Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not properly booting a device when a queue is set to interrupt, which could cause the kernel to crash...

PT-2025-40119

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak issue was identified within the Linux kernel’s block I/O queue management blk-mq subsystem. Specifically, the issue occurs during the registration of hardware contexts 'hct...

PT-2025-40232

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.16.0-rc3-syzkaller Description The Linux kernel contains a flaw within the RDMA/cma subsystem. Specifically, the issue relates to allowing only UD qp type to join multicast, and setting qkey to default if it's...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a failure to check for the existence of a queue, which could lead to a segmentation violation...

PT-2025-40196

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contained memory leaks related to socket sk and zero-copy sk buffs skbs when using TX timestamping. The issue was identified through syzkaller reports, which demonstrate...

PT-2025-40204

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.2.0-rc1-00023-g6c94e2e99343 Description The vsp1 driver in the Linux kernel incorrectly uses the vb2 is streaming function to determine if the .start streaming operation has been called. A change in the vb2 cor...

PT-2025-40206

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Linux kernel related to virtio net and the initialization of XDP. Specifically, an error during XDP initialization in virtnet open could lead to incomplete rollbac...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not properly cleaning up the mcu skb queue in the mt7915mcuexit function, which could lead to a memory leak...

kernel: net/sched: sch_qfq: Fix race condition on qfq_aggregate

In the Linux kernel, the following vulnerability has been resolved: net/sched: schqfq: Fix race condition on qfqaggregate A race condition can occur when 'agg' is modified in qfqchangeagg called during qfqenqueue while other threads access it concurrently. For example, qfqdumpclass may trigger a...

kernel: net_sched: hfsc: Fix a UAF vulnerability in class handling

In the Linux kernel, the following vulnerability has been resolved: netsched: hfsc: Fix a UAF vulnerability in class handling This patch fixes a Use-After-Free vulnerability in the HFSC qdisc class handling. The issue occurs due to a time-of-check/time-of-use condition in hfscchangeclass when...

kernel: net_sched: hfsc: Fix a UAF vulnerability in class handling

In the Linux kernel, the following vulnerability has been resolved: netsched: hfsc: Fix a UAF vulnerability in class handling This patch fixes a Use-After-Free vulnerability in the HFSC qdisc class handling. The issue occurs due to a time-of-check/time-of-use condition in hfscchangeclass when...

kernel: tls: fix handling of zero-length records on the rx_list

In the Linux kernel, the following vulnerability has been resolved: tls: fix handling of zero-length records on the rxlist Each recvmsg call must process either - only contiguous DATA records any number of them - one non-DATA record If the next record has different type than what has already been...

Important: kernel-livepatch-6.1.150-174.273

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net/sched: Fix backlog accounting in qdiscdequeueinternal CVE-2025-39677 Affected Packages: kernel-livepatch-6.1.150-174.273 Issue Correction: Please ensure you have live patching enabled. Run dnf update...

CVE-2025-10975

A vulnerability was found in GuanxingLu vlarl up to 31abc0baf53ef8f5db666a1c882e1ea64def2997. This vulnerability affects the function experiments.robot.bridge.reasoningserver::runreasoningserver of the file experiments/robot/bridge/reasoningserver.py of the component ZeroMQ. Performing manipulati...

CVE-2025-10975

A vulnerability was found in GuanxingLu vlarl up to 31abc0baf53ef8f5db666a1c882e1ea64def2997. This vulnerability affects the function experiments.robot.bridge.reasoningserver::runreasoningserver of the file experiments/robot/bridge/reasoningserver.py of the component ZeroMQ. Performing manipulati...

Security Bulletin: Multiple vulnerabilities in IBM MQ Operator and Queue manager container images

Summary Multiple vulnerabilities were addressed in IBM MQ Operator and Queue manager container images Vulnerability Details CVEID:CVE-2025-22874 DESCRIPTION: Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected...

kernel: RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction

In the Linux kernel, the following vulnerability has been resolved: RDMA/iwcm: Fix use-after-free of work objects after cmid destruction The commit 59c68ac31e15 "iwcm: free cmid resources on the last deref" simplified cmid resource management by freeing cmid once all references to the cmid were...

Linux Distros Unpatched Vulnerability : CVE-2025-39869

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - dmaengine: ti: edma: Fix memory allocation size for queueprioritymap Fix a critical memory allocation bug in edmasetupfromhw where queueprioritymap was allocate...

AlmaLinux 8 : kernel (ALSA-2025:15785)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:15785 advisory. kernel: net: usb: smsc75xx: Limit packet length to skb-len CVE-2023-53125 kernel: net/sched: Always pass notifications when child class becomes empty...

kernel: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue()

A flaw was found in the HFSC queueing discipline implementation in the Linux kernel. When a packet is enqueued and the child qdisc's peek function is called before properly updating the HFSC queue's length and backlog counters, a race condition can occur. In some cases, the peek operation may...