CVE-2025-37837

CVE-2025-37837 addresses warnings in the Linux kernel: iommu/tegra241-cmdqv dmam_free_coherent() warnings during SMMU rollback and a memory-usage warning (128 pages) from free_contig_range, traced to devres-managed LVCMDQ resources freed by devm_action_release. The fix removes the unwind path in ...

CVE-2025-37828

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: mcq: Add NULL check in ufshcdmcqabort A race can occur between the MCQ completion path and the abort handler: once a request completes, blkmqfreerequest sets rq-mqhctx to NULL, meaning the subsequent ufshcdmcqreqtohwq...

CVE-2025-37825

In the Linux kernel, the following vulnerability has been resolved: nvmet: fix out-of-bounds access in nvmetenableport When trying to enable a port that has no transport configured yet, nvmetenableport uses NVMFTRTYPEMAX 255 to query the transports array, causing an out-of-bounds access: 106.0586...

CVE-2025-37809

In the Linux kernel, the following vulnerability has been resolved: usb: typec: class: Fix NULL pointer access Concurrent calls to typecpartnerunlinkdevice can lead to a NULL pointer dereference. This patch adds a mutex to protect USB device pointers and prevent this issue. The same mutex protect...

CVE-2025-37818 LoongArch: Return NULL from huge_pte_offset() for invalid PMD

In the Linux kernel, the following vulnerability has been resolved: LoongArch: Return NULL from hugepteoffset for invalid PMD LoongArch's hugepteoffset currently returns a pointer to a PMD slot even if the underlying entry points to invalidptetable indicating no mapping. Callers like...

CVE-2025-37809

In the Linux kernel, the following vulnerability has been resolved: usb: typec: class: Fix NULL pointer access Concurrent calls to typecpartnerunlinkdevice can lead to a NULL pointer dereference. This patch adds a mutex to protect USB device pointers and prevent this issue. The same mutex protect...

CVE-2025-37807

CVE-2025-37807 is a Linux kernel issue in the BPF percpu hashmap path where a percpu pointer is stored at an 8-byte aligned location only if the key_size rounds up to 8; otherwise a 4-byte aligned location is used, causing kmemleak to miss the pointer and report a leak. The root cause is an align...

CVE-2025-37807 bpf: Fix kmemleak warning for percpu hashmap

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix kmemleak warning for percpu hashmap Vlad Poenaru reported the following kmemleak issue: unreferenced object 0x606fd7c44ac8 size 32: backtrace crc 0: pcpuallocnoprof+0x730/0xeb0 bpfmapallocpercpu+0x69/0xc0...

RLSA-2024:7000 Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: CVE-2023-6040 CVE-2024-26595 CVE-2024-26600 CVE-2021-46984 CVE-2023-52478 CVE-2023-52476 CVE-2023-52522 CVE-2021-47101 CVE-2021-47097 CVE-2023-52605 CVE-2024-26638 CVE-2024-26645 CVE-2024-26665...

USN-7496-4: Linux kernel (Azure) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Block layer subsystem; - Character device driver; - Hardware crypto device drivers; - GPU drivers; - Media drivers;...

Ubuntu: Security Advisory (USN-7494-3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ensure Kernel SMEP is Enabled

Supervisor Mode Execution Prevention SMEP can be enabled to prevent the user-space code execution on the kernel. If SMEP is not enabled, attackers can execute the user-space code through kernel-mode code redirection, which increases the attack surface and reduces system security. SMEP is enabled ...

USN-7491-1: Linux kernel (OEM) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - USB Type-C Connector System Software Interface driver; - Timer subsystem; CVE-2025-21902, CVE-2025-21813...

RHSA-2025:4509 Red Hat Security Advisory: kernel security update

Bulletin has no description...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Azure Linux 3.0 Security Update: kernel (CVE-2024-57951)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-57951 advisory. - In the Linux kernel, the following vulnerability has been resolved: hrtimers: Handle CPU state correctly on...

Azure Linux 3.0 Security Update: kernel (CVE-2024-57911)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-57911 advisory. - In the Linux kernel, the following vulnerability has been resolved: iio: dummy: iiosimplydummybuffer: fix...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

CVE-2024-57834 affecting package kernel for versions less than 5.15.179.1-1

CVE-2024-57834 affecting package kernel for versions less than 5.15.179.1-1. A patched version of the package is available...

CVE-2024-58098

The CVE-2024-58098 issue affects the Linux kernel BPF verifier, specifically the logic tracking changes_pkt_data for global sub-programs. When verifiers process calls to helpers, pointers may be invalidated inconsistently between callers and global sub-programs, making certain programs unsafe (e....