AZL-68870 CVE-2025-40040 affecting package kernel for versions less than 6.6.117.1-1

In the Linux kernel, the following vulnerability has been resolved: mm/ksm: fix flag-dropping behavior in ksmmadvise syzkaller discovered the following crash: kernel BUG 44.607039 ------------ cut here ------------ 44.607422 kernel BUG at mm/userfaultfd.c:2067! 44.608148 Oops: invalid opcode: 000...

UBUNTU-CVE-2025-40032

In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: pci-epf-test: Add NULL check for DMA channels before release The fields dmachantx and dmachanrx of the struct pciepftest can be NULL even after EPF initialization. Then it is prudent to check that they have non-NUL...

UBUNTU-CVE-2025-40041

In the Linux kernel, the following vulnerability has been resolved: LoongArch: BPF: Sign-extend struct ops return values properly The nsbpfqdisc selftest triggers a kernel panic: Oops1: CPU 0 Unable to handle kernel paging request at virtual address 0000000000741d58, era == 90000000851b5ac0, ra =...

UBUNTU-CVE-2025-40060

In the Linux kernel, the following vulnerability has been resolved: coresight: trbe: Return NULL pointer for allocation failures When the TRBE driver fails to allocate a buffer, it currently returns the error code "-ENOMEM". However, the caller etmsetupaux only checks for a NULL pointer, so it...

EUVD-2025-36449

In the Linux kernel, the following vulnerability has been resolved: riscv, bpf: Sign extend struct ops return values properly The nsbpfqdisc selftest triggers a kernel panic: Unable to handle kernel paging request at virtual address ffffffffa38dbf58 Current testprogs pgtable: 4K pagesize, 57-bit...

CVE-2025-40060 coresight: trbe: Return NULL pointer for allocation failures

In the Linux kernel, the following vulnerability has been resolved: coresight: trbe: Return NULL pointer for allocation failures When the TRBE driver fails to allocate a buffer, it currently returns the error code "-ENOMEM". However, the caller etmsetupaux only checks for a NULL pointer, so it...

EUVD-2025-36468

In the Linux kernel, the following vulnerability has been resolved: coresight: trbe: Return NULL pointer for allocation failures When the TRBE driver fails to allocate a buffer, it currently returns the error code "-ENOMEM". However, the caller etmsetupaux only checks for a NULL pointer, so it...

CVE-2025-40060 coresight: trbe: Return NULL pointer for allocation failures

In the Linux kernel, the following vulnerability has been resolved: coresight: trbe: Return NULL pointer for allocation failures When the TRBE driver fails to allocate a buffer, it currently returns the error code "-ENOMEM". However, the caller etmsetupaux only checks for a NULL pointer, so it...

CVE-2025-40041

CVE-2025-40041 describes a LoongArch-specific Linux kernel fix for BPF: sign-extension of struct ops return values (instead of treating the pointer as a 32-bit value). The issue caused a kernel panic during the ns_bpf_qdisc selftest due to sign-extension being incorrect for LoongArch ABI. Public ...

CVE-2025-40041 LoongArch: BPF: Sign-extend struct ops return values properly

In the Linux kernel, the following vulnerability has been resolved: LoongArch: BPF: Sign-extend struct ops return values properly The nsbpfqdisc selftest triggers a kernel panic: Oops1: CPU 0 Unable to handle kernel paging request at virtual address 0000000000741d58, era == 90000000851b5ac0, ra =...

CVE-2025-40032

The CVE-2025-40032 issue affects the Linux kernel PCI subsystem for PCIe endpoint tests (pci_epf_test). The vulnerability arises because the dma_chan_tx and dma_chan_rx fields of struct pci_epf_test can be NULL after EPF initialization. The patch adds NULL checks for these channels in pci_epf_tes...

CVE-2025-40032 PCI: endpoint: pci-epf-test: Add NULL check for DMA channels before release

In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: pci-epf-test: Add NULL check for DMA channels before release The fields dmachantx and dmachanrx of the struct pciepftest can be NULL even after EPF initialization. Then it is prudent to check that they have non-NUL...

Linux Distros Unpatched Vulnerability : CVE-2025-40032

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PCI: endpoint: pci-epf-test: Add NULL check for DMA channels before release The fields dmachantx and dmachanrx of the struct pciepftest can be NULL even after E...

Linux Distros Unpatched Vulnerability : CVE-2025-40040

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm/ksm: fix flag-dropping behavior in ksmmadvise syzkaller discovered the following crash: kernel BUG 44.607039 ------------ cut here ------------ 44.607422...

Linux Distros Unpatched Vulnerability : CVE-2025-40060

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - coresight: trbe: Return NULL pointer for allocation failures When the TRBE driver fails to allocate a buffer, it currently returns the error code -ENOMEM...

Linux Distros Unpatched Vulnerability : CVE-2025-40025

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - f2fs: fix to do sanity check on node footer for non inode dnode As syzbot reported below: ------------ cut here ------------ kernel BUG at fs/f2fs/file.c:1243!...

Linux Distros Unpatched Vulnerability : CVE-2025-39999

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix blkmqtags double free while nrrequests grown In the case user trigger tags grow ...

Linux Distros Unpatched Vulnerability : CVE-2025-40009

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fs/proc/taskmmu: check p-vecbuf for NULL When the PAGEMAPSCAN ioctl is invoked with veclen = 0 reaches pagemapscanbackoutrange, kernel panics with null-ptr-dere...

EUVD-2022-54509

In the Linux kernel, the following vulnerability has been resolved: clocksource: hyper-v: unexport init-annotated hvinitclocksource EXPORTSYMBOL and init is a bad combination because the .init.text section is freed up after the initialization. Hence, modules cannot use symbols annotated init. The...

EUVD-2022-54514

In the Linux kernel, the following vulnerability has been resolved: arm64: ftrace: consistently handle PLTs. Sometimes it is necessary to use a PLT entry to call an ftrace trampoline. This is handled by ftracemakecall and ftracemakenop, with each having almost identical logic, but this is not...