Azure Linux 3.0 Security Update: kernel (CVE-2025-37969)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37969 advisory. - In the Linux kernel, the following vulnerability has been resolved: iio: imu: stlsm6dsx: fix possible lockup...

CVE-2023-53790

Summary of CVE-2023-53790 (Linux kernel) : The vulnerability arises from the bpf memory allocator’s handling of freed objects in slab memory. Freed elements can be immediately reused, and for preallocated or non-preallocated htab maps this may cause reinitialization of special fields in map value...

CVE-2025-38553 net/sched: Restrict conditions for adding duplicating netems to qdisc tree

In the Linux kernel, the following vulnerability has been resolved: net/sched: Restrict conditions for adding duplicating netems to qdisc tree netemenqueue's duplication prevention logic breaks when a netem resides in a qdisc tree with other netems - this can lead to a soft lockup and OOM loop in...

CVE-2023-53051 dm crypt: add cond_resched() to dmcrypt_write()

In the Linux kernel, the following vulnerability has been resolved: dm crypt: add condresched to dmcryptwrite The loop in dmcryptwrite may be running for unbounded amount of time, thus we need condresched in it. This commit fixes the following warning: 3391.153255 C12 watchdog: BUG: soft lockup -...

CVE-2025-21749 net: rose: lock the socket in rose_bind()

In the Linux kernel, the following vulnerability has been resolved: net: rose: lock the socket in rosebind syzbot reported a soft lockup in roseloopbacktimer, with a repro calling bind from multiple threads. rosebind must lock the socket to avoid this issue...

DEBIAN-CVE-2021-47350

In the Linux kernel, the following vulnerability has been resolved: powerpc/mm: Fix lockup on kernel exec fault The powerpc kernel is not prepared to handle exec faults from kernel. Especially, the function isexecfault will return 'false' when an exec fault is taken by kernel, because the check i...

DEBIAN-CVE-2022-48704

In the Linux kernel, the following vulnerability has been resolved: drm/radeon: add a force flush to delay work when radeon Although radeon card fence and wait for gpu to finish processing current batch rings, there is still a corner case that radeon lockup work queue may not be fully flushed, an...

DEBIAN-CVE-2023-52493

In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: Drop chan lock before queuing buffers Ensure read and write locks for the channel are not taken in succession by dropping the read lock from parsexferevent such that a callback given to client can potentially queu...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2016-3554)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2016-3554 advisory. kernel-uek 4.1.12-37.2.2 - sctp: Prevent soft lockup when sctpaccept is called during a timeout event Karl Heiss Orabug: 23222731 CVE-2015-8767 Tenable has...

Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2016-3552)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2016-3552 advisory. 2.6.39-400.278.2 - sctp: Prevent soft lockup when sctpaccept is called during a timeout event Karl Heiss Orabug: 23222773 CVE-2015-8767 Tenable has extracte...

Unbreakable Enterprise kernel security update

kernel-uek 4.1.12-37.2.2 - sctp: Prevent soft lockup when sctpaccept is called during a timeout event Karl Heiss Orabug: 23222731 CVE-2015-8767...