PCI: endpoint: pci-epf-test: Fix double free that causes kernel to oops

...

Linux Distros Unpatched Vulnerability : CVE-2025-38576

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - powerpc/eeh: Make EEH driver device hotplug safe Multiple race conditions existed between the PCIe hotplug driver and the EEH driver, leading to a variety of...

MAL-2025-41407 Malicious code in spelunker-agent (npm)

The package communicates with a domain associated with malicious activity...

CVE-2025-38658

In the Linux kernel, the following vulnerability has been resolved: nvmet: pci-epf: Do not complete commands twice if nvmetreqinit fails Have nvmetreqinit and req-execute complete failed commands. Description of the problem: nvmetreqinit calls nvmetreqcomplete internally upon failure, e.g.,...

UBUNTU-CVE-2025-38623

In the Linux kernel, the following vulnerability has been resolved: PCI: pnvphp: Fix surprise plug detection and recovery The existing PowerNV hotplug code did not handle surprise plug events correctly, leading to a complete failure of the hotplug system after device removal and a required reboot...

PT-2025-34419 · Nvme-Cli +1 · Nvme-Cli +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a flaw within the nvmet PCI-EPF subsystem where commands may be completed twice if nvmet req init fails. This double completion can corrupt the state of the P...

AZL-66515 CVE-2025-38576 affecting package kernel for versions less than 6.6.104.2-1

In the Linux kernel, the following vulnerability has been resolved: powerpc/eeh: Make EEH driver device hotplug safe Multiple race conditions existed between the PCIe hotplug driver and the EEH driver, leading to a variety of kernel oopses of the same general nature: A second class of oops is als...

CVE-2025-38576

In the Linux kernel, the following vulnerability has been resolved: powerpc/eeh: Make EEH driver device hotplug safe Multiple race conditions existed between the PCIe hotplug driver and the EEH driver, leading to a variety of kernel oopses of the same general nature: A second class of oops is als...

DEBIAN-CVE-2025-38576

In the Linux kernel, the following vulnerability has been resolved: powerpc/eeh: Make EEH driver device hotplug safe Multiple race conditions existed between the PCIe hotplug driver and the EEH driver, leading to a variety of kernel oopses of the same general nature: A second class of oops is als...

UBUNTU-CVE-2025-38576

In the Linux kernel, the following vulnerability has been resolved: powerpc/eeh: Make EEH driver device hotplug safe Multiple race conditions existed between the PCIe hotplug driver and the EEH driver, leading to a variety of kernel oopses of the same general nature: A second class of oops is als...

CVE-2025-38576

CVE-2025-38576 affects the Linux kernel PowerPC EEH hotplug path. Root cause: race conditions between the PCIe hotplug driver and the EEH driver can yield kernel oops during unplug/recovery cycles and bus disappearance. Resolution: refactor the EEH module to be PCI rescan and remove safe, with cl...

Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities

Summary IBM QRadar SIEM includes vulnerable components e.g., framework libraries that could be identified and exploited with automated tools. These have been addressed in the update. Vulnerability Details CVEID:CVE-2024-22365 DESCRIPTION: Linux-pam is vulnerable to a denial of service, caused by ...

PT-2025-46630

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.16.0 191 Description The Linux kernel contains a flaw within the iommu/vt-d subsystem related to debugfs and legacy mode page table dump logic. In legacy mode, the SSPTPTR is not properly checked, potentially...

SUSE CVE-2025-38514

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix oops due to non-existence of prealloc backlog struct If an AFRXRPC service socket is opened and bound, but calls are preallocated, then rxrpcallocincomingcall will oops because the rxrpcbacklog struct doesn't get...

AZL-66386 CVE-2025-38514 affecting package kernel for versions less than 6.6.104.2-1

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix oops due to non-existence of prealloc backlog struct If an AFRXRPC service socket is opened and bound, but calls are preallocated, then rxrpcallocincomingcall will oops because the rxrpcbacklog struct doesn't get...

AZL-75087 CVE-2025-38514 affecting package kernel for versions less than 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix oops due to non-existence of prealloc backlog struct If an AFRXRPC service socket is opened and bound, but calls are preallocated, then rxrpcallocincomingcall will oops because the rxrpcbacklog struct doesn't get...

CVE-2025-38514

The CVE-2025-38514 issue affects the Linux kernel RxRPC: when an AF_RXRPC service socket is opened/bound and calls are preallocated, rxrpc_alloc_incoming_call() can oops because rxrpc_backlog may not be allocated until the first preallocation. The fix is to return NULL from rxrpc_alloc_incoming_c...

Linux Distros Unpatched Vulnerability : CVE-2023-53006

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: cifs: Fix oops due to uncleared server-smbdconn in reconnect In smbddestroy, clear the...

Linux Distros Unpatched Vulnerability : CVE-2022-50206

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - arm64: fix oops in concurrently setting insnemulation sysctls emulationprochandler changes table-data for procdointvecminmax and can generate the following Oops...

Linux Distros Unpatched Vulnerability : CVE-2025-37925

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - jfs: reject on-disk inodes of an unsupported type Syzbot has reported the following BUG: kernel BUG at fs/inode.c:668! Oops: invalid opcode: 0000 1 PREEMPT SMP...