CVE-2025-38068

CVE-2025-38068: In the Linux kernel, the crypto/lzo path fixed a compression buffer overrun by adding a safe compression interface that checks the end of the output buffer before each write and using it in crypto/lzo. This corrects a prior assumption that the caller always provided sufficient buf...

CVE-2025-38050

In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix kernel NULL pointer dereference when replacing free hugetlb folios A kernel crash was observed when replacing free hugetlb folios: BUG: kernel NULL pointer dereference, address: 0000000000000028 PGD 0 P4D 0 Oops:...

CVE-2025-38044 media: cx231xx: set device_caps for 417

In the Linux kernel, the following vulnerability has been resolved: media: cx231xx: set devicecaps for 417 The videodevice for the MPEG encoder did not set devicecaps. Add this, otherwise the video device can't be registered you get a WARNON instead. Not seen before since currently 417 support is...

CVE-2025-38033 x86/Kconfig: make CFI_AUTO_DEFAULT depend on !RUST or Rust >= 1.88

In the Linux kernel, the following vulnerability has been resolved: x86/Kconfig: make CFIAUTODEFAULT depend on !RUST or Rust = 1.88 Calling core::fmt::write from rust code while FineIBT is enabled results in a kernel panic: 4614.199779 kernel BUG at arch/x86/kernel/cet.c:132! 4614.205343 Oops:...

CVE-2025-38033

CVE-2025-38033 affects the Linux kernel (x86) where FineIBT and Rust integration triggers a kernel panic when core::fmt::write() is invoked from Rust with FineIBT enabled. Root cause is that core::fmt::rt::Argument::fmt() has CFI-disabled code (no_sanitize(cfi, kcfi)), causing a Control Protectio...

CVE-2025-38021

CVE-2025-38021 affects the Linux kernel in the DRM AMD Display path (drm/amd/display), where update_dchubp_dpp and related code could dereference a null pipe_ctx->plane_state. The issue is a missing null check in the update path that could lead to a null pointer dereference; it is stated to be...

CVE-2025-38011 drm/amdgpu: csa unmap use uninterruptible lock

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: csa unmap use uninterruptible lock After process exit to unmap csa and free GPU vm, if signal is accepted and then waiting to take vm lock is interrupted and return, it causes memory leaking and below warning backtrac...

SUSE-SU-2025:01972-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-28956: x86/ibt: Keep IBT disabled during alternative patching bsc1242006. - CVE-2024-35840: mptcp: use OPTIONMPTCPMPJSYNACK in subflowfinishconnect...

kernel security update

3.10.0-1160.119.1.0.9.el7.OL7 - netfilter: ipset: add missing range check in bitmapipuadt Jeongjun Park CVE-2024-53141 Orabug: 37964173 - Update OL SB certificates - Add new Oracle Linux Driver Signing key 1 certificate Orabug: 37985797...

kernel security update

5.14.0-570.22.1.0.16.OL9 - nvme-pci: remove two deallocate zeroes quirks Orabug: 37756650 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys lis...

SUSE-SU-2025:20413-1 Security update for the Linux Kernel

The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2023-52888: media: mediatek: vcodec: Only free buffer VA that is not NULL bsc1228557. - CVE-2024-46713: kabi fix for perf/aux: Fix AUX buffer...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-28956: x86/ibt: Keep IBT disabled during alternative patching bsc1242006. CVE-2024-46713: kabi fix for perf/aux: Fix AUX buffer serialization bsc1230581...

SUSE-SU-2025:01965-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-28956: x86/ibt: Keep IBT disabled during alternative patching bsc1242006. - CVE-2024-46713: kabi fix for perf/aux: Fix AUX buffer serialization...

RHSA-2025:9079 Red Hat Security Advisory: kernel security update

Bulletin has no description...

TencentOS Server 3: kernel (TSSA-2024:0145)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0145 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

SUSE-SU-2025:01932-1 Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506002314 fixes several issues. The following security issues were fixed: - CVE-2024-49855: nbd: fix race between timeout and normal completion bsc1232900. - CVE-2025-21680: pktgen: Avoid out-of-bounds access in getimixentries bsc1236701. - CVE-2024-58013:...

SUSE-SU-2025:01893-1 Security update for the Linux Kernel (Live Patch 23 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005594 fixes several issues. The following security issues were fixed: - CVE-2022-49080: mm/mempolicy: fix mpolnew leak in sharedpolicyreplace bsc1238324. - CVE-2024-58013: Bluetooth: MGMT: Fix slab-use-after-free Read in mgmtremoveadvmonitorsync...

EulerOS 2.0 SP12 : kernel (EulerOS-SA-2025-1589)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : xsk: Fix race at socket teardownCVE-2022-49215 acct: perform last write from workqueueCVE-2025-21846 nvme-pci: fix a NULL pointer dereference in...

Moderate: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

Medium: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: Fix memory leak in tpm2keyencode CVE-2024-36967 In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: Do not use WARN when encode fails CVE-2024-36975 Affected Packages:...