CVE-2025-38037

The CVE-2025-38037 issue affects the Linux kernel’s VXLAN FDB handling. The root cause is a data race where the FDB entry’s fields used and updated may be concurrently accessed by multiple threads, triggering KCSAN reports in vxlan_xmit paths. The fix is to annotate these accesses with READ_ONCE(...

CVE-2025-38037 vxlan: Annotate FDB data races

In the Linux kernel, the following vulnerability has been resolved: vxlan: Annotate FDB data races The 'used' and 'updated' fields in the FDB entry structure can be accessed concurrently by multiple threads, leading to reports such as 1. Can be reproduced using 2. Suppress these reports by...

CVE-2025-38037 vxlan: Annotate FDB data races

In the Linux kernel, the following vulnerability has been resolved: vxlan: Annotate FDB data races The 'used' and 'updated' fields in the FDB entry structure can be accessed concurrently by multiple threads, leading to reports such as 1. Can be reproduced using 2. Suppress these reports by...

SUSE CVE-2025-37800

In the Linux kernel, the following vulnerability has been resolved: driver core: fix potential NULL pointer dereference in devuevent If userspace reads "uevent" device attribute at the same time as another threads unbinds the device from its driver, change to dev-driver from a valid pointer to NU...

CVE-2025-37800 driver core: fix potential NULL pointer dereference in dev_uevent()

In the Linux kernel, the following vulnerability has been resolved: driver core: fix potential NULL pointer dereference in devuevent If userspace reads "uevent" device attribute at the same time as another threads unbinds the device from its driver, change to dev-driver from a valid pointer to NU...

SUSE CVE-2022-49595

In the Linux kernel, the following vulnerability has been resolved: tcp: Fix a data-race around sysctltcpprobethreshold. While reading sysctltcpprobethreshold, it can be changed concurrently. Thus, we need to add READONCE to its reader...

CVE-2022-49640

In the Linux kernel, the following vulnerability has been resolved: sysctl: Fix data races in procdouintvecminmax. A sysctl variable is accessed concurrently, and there is always a chance of data-race. So, all readers and writers need some basic protection to avoid load/store-tearing. This patch...

CVE-2022-49641

In the Linux kernel, the following vulnerability has been resolved: sysctl: Fix data races in procdouintvec. A sysctl variable is accessed concurrently, and there is always a chance of data-race. So, all readers and writers need some basic protection to avoid load/store-tearing. This patch change...

CVE-2022-49639

In the Linux kernel, the following vulnerability has been resolved: cipso: Fix data-races around sysctl. While reading cipso sysctl variables, they can be changed concurrently. So, we need to add READONCE to avoid data-races...

CVE-2022-49638

In the Linux kernel, the following vulnerability has been resolved: icmp: Fix data-races around sysctl. While reading icmp sysctl variables, they can be changed concurrently. So, we need to add READONCE to avoid data-races...

CVE-2022-49630

In the Linux kernel, the following vulnerability has been resolved: tcp: Fix a data-race around sysctltcpecnfallback. While reading sysctltcpecnfallback, it can be changed concurrently. Thus, we need to add READONCE to its reader...

CVE-2022-49633

In the Linux kernel, the following vulnerability has been resolved: icmp: Fix data-races around sysctlicmpechoenableprobe. While reading sysctlicmpechoenableprobe, it can be changed concurrently. Thus, we need to add READONCE to its readers...

CVE-2022-49631

In the Linux kernel, the following vulnerability has been resolved: raw: Fix a data-race around sysctlrawl3mdevaccept. While reading sysctlrawl3mdevaccept, it can be changed concurrently. Thus, we need to add READONCE to its reader...

CVE-2022-49629

In the Linux kernel, the following vulnerability has been resolved: nexthop: Fix data-races around nexthopcompatmode. While reading nexthopcompatmode, it can be changed concurrently. Thus, we need to add READONCE to its readers...

CVE-2022-49602

In the Linux kernel, the following vulnerability has been resolved: ip: Fix a data-race around sysctlfwmarkreflect. While reading sysctlfwmarkreflect, it can be changed concurrently. Thus, we need to add READONCE to its reader...

CVE-2022-49603

In the Linux kernel, the following vulnerability has been resolved: ip: Fix data-races around sysctlipfwdupdatepriority. While reading sysctlipfwdupdatepriority, it can be changed concurrently. Thus, we need to add READONCE to its readers...

CVE-2022-49593

In the Linux kernel, the following vulnerability has been resolved: tcp: Fix a data-race around sysctltcpprobeinterval. While reading sysctltcpprobeinterval, it can be changed concurrently. Thus, we need to add READONCE to its reader...

CVE-2022-49586

In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctltcpfastopen. While reading sysctltcpfastopen, it can be changed concurrently. Thus, we need to add READONCE to its readers...

CVE-2022-49571

In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctltcpmaxreordering. While reading sysctltcpmaxreordering, it can be changed concurrently. Thus, we need to add READONCE to its readers...

CVE-2022-49573

In the Linux kernel, the following vulnerability has been resolved: tcp: Fix a data-race around sysctltcpearlyretrans. While reading sysctltcpearlyretrans, it can be changed concurrently. Thus, we need to add READONCE to its reader...