Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988900)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988900 advisory. In the Linux kernel, the following vulnerability has been resolved: IB/core: Fix a nested dead lock as part of ODP flow Fix a nested dead lock as part of ODP flow by...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987386)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987386 advisory. In the Linux kernel, the following vulnerability has been resolved: IB/core: Fix a nested dead lock as part of ODP flow Fix a nested dead lock as part of ODP flow by...

EUVD-2025-22631

Malicious code in bioql PyPI...

EUVD-2025-5252

Malicious code in bioql PyPI...

EUVD-2025-5202

Malicious code in bioql PyPI...

EUVD-2025-8482

Malicious code in bioql PyPI...

UBUNTU-CVE-2025-38372

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix unsafe xarray access in implicit ODP handling xastore and xaerase were used without holding the proper lock, which led to a lockdep warning due to unsafe RCU usage. This patch replaces them with xastore and xaerase...

CVE-2025-38372

CVE-2025-38372 : The Linux kernel patch for RDMA/mlx5 implicit ODP handling fixes an unsafe xarray access by replacing __xa_store() and __xa_erase() (which were used without proper locking) with xa_store() and xa_erase(), which perform the necessary locking internally. This resolves a suspicious ...

CVE-2025-38372 RDMA/mlx5: Fix unsafe xarray access in implicit ODP handling

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix unsafe xarray access in implicit ODP handling xastore and xaerase were used without holding the proper lock, which led to a lockdep warning due to unsafe RCU usage. This patch replaces them with xastore and xaerase...

CVE-2025-38372

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix unsafe xarray access in implicit ODP handling xastore and xaerase were used without holding the proper lock, which led to a lockdep warning due to unsafe RCU usage. This patch replaces them with xastore and xaerase...

CVE-2025-38372 RDMA/mlx5: Fix unsafe xarray access in implicit ODP handling

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix unsafe xarray access in implicit ODP handling xastore and xaerase were used without holding the proper lock, which led to a lockdep warning due to unsafe RCU usage. This patch replaces them with xastore and xaerase...

NewStart CGSL MAIN 7.02 : python-certifi Vulnerability (NS-SA-2025-0070)

The remote NewStart CGSL host, running version MAIN 7.02, has python-certifi packages installed that are affected by a vulnerability: - In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix a race for an ODP MR which leads to CQE with error This patch addresses a race...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-49053: scsi: target: tcmu: Fix possible page UAF bsc1237918. CVE-2022-49465: blk-throttle: Set BIOTHROTTLED when bio has been throttled bsc1238919...

CVE-2025-21886

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix implicit ODP hang on parent deregistration Fix the destroyunusedimplicitchildmr to prevent hanging during parent deregistration as of below 1. Upon entering destroyunusedimplicitchildmr, the reference count for the...

DEBIAN-CVE-2025-21886

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix implicit ODP hang on parent deregistration Fix the destroyunusedimplicitchildmr to prevent hanging during parent deregistration as of below 1. Upon entering destroyunusedimplicitchildmr, the reference count for the...

CVE-2025-21886

CVE-2025-21886 summary (Linux kernel) This vulnerability affects the mlx5 RDMA path. The issue is related to implicit MR management during deregistration: on entering destroy_unused_implicit_child_mr(), the parent implicit MR’s refcount is incremented with refcount_inc_not_zero(), but a correspon...

CVE-2025-21886 RDMA/mlx5: Fix implicit ODP hang on parent deregistration

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix implicit ODP hang on parent deregistration Fix the destroyunusedimplicitchildmr to prevent hanging during parent deregistration as of below 1. Upon entering destroyunusedimplicitchildmr, the reference count for the...

Linux Distros Unpatched Vulnerability : CVE-2025-21714

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RDMA/mlx5: Fix implicit ODP use after free Prevent double queueing of implicit ODP mr destroy work by using xacmpxchg to make sure this is the only time we are...

Linux Distros Unpatched Vulnerability : CVE-2022-48675

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: IB/core: Fix a nested dead lock as part of ODP flow Fix a nested dead lock as part of ODP fl...

AZL-68967 CVE-2025-21732 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix a race for an ODP MR which leads to CQE with error This patch addresses a race condition for an ODP MR that can result in a CQE with an error on the UMR QP. During the mlx5ibderegmr flow, the following sequence of...