EUVD-2025-9588

Malicious code in bioql PyPI...

SUSE-SU-2025:03194-1 Security update for the Linux Kernel (Live Patch 24 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005597 fixes several issues. The following security issues were fixed: - CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579. - CVE-2022-49053: scsi: target: tcmu: Fix possible page UAF bsc1237930. - CVE-2025-38001: netsched: hfsc: Address reentra...

Linux Distros Unpatched Vulnerability : CVE-2025-21999

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - proc: fix UAF in procgetinode Fix race between rmmod and /proc/XXX's inode instantiation. The bug is that pde-procops don't belong to /proc, it belongs to a...

proc: fix UAF in proc_get_inode()

...

CVE-2025-21999

In the Linux kernel, the following vulnerability has been resolved: proc: fix UAF in procgetinode Fix race between rmmod and /proc/XXX's inode instantiation. The bug is that pde-procops don't belong to /proc, it belongs to a module, therefore dereferencing it after /proc entry has been registered...

CVE-2025-21999 proc: fix UAF in proc_get_inode()

In the Linux kernel, the following vulnerability has been resolved: proc: fix UAF in procgetinode Fix race between rmmod and /proc/XXX's inode instantiation. The bug is that pde-procops don't belong to /proc, it belongs to a module, therefore dereferencing it after /proc entry has been registered...

CVE-2025-21999

Summary: CVE-2025-21999 affects the Linux kernel’s procfs inode creation path. A use-after-free (UAF) can occur when a module is freed (rmmod) while a /proc entry’s inode is instantiated, due to dereferencing pde->proc_ops that belongs to the module, after proc entry registration. The root cau...