SUSE CVE-2025-21989

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix missing .istwopixelspercontainer Starting from 6.11, AMDGPU driver, while being loaded with amdgpu.dc=1, due to lack of .istwopixelspercontainer function in dce60tgfuncs, causes a NULL pointer dereference on...

SUSE CVE-2025-21994

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix incorrect validation for numaces field of smbacl parsedcal validate numaces to allocate posixacestatearray. if numaces ULONGMAX / sizeofstruct smbace It is an incorrect validation that we can create an array of size...

Security update for the Linux Kernel (Live Patch 44 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059161 fixes several issues. The following security issues were fixed: CVE-2022-49025: net/mlx5e: Fix use-after-free when reverting termination table bsc1233023. CVE-2024-41062: Sync sock recv cb and release bsc1228578. CVE-2022-48791: Fix use-after-fr...

SUSE-SU-2025:1139-1 Security update for the Linux Kernel (Live Patch 44 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059161 fixes several issues. The following security issues were fixed: - CVE-2022-49025: net/mlx5e: Fix use-after-free when reverting termination table bsc1233023. - CVE-2024-41062: Sync sock recv cb and release bsc1228578. - CVE-2022-48791: Fix...

CVE-2025-22007 Bluetooth: Fix error code in chan_alloc_skb_cb()

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix error code in chanallocskbcb The chanallocskbcb function is supposed to return error pointers on error. Returning NULL will lead to a NULL dereference...

CVE-2025-22004 net: atm: fix use after free in lec_send()

In the Linux kernel, the following vulnerability has been resolved: net: atm: fix use after free in lecsend The -send operation frees skb so save the length before calling -send to avoid a use after free...

CVE-2025-21997 xsk: fix an integer overflow in xp_create_and_assign_umem()

In the Linux kernel, the following vulnerability has been resolved: xsk: fix an integer overflow in xpcreateandassignumem Since the i and pool-chunksize variables are of type 'u32', their product can wrap around and then be cast to 'u64'. This can lead to two different XDP buffers pointing to the...

UBUNTU-CVE-2025-21994

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix incorrect validation for numaces field of smbacl parsedcal validate numaces to allocate posixacestatearray. if numaces ULONGMAX / sizeofstruct smbace It is an incorrect validation that we can create an array of size...

CVE-2025-21991

In the Linux kernel, the following vulnerability has been resolved: x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes Currently, loadmicrocodeamd iterates over all NUMA nodes, retrieves their CPU masks and unconditionally accesses per-CPU data for the first CPU of each mask...

CVE-2025-21991 x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes

In the Linux kernel, the following vulnerability has been resolved: x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes Currently, loadmicrocodeamd iterates over all NUMA nodes, retrieves their CPU masks and unconditionally accesses per-CPU data for the first CPU of each mask...

CVE-2025-21988 fs/netfs/read_collect: add to next->prev_donated

In the Linux kernel, the following vulnerability has been resolved: fs/netfs/readcollect: add to next-prevdonated If multiple subrequests donate data to the same "next" request depending on the subrequest completion order, each of them would overwrite the prevdonated field, causing data corruptio...

kernel security update

5.14.0-503.35.15.OL9 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...

Ubuntu: Security Advisory (USN-7402-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2025-21986

In the Linux kernel, the following vulnerability has been resolved: net: switchdev: Convert blocking notification chain to a raw one A blocking notification chain uses a read-write semaphore to protect the integrity of the chain. The semaphore is acquired for writing when adding / removing...

CVE-2025-21975

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: handle errors in mlx5chainscreatetable In mlx5chainscreatetable, the return value of mlx5getfdbsubns and mlx5getflownamespace must be checked to prevent NULL pointer dereferences. If either function fails, the function...

CVE-2025-21982 pinctrl: nuvoton: npcm8xx: Add NULL check in npcm8xx_gpio_fw

In the Linux kernel, the following vulnerability has been resolved: pinctrl: nuvoton: npcm8xx: Add NULL check in npcm8xxgpiofw devmkasprintf calls can return null pointers on failure. But the return values were not checked in npcm8xxgpiofw. Add NULL check in npcm8xxgpiofw, to handle kernel NULL...

CVE-2025-21978

CVE-2025-21978 – Linux kernel (drm/hyperv): address space leak in Hyper-V DRM device mapping . The vulnerability occurs when a Hyper-V DRM device is probed: the driver allocates MMIO space for VRAM and maps it as cacheable, but on device removal or probing error path the MMIO space is released wi...

CVE-2025-21972 net: mctp: unshare packets when reassembling

In the Linux kernel, the following vulnerability has been resolved: net: mctp: unshare packets when reassembling Ensure that the fraglist used for reassembly isn't shared with other packets. This avoids incorrect reassembly when packets are cloned, and prevents a memory leak due to circular...

CVE-2025-21970 net/mlx5: Bridge, fix the crash caused by LAG state check

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Bridge, fix the crash caused by LAG state check When removing LAG device from bridge, NETDEVCHANGEUPPER event is triggered. Driver finds the lower devices PFs to flush all the offloaded entries. And mlx5lagissharedfdb i...

CVE-2025-21959 netfilter: nf_conncount: Fully initialize struct nf_conncount_tuple in insert_tree()

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconncount: Fully initialize struct nfconncounttuple in inserttree Since commit b36e4523d4d5 "netfilter: nfconncount: fix garbage collection confirm race", cpu and jiffies32 were introduced to the struct...