6095 matches found
AZL-73069 CVE-2025-68741 affecting package kernel for versions less than 6.6.121.1-1
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix improper freeing of purex item In qla2xxxprocesspurlsiocb, an item is allocated via qla27xxcopymultiplepkt, which internally calls qla24xxallocpurexitem. The qla24xxallocpurexitem function may return a...
UBUNTU-CVE-2022-50752
In the Linux kernel, the following vulnerability has been resolved: md/raid5: Remove unnecessary bioput in raid5readonechunk When running chunk-sized reads on disks with badblocks duplicate bio free/puts are observed: ============================================================================= B...
CVE-2022-50756 nvme-pci: fix mempool alloc size
In the Linux kernel, the following vulnerability has been resolved: nvme-pci: fix mempool alloc size Convert the max size to bytes to match the units of the divisor that calculates the worst-case number of PRP entries. The result is used to determine how many PRP Lists are required. The code was...
CVE-2025-68741
CVE-2025-68741 (Linux kernel, QLA2XXX SCSI path) : The issue arises in qla2xxx_process_purls_iocb() where items allocated by qla27xx_copy_multiple_pkt() via qla24xx_alloc_purex_item() could be freed with kfree(), which is incorrect for pre‑allocated items and risks memory corruption. The fix is t...
CVE-2025-68735 drm/panthor: Prevent potential UAF in group creation
In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Prevent potential UAF in group creation This commit prevents the possibility of a use after free issue in the GROUPCREATE ioctl function, which arose as pointer to the group is accessed in that ioctl function after...
PT-2025-53122
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the NVMe-PCI subsystem related to memory pool allocation size. A calculation error could lead to memory corruption beyond the allocated memory pool si...
PT-2025-53001
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the drm/panthor subsystem of the Linux kernel, specifically within the GROUP CREATE ioctl function. The issue arises from accessing a pointer to a group...
CVE-2025-68341
In the Linux kernel, the following vulnerability has been resolved: veth: reduce XDP nodirect return section to fix race As explain in commit fa349e396e48 "veth: Fix race with AFXDP exposing old or uninitialized descriptors" for veth there is a chance after napicompletedone that another CPU can...
CVE-2025-68341
The CVE concerns a race in the Linux kernel veth path when using XDP with AF_XDP in threaded-NAPI mode. The root cause is a concurrency hazard in veth_pool() where two NAPI activations or teardowns may operate on the same BPF net context stored in the current task_struct after a PREEMPT_RT-relate...
CVE-2025-68341 veth: reduce XDP no_direct return section to fix race
In the Linux kernel, the following vulnerability has been resolved: veth: reduce XDP nodirect return section to fix race As explain in commit fa349e396e48 "veth: Fix race with AFXDP exposing old or uninitialized descriptors" for veth there is a chance after napicompletedone that another CPU can...
CLSA-2025-1766488019 kernel: Fix of 63 CVEs
scsi: target: iscsi: Fix timeout on deleted connection CVE-2025-38075 - tls: wait for pending async decryptions if tlsstrpmsghold fails CVE-2025-40176 - cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns CVE-2025-38499 - rcu: Fix rcureadunlock deadloop due to IRQ work...
Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to an Improper Resource Shutdown or Release in PyTorch [CVE-2025-2953]
Summary IBM Watson Speech Services Cartridge is vulnerable to an Improper Resource Shutdown or Release in PyTorch, due to an issue found in PyTorch 2.6.0+cu124 that affects the function torch.mkldnnmaxpool2d CVE-2025-2953. PyTorch is used in our service runtimes. This vulnerabilitiy has been...
SUSE CVE-2025-68169
In the Linux kernel, the following vulnerability has been resolved: netpoll: Fix deadlock in memory allocation under spinlock Fix a AA deadlock in refillskbs where memory allocation while holding skbpool-lock can trigger a recursive lock acquisition attempt. The deadlock scenario occurs when the...
SUSE CVE-2025-68321
In the Linux kernel, the following vulnerability has been resolved: pagepool: always add GFPNOWARN for ATOMIC allocations Driver authors often forget to add GFPNOWARN for page allocation from the datapath. This is annoying to users as OOMs are a fact of life, and we pretty much expect network Rx ...
EUVD-2025-203809
In the Linux kernel, the following vulnerability has been resolved: pagepool: always add GFPNOWARN for ATOMIC allocations Driver authors often forget to add GFPNOWARN for page allocation from the datapath. This is annoying to users as OOMs are a fact of life, and we pretty much expect network Rx ...
CVE-2025-68321
In the Linux kernel, the following vulnerability has been resolved: pagepool: always add GFPNOWARN for ATOMIC allocations Driver authors often forget to add GFPNOWARN for page allocation from the datapath. This is annoying to users as OOMs are a fact of life, and we pretty much expect network Rx ...
CVE-2025-68321
In the Linux kernel, the following vulnerability has been resolved: pagepool: always add GFPNOWARN for ATOMIC allocations Driver authors often forget to add GFPNOWARN for page allocation from the datapath. This is annoying to users as OOMs are a fact of life, and we pretty much expect network Rx ...
UBUNTU-CVE-2025-68321
In the Linux kernel, the following vulnerability has been resolved: pagepool: always add GFPNOWARN for ATOMIC allocations Driver authors often forget to add GFPNOWARN for page allocation from the datapath. This is annoying to users as OOMs are a fact of life, and we pretty much expect network Rx ...
CVE-2025-68321 page_pool: always add GFP_NOWARN for ATOMIC allocations
In the Linux kernel, the following vulnerability has been resolved: pagepool: always add GFPNOWARN for ATOMIC allocations Driver authors often forget to add GFPNOWARN for page allocation from the datapath. This is annoying to users as OOMs are a fact of life, and we pretty much expect network Rx ...
CVE-2025-68321
CVE-2025-68321 pertains to the Linux kernel page_pool path where GFP_NOWARN is now added for ATOMIC allocations by default. The mitigation is a kernel patch, with downstream advisories indicating updated kernel packages (examples: Debian linux-6.1 with 6.1.159-1~deb11u1; Amazon Linux 2023 kernel-...