UBUNTU-CVE-2025-37956

In the Linux kernel, the following vulnerability has been resolved: ksmbd: prevent rename with empty string Client can send empty newname string to ksmbd server. It will cause a kernel oops from dalloc. This patch return the error when attempting to rename a file or directory with an empty new na...

CVE-2025-37956

CVE-2025-37956 : In the Linux kernel, the ksmbd component is vulnerable to a race/validation issue where a client can send an empty newname string to the ksmbd server, potentially causing a kernel oops in d_alloc. The patch resolves this by returning an error when attempting to rename a file or d...

PT-2025-29032

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a flaw within the fbdev core and fbcvt functionality that could lead to a kernel oops due to a division by zero error. This occurs in the fb cvt hperiod...

SUSE CVE-2025-37863

In the Linux kernel, the following vulnerability has been resolved: ovl: don't allow datadir only In theory overlayfs could support upper layer directly referring to a data layer, but there's no current use case for this. Originally, when data-only layers were introduced, this wasn't allowed, onl...

CVE-2025-37863 ovl: don't allow datadir only

In the Linux kernel, the following vulnerability has been resolved: ovl: don't allow datadir only In theory overlayfs could support upper layer directly referring to a data layer, but there's no current use case for this. Originally, when data-only layers were introduced, this wasn't allowed, onl...

CVE-2025-37863

CVE-2025-37863 affects the Linux kernel overlayfs (ovl). The issue arises when a data-only layer is pointed to by an upper layer, something not currently used but previously allowed only via the datadir+ feature, which could trigger an Oops. The documented fix disables datadir without a lowerdir,...

scsi: qla1280: Fix kernel oops when debug level > 2

...

CVE-2023-53058 net/mlx5: E-Switch, Fix an Oops in error handling code

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: E-Switch, Fix an Oops in error handling code The error handling dereferences "vport". There is nothing we can do if it is an error pointer except returning the error code...

DEBIAN-CVE-2022-49868

In the Linux kernel, the following vulnerability has been resolved: phy: ralink: mt7621-pci: add sentinel to quirks table With mt7621 socdevattr fixed to register the soc as a device, kernel will experience an oops in socdevicematchattr This quirk test was introduced in the staging driver in comm...

UBUNTU-CVE-2022-49815

In the Linux kernel, the following vulnerability has been resolved: erofs: fix missing xasretry in fscache mode The xarray iteration only holds the RCU read lock and thus may encounter XARETRYENTRY if there's process modifying the xarray concurrently. This will cause oops when referring to the...

AZL-69668 CVE-2025-23155 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: Fix accessing freed irq affinityhint In stmmacrequestirqmultimsi, a pointer to the stack variable cpumask is passed to irqsetaffinityhint. This value is stored in irqdesc-affinityhint, but once stmmacrequestirqmultim...

CVE-2025-37765

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: prime: fix ttmbodelayeddelete oops Fix an oops in ttmbodelayeddelete which results from dererencing a dangling pointer: Oops: general protection fault, probably for non-canonical address 0x6b6b6b6b6b6b6b7b: 0000 1...

PT-2025-22217

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been identified where a client can send an empty newname string to the ksmbd server, causing a kernel oops from d alloc. This issue occurs when...

DEBIAN-CVE-2025-22092

In the Linux kernel, the following vulnerability has been resolved: PCI: Fix NULL dereference in SR-IOV VF creation error path Clean up when virtfn setup fails to prevent NULL pointer dereference during device removal. The kernel oops below occurred due to incorrect error handling flow when...

CVE-2025-22052

In the Linux kernel, the following vulnerability has been resolved: staging: gpib: Fix Oops after disconnect in niusb If the usb dongle is disconnected subsequent calls to the driver cause a NULL dereference Oops as the businterface is set to NULL on disconnect. This problem was introduced by...

CVE-2025-22052 staging: gpib: Fix Oops after disconnect in ni_usb

In the Linux kernel, the following vulnerability has been resolved: staging: gpib: Fix Oops after disconnect in niusb If the usb dongle is disconnected subsequent calls to the driver cause a NULL dereference Oops as the businterface is set to NULL on disconnect. This problem was introduced by...

PT-2025-16736

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved, specifically in the drm/msm/gem component. The issue involves the SUBMIT ERROR macro turning an error code negative, which is then...

PT-2025-16692 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A problem in the Linux kernel has been identified where disconnecting a USB dongle leads to a NULL dereference Oops due to the bus interface being set to NULL. This issue arises becaus...

AZL-59949 CVE-2025-21957 affecting package kernel for versions less than 6.6.85.1-2

In the Linux kernel, the following vulnerability has been resolved: scsi: qla1280: Fix kernel oops when debug level 2 A null dereference or oops exception will eventually occur when qla1280.c driver is compiled with DEBUGQLA1280 enabled and qldebuglevel 2. I think its clear from the code that the...

CVE-2025-21957

The CVE refers to a Linux kernel issue affecting the SCSI qla1280 driver. When the driver is compiled with DEBUG_QLA1280 and ql_debug_level > 2, a null dereference can cause an oops. The root cause is incorrect handling of debug printing, where sg_next(s) was used instead of sg_dma_len(s). The...