CVE-2023-54187

CVE-2023-54187 concerns a Linux kernel issue where moving/renaming a directory could trigger potential corruption. The vulnerability affects the filesystem code related to F2FS and reproduces in ext4_rename, as revealed by xfstests/generic/707. The root cause involves corruption risks during dire...

CVE-2023-54174 vfio: Fix NULL pointer dereference caused by uninitialized group->iommufd

In the Linux kernel, the following vulnerability has been resolved: vfio: Fix NULL pointer dereference caused by uninitialized group-iommufd group-iommufd is not initialized for the iommufdctxput 20018.331541 BUG: kernel NULL pointer dereference, address: 0000000000000000 20018.377508 RIP:...

CVE-2022-50818 scsi: pm8001: Fix running_req for internal abort commands

In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix runningreq for internal abort commands Disabling the remote phy for a SATA disk causes a hang: root@none$ more /sys/class/sasphy/phy-0:0:8/targetportprotocols sata root@none$ echo 0...

PT-2025-54083

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s DRM/TTM subsystem where a resource could be leaked during eviction errors, specifically those other than -EMULTIHOP. The issue was addressed by...

PT-2025-54085

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: don't reset device side if dwc3 was configured as host-only Commit c4a5153e87fd "usb: dwc3: core: Power-off core/PHYs on system suspend in host mode" replaces check for HOST only dr mode with current dr role. But durin...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992592)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992592 advisory. In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix duplicated reported IWCMEVENTCONNECTREPLY event If siwrecvmparr returns -EAGAIN, it...

CVE-2023-54108

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix DMA-API call trace on NVMe LS requests The following message and call trace was seen with debug kernels: DMA-API: qla2xxx 0000:41:00.0: device driver failed to check map error device address=0x00000002a3ff38d8...

UBUNTU-CVE-2023-54151

In the Linux kernel, the following vulnerability has been resolved: f2fs: Fix system crash due to lack of free space in LFS When f2fs tries to checkpoint during foreground gc in LFS mode, system crash occurs due to lack of free space if the amount of dirty node and dentry pages generated by data...

CVE-2023-54083 phy: tegra: xusb: Clear the driver reference in usb-phy dev

In the Linux kernel, the following vulnerability has been resolved: phy: tegra: xusb: Clear the driver reference in usb-phy dev For the dual-role port, it will assign the phy dev to usb-phy dev and use the port dev driver as the dev driver of usb-phy. When we try to destroy the port dev, it will...

CVE-2022-50755

CVE-2022-50755: Linux kernel UDF rename path had a double brelse() on buffer heads (udf_find_entry() returning NULL) causing unbalanced buffer_head b_count. The fix prevents brelse() from being called by udf_rename() when udf_find_entry() returns NULL, eliminating the imbalance. This is the concr...

CVE-2022-50716 wifi: ar5523: Fix use-after-free on ar5523_cmd() timed out

In the Linux kernel, the following vulnerability has been resolved: wifi: ar5523: Fix use-after-free on ar5523cmd timed out syzkaller reported use-after-free with the stack trace like below 1: 38.960489 C3 ================================================================== 38.963216 C3 BUG: KASAN:...

CVE-2023-53987

In the Linux kernel, the following vulnerability has been resolved: ping: Fix potentail NULL deref for /proc/net/icmp. After commit dbca1596bbb0 "ping: convert to RCU lookups, get rid of rwlock", we use RCU for ping sockets, but we should use spinlock for /proc/net/icmp to avoid a potential NULL...

CVE-2025-68727 ntfs3: Fix uninit buffer allocated by __getname()

In the Linux kernel, the following vulnerability has been resolved: ntfs3: Fix uninit buffer allocated by getname Fix uninit errors caused after buffer allocation given to 'de'; by initializing the buffer with zeroes. The fix was found by using KMSAN...

CVE-2025-68370

In the Linux kernel, CVE-2025-68370 affects the coresight tmc path handling. The fix adds the event handle to the coresight_path so dependent devices can access it (required to retrieve AUX_EVENT per CPU in perf mode). Reproduction example uses perf record -e cs_etm//k -C 0-9, which could trigger...

SUSE CVE-2025-68224

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2025-68313

In the Linux kernel, the following vulnerability has been resolved: x86/CPU/AMD: Add RDSEED fix for Zen5 There's an issue with RDSEED's 16-bit and 32-bit register output variants on Zen5 which return a random value of 0 "at a rate inconsistent with randomness while incorrectly signaling success...

PT-2025-51602

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.17.0-rc7 Description The Linux kernel contains a flaw within the drm/msm subsystem related to the handling of imported DMA buffers during object freeing. Specifically, the condition checking for the NO SHARE ca...

Unity Linux 20.1050e Security Update: kernel (UTSA-2025-991142)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991142 advisory. In the Linux kernel, the following vulnerability has been resolved: gfs2: Check sbbsizeshift after reading superblock Fuzzers like to scribble over sbbsizeshift but ...

CVE-2022-50619

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix memory leak in kfdmemdmamapuserptr If the number of pages from the userptr BO differs from the SG BO then the allocated memory for the SG table doesn't get freed before returning -EINVAL, which may lead to a memor...

CVE-2025-40332 drm/amdkfd: Fix mmap write lock not release

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix mmap write lock not release If mmap write lock is taken while draining retry fault, mmap write lock is not released because svmrangerestorepages calls mmapreadunlock then returns. This causes deadlock and system...