Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: dm thin: fix use-after-free crash in dmsmregisterthresholdcallback CVE-2022-50092 In the Linux kernel, the following vulnerability has been resolved: sched, cpuset: Fix dlcpubusy panic due to empty cs-cpusallowed...

CVE-2025-38490

In the Linux kernel, the following vulnerability has been resolved: net: libwx: remove duplicate pagepoolputfullpage pagepoolputfullpage should only be invoked when freeing Rx buffers or building a skb if the size is too short. At other times, the pages need to be reused. So remove the redundant...

CVE-2025-38450

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7925: prevent NULL pointer dereference in mt7925stasetdecapoffload Add a NULL check for msta-vif before accessing its members to prevent a kernel panic in AP mode deployment. This also fix the issue reported in 1. T...

CVE-2025-38445

In the Linux kernel, the following vulnerability has been resolved: md/raid1: Fix stack memory use after return in raid1reshape In the raid1reshape function, newpool is allocated on the stack and assigned to conf-r1biopool. This results in conf-r1biopool.wait.head pointing to a stack address...

Azure Linux 3.0 Security Update: kernel (CVE-2025-39728)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-39728 advisory. - In the Linux kernel, the following vulnerability has been resolved: clk: samsung: Fix UBSAN panic in...

CVE-2025-38332 scsi: lpfc: Use memcpy() for BIOS version

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Use memcpy for BIOS version The strlcat with FORTIFY support is triggering a panic because it thinks the target buffer will overflow although the correct target buffer size is passed in. Anyway, instead of memset with...

UBUNTU-CVE-2025-38113

In the Linux kernel, the following vulnerability has been resolved: ACPI: CPPC: Fix NULL pointer dereference when nosmp is used With nosmp in cmdline, other CPUs are not brought up, leaving their cpcdescptr NULL. CPU0's iteration via foreachpossiblecpu dereferences these NULL pointers, causing...

CVE-2025-38121 wifi: iwlwifi: mld: avoid panic on init failure

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mld: avoid panic on init failure In case of an error during init, inhwrestart will be set, but it will never get cleared. Instead, we will retry to init again, and then we will act like we are in a restart when we...

CVE-2025-38018

In the Linux kernel, the following vulnerability has been resolved: net/tls: fix kernel panic when allocpage failed We cannot set fraglist to NULL pointer when allocpage failed. It will be used in tlsstrpcheckqueueok when the next time tlsstrpreadsock is called. This is because we don't reset...

DEBIAN-CVE-2022-50232

In the Linux kernel, the following vulnerability has been resolved: arm64: set UXN on swapper page tables This issue was fixed upstream by accident in c3cee924bd85 "arm64: head: cover entire kernel image in initial ID map" as part of a large refactoring of the arm64 boot flow. This simple fix is...

CVE-2022-50195 ARM: dts: qcom: replace gcc PXO with pxo_board fixed clock

In the Linux kernel, the following vulnerability has been resolved: ARM: dts: qcom: replace gcc PXO with pxoboard fixed clock Replace gcc PXO phandle to pxoboard fixed clock declared in the dts. gcc driver doesn't provide PXOSRC as it's a fixed-clock. This cause a kernel panic if any driver...

CVE-2022-50103 sched, cpuset: Fix dl_cpu_busy() panic due to empty cs->cpus_allowed

In the Linux kernel, the following vulnerability has been resolved: sched, cpuset: Fix dlcpubusy panic due to empty cs-cpusallowed With cgroup v2, the cpuset's cpusallowed mask can be empty indicating that the cpuset will just use the effective CPUs of its parent. So cpusetcanattach can call...

CVE-2022-50103

CVE-2022-50103: In the Linux kernel, sched/cpuset handling with cgroup v2 can lead to a panic when cpus_allowed is empty, causing dl_cpu_busy() to crash due to an out-of-bounds percpu access. The fix uses the effective_cpus mask instead of cpus_allowed, for both v1 (where they’re the same) and v2...

CVE-2025-38018

In the Linux kernel, the following vulnerability has been resolved: net/tls: fix kernel panic when allocpage failed We cannot set fraglist to NULL pointer when allocpage failed. It will be used in tlsstrpcheckqueueok when the next time tlsstrpreadsock is called. This is because we don't reset...

CVE-2025-37935

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtkethsoc: fix SER panic with 4GB+ RAM If the mtkpollrx function detects the MTKRESETTING flag, it will jump to releasedesc and refill the high word of the SDP on the 4GB RFB. Subsequently, mtkrxclean will process ...

CVE-2025-37950

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix panic in failed foilio allocation commit 7e119cff9d0a "ocfs2: convert wpages to wfolios" and commit 9a5e08652dc4b "ocfs2: use an array of folios instead of an array of pages" save -ENOMEM in the folio array upon...

CVE-2025-37902

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2025-37950 ocfs2: fix panic in failed foilio allocation

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix panic in failed foilio allocation commit 7e119cff9d0a "ocfs2: convert wpages to wfolios" and commit 9a5e08652dc4b "ocfs2: use an array of folios instead of an array of pages" save -ENOMEM in the folio array upon...

kernel: cgroup/cpuset: fix panic caused by partcmd_update

In the Linux kernel, the following vulnerability has been resolved: cgroup/cpuset: fix panic caused by partcmdupdate We find a bug as below: BUG: unable to handle page fault for address: 00000003 PGD 0 P4D 0 Oops: 0000 1 PREEMPT SMP NOPTI CPU: 3 PID: 358 Comm: bash Tainted: G W I 6.6.0-10893-g60d...

CVE-2025-37816 mei: vsc: Fix fortify-panic caused by invalid counted_by() use

In the Linux kernel, the following vulnerability has been resolved: mei: vsc: Fix fortify-panic caused by invalid countedby use gcc 15 honors the countedbylen attribute on vsctppacket.buf and the vsc-tp.c code is using this in a wrong way. len does not contain the available size in the buffer, it...