SUSE-SU-2025:20493-1 Security update for the Linux Kernel

The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-57982: xfrm: state: fix out-of-bounds read during lookup bsc1237913. - CVE-2024-58053: rxrpc: Fix handling of received connection abort bsc123898...

Kernel Live Patch Security Notice LSN-0113-1

Several security issues were fixed in the kernel relating to out of bounds access and use-after-free vulnerabilities...

AlmaLinux 9 : kernel (ALSA-2025:10379)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:10379 advisory. kernel: ipv6: mcast: extend RCU protection in igmp6send CVE-2025-21759 kernel: ovl: fix UAF in ovldentryupdatereval by moving dput in ovllinkup...

CVE-2024-50056 affecting package kernel for versions less than 6.6.92.2-1

CVE-2024-50056 affecting package kernel for versions less than 6.6.92.2-1. An upgraded version of the package is available that resolves this issue...

CVE-2025-37741 affecting package kernel for versions less than 6.6.92.2-1

CVE-2025-37741 affecting package kernel for versions less than 6.6.92.2-1. An upgraded version of the package is available that resolves this issue...

CVE-2025-38337

In the Linux kernel, the following vulnerability has been resolved: jbd2: fix data-race and null-ptr-deref in jbd2journaldirtymetadata Since handle-htransaction may be a NULL pointer, so we should change it to call ishandleabortedhandle first before dereferencing it. And the following data-race w...

CVE-2025-38347 f2fs: fix to do sanity check on ino and xnid

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on ino and xnid syzbot reported a f2fs bug as below: INFO: task syz-executor140:5308 blocked for more than 143 seconds. Not tainted 6.14.0-rc7-syzkaller-00069-g81e4f8d68c66 0 "echo 0...

CVE-2025-38329 firmware: cs_dsp: Fix OOB memory read access in KUnit test (wmfw info)

In the Linux kernel, the following vulnerability has been resolved: firmware: csdsp: Fix OOB memory read access in KUnit test wmfw info KASAN reported out of bounds access - csdspmockwmfwaddinfo, because the source string length was rounded up to the allocation size...

UBUNTU-CVE-2025-38282

In the Linux kernel, the following vulnerability has been resolved: kernfs: Relax constraint in draining guard The active reference lifecycle provides the break/unbreak mechanism but the active reference is not truly active after unbreak -- callers don't use it afterwards but it's important for...

CVE-2025-38325 ksmbd: add free_transport ops in ksmbd connection

In the Linux kernel, the following vulnerability has been resolved: ksmbd: add freetransport ops in ksmbd connection freetransport function for tcp connection can be called from smbdirect. It will cause kernel oops. This patch add freetransport ops in ksmbd connection, and add each freetransports...

CVE-2025-38319

In the Linux kernel, the following vulnerability has been resolved: drm/amd/pp: Fix potential NULL pointer dereference in atomctrlinitializemcregtable The function atomctrlinitializemcregtable and atomctrlinitializemcregtablev22 does not check the return value of smuatomgetdatatable. If...

CVE-2025-38317

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fix buffer overflow in debugfs If the user tries to write more than 32 bytes then it results in memory corruption. Fortunately, this is debugfs so it's limited to root users...

CVE-2025-38304 Bluetooth: Fix NULL pointer deference on eir_get_service_data

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix NULL pointer deference on eirgetservicedata The len parameter is considered optional so it can be NULL so it cannot be used for skipping to next entry of EIRSERVICEDATA...

CVE-2025-38297 PM: EM: Fix potential division-by-zero error in em_compute_costs()

In the Linux kernel, the following vulnerability has been resolved: PM: EM: Fix potential division-by-zero error in emcomputecosts When the device is of a non-CPU type, tablei.performance won't be initialized in the previous eminitperformance, resulting in division by zero when calculating costs ...

CVE-2025-38286

CVE-2025-38286 affects the Linux kernel with a fault in pinctrl/at91: at91_gpio_probe() not validating the OF alias, allowing out-of-bounds access to gpio_chips when indexing with an invalid value. The bug, which could be exposed if BUG() is compiled out, is mitigated by a kernel fix/workaround d...

CVE-2025-38276 fs/dax: Fix "don't skip locked entries when scanning entries"

In the Linux kernel, the following vulnerability has been resolved: fs/dax: Fix "don't skip locked entries when scanning entries" Commit 6be3e21d25ca "fs/dax: don't skip locked entries when scanning entries" introduced a new function, waitentryunlockedexclusive, which waits for the current entry ...

CVE-2025-38272 net: dsa: b53: do not enable EEE on bcm63xx

In the Linux kernel, the following vulnerability has been resolved: net: dsa: b53: do not enable EEE on bcm63xx BCM63xx internal switches do not support EEE, but provide multiple RGMII ports where external PHYs may be connected. If one of these PHYs are EEE capable, we may try to enable EEE for t...

EulerOS 2.0 SP10 : kernel (EulerOS-SA-2025-1800)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : usbnet: fix memory leak in error caseCVE-2022-49657 block: Fix handling of offline queues in blkmqallocrequesthctx.CVE-2022-49720 partitions: mac:...

RHEL 8 : kernel (RHSA-2025:10761)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:10761 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: udf: Fix a slab-out-of-bounds...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...