EUVD-2025-11210

Malicious code in bioql PyPI...

EUVD-2023-59728

Malicious code in bioql PyPI...

EUVD-2024-53819

Malicious code in bioql PyPI...

EUVD-2025-11181

Malicious code in bioql PyPI...

EUVD-2024-53816

Malicious code in bioql PyPI...

CVE-2025-38490

CVE-2025-38490 affects the Linux kernel (net: libwx) where page_pool_put_full_page() could be invoked in contexts other than freeing Rx buffers or building skb when the page size is too short. The documented root cause is that pages could be double-freed, leading to kernel panics. The fix removes...

CVE-2025-38486 soundwire: Revert "soundwire: qcom: Add set_channel_map api support"

In the Linux kernel, the following vulnerability has been resolved: soundwire: Revert "soundwire: qcom: Add setchannelmap api support" This reverts commit 7796c97df6b1b2206681a07f3c80f6023a6593d5. This patch broke Dragonboard 845c sdm845. I see: Unexpected kernel BRK exception at EL1 Internal...

CVE-2025-38218

CVE-2025-38218 affects the Linux kernel’s F2FS file system. The vulnerability stems from a faulty sanity check on sit_bitmap_size that can lead to an out-of-bounds access in sit_bitmap when resizing an image, causing a kernel panic during mount. The root cause described is sit_i->bitmap_size b...

CVE-2025-38163

CVE-2025-38163: A fault in the Linux kernel’s F2FS truncation path caused a kernel BUG due to an inconsistent sbi->total_valid_block_count versus mapped blocks, potentially leading to a crash/denial of service. The issue is in f2fs: with sbi->total_valid_block_count not matching inode-index...

CVE-2025-38123

CVE-2025-38123 affects the Linux kernel in Azure Linux 3.0 environments, where the t7xx NAPI RX polling path could use an invalid netdev after dellink-triggered disconnects, causing a NULL pointer dereference and kernel panic during skb processing. The issue arises when the driver processes napi_...

CVE-2025-37815

In the Linux kernel, the following vulnerability has been resolved: misc: microchip: pci1xxxx: Fix Kernel panic during IRQ handler registration Resolve kernel panic while accessing IRQ handler associated with the generated IRQ. This is done by acquiring the spinlock and storing the current...

CBL Mariner 2.0 Security Update: kernel (CVE-2024-57913)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-57913 advisory. - In the Linux kernel, the following vulnerability has been resolved: usb: gadget: ffs: Remove WARNON in...

CVE-2023-53110

In the Linux kernel, the following vulnerability has been resolved: net/smc: fix NULL sndbufdesc in smccdctxhandler When performing a stress test on SMC-R by rmmod mlx5ib driver during the wrk/nginx test, we found that there is a probability of triggering a panic while terminating all link groups...

CVE-2022-49898 btrfs: fix tree mod log mishandling of reallocated nodes

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix tree mod log mishandling of reallocated nodes We have been seeing the following panic in production kernel BUG at fs/btrfs/tree-mod-log.c:677! invalid opcode: 0000 1 SMP RIP: 0010:treemodlogrewind+0x1b4/0x200 RSP:...

CVE-2025-23130 f2fs: fix to avoid panic once fallocation fails for pinfile

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid panic once fallocation fails for pinfile syzbot reports a f2fs bug as below: ------------ cut here ------------ kernel BUG at fs/f2fs/segment.c:2746! CPU: 0 UID: 0 PID: 5323 Comm: syz.0.0 Not tainted...

CVE-2025-22032 wifi: mt76: mt7921: fix kernel panic due to null pointer dereference

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921: fix kernel panic due to null pointer dereference Address a kernel panic caused by a null pointer dereference in the mt792xrxgetwcid function. The issue arises because the deflink structure is not properly...

CVE-2023-52992

CVE-2023-52992 affects the Linux kernel; the vulnerability exists in BPF’s send_signal_common path where a task with pid=1 can trigger a kernel panic (kernel: “Attempted to kill init!”). A fix was applied to skip pid=1 in bpf_send_signal_common(), preventing this panic. Impact is local, with pote...

CVE-2025-21720 xfrm: delete intermediate secpath entry in packet offload mode

In the Linux kernel, the following vulnerability has been resolved: xfrm: delete intermediate secpath entry in packet offload mode Packets handled by hardware have added secpath as a way to inform XFRM core code that this path was already handled. That secpath is not needed at all after policy is...

CVE-2022-49725

Mode C: The CVE-2022-49725 issue affects the Linux kernel i40e driver (VF/PF path) where a race between PF reset and ethtool -t diag_test could let i40e_vsi_close sequence overlap and crash. The fix adds a guard to diag_test to skip offline tests while PF is resetting and logs a failure path (net...

CVE-2024-56599 wifi: ath10k: avoid NULL pointer error during sdio remove

In the Linux kernel, the following vulnerability has been resolved: wifi: ath10k: avoid NULL pointer error during sdio remove When running 'rmmod ath10k', ath10ksdioremove will free sdio workqueue by destroyworkqueue. But if CONFIGINITONFREEDEFAULTON is set to yes, kernel panic will happen: Call...