3 matches found
SUSE CVE-2025-68301
In the Linux kernel, the following vulnerability has been resolved: net: atlantic: fix fragment overflow handling in RX path The atlantic driver can receive packets with more than MAXSKBFRAGS 17 fragments when handling large multi-descriptor packets. This causes an out-of-bounds write in...
CVE-2025-21664 dm thin: make get_first_thin use rcu-safe list first function
In the Linux kernel, the following vulnerability has been resolved: dm thin: make getfirstthin use rcu-safe list first function The documentation in rculist.h explains the absence of listemptyrcu and cautions programmers against relying on a listempty - listfirst sequence in RCU safe code. This i...
CVE-2025-21664
CVE-2025-21664 affects the Linux kernel’s device-mapper thin provisioning path (dm-thin). The issue arises from get_first_thin using a sequence of RCU-safe list operations (list_empty_rcu() followed by list_first()) that perform separate READ_ONCE()s of the list head, which can yield inconsistent...