to grab ...

PT-2025-40772

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to SCSI device handling. A reversion was implemented to address a kernel panic that could occur due to an incorrect increment of the iorequest c...

Ubuntu 23.10 : Linux kernel (StarFive) vulnerabilities (USN-6454-4)

The remote Ubuntu 23.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6454-4 advisory. Kyle Zeng discovered that the netfilter subsystem in the Linux kernel contained a race condition in IP set operations in certain situations. A local attacker...

Ubuntu 23.10 : Linux kernel (ARM laptop) vulnerabilities (USN-6454-3)

The remote Ubuntu 23.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6454-3 advisory. Kyle Zeng discovered that the netfilter subsystem in the Linux kernel contained a race condition in IP set operations in certain situations. A local attacker...

Ubuntu 22.04 LTS : Linux kernel (NVIDIA) vulnerabilities (USN-6466-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6466-1 advisory. Hyunwoo Kim discovered that the DVB Core driver in the Linux kernel contained a race condition during device removal, leading to a use-after- free...

PT-2024-14727

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.1.0-rc2-00001-g328a1f96f7b9 34 Description The issue is related to the Linux kernel's VMAP STACK overflow detection. When an overflow is detected, the CPU switches to a shadow stack temporarily before switching...

Ubuntu 23.10 : Linux kernel vulnerabilities (USN-6454-1)

The remote Ubuntu 23.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6454-1 advisory. Kyle Zeng discovered that the netfilter subsystem in the Linux kernel contained a race condition in IP set operations in certain situations. A local attacker...

Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2023-385)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-385 advisory. In the Linux kernel, the following vulnerability has been resolved: ceph: drop messages from MDS when unmounting CVE-2022-48628 A use-after-free vulnerability in the Linux kernel's netfilter:...