870 matches found
CVE-2023-54012
The CVE-2023-54012 vulnerability in the Linux kernel describes a stack overflow risk when LRO is disabled for virtual interfaces. The root cause is a recursive-like propagation of NETDEV_FEAT_CHANGE notifications between a parent team/bond interface and its lower interfaces, instead of a strictly...
SUSE CVE-2025-68307
In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbxmitcallback: fix handling of failed transmitted URBs The driver lacks the cleanup of failed transfers of URBs. This reduces the number of available URBs per error by 1. This leads to reduced performance and...
SUSE CVE-2025-68191
In the Linux kernel, the following vulnerability has been resolved: udptunnel: use netdevwarn instead of netdevWARN netdevWARN uses WARN/WARNON to print a backtrace along with file and line information. In this case, udptunnelnicregister returning an error is just a failed operation, not a kernel...
SUSE CVE-2025-68245
In the Linux kernel, the following vulnerability has been resolved: net: netpoll: fix incorrect refcount handling causing incorrect cleanup commit efa95b01da18 "netpoll: fix use after free" incorrectly ignored the refcount and prematurely set dev-npinfo to NULL during netpoll cleanup, leading to...
SUSE CVE-2025-68312
In the Linux kernel, the following vulnerability has been resolved: usbnet: Prevents free active kevent The root cause of this issue are: 1. When probing the usbnet device, executing usbnetlinkchangedev, 0, 0; put the kevent work in global workqueue. However, the kevent has not yet been scheduled...
AlmaLinux 9 : kernel (ALSA-2025:22865)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:22865 advisory. kernel: can: j1939: implement NETDEVUNREGISTER notification handler CVE-2025-39925 kernel: net/mlx5: fs, fix UAF in flow counter release CVE-2025-39979...
EUVD-2025-203757
In the Linux kernel, the following vulnerability has been resolved: usbnet: Prevents free active kevent The root cause of this issue are: 1. When probing the usbnet device, executing usbnetlinkchangedev, 0, 0; put the kevent work in global workqueue. However, the kevent has not yet been scheduled...
EUVD-2025-203773
In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbxmitcallback: fix handling of failed transmitted URBs The driver lacks the cleanup of failed transfers of URBs. This reduces the number of available URBs per error by 1. This leads to reduced performance and...
CVE-2025-68312
In the Linux kernel, the following vulnerability has been resolved: usbnet: Prevents free active kevent The root cause of this issue are: 1. When probing the usbnet device, executing usbnetlinkchangedev, 0, 0; put the kevent work in global workqueue. However, the kevent has not yet been scheduled...
UBUNTU-CVE-2025-68312
In the Linux kernel, the following vulnerability has been resolved: usbnet: Prevents free active kevent The root cause of this issue are: 1. When probing the usbnet device, executing usbnetlinkchangedev, 0, 0; put the kevent work in global workqueue. However, the kevent has not yet been scheduled...
CVE-2025-68312
In the Linux kernel, the following vulnerability has been resolved: usbnet: Prevents free active kevent The root cause of this issue are: 1. When probing the usbnet device, executing usbnetlinkchangedev, 0, 0; put the kevent work in global workqueue. However, the kevent has not yet been scheduled...
CVE-2025-68312
CVE-2025-68312 affects the Linux kernel usbnet subsystem. Root cause: during usbnet probing, usbnet_link_change(dev,0,0) queues a kevent on the global workqueue, which may still be active when the device is unregistered, causing a potential free of an active kevent object. The added fix cancels t...
EUVD-2025-203705
In the Linux kernel, the following vulnerability has been resolved: udptunnel: use netdevwarn instead of netdevWARN netdevWARN uses WARN/WARNON to print a backtrace along with file and line information. In this case, udptunnelnicregister returning an error is just a failed operation, not a kernel...
CVE-2025-68307 can: gs_usb: gs_usb_xmit_callback(): fix handling of failed transmitted URBs
In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbxmitcallback: fix handling of failed transmitted URBs The driver lacks the cleanup of failed transfers of URBs. This reduces the number of available URBs per error by 1. This leads to reduced performance and...
CVE-2025-68307
CVE-2025-68307 – Linux kernel can: gs_usb: gs_usb_xmit_callback(): fix handling of failed transmitted URBs. Root cause: missing cleanup of failed URB transfers, decreasing available URBs per error by 1, which can degrade performance and may halt transmission. Affected: linux kernel driver can: gs...
CVE-2025-68191
In the Linux kernel, the following vulnerability has been resolved: udptunnel: use netdevwarn instead of netdevWARN netdevWARN uses WARN/WARNON to print a backtrace along with file and line information. In this case, udptunnelnicregister returning an error is just a failed operation, not a kernel...
CVE-2025-68191
In the Linux kernel, the following vulnerability has been resolved: udptunnel: use netdevwarn instead of netdevWARN netdevWARN uses WARN/WARNON to print a backtrace along with file and line information. In this case, udptunnelnicregister returning an error is just a failed operation, not a kernel...
UBUNTU-CVE-2025-68191
In the Linux kernel, the following vulnerability has been resolved: udptunnel: use netdevwarn instead of netdevWARN netdevWARN uses WARN/WARNON to print a backtrace along with file and line information. In this case, udptunnelnicregister returning an error is just a failed operation, not a kernel...
CVE-2025-68191 udp_tunnel: use netdev_warn() instead of netdev_WARN()
In the Linux kernel, the following vulnerability has been resolved: udptunnel: use netdevwarn instead of netdevWARN netdevWARN uses WARN/WARNON to print a backtrace along with file and line information. In this case, udptunnelnicregister returning an error is just a failed operation, not a kernel...
CVE-2025-68191
In the Linux kernel, CVE-2025-68191 is addressed by replacing netdev_WARN() with netdev_warn() in udp_tunnel_nic_register(). The old netdev_WARN() prints a backtrace via WARN/WARN_ON, which is inappropriate for an error that is simply a normal memory-allocation failure (kzalloc() or udp_tunnel_ni...