CVE-2023-53693

In the Linux kernel, the following vulnerability has been resolved: USB: gadget: Fix the memory leak in rawgadget driver Currently, increasing rawdev-count happens before invoke the rawqueueevent, if the rawqueueevent return error, invoke rawrelease will not trigger the devfree to be called...

UBUNTU-CVE-2023-53693

In the Linux kernel, the following vulnerability has been resolved: USB: gadget: Fix the memory leak in rawgadget driver Currently, increasing rawdev-count happens before invoke the rawqueueevent, if the rawqueueevent return error, invoke rawrelease will not trigger the devfree to be called...

CVE-2023-53724 mfd: pcf50633-adc: Fix potential memleak in pcf50633_adc_async_read()

In the Linux kernel, the following vulnerability has been resolved: mfd: pcf50633-adc: Fix potential memleak in pcf50633adcasyncread req is allocated in pcf50633adcasyncread, but adcenqueuerequest could fail to insert the req into queue. We need to check the return value and free it in the case o...

CVE-2023-53693 USB: gadget: Fix the memory leak in raw_gadget driver

In the Linux kernel, the following vulnerability has been resolved: USB: gadget: Fix the memory leak in rawgadget driver Currently, increasing rawdev-count happens before invoke the rawqueueevent, if the rawqueueevent return error, invoke rawrelease will not trigger the devfree to be called...

CVE-2023-53693 USB: gadget: Fix the memory leak in raw_gadget driver

In the Linux kernel, the following vulnerability has been resolved: USB: gadget: Fix the memory leak in rawgadget driver Currently, increasing rawdev-count happens before invoke the rawqueueevent, if the rawqueueevent return error, invoke rawrelease will not trigger the devfree to be called...

kernel: net_sched: hfsc: Fix a UAF vulnerability in class handling

In the Linux kernel, the following vulnerability has been resolved: netsched: hfsc: Fix a UAF vulnerability in class handling This patch fixes a Use-After-Free vulnerability in the HFSC qdisc class handling. The issue occurs due to a time-of-check/time-of-use condition in hfscchangeclass when...

PT-2025-43094

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel's USB gadget driver contains a memory leak in the raw gadget driver. Specifically, the raw dev-count is incremented before the raw queue event function is invoked. If ra...

PT-2025-43104

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue within the AMD System Firmware Handler SFH HID driver. A shift operation involving the exp and shift variables can exceed the maximum allowable shift...

CVE-2025-11757 Improper Neutralization of Wildcards or Matching Symbols in CloudEdge Online Cameras and App

The CloudEdge Cloud does not sanitize the MQTT topic input, which could allow an attacker to leverage the MQTT wildcard to receive all the messages that should be delivered to other users by subscribing to the a MQTT topic. In these messages, the attacker can obtain the credentials and key...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987604)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987604 advisory. In the Linux kernel, the following vulnerability has been resolved: watchqueue: Actually free the watch freewatch does everything barring actually freeing the watch...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987655)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987655 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: bnx2fc: Flush destroywork queue before calling bnx2fcinterfaceput The bnx2fcdestroy functio...

SUSE SLES15 Security Update : kernel RT (Live Patch 13 for SLE 15 SP6) (SUSE-SU-2025:03646-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03646-1 advisory. This update for the Linux Kernel 6.4.0-1506001044 fixes several issues. The following security issues were fixed: - CVE-2025-38678: netfilter:...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987600)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987600 advisory. In the Linux kernel, the following vulnerability has been resolved: watchqueue: Fix NULL dereference in error cleanup In watchqueuesetsize, the error cleanup code...

kernel: scsi: lpfc: Fix buffer free/clear order in deferred receive path

A use-after-free vulnerability exists in the linux kernel such that the buffer release sequence in the deferred receive path. The code freed the RQ buffer first and only then cleared the context pointer under the lock...

SUSE-SU-2025:03638-1 Security update for the Linux Kernel RT (Live Patch 5 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506001017 fixes several issues. The following security issues were fixed: - CVE-2025-38678: netfilter: nftables: reject duplicate device on updates bsc1249534. - CVE-2025-38499: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns...

CVE-2025-40001 scsi: mvsas: Fix use-after-free bugs in mvs_work_queue

In the Linux kernel, the following vulnerability has been resolved: scsi: mvsas: Fix use-after-free bugs in mvsworkqueue During the detaching of Marvell's SAS/SATA controller, the original code calls canceldelayedwork in mvsfree to cancel the delayed work item mwq-workq. However, if mwq-workq is...

CVE-2025-40001 scsi: mvsas: Fix use-after-free bugs in mvs_work_queue

In the Linux kernel, the following vulnerability has been resolved: scsi: mvsas: Fix use-after-free bugs in mvsworkqueue During the detaching of Marvell's SAS/SATA controller, the original code calls canceldelayedwork in mvsfree to cancel the delayed work item mwq-workq. However, if mwq-workq is...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a delayed work entry not being properly canceled in mvsworkqueue, which could lead to reuse after release...

IBM MQ Denial of Service Vulnerability (CNVD-2026-19183)

IBM MQ is a leading enterprise-class messaging middleware designed for cross-platform asynchronous communication. It uses a queuing mechanism to ensure reliable and secure data transfer between applications and supports integration in heterogeneous environments. A denial of service vulnerability...

SUSE CVE-2025-39972

In the Linux kernel, the following vulnerability has been resolved: i40e: fix idx validation in i40evalidatequeuemap Ensure idx is within range of active/initialized TCs when iterating over vf-chidx in i40evalidatequeuemap...