kernel: net/mlx5: E-Switch, Fix an Oops in error handling code

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: E-Switch, Fix an Oops in error handling code The error handling dereferences "vport". There is nothing we can do if it is an error pointer except returning the error code...

kernel: ALSA: ymfpci: Create card with device-managed snd_devm_card_new()

A flaw was found in the Linux kernel's ALSA ymfpci sound driver. During a previous refactoring commit that removed sndcardymfpciremove, the sndcardnew call was not updated to snddevmcardnew. This omission means sndcardfree is never called during module unload, leading to a kernel oops when...

kernel: ALSA: ymfpci: Create card with device-managed snd_devm_card_new()

A flaw was found in the Linux kernel's ALSA ymfpci sound driver. During a previous refactoring commit that removed sndcardymfpciremove, the sndcardnew call was not updated to snddevmcardnew. This omission means sndcardfree is never called during module unload, leading to a kernel oops when...

kernel: net/mlx5: E-Switch, Fix an Oops in error handling code

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: E-Switch, Fix an Oops in error handling code The error handling dereferences "vport". There is nothing we can do if it is an error pointer except returning the error code...

kernel: octeontx2-af: Add validation for lmac type

A flaw was found in the octeontx2-af network driver within the Linux kernel where insufficient validation of the lmactypeid field from firmware during a physical link change can result in a kernel panic. Firmware may report an invalid lmactypeid, and because the kernel previously derived an...

kernel: cifs: fix oops during encryption

An out-of-bounds memory access vulnerability exists in the linux kernel, such that A stack-allocated buffer backed by vmalloc was passed into crypto code scatterwalkmapandcopy → memcpy where a cross-page write occurred. This ended up hitting a read-only mapping, causing a page-level fault and...

kernel: cifs: Fix oops due to uncleared server->smbd_conn in reconnect

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix oops due to uncleared server-smbdconn in reconnect In smbddestroy, clear the server-smbdconn pointer after freeing the smbdconnection struct that it points to so that reconnection doesn't get confused...

kernel security, bug fix, and enhancement update

An update is available for kernel. This update affects Rocky Linux SIG Cloud 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux...

Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: ipvlan: out-of-bounds write caused by unclear skb-cb CVE-2023-3090 kernel: UAF in nftables when nftsetlookupglobal triggered after handling named and anonymous sets in batch requests...

PT-2025-41091

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel’s VMBus client driver has an issue where it attempts to access resources of the ACPI namespace root object, which has an all-ones handle. This can lead to a NULL pointer...

kernel: arm64: fix oops in concurrently setting insn_emulation sysctls

In the Linux kernel, the following vulnerability has been resolved: arm64: fix oops in concurrently setting insnemulation sysctls emulationprochandler changes table-data for procdointvecminmax and can generate the following Oops if called concurrently with itself: | Unable to handle kernel NULL...

PT-2025-26132 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, which occurred when the emulation proc handler function changed table-data for proc dointvec minmax. This could generate an Oops...

PT-2025-38197

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's net/mlx5 component related to the handling of E-switch pairing during uplink un/load APIs. Specifically, when transitioning a device from switchdev mo...

GSD-2023-1002358 drm/amdgpu/fence: Fix oops due to non-matching drm_sched init/fini

drm/amdgpu/fence: Fix oops due to non-matching drmsched init/fini This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.94 by commit...

GSD-2023-1002326 drm/amdgpu/fence: Fix oops due to non-matching drm_sched init/fini

drm/amdgpu/fence: Fix oops due to non-matching drmsched init/fini This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.1.12 by commit...

PT-2023-35391 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.1.13 Description: The issue is related to a missing call to kasan arch is ready, which may cause an Oops error. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux...

K56237129: Linux kernel vulnerability in non-GENERIC_TIME systems CVE-2010-2243

Security Advisory Description A vulnerability exists in kernel/time/clocksource.c in the Linux kernel before 2.6.34 where on non-GENERICTIME systems GENERICTIME=n, accessing /sys/devices/system/clocksource/clocksource0/currentclocksource results in an OOPS. CVE-2010-2243 Impact There is no impact...

K31864522: Linux kernel vulnerability CVE-2019-9162

Security Advisory Description In the Linux kernel before 4.20.12, net/ipv4/netfilter/nfnatsnmpbasicmain.c in the SNMP NAT module has insufficient ASN.1 length checks aka an array index error, making out-of-bounds read and write operations possible, leading to an OOPS or local privilege escalation...

SUSE CVE-2005-2099

The Linux kernel before 2.6.12.5 does not properly destroy a keyring that is not instantiated properly, which allows local users or remote attackers to cause a denial of service kernel oops via a keyring with a payload that is not empty, which causes the creation to fail, leading to a null...