CVE-2022-50341 cifs: fix oops during encryption

In the Linux kernel, the following vulnerability has been resolved: cifs: fix oops during encryption When running xfstests against Azure the following oops occurred on an arm64 system Unable to handle kernel write to read-only memory at virtual address ffff0001221cf000 Mem abort info: ESR =...

CVE-2025-39833

CVE-2025-39833 (Linux kernel) Root cause: when unloading the hfcpci module with CONFIG_DEBUG_OBJECTS_TIMERS enabled, an uninitialized timer could trigger a kernel warning path during deletion, as shown in the stack trace and timer-related debug prints. Impact: locally leveraged by a privileged co...

PT-2025-37888

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a vulnerability in the xen/virtio subsystem where a NULL dereference can occur within the xen dt get node function when a bridge of the PCI root bus has no...

UBUNTU-CVE-2022-50263

In the Linux kernel, the following vulnerability has been resolved: vdpasim: fix memory leak when freeing IOTLBs After commit bda324fd037a "vdpasim: control virtqueue support", vdpasim-iommu became an array of IOTLB, so we should clean the mappings of each free one by one instead of just deleting...

CVE-2022-50320

The CVE-2022-50320 issue is a Linux kernel ACPI FPDT FPDT table bug where invalid physical addresses trigger ioremap warnings and an oops. The root cause is calling acpi_os_map_memory() on an invalid phys address; a fix adds a validation step to prevent mapping invalid addresses. The description ...

CVE-2022-50270

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix the assign logic of iocb commit 18ae8d12991b "f2fs: show more DIO information in tracepoint" introduces iocb field in 'f2fsdirectIOenter' trace event And it only assigns the pointer and later it accesses its field in...

CVE-2022-50239

In the Linux kernel, the following vulnerability has been resolved: cpufreq: qcom: fix writes in read-only memory region This commit fixes a kernel oops because of a write in some read-only memory: 9.068287 Unable to handle kernel write to read-only memory at virtual address ffff800009240ad8...

SUSE SLES15 Security Update : kernel (Live Patch 50 for SLE 15 SP3) (SUSE-SU-2025:03133-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03133-1 advisory. This update for the Linux Kernel 5.3.18-15030059182 fixes several issues. The following security issues were fixed: - CVE-2025-21999: proc: fi...

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: udmabuf: fix a buf size overflow issue during udmabuf creation CVE-2025-37803 kernel: idpf: convert control queue mutex to a spinlock CVE-2025-38392 For more details about the security...

ksmbd: fix refcount leak causing resource not released

...

CVE-2025-39674

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: ufs-qcom: Fix ESI null pointer dereference ESI/MSI is a performance optimization feature that provides dedicated interrupts per MCQ hardware queue. This is optional feature and UFS MCQ should work with and without ESI...

CVE-2025-39711

In the Linux kernel, the following vulnerability has been resolved: media: ivsc: Fix crash at shutdown due to missing meicldevdisable calls Both the ACE and CSI driver are missing a meicldevdisable call in their remove function. This causes the meicl client to stay part of the meidevice-filelist...

CVE-2025-38734 net/smc: fix UAF on smcsk after smc_listen_out()

In the Linux kernel, the following vulnerability has been resolved: net/smc: fix UAF on smcsk after smclistenout BPF CI testing report a UAF issue: 16.446633 BUG: kernel NULL pointer dereference, address: 000000000000003 0 16.447134 PF: supervisor read access in kernel mod e 16.447516 PF:...

UBUNTU-CVE-2025-38728

In the Linux kernel, the following vulnerability has been resolved: smb3: fix for slab out of bounds on mount to ksmbd With KASAN enabled, it is possible to get a slab out of bounds during mount to ksmbd due to missing check in parseserverinterfaces see below: BUG: KASAN: slab-out-of-bounds in...

AZL-66596 CVE-2025-38652 affecting package kernel for versions less than 6.6.104.2-1

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid out-of-boundary access in devs.path - touch /mnt/f2fs/012345678901234567890123456789012345678901234567890123 - truncate -s $102410241024 \ /mnt/f2fs/012345678901234567890123456789012345678901234567890123 - touc...

CVE-2025-38661

In the Linux kernel, the following vulnerability has been resolved: platform/x86: alienware-wmi-wmax: Fix dmisystemid array Add missing empty member to awccdmitable...

CVE-2025-38652 f2fs: fix to avoid out-of-boundary access in devs.path

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid out-of-boundary access in devs.path - touch /mnt/f2fs/012345678901234567890123456789012345678901234567890123 - truncate -s $102410241024 \ /mnt/f2fs/012345678901234567890123456789012345678901234567890123 - touc...

CVE-2025-38647 wifi: rtw89: sar: drop lockdep assertion in rtw89_set_sar_from_acpi

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: sar: drop lockdep assertion in rtw89setsarfromacpi The following assertion is triggered on the rtw89 driver startup. It looks meaningless to hold wiphy lock on the early init stage so drop the assertion. WARNING: CPU...

CVE-2025-38628

In the Linux kernel, the following vulnerability has been resolved: vdpa/mlx5: Fix release of uninitialized resources on error path The commit in the fixes tag made sure that mlx5vdpafree is the single entrypoint for removing the vdpa device resources added in mlx5vdpadevadd, even in the cleanup...

SUSE CVE-2025-38588

In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent infinite loop in rt6nlmsgsize While testing prior patch, I was able to trigger an infinite loop in rt6nlmsgsize in the following place: listforeachentryrcusibling, &f6i-fib6siblings, fib6siblings...