UBUNTU-CVE-2022-50206

In the Linux kernel, the following vulnerability has been resolved: arm64: fix oops in concurrently setting insnemulation sysctls emulationprochandler changes table-data for procdointvecminmax and can generate the following Oops if called concurrently with itself: | Unable to handle kernel NULL...

UBUNTU-CVE-2022-50127

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix error unwind in rxecreateqp In the function rxecreateqp, rxeqpfrominit is called to initialize qp, internally things like the spin locks are not setup until rxeqpinitreq. If an error occures before this point then t...

CVE-2022-50206

The CVE-2022-50206 issue affects the Linux kernel (ARM64) where emulation_proc_handler() concurrently updates table->data for proc_dointvec_minmax, allowing a NULL pointer dereference Oops. The fix is to keep table->data as &insn->current_mode and to retrieve the insn pointer with contai...

CVE-2022-50023 dmaengine: dw-axi-dmac: ignore interrupt if no descriptor

In the Linux kernel, the following vulnerability has been resolved: dmaengine: dw-axi-dmac: ignore interrupt if no descriptor If the channel has no descriptor and the interrupt is raised then the kernel will OOPS. Check the result of vchannextdesc in the handler axichanblockxfercomplete to avoid...

CVE-2022-50023 dmaengine: dw-axi-dmac: ignore interrupt if no descriptor

In the Linux kernel, the following vulnerability has been resolved: dmaengine: dw-axi-dmac: ignore interrupt if no descriptor If the channel has no descriptor and the interrupt is raised then the kernel will OOPS. Check the result of vchannextdesc in the handler axichanblockxfercomplete to avoid...

CVE-2022-50023

The CVE-2022-50023 issue affects the Linux kernel's DMAengine dw-axi-dmac component. When a channel has no descriptor and an interrupt is raised, the kernel can OOPS. The root cause is not validating the descriptor result; the fix is to check the outcome of vchan_next_desc() in axi_chan_block_xfe...

CVE-2025-38069

In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: pci-epf-test: Fix double free that causes kernel to oops Fix a kernel oops found while testing the stm32pcie Endpoint driver with handling of PERST deassertion: During EP initialization, pciepftestallocspace...

DEBIAN-CVE-2025-38069

In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: pci-epf-test: Fix double free that causes kernel to oops Fix a kernel oops found while testing the stm32pcie Endpoint driver with handling of PERST deassertion: During EP initialization, pciepftestallocspace...

AZL-70280 CVE-2025-38041 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: clk: sunxi-ng: h616: Reparent GPU clock during frequency changes The H616 manual does not state that the GPU PLL supports dynamic frequency configuration, so we must take extra care when changing the frequency. Currently any...

UBUNTU-CVE-2025-38020

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Disable MACsec offload for uplink representor profile MACsec offload is not supported in switchdev mode for uplink representors. When switching to the uplink representor profile, the MACsec offload feature must be...

UBUNTU-CVE-2025-38041

In the Linux kernel, the following vulnerability has been resolved: clk: sunxi-ng: h616: Reparent GPU clock during frequency changes The H616 manual does not state that the GPU PLL supports dynamic frequency configuration, so we must take extra care when changing the frequency. Currently any...

CVE-2025-38069 PCI: endpoint: pci-epf-test: Fix double free that causes kernel to oops

In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: pci-epf-test: Fix double free that causes kernel to oops Fix a kernel oops found while testing the stm32pcie Endpoint driver with handling of PERST deassertion: During EP initialization, pciepftestallocspace...

CVE-2025-38054 ptp: ocp: Limit signal/freq counts in summary output functions

In the Linux kernel, the following vulnerability has been resolved: ptp: ocp: Limit signal/freq counts in summary output functions The debugfs summary output could access uninitialized elements in the freqin and signalout arrays, causing NULL pointer dereferences and triggering a kernel Oops...

CVE-2025-38054 ptp: ocp: Limit signal/freq counts in summary output functions

In the Linux kernel, the following vulnerability has been resolved: ptp: ocp: Limit signal/freq counts in summary output functions The debugfs summary output could access uninitialized elements in the freqin and signalout arrays, causing NULL pointer dereferences and triggering a kernel Oops...

PT-2025-25871 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been identified, specifically in the gpio-fan driver. The issue arises from the driver's failure to check if the cooling state passed to gpio fa...

PT-2025-25950

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved. The issue occurred during debugging when the axi chan dump lli function was passed a NULL LLI pointer, causing an OOPS due to...

PT-2025-27964

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to the fixed version Description: A NULL pointer dereference issue in the v3d job update stats function has been identified. This issue occurs when a file descriptor is closed before the jobs submitted by it are...

SUSE CVE-2025-37956

In the Linux kernel, the following vulnerability has been resolved: ksmbd: prevent rename with empty string Client can send empty newname string to ksmbd server. It will cause a kernel oops from dalloc. This patch return the error when attempting to rename a file or directory with an empty new na...

DEBIAN-CVE-2025-37956

In the Linux kernel, the following vulnerability has been resolved: ksmbd: prevent rename with empty string Client can send empty newname string to ksmbd server. It will cause a kernel oops from dalloc. This patch return the error when attempting to rename a file or directory with an empty new na...

CVE-2025-37956

In the Linux kernel, the following vulnerability has been resolved: ksmbd: prevent rename with empty string Client can send empty newname string to ksmbd server. It will cause a kernel oops from dalloc. This patch return the error when attempting to rename a file or directory with an empty new na...