AZL-73611 CVE-2025-38617 affecting package kernel for versions less than 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: net/packet: fix a race in packetsetring and packetnotifier When packetsetring releases po-bindlock, another thread can run packetnotifier and process an NETDEVUP event. This race and the fix are both similar to that of commit...

UBUNTU-CVE-2025-38617

In the Linux kernel, the following vulnerability has been resolved: net/packet: fix a race in packetsetring and packetnotifier When packetsetring releases po-bindlock, another thread can run packetnotifier and process an NETDEVUP event. This race and the fix are both similar to that of commit...

SUSE CVE-2025-38589

In the Linux kernel, the following vulnerability has been resolved: neighbour: Fix null-ptr-deref in neighflushdev. kernel test robot reported null-ptr-deref in neighflushdev. 0 The cited commit introduced per-netdev neighbour list and converted neighflushdev to use it instead of the global hash...

UBUNTU-CVE-2025-38589

In the Linux kernel, the following vulnerability has been resolved: neighbour: Fix null-ptr-deref in neighflushdev. kernel test robot reported null-ptr-deref in neighflushdev. 0 The cited commit introduced per-netdev neighbour list and converted neighflushdev to use it instead of the global hash...

CVE-2025-38589

In the Linux kernel, the following vulnerability has been resolved: neighbour: Fix null-ptr-deref in neighflushdev. kernel test robot reported null-ptr-deref in neighflushdev. 0 The cited commit introduced per-netdev neighbour list and converted neighflushdev to use it instead of the global hash...

CVE-2025-38589

The Connected documents confirm CVE-2025-38589 relates to a null-ptr-deref in neigh_flush_dev() within the Linux kernel, fixed by reverting to hash-table iteration in neigh_table_clear() after introducing per-netdev neighbour lists. The issue was triggered by neigh_table_clear() calling neigh_ifd...

SUSE CVE-2025-38526

In the Linux kernel, the following vulnerability has been resolved: ice: add NULL check in eswitch lag check The function icelagisswitchdevrunning is being called from outside of the LAG event handler code. This results in the lag-uppernetdev being NULL sometimes. To avoid a NULL-pointer...

DEBIAN-CVE-2025-38526

In the Linux kernel, the following vulnerability has been resolved: ice: add NULL check in eswitch lag check The function icelagisswitchdevrunning is being called from outside of the LAG event handler code. This results in the lag-uppernetdev being NULL sometimes. To avoid a NULL-pointer...

UBUNTU-CVE-2025-38526

In the Linux kernel, the following vulnerability has been resolved: ice: add NULL check in eswitch lag check The function icelagisswitchdevrunning is being called from outside of the LAG event handler code. This results in the lag-uppernetdev being NULL sometimes. To avoid a NULL-pointer...

CVE-2025-38526

In the Linux kernel, the following vulnerability has been resolved: ice: add NULL check in eswitch lag check The function icelagisswitchdevrunning is being called from outside of the LAG event handler code. This results in the lag-uppernetdev being NULL sometimes. To avoid a NULL-pointer...

CVE-2025-38526

In the Linux kernel, the following vulnerability has been resolved: ice: add NULL check in eswitch lag check The function icelagisswitchdevrunning is being called from outside of the LAG event handler code. This results in the lag-uppernetdev being NULL sometimes. To avoid a NULL-pointer...

CVE-2025-38526 ice: add NULL check in eswitch lag check

In the Linux kernel, the following vulnerability has been resolved: ice: add NULL check in eswitch lag check The function icelagisswitchdevrunning is being called from outside of the LAG event handler code. This results in the lag-uppernetdev being NULL sometimes. To avoid a NULL-pointer...

Linux Distros Unpatched Vulnerability : CVE-2025-38311

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - iavf: get rid of the crit lock Get rid of the crit lock. That frees us from the error prone logic of trylocks. Thanks to netdevlock by Jakub it is now easy, and...

Linux Distros Unpatched Vulnerability : CVE-2021-47311

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net: qcom/emac: fix UAF in emacremove adpt is netdev private data and it cannot be used afte...

DEBIAN-CVE-2025-38500

In the Linux kernel, the following vulnerability has been resolved: xfrm: interface: fix use-after-free after changing collectmd xfrm interface collectmd property on xfrm interfaces can only be set on device creation, thus xfrmichangelink should fail when called on such interfaces. The check to...

CVE-2025-38500

In the Linux kernel, the following vulnerability has been resolved: xfrm: interface: fix use-after-free after changing collectmd xfrm interface collectmd property on xfrm interfaces can only be set on device creation, thus xfrmichangelink should fail when called on such interfaces. The check to...

UBUNTU-CVE-2025-38500

In the Linux kernel, the following vulnerability has been resolved: xfrm: interface: fix use-after-free after changing collectmd xfrm interface collectmd property on xfrm interfaces can only be set on device creation, thus xfrmichangelink should fail when called on such interfaces. The check to...

CVE-2025-38500

CVE-2025-38500 : In the Linux kernel, a use-after-free could occur when changing xfrm interface collect_md state via xfrmi_changelink(), because the collect_md interface could be placed in both xfrmi_net and collect_md_xfrmi structures. The fix uses the xi from netdev_priv earlier in the path to ...

CVE-2025-38500 xfrm: interface: fix use-after-free after changing collect_md xfrm interface

In the Linux kernel, the following vulnerability has been resolved: xfrm: interface: fix use-after-free after changing collectmd xfrm interface collectmd property on xfrm interfaces can only be set on device creation, thus xfrmichangelink should fail when called on such interfaces. The check to...

Linux Distros Unpatched Vulnerability : CVE-2025-38150

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: afpacket: move notifier's packetdevmc out of rcu critical section Syzkaller reports the...