CVE-2022-50033 usb: host: ohci-ppc-of: Fix refcount leak bug

In the Linux kernel, the following vulnerability has been resolved: usb: host: ohci-ppc-of: Fix refcount leak bug In ohcihcdppcofprobe, offindcompatiblenode will return a node pointer with refcount incremented. We should use ofnodeput when it is not used anymore...

CVE-2022-49998

The CVE-2022-49998 entry is supported by multiple connected advisories confirming concrete fixes in the Linux kernel’s rxrpc sendmsg implementation. The issues addressed are three locking bugs in rxrpc_sendmsg: (1) rxrpc_new_client_call() should release the socket lock when returning from rxrpc_g...

CVE-2022-49997 net: lantiq_xrx200: restore buffer if memory allocation failed

In the Linux kernel, the following vulnerability has been resolved: net: lantiqxrx200: restore buffer if memory allocation failed In a situation where memory allocation fails, an invalid buffer address is stored. When this descriptor is used again, the system panics in the buildskb function when...

CVE-2022-49995 writeback: avoid use-after-free after removing device

In the Linux kernel, the following vulnerability has been resolved: writeback: avoid use-after-free after removing device When a disk is removed, bdiunregister gets called to stop further writeback and wait for associated delayed work to complete. However, wbinodewritebackend may schedule bandwid...

CVE-2022-49985 bpf: Don't use tnum_range on array range checking for poke descriptors

In the Linux kernel, the following vulnerability has been resolved: bpf: Don't use tnumrange on array range checking for poke descriptors Hsin-Wei reported a KASAN splat triggered by their BPF runtime fuzzer which is based on a customized syzkaller: BUG: KASAN: slab-out-of-bounds in...

CVE-2022-49983 udmabuf: Set the DMA mask for the udmabuf device (v2)

In the Linux kernel, the following vulnerability has been resolved: udmabuf: Set the DMA mask for the udmabuf device v2 If the DMA mask is not set explicitly, the following warning occurs when the userspace tries to access the dma-buf via the CPU as reported by syzbot here: WARNING: CPU: 1 PID:...

CVE-2022-49966 drm/amd/pm: add missing ->fini_microcode interface for Sienna Cichlid

In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: add missing -finimicrocode interface for Sienna Cichlid To avoid any potential memory leak...

CVE-2022-49934

The CVE-2022-49934 vulnerability affects the Linux kernel’s wifi stack (mac80211) where UAF can occur in ieee80211_scan_rx() after the null check due to race with __ieee80211_scan_completed() and cfg80211_scan_done() freeing scan_req. The issue is mitigated by a fix in the kernel that prevents ac...

CVE-2025-38070

In the Linux kernel, the following vulnerability has been resolved: ASoC: sma1307: Add NULL check in sma1307settingloaded All varibale allocated by kzalloc and devmkzalloc could be NULL. Multiple pointer checks and their cleanup are added. This issue is found by our static analysis tool...

CVE-2025-38055

In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel: Fix segfault with PEBS-via-PT with samplefreq Currently, using PEBS-via-PT with a sample frequency instead of a sample period, causes a segfault. For example: BUG: kernel NULL pointer dereference, address:...

CVE-2025-38023

In the Linux kernel, the following vulnerability has been resolved: nfs: handle failure of nfsgetlockcontext in unlock path When memory is insufficient, the allocation of nfslockcontext in nfsgetlockcontext fails and returns -ENOMEM. If we mistakenly treat an nfs4unlockdata structure whose lctx...

CVE-2025-38012

In the Linux kernel, the following vulnerability has been resolved: schedext: bpfiterscxdsqnew should always initialize iterator BPF programs may call next and destroy on BPF iterators even after new returns an error value e.g. bpfforeach macro ignores error returns from new. bpfiterscxdsqnew cou...

CVE-2025-38068

CVE-2025-38068: In the Linux kernel, the crypto/lzo path fixed a compression buffer overrun by adding a safe compression interface that checks the end of the output buffer before each write and using it in crypto/lzo. This corrects a prior assumption that the caller always provided sufficient buf...

CVE-2025-38044 media: cx231xx: set device_caps for 417

In the Linux kernel, the following vulnerability has been resolved: media: cx231xx: set devicecaps for 417 The videodevice for the MPEG encoder did not set devicecaps. Add this, otherwise the video device can't be registered you get a WARNON instead. Not seen before since currently 417 support is...

CVE-2025-38033 x86/Kconfig: make CFI_AUTO_DEFAULT depend on !RUST or Rust >= 1.88

In the Linux kernel, the following vulnerability has been resolved: x86/Kconfig: make CFIAUTODEFAULT depend on !RUST or Rust = 1.88 Calling core::fmt::write from rust code while FineIBT is enabled results in a kernel panic: 4614.199779 kernel BUG at arch/x86/kernel/cet.c:132! 4614.205343 Oops:...

CVE-2025-38033

CVE-2025-38033 affects the Linux kernel (x86) where FineIBT and Rust integration triggers a kernel panic when core::fmt::write() is invoked from Rust with FineIBT enabled. Root cause is that core::fmt::rt::Argument::fmt() has CFI-disabled code (no_sanitize(cfi, kcfi)), causing a Control Protectio...

CVE-2025-38021

CVE-2025-38021 affects the Linux kernel in the DRM AMD Display path (drm/amd/display), where update_dchubp_dpp and related code could dereference a null pipe_ctx->plane_state. The issue is a missing null check in the update path that could lead to a null pointer dereference; it is stated to be...

CVE-2025-38011 drm/amdgpu: csa unmap use uninterruptible lock

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: csa unmap use uninterruptible lock After process exit to unmap csa and free GPU vm, if signal is accepted and then waiting to take vm lock is interrupted and return, it causes memory leaking and below warning backtrac...

SUSE-SU-2025:01972-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-28956: x86/ibt: Keep IBT disabled during alternative patching bsc1242006. - CVE-2024-35840: mptcp: use OPTIONMPTCPMPJSYNACK in subflowfinishconnect...

SUSE-SU-2025:01965-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-28956: x86/ibt: Keep IBT disabled during alternative patching bsc1242006. - CVE-2024-46713: kabi fix for perf/aux: Fix AUX buffer serialization...