Security update for the Linux Kernel (Live Patch 7 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506002333 fixes several issues. The following security issues were fixed: CVE-2025-38494: HID: core: do not bypass hidhwrawrequest bsc1247350. CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID bsc1247351...

SUSE SLES15 Security Update : kernel (Live Patch 58 for SLE 15 SP3) (SUSE-SU-2025:02832-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02832-1 advisory. This update for the Linux Kernel 5.3.18-15030059207 fixes several issues. The following security issues were fixed: - CVE-2025-38494: HID: cor...

CVE-2025-38518

In the Linux kernel, the following vulnerability has been resolved: x86/CPU/AMD: Disable INVLPGB on Zen2 AMD Cyan Skillfish Family 17h, Model 47h, Stepping 0h has an issue that causes system oopses and panics when performing TLB flush using INVLPGB. However, the problem is that that machine has...

Security update for the Linux Kernel (Live Patch 38 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024158 fixes several issues. The following security issues were fixed: CVE-2025-38494: HID: core: do not bypass hidhwrawrequest bsc1247350. CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID bsc1247351...

Security update for the Linux Kernel (Live Patch 67 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122255 fixes several issues. The following security issues were fixed: CVE-2025-38494: HID: core: do not bypass hidhwrawrequest bsc1247350. CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID bsc1247351...

DEBIAN-CVE-2023-3867

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix out of bounds read in smb2sesssetup ksmbd does not consider the case of that smb2 session setup is in compound request. If this is the second payload of the compound, OOB read issue occurs while processing the first...

CVE-2023-32249 ksmbd: not allow guest user on multichannel

In the Linux kernel, the following vulnerability has been resolved: ksmbd: not allow guest user on multichannel This patch return STATUSNOTSUPPORTED if binding session is guest...

Linux Distros Unpatched Vulnerability : CVE-2022-49867

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net: wwan: iosm: fix memory leak in ipcwwandellink IOSM driver registers network device...

kernel: HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove()

In the Linux kernel, the following vulnerability has been resolved: HID: intel-ish-hid: Fix use-after-free issue in ishtphidremove The system can experience a random crash a few minutes after the driver is removed. This issue occurs due to improper handling of memory freeing in the ishtphidremove...

Security update for the Linux Kernel (Live Patch 60 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122228 fixes several issues. The following security issues were fixed: CVE-2024-53146: NFSD: Prevent a potential integer overflow bsc1234854. CVE-2022-49465: blk-throttle: Set BIOTHROTTLED when bio has been throttled bsc1238920. CVE-2024-53214: vfio/pci:...

CVE-2025-38343 wifi: mt76: mt7996: drop fragments with multicast or broadcast RA

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: drop fragments with multicast or broadcast RA IEEE 802.11 fragmentation can only be applied to unicast frames. Therefore, drop fragments with multicast or broadcast RA. This patch addresses vulnerabilities suc...

UBUNTU-CVE-2025-38266

In the Linux kernel, the following vulnerability has been resolved: pinctrl: mediatek: eint: Fix invalid pointer dereference for v1 platforms Commit 3ef9f710efcb "pinctrl: mediatek: Add EINT support for multiple addresses" introduced an access to the 'soc' field of struct mtkpinctrl in...

CVE-2025-38278 octeontx2-pf: QOS: Refactor TC_HTB_LEAF_DEL_LAST callback

In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: QOS: Refactor TCHTBLEAFDELLAST callback This patch addresses below issues, 1. Active traffic on the leaf node must be stopped before its send queue is reassigned to the parent. This patch resolves the issue by marki...

UBUNTU-CVE-2025-38206

In the Linux kernel, the following vulnerability has been resolved: exfat: fix double free in delayedfree The double free could happen in the following path. exfatcreateupcasetable exfatcreateupcasetable : return error exfatfreeupcasetable : free -volutbl exfatloaddefaultupcasetable : return erro...

CVE-2025-38164 f2fs: zone: fix to avoid inconsistence in between SIT and SSA

In the Linux kernel, the following vulnerability has been resolved: f2fs: zone: fix to avoid inconsistence in between SIT and SSA w/ below testcase, it will cause inconsistence in between SIT and SSA. createnullblk 512 2 1024 1024 mkfs.f2fs -m /dev/nullb0 mount /dev/nullb0 /mnt/f2fs/ touch...

CVE-2025-38088 powerpc/powernv/memtrace: Fix out of bounds issue in memtrace mmap

In the Linux kernel, the following vulnerability has been resolved: powerpc/powernv/memtrace: Fix out of bounds issue in memtrace mmap memtrace mmap issue has an out of bounds issue. This patch fixes the by checking that the requested mapping region size should stay within the allocated region si...

CVE-2022-50020

In the Linux kernel, the following vulnerability has been resolved: ext4: avoid resizing to a partial cluster size This patch avoids an attempt to resize the filesystem to an unaligned cluster boundary. An online resize to a size that is not integral to cluster size results in the last iteration...

CVE-2022-50052 ASoC: Intel: avs: Fix potential buffer overflow by snprintf()

In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Fix potential buffer overflow by snprintf snprintf returns the would-be-filled size when the string overflows the given buffer size, hence using this value may result in a buffer overflow although it's...

CVE-2022-50020 ext4: avoid resizing to a partial cluster size

In the Linux kernel, the following vulnerability has been resolved: ext4: avoid resizing to a partial cluster size This patch avoids an attempt to resize the filesystem to an unaligned cluster boundary. An online resize to a size that is not integral to cluster size results in the last iteration...

DEBIAN-CVE-2025-38010

In the Linux kernel, the following vulnerability has been resolved: phy: tegra: xusb: Use a bitmask for UTMI pad power state tracking The current implementation uses biaspadenable as a reference count to manage the shared bias pad for all UTMI PHYs. However, during system suspension with connecte...