EUVD-2022-54804

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix dereference of stale list iterator after loop body The list iterator variable will be a bogus pointer if no break was hit. Dereferencing it cur-page in this case could load an out-of-bounds/undefined value making it...

EUVD-2023-59729

Malicious code in bioql PyPI...

EUVD-2024-53388

Malicious code in bioql PyPI...

EUVD-2025-15902

Malicious code in bioql PyPI...

CVE-2025-38476

In the Linux kernel, the following vulnerability has been resolved: rpl: Fix use-after-free in rpldosrhinline. Running lwtdstcacherefloop.sh in selftest with KASAN triggers the splat below 0. rpldosrhinline fetches ipv6hdrskb and accesses it after skbcowhead, which is illegal as the header could ...

CVE-2025-38347 f2fs: fix to do sanity check on ino and xnid

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on ino and xnid syzbot reported a f2fs bug as below: INFO: task syz-executor140:5308 blocked for more than 143 seconds. Not tainted 6.14.0-rc7-syzkaller-00069-g81e4f8d68c66 0 "echo 0...

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Bluetooth: Fix use after free in hcisendacl CVE-2022-49111 kernel: Bluetooth: hcisync: Fix queuing commands when HCIUNREGISTER is set CVE-2022-49136 kernel: udf: Fix a slab-out-of-bounds...

CVE-2022-50185 drm/radeon: fix potential buffer overflow in ni_set_mc_special_registers()

In the Linux kernel, the following vulnerability has been resolved: drm/radeon: fix potential buffer overflow in nisetmcspecialregisters The last case label can write two buffers 'mcregaddressj' and 'mcdataj' with 'j' offset equal to SMCNISLANDSMCREGISTERARRAYSIZE since there are no checks for th...

CVE-2022-50148 kernfs: fix potential NULL dereference in __kernfs_remove

In the Linux kernel, the following vulnerability has been resolved: kernfs: fix potential NULL dereference in kernfsremove When lockdep is enabled, lockdepassertheldwrite would cause potential NULL pointer dereference. Fix the following smatch warnings: fs/kernfs/dir.c:1353 kernfsremove warn:...

RHEL 9 : kernel (RHSA-2025:4469)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:4469 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: nvme-tcp: fix potential memory corrupti...

CVE-2025-37772 RDMA/cma: Fix workqueue crash in cma_netevent_work_handler

In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Fix workqueue crash in cmaneteventworkhandler struct rdmacmid has member "struct workstruct network" that is reused for enqueuing cmaneteventworkhandlers onto cmawq. Below crash1 can occur if more than one call to...

CVE-2025-22072 spufs: fix gang directory lifetimes

In the Linux kernel, the following vulnerability has been resolved: spufs: fix gang directory lifetimes prior to "POWERPC spufs: Fix gang destroy leaks" we used to have a problem with gang lifetimes - creation of a gang returns opened gang directory, which normally gets removed when that gets...

CVE-2022-49494

In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: cadence: fix possible null-ptr-deref in cadencenanddtprobe It will cause null-ptr-deref when using 'res', if platformgetresource returns NULL, so move using 'res' after devmioremapresource that will check it to avoi...

CVE-2022-49170

CVE-2022-49170 concerns the F2FS implementation in the Linux kernel. The root cause was a missing sanity check on curseg->alloc_type, which could widen an array-bounds access of sbi->block_count[] (UBSAN: array-index-out-of-bounds) when mounting/operating a corrupted image. The issue manife...

CVE-2025-21658

Technical details beyond the summary are not provided in the supplied documents; no affected products, versions, or fixes are enumerated here. Monitor for updates.

CVE-2024-56619 nilfs2: fix potential out-of-bounds memory access in nilfs_find_entry()

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential out-of-bounds memory access in nilfsfindentry Syzbot reported that when searching for records in a directory where the inode's isize is corrupted and has a large value, memory access outside the folio/page...

CVE-2024-53171

CVE-2024-53171 affects the Linux kernel ubifs authentication path. The published details describe a use-after-free in ubifs_tnc_end_commit arising when a node’s znode->parent changes due to a tree split, while the node’s znode->cparent may still point to freed memory after deletions. The is...