CLSA-2025-1766488019 kernel: Fix of 63 CVEs

scsi: target: iscsi: Fix timeout on deleted connection CVE-2025-38075 - tls: wait for pending async decryptions if tlsstrpmsghold fails CVE-2025-40176 - cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns CVE-2025-38499 - rcu: Fix rcureadunlock deadloop due to IRQ work...

USN-7939-2 linux-azure-fips vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

USN-7939-1 linux-azure, linux-azure-5.4 vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

CLSA-2025-1765463110 kernel: Fix of 51 CVEs

Bluetooth: MGMT: Protect mgmtpending list with its own lock CVE-2025-38117 - padata: Fix pd UAF once and for all CVE-2025-38584 - wifi: cfg80211: Fix use after free for wext CVE-2023-53153 - padata: Fix list iterator in padatadoserial - padata: do not leak refcount in reorderwork CVE-2025-38031 -...

Unity Linux 20.1050e Security Update: kernel (UTSA-2025-991121)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991121 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: pcrypt - Fix hungtask for PADATARESET We found a hungtask bug in testaeadveccfg as...

USN-7874-3: Linux kernel (IoT) vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-7874-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7874-1 advisory. Jean-Claude Graf, Sandro Regge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor...

USN-7874-2: Linux kernel (FIPS) vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

USN-7874-2 linux-fips, linux-aws-fips, linux-gcp-fips vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

USN-7874-1 linux, linux-aws, linux-aws-5.4, linux-gcp, linux-gcp-5.4, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4, linux-xilinx-zynqmp vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-56690)

crypto: pcrypt - Call crypto layer directly when padatadoparallel return -EBUSY. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504765;...

kernel: crypto: pcrypt - Call crypto layer directly when padata_do_parallel() return -EBUSY

In the Linux kernel, the following vulnerability has been resolved: crypto: pcrypt - Call crypto layer directly when padatadoparallel return -EBUSY Since commit 8f4f68e788c3 "crypto: pcrypt - Fix hungtask for PADATARESET", the pcrypt encryption and decryption operations return -EAGAIN when the CP...

kernel: crypto: pcrypt - Call crypto layer directly when padata_do_parallel() return -EBUSY

In the Linux kernel, the following vulnerability has been resolved: crypto: pcrypt - Call crypto layer directly when padatadoparallel return -EBUSY Since commit 8f4f68e788c3 "crypto: pcrypt - Fix hungtask for PADATARESET", the pcrypt encryption and decryption operations return -EAGAIN when the CP...

LSN-0116-1 Kernel Live Patch Security Notice

In the Linux kernel, the following vulnerability has been resolved: net: atlantic: eliminate double free in error handling logic Driver has a logic leak in ring data allocation/free, where aqringfree could be called multiple times on same ring, if system is under stress and got memory allocation...

RHEL 9 : kernel (RHSA-2025:21563)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:21563 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: crypto: pcrypt - Call crypto layer...

EulerOS 2.0 SP12 : kernel (EulerOS-SA-2025-2330)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : tracing: Add downwritetraceeventsem when adding trace eventCVE-2025-38539 tipc: fix null-ptr-deref when acquiring remote ip of ethernet...

kernel: crypto: pcrypt - Call crypto layer directly when padata_do_parallel() return -EBUSY

In the Linux kernel, the following vulnerability has been resolved: crypto: pcrypt - Call crypto layer directly when padatadoparallel return -EBUSY Since commit 8f4f68e788c3 "crypto: pcrypt - Fix hungtask for PADATARESET", the pcrypt encryption and decryption operations return -EAGAIN when the CP...

kernel: padata: fix UAF in padata_reorder

A use-after-free vulnerability was found in the Linux kernel's padata subsystem, in the padatareorder function. Caused by improper synchronization controls, this vulnerability can occur when a reference-counted data structure pd is decremented in one thread, freeing it, while another thread still...

kernel: padata: avoid UAF for reorder_work

In the Linux kernel, the following vulnerability has been resolved: padata: avoid UAF for reorderwork Although the previous patch can avoid ps and ps UAF for doserial, it can not avoid potential UAF issue for reorderwork. This issue can happen just as below: cryptorequest cryptorequest cryptodela...

kernel: crypto: pcrypt - Call crypto layer directly when padata_do_parallel() return -EBUSY

In the Linux kernel, the following vulnerability has been resolved: crypto: pcrypt - Call crypto layer directly when padatadoparallel return -EBUSY Since commit 8f4f68e788c3 "crypto: pcrypt - Fix hungtask for PADATARESET", the pcrypt encryption and decryption operations return -EAGAIN when the CP...