CVE-2025-38604 wifi: rtl818x: Kill URBs before clearing tx status queue

In the Linux kernel, the following vulnerability has been resolved: wifi: rtl818x: Kill URBs before clearing tx status queue In rtl8187stop move the call of usbkillanchoredurbs before clearing btxstatus.queue. This change prevents callbacks from using already freed skb due to anchor was not kille...

CVE-2025-38577 f2fs: fix to avoid panic in f2fs_evict_inode

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid panic in f2fsevictinode As syzbot 1 reported as below: R10: 0000000000000100 R11: 0000000000000206 R12: 00007ffe17473450 R13: 00007f28b1c10854 R14: 000000000000dae5 R15: 00007ffe17474520 --- end trace...

CVE-2025-38572 ipv6: reject malicious packets in ipv6_gso_segment()

In the Linux kernel, the following vulnerability has been resolved: ipv6: reject malicious packets in ipv6gsosegment syzbot was able to craft a packet with very long IPv6 extension headers leading to an overflow of skb-transportheader. This 16bit field has a limited range. Add...

CVE-2025-38544 rxrpc: Fix bug due to prealloc collision

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix bug due to prealloc collision When userspace is using AFRXRPC to provide a server, it has to preallocate incoming calls and assign to them call IDs that will be used to thread related recvmsg and sendmsg together. The...

CVE-2025-38508

In the Linux kernel, the following vulnerability has been resolved: x86/sev: Use TSCFACTOR for Secure TSC frequency calculation When using Secure TSC, the GUESTTSCFREQ MSR reports a frequency based on the nominal P0 frequency, which deviates slightly typically 0.2% from the actual mean TSC...

CVE-2025-38535

In the Linux kernel, the following vulnerability has been resolved: phy: tegra: xusb: Fix unbalanced regulator disable in UTMI PHY mode When transitioning from USBROLEDEVICE to USBROLENONE, the code assumed that the regulator should be disabled. However, if the regulator is marked as always-on,...

PT-2025-33565 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel affected versions not specified Description: The Linux kernel contains a flaw within the scheduler extension sched/ext related to calls to the update locked rq function with a NULL runqueue rq pointer. Invoking update locked rqNU...

Linux Distros Unpatched Vulnerability : CVE-2021-47073

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-smbios-wmi: Fix oops on rmmod dellsmbios initdellsmbioswmi only registers...

Linux Distros Unpatched Vulnerability : CVE-2022-48882

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix macsec possible null dereference when updating MAC security entity SecY Upon...

Linux Distros Unpatched Vulnerability : CVE-2024-38552

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix potential index out of bounds in color transformation function Fixes...

Linux Distros Unpatched Vulnerability : CVE-2024-42303

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: media: imx-pxp: Fix ERRPTR dereference in pxpprobe devmregmapinitmmio can fail, add a check...

SUSE CVE-2025-38362

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null pointer check for getfirstactivedisplay The function modhdcphdcp1enableencryption calls the function getfirstactivedisplay, but does not check its return value. The return value is a null pointer if the...

UBUNTU-CVE-2025-38489

In the Linux kernel, the following vulnerability has been resolved: s390/bpf: Fix bpfarchtextpoke with newaddr == NULL again Commit 7ded842b356d "s390/bpf: Fix bpfplt pointer arithmetic" has accidentally removed the critical piece of commit c730fce7c70c "s390/bpf: Fix bpfarchtextpoke with newaddr...

UBUNTU-CVE-2025-38475

In the Linux kernel, the following vulnerability has been resolved: smc: Fix various oops due to inetsock type confusion. syzbot reported weird splats 01 in cipsov4socksetattr while freeing inetsksk-inetopt. The address was freed multiple times even though it was read-only memory...

CVE-2025-38451

In the Linux kernel, the following vulnerability has been resolved: md/md-bitmap: fix GPF in bitmapgetstats The commit message of commit 6ec1f0239485 "md/md-bitmap: fix stats collection for external bitmaps" states: Remove the external bitmap check as the statistics should be available regardless...

CVE-2025-38385

Summary: CVE-2025-38385 affects the Linux kernel in the LAN78xx USB Ethernet driver, where a WARN can be triggered during USB disconnect when NAPI is still enabled. Root cause (per provided data): In the disconnect path, netif_napi_del() was redundantly called even though unregister_netdev() hand...

UBUNTU-CVE-2025-38345

In the Linux kernel, the following vulnerability has been resolved: ACPICA: fix acpi operand cache leak in dswstate.c ACPICA commit 987a3b5cf7175916e2a4b6ea5b8e70f830dfe732 I found an ACPI cache leak in ACPI early termination and boot continuing case. When early termination occurs due to maliciou...

DEBIAN-CVE-2025-38290

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix node corruption in ar-arvifs list In current WLAN recovery code flow, ath12kcorehalt only reinitializes the "arvifs" list head. This will cause the list node immediately following the list head to become an...

CVE-2025-38272

In the Linux kernel, the following vulnerability has been resolved: net: dsa: b53: do not enable EEE on bcm63xx BCM63xx internal switches do not support EEE, but provide multiple RGMII ports where external PHYs may be connected. If one of these PHYs are EEE capable, we may try to enable EEE for t...

CVE-2025-38327 fgraph: Do not enable function_graph tracer when setting funcgraph-args

In the Linux kernel, the following vulnerability has been resolved: fgraph: Do not enable functiongraph tracer when setting funcgraph-args When setting the funcgraph-args option when function graph tracer is net enabled, it incorrectly enables it. Worse, it unregisters itself when it was never...