CVE-2025-39735

In the Linux kernel, the following vulnerability has been resolved: jfs: fix slab-out-of-bounds read in eaget During the "sizecheck" label in eaget, the code checks if the extended attribute list xattr size matches easize. If not, it logs "eaget: invalid extended attribute" and calls printhexdump...

CVE-2025-38104 drm/amdgpu: Replace Mutex with Spinlock for RLCG register access to avoid Priority Inversion in SRIOV

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Replace Mutex with Spinlock for RLCG register access to avoid Priority Inversion in SRIOV RLCG Register Access is a way for virtual functions to safely access GPU registers in a virtualized environment., including TLB...

CVE-2021-47671

In the Linux kernel, the following vulnerability has been resolved: can: etases58x: es58xrxerrmsg: fix memory leak in error path In es58xrxerrmsg, if can-dosetmode fails, the function directly returns without calling netifrxskb. This means that the skb previously allocated by alloccanerrskb is no...

Security update for the Linux Kernel

The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2023-52927: netfilter: allow exp not to be removed in nfctfindexpectation bsc1239644. CVE-2024-26708: mptcp: fix inconsistent state on fastopen race...

PT-2025-28008 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel versions 6.14.0 and later Description: The issue is related to the powerpc64/ftrace component of the Linux kernel, where the register r15 is clobbered during livepatching and not restored, leading to potential kernel crashes. Thi...

CVE-2025-22092

In the Linux kernel, the following vulnerability has been resolved: PCI: Fix NULL dereference in SR-IOV VF creation error path Clean up when virtfn setup fails to prevent NULL pointer dereference during device removal. The kernel oops below occurred due to incorrect error handling flow when...

CVE-2025-22073

In the Linux kernel, the following vulnerability has been resolved: spufs: fix a leak on spufsnewfile failure It's called from spufsfilldir, and caller of that will do spufsrmdir in case of failure. That does remove everything we'd managed to create, but... the problem dentry is still negative...

CVE-2025-22127

CVE-2025-22127 affects the Linux kernel F2FS. The issue could cause a kernel hang when a compressed file system operation triggers IO errors during load of the error table to a dm device, while f2fs_write_data_pages holds the writepages lock. Root cause described: IO error looping in f2fs_prepare...

CVE-2025-22123

CVE-2025-22123 relates to the Linux kernel’s F2FS filesystem. The issue arises when a faulty allocator path introduced by a commit (FAULT_NO_SEGMENT) may set curseg->segno to NULL_SEGNO while CP_ERROR_FLAG is set. This can lead to a page fault path where f2fs_write_inode() traverses a sequence...

CVE-2025-22115 btrfs: fix block group refcount race in btrfs_create_pending_block_groups()

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix block group refcount race in btrfscreatependingblockgroups Block group creation is done in two phases, which results in a slightly unintuitive property: a block group can be allocated/deallocated from after...

CVE-2025-22089 RDMA/core: Don't expose hw_counters outside of init net namespace

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Don't expose hwcounters outside of init net namespace Commit 467f432a521a "RDMA/core: Split port and device counter sysfs attributes" accidentally almost exposed hw counters to non-init net namespaces. It didn't expose...

CVE-2025-22085

CVE-2025-22085 affects the Linux kernel RDMA/core. The description documents a use-after-free (slab) in the netlink/name rename path, caused by a use-after-free in nla_put during device-name rename handling. The issue manifests as a slab-use-after-free Read in nla_put, traced through netlink/nlde...

CVE-2025-22077

CVE-2025-22077 relates to the Linux kernel CIFS/SMB client TCP timer deadlock fix. The description explains that a prior patch intended to fix a null-pointer dereference (related to CVE-2024-54680) was reverted, which in turn revived a real issue with TCP sockets for CIFS connections. The root ca...

CVE-2025-22072 spufs: fix gang directory lifetimes

In the Linux kernel, the following vulnerability has been resolved: spufs: fix gang directory lifetimes prior to "POWERPC spufs: Fix gang destroy leaks" we used to have a problem with gang lifetimes - creation of a gang returns opened gang directory, which normally gets removed when that gets...

CVE-2025-22065

CVE-2025-22065 : Linux kernel idpf SR-IOV path could double-remove a VF during reboot, causing a NULL pointer dereference when the adapter is NULL on the first idpf_remove() call. Fixes replace idpf_remove() in idpf_shutdown() with idpf_vc_core_deinit() and idpf_deinit_dflt_mbx(), moving cleanup ...

CVE-2025-22064 netfilter: nf_tables: don't unregister hook when table is dormant

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: don't unregister hook when table is dormant When nftablesupdchain encounters an error, hook registration needs to be rolled back. This should only be done if the hook has been registered, which won't happen...

CVE-2025-22057

CVE-2025-22057 : In the Linux kernel, the fix for an issue with decreasing cached dst counters in dst_release was incomplete when CONFIG_DST_CACHE is enabled and OvS tunnels are used, potentially leading to a kernel NULL page fault during dst cache destruction. The upstream patch moves the decrem...

CVE-2025-22049

CVE-2025-22049 concerns the Linux kernel LoongArch support. The issue arises from ARCH_DMA_MINALIGN being too small (default 1) for certain LoongArch devices (e.g., APBDMA), risking cacheline write errors when buffers are small. The documented fix increases ARCH_DMA_MINALIGN to 16, mitigating DMA...

CVE-2025-22037 ksmbd: fix null pointer dereference in alloc_preauth_hash()

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix null pointer dereference in allocpreauthhash The Client send malformed smb2 negotiate request. ksmbd return error response. Subsequently, the client can send smb2 session setup even thought conn-preauthinfo is not...

CVE-2024-58095

CVE-2024-58095 (jfs: add check read-only before txBeginAnon() call) is confirmed as a concrete kernel fix. The patch introduces a read-only check prior to txBeginAnon() in extAlloc and extRecord within the JFS code path. This prevents write attempts on a read-only mounted filesystem, avoiding pot...