CVE-2025-38056

The CVE-2025-38056 vulnerability affects the Linux kernel ASoC: SOF Intel HDA path. Specifically, hda_generic_machine_select() appends -idisp to the tplg filename by allocating a new string and storing it into a global, which becomes a freed pointer after module unloads, enabling a use-after-free...

CVE-2025-37995 module: ensure that kobject_put() is safe for module type kobjects

In the Linux kernel, the following vulnerability has been resolved: module: ensure that kobjectput is safe for module type kobjects In 'lookuporcreatemodulekobject', an internal kobject is created using 'modulektype'. So call to 'kobjectput' on error handling path causes an attempt to use an...

SUSE CVE-2025-37845

In the Linux kernel, the following vulnerability has been resolved: tracing: fprobe events: Fix possible UAF on modules Commit ac91052f0ae5 "tracing: tprobe-events: Fix leakage of module refcount" moved trymoduleget from findtracepointmodulecb to findtracepoint caller, but that introduced a...

SUSE CVE-2025-23143

In the Linux kernel, the following vulnerability has been resolved: net: Fix null-ptr-deref by socklockinitclassandname and rmmod. When I ran the repro 0 and waited a few seconds, I observed two LOCKDEP splats: a warning immediately followed by a null-ptr-deref. 1 Reproduction Steps: 1 Mount CIFS...

DEBIAN-CVE-2025-23143

In the Linux kernel, the following vulnerability has been resolved: net: Fix null-ptr-deref by socklockinitclassandname and rmmod. When I ran the repro 0 and waited a few seconds, I observed two LOCKDEP splats: a warning immediately followed by a null-ptr-deref. 1 Reproduction Steps: 1 Mount CIFS...

UBUNTU-CVE-2025-23143

In the Linux kernel, the following vulnerability has been resolved: net: Fix null-ptr-deref by socklockinitclassandname and rmmod. When I ran the repro 0 and waited a few seconds, I observed two LOCKDEP splats: a warning immediately followed by a null-ptr-deref. 1 Reproduction Steps: 1 Mount CIFS...

Linux Distros Unpatched Vulnerability : CVE-2020-25632

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in grub2 in versions prior to 2.06. The rmmod implementation allows the unloading of a module used as a dependency without checking if any othe...

CVE-2025-21769

In the Linux kernel, the following vulnerability has been resolved: ptp: vmclock: Add .owner to vmclockmiscdevfops Without the .owner field, the module can be unloaded while /dev/vmclock0 is open, leading to an oops...

SUSE CVE-2022-49098

In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Fix potential crash on module unload The vmbus driver relies on the panic notifier infrastructure to perform some operations when a panic event is detected. Since vmbus can be built as module, it is required...

CVE-2025-21769

In the Linux kernel, the following vulnerability has been resolved: ptp: vmclock: Add .owner to vmclockmiscdevfops Without the .owner field, the module can be unloaded while /dev/vmclock0 is open, leading to an oops...

CVE-2025-0622

The CVE-2025-0622 entry describes a use-after-free vulnerability in grub2 where hooks created by loaded modules are not removed when the module is unloaded, potentially allowing arbitrary code execution and bypass of secure boot protections. Connected advisories (e.g., Red Hat RHSA-2025:16154 and...

PT-2025-30876

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a time-of-check-to-time-of-use TOCTOU issue within the vsock subsystem. Specifically, vsock find cid and vsock dev do ioctl may experience a race condition duri...

UBUNTU-CVE-2024-56637

In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: Hold module reference while requesting a module User space may unload ipset.ko while it is itself requesting a set type backend module, leading to a kernel crash. The race condition may be provoked by inserting ...

kernel: nvme-fc: do not wait in vain when unloading module

In the Linux kernel, the following vulnerability has been resolved: nvme-fc: do not wait in vain when unloading module The module exit path has race between deleting all controllers and freeing 'left over IDs'. To prevent double free a synchronization between nvmedeletectrl and idadestroy has bee...

kernel: KVM: Always flush async #PF workqueue when vCPU is being destroyed

In the Linux kernel, the following vulnerability has been resolved: KVM: Always flush async PF workqueue when vCPU is being destroyed Always flush the per-vCPU async PF workqueue when a vCPU is clearing its completion queue, e.g. when a VM and all its vCPUs is being destroyed. KVM must ensure tha...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from improper cleanup of bo-bcmprocread in the bcm subsystem of the can protocol, which may trigger an unnecessar...

UBUNTU-CVE-2024-41047

In the Linux kernel, the following vulnerability has been resolved: i40e: Fix XDP program unloading while removing the driver The commit 6533e558c650 "i40e: Fix reset path while removing the driver" introduced a new PF state "I40EINREMOVE" to block modifying the XDP program while the driver is...

DEBIAN-CVE-2021-47262

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Ensure liveliness of nested VM-Enter fail tracepoint message Use the string machinery provided by the tracing subystem to make a copy of the string literals consumed by the "nested VM-Enter failed" tracepoint. A complet...

UBUNTU-CVE-2021-47262

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Ensure liveliness of nested VM-Enter fail tracepoint message Use the string machinery provided by the tracing subystem to make a copy of the string literals consumed by the "nested VM-Enter failed" tracepoint. A complet...

UBUNTU-CVE-2024-35955

In the Linux kernel, the following vulnerability has been resolved: kprobes: Fix possible use-after-free issue on kprobe registration When unloading a module, its state is changing MODULESTATELIVE - MODULESTATEGOING - MODULESTATEUNFORMED. Each change will take a time. ismoduletextaddress and...