CVE-2022-50302 lockd: set other missing fields when unlocking files

In the Linux kernel, the following vulnerability has been resolved: lockd: set other missing fields when unlocking files vfslockfile expects the struct filelock to be fully initialised by the caller. Re-exported NFSv3 has been seen to Oops if the flfile field is NULL...

CVE-2023-53207 ublk: fail to recover device if queue setup is interrupted

In the Linux kernel, the following vulnerability has been resolved: ublk: fail to recover device if queue setup is interrupted In ublkctrlendrecovery, if waitforcompletioninterruptible is interrupted by signal, queues aren't setup successfully yet, so we have to fail UBLKCMDENDUSERRECOVERY,...

CVE-2023-53207 ublk: fail to recover device if queue setup is interrupted

In the Linux kernel, the following vulnerability has been resolved: ublk: fail to recover device if queue setup is interrupted In ublkctrlendrecovery, if waitforcompletioninterruptible is interrupted by signal, queues aren't setup successfully yet, so we have to fail UBLKCMDENDUSERRECOVERY,...

CVE-2023-53207

CVE-2023-53207 applies to the Linux kernel ublk subsystem. The issue arises in ublk_ctrl_end_recovery: if wait_for_completion_interruptible() is interrupted by a signal, queues aren’t yet fully set up, so the kernel must fail UBLK_CMD_END_USER_RECOVERY to avoid a kernel oops. The CVSS 3.1 data in...

CVE-2023-53207 ublk: fail to recover device if queue setup is interrupted

In the Linux kernel, the following vulnerability has been resolved: ublk: fail to recover device if queue setup is interrupted In ublkctrlendrecovery, if waitforcompletioninterruptible is interrupted by signal, queues aren't setup successfully yet, so we have to fail UBLKCMDENDUSERRECOVERY,...

DEBIAN-CVE-2023-53176

In the Linux kernel, the following vulnerability has been resolved: serial: 8250: Reinit port-pm on port specific driver unbind When we unbind a serial port hardware specific 8250 driver, the generic serial8250 driver takes over the port. After that we see an oops about 10 seconds later. This can...

DEBIAN-CVE-2022-50239

In the Linux kernel, the following vulnerability has been resolved: cpufreq: qcom: fix writes in read-only memory region This commit fixes a kernel oops because of a write in some read-only memory: 9.068287 Unable to handle kernel write to read-only memory at virtual address ffff800009240ad8...

UBUNTU-CVE-2022-50255

In the Linux kernel, the following vulnerability has been resolved: tracing: Fix reading strings from synthetic events The follow commands caused a crash: cd /sys/kernel/tracing echo 's:open char file' dynamicevents echo 'hist:keys=commonpid:file=filename:onchange$file.traceopen,$file'...

UBUNTU-CVE-2022-50239

In the Linux kernel, the following vulnerability has been resolved: cpufreq: qcom: fix writes in read-only memory region This commit fixes a kernel oops because of a write in some read-only memory: 9.068287 Unable to handle kernel write to read-only memory at virtual address ffff800009240ad8...

PT-2025-37493

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a flaw related to writing to a read-only memory region within the cpufreq subsystem, specifically in Qualcomm qcom drivers. This issue causes a kernel oops du...

SUSE CVE-2025-39676

In the Linux kernel, the following vulnerability has been resolved: scsi: qla4xxx: Prevent a potential error pointer dereference The qla4xxxgetepfwdb function is supposed to return NULL on error, but qla4xxxepconnect returns error pointers. Propagating the error pointers will lead to an Oops in t...

CVE-2025-39676

In the Linux kernel, the following vulnerability has been resolved: scsi: qla4xxx: Prevent a potential error pointer dereference The qla4xxxgetepfwdb function is supposed to return NULL on error, but qla4xxxepconnect returns error pointers. Propagating the error pointers will lead to an Oops in t...

UBUNTU-CVE-2025-39676

In the Linux kernel, the following vulnerability has been resolved: scsi: qla4xxx: Prevent a potential error pointer dereference The qla4xxxgetepfwdb function is supposed to return NULL on error, but qla4xxxepconnect returns error pointers. Propagating the error pointers will lead to an Oops in t...

rxrpc: Fix oops due to non-existence of prealloc backlog struct

...

PCI: endpoint: pci-epf-test: Fix double free that causes kernel to oops

...

Linux Distros Unpatched Vulnerability : CVE-2025-38576

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - powerpc/eeh: Make EEH driver device hotplug safe Multiple race conditions existed between the PCIe hotplug driver and the EEH driver, leading to a variety of...

MAL-2025-41407 Malicious code in spelunker-agent (npm)

The package communicates with a domain associated with malicious activity...

CVE-2025-38658

In the Linux kernel, the following vulnerability has been resolved: nvmet: pci-epf: Do not complete commands twice if nvmetreqinit fails Have nvmetreqinit and req-execute complete failed commands. Description of the problem: nvmetreqinit calls nvmetreqcomplete internally upon failure, e.g.,...

UBUNTU-CVE-2025-38623

In the Linux kernel, the following vulnerability has been resolved: PCI: pnvphp: Fix surprise plug detection and recovery The existing PowerNV hotplug code did not handle surprise plug events correctly, leading to a complete failure of the hotplug system after device removal and a required reboot...

PT-2025-34419 · Nvme-Cli +1 · Nvme-Cli +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a flaw within the nvmet PCI-EPF subsystem where commands may be completed twice if nvmet req init fails. This double completion can corrupt the state of the P...