Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988846)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988846 advisory. In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid racing on fsyncentryslab by multi filesystem instances As syzbot reported, the...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986984)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986984 advisory. In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid racing on fsyncentryslab by multi filesystem instances As syzbot reported, the...

CVE-2023-53594 driver core: fix resource leak in device_add()

In the Linux kernel, the following vulnerability has been resolved: driver core: fix resource leak in deviceadd When calling kobjectadd failed in deviceadd, it will call cleanupgluedir to free resource. But in kobjectadd, dev-kobj.parent has been set to NULL. This will cause resource leak. The...

UBUNTU-CVE-2022-50376

In the Linux kernel, the following vulnerability has been resolved: orangefs: Fix kmemleak in orangefskernel,clientdebuginit When insert and remove the orangefs module, there are memory leaked as below: unreferenced object 0xffff88816b0cc000 size 2048: comm "insmod", pid 783, jiffies 4294813439 a...

Linux Distros Unpatched Vulnerability : CVE-2022-50269

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Fix memory leak in vkmsinit A memory leak was reported after the vkms module insta...

kernel: static_call: Handle module init failure correctly in static_call_del_module()

In the Linux kernel, the following vulnerability has been resolved: staticcall: Handle module init failure correctly in staticcalldelmodule Module insertion invokes staticcalladdmodule to initialize the static calls in a module. staticcalladdmodule invokes staticcallinit, which allocates a struct...

SUSE CVE-2022-49236

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix UAF due to race between btftrygetmodule and loadmodule While working on code to populate kfunc BTF ID sets for module BTF from its initcall, I noticed that by the time the initcall is invoked, the module BTF can already ...

CVE-2022-49100

In the Linux kernel, the following vulnerability has been resolved: virtioconsole: eliminate anonymous moduleinit & moduleexit Eliminate anonymous moduleinit and moduleexit, which can lead to confusion or ambiguity when reading System.map, crashes/oops/bugs, or an initcalldebug log. Give each of...

PT-2025-52660

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Comedi low-level driver "c6xdigio" has a flaw related to parallel port Plug and Play PNP resource management. The driver incorrectly handles PNP driver registration and unregistratio...

The vulnerability of the ice component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the ice component in the Linux operating system’s kernel is related to resource management errors in the icemoduleinit module. Exploiting this vulnerability can allow an attacker to cause a service failure...

CVE-2024-50002

...

AZL-51974 CVE-2024-50002 affecting package kernel for versions less than 5.15.173.1-1

In the Linux kernel, the following vulnerability has been resolved: staticcall: Handle module init failure correctly in staticcalldelmodule Module insertion invokes staticcalladdmodule to initialize the static calls in a module. staticcalladdmodule invokes staticcallinit, which allocates a struct...

UBUNTU-CVE-2024-50002

In the Linux kernel, the following vulnerability has been resolved: staticcall: Handle module init failure correctly in staticcalldelmodule Module insertion invokes staticcalladdmodule to initialize the static calls in a module. staticcalladdmodule invokes staticcallinit, which allocates a struct...

CVE-2024-50002 static_call: Handle module init failure correctly in static_call_del_module()

In the Linux kernel, the following vulnerability has been resolved: staticcall: Handle module init failure correctly in staticcalldelmodule Module insertion invokes staticcalladdmodule to initialize the static calls in a module. staticcalladdmodule invokes staticcallinit, which allocates a struct...

CVE-2024-41004 tracing: Build event generation tests only as modules

In the Linux kernel, the following vulnerability has been resolved: tracing: Build event generation tests only as modules The kprobes and synth event generation test modules add events and lock get a reference those event file reference in module init function, and unlock and delete it in module...

SUSE CVE-2024-39296

In the Linux kernel, the following vulnerability has been resolved: bonding: fix oops during rmmod "rmmod bonding" causes an oops ever since commit cc317ea3d927 "bonding: remove redundant NULL check in debugfs function". Here are the relevant functions being called: bondingexit bonddestroydebugfs...

CVE-2021-47335

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid racing on fsyncentryslab by multi filesystem instances As syzbot reported, there is an use-after-free issue during f2fs recovery: Use-after-free write at 0xffff88823bc16040 in kfence-10:...

PT-2023-35151 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.91 Description: The issue is related to the elimination of anonymous module init and module exit in the net: mlx5 module. The actual impact and attack plausibility have not yet been proven. Recommendations...

Vulnerabilities in the operating system openSUSE, which allow a malicious individual to compromise the integrity of protected information

The module-init-tools-debuginfo package of the operating system openSUSE has multiple vulnerabilities. Exploiting these vulnerabilities can lead to a breach of the integrity of protected information. These vulnerabilities can be exploited locally...

Vulnerabilities of the SUSE Linux Enterprise operating system, which allow a malicious individual to compromise the integrity of protected information

The module-init-tools-debuginfo package of the SUSE Linux Enterprise operating system has multiple vulnerabilities. Exploitation of these vulnerabilities may lead to the compromise of protected information. These vulnerabilities can be exploited locally...