UBUNTU-CVE-2025-68774

In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix missing hfsbnodeget in hfsbnodecreate When sync and link are called concurrently, both threads may enter hfsbnodefind without finding the node in the hash table and proceed to create it. Thread A: hfspluswriteinode -...

CVE-2025-68774 hfsplus: fix missing hfs_bnode_get() in __hfs_bnode_create

In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix missing hfsbnodeget in hfsbnodecreate When sync and link are called concurrently, both threads may enter hfsbnodefind without finding the node in the hash table and proceed to create it. Thread A: hfspluswriteinode -...

CVE-2025-68774

CVE-2025-68774 describes a race in the Linux kernel HFS+ code where concurrent sync() and link() paths may create the same bnode. If both threads miss the hash table and attempt to create, one inserts the node with refcnt=1 while the other, upon finding the already-inserted node, reuses it withou...

CVE-2025-39819

CVE-2025-39819 affects the Linux kernel (fs/smb). The issue is an inconsistent refcount update in smb2_compound_op that could leak resources; a fix adds an extra cleanup goto to ensure cfile is dropped on all paths, including ENOMEM paths. The problem is limited to the kernel SMB path and is miti...

CVE-2025-37878 perf/core: Fix WARN_ON(!ctx) in __free_event() for partial init

In the Linux kernel, the following vulnerability has been resolved: perf/core: Fix WARNON!ctx in freeevent for partial init Move the getctxchildctx call and the childevent-ctx assignment to occur immediately after the child event is allocated. Ensure that childevent-ctx is non-NULL before any...

CVE-2025-37878

CVE-2025-37878 (Linux kernel) : The vulnerability arises in perf/core during partial initialization of a child event. The fix defers the refcount update and the assignment of child_event->ctx until after child_event->pmu_ctx is set and immediately after the initial validation, ensuring chil...

CVE-2025-37878 perf/core: Fix WARN_ON(!ctx) in __free_event() for partial init

In the Linux kernel, the following vulnerability has been resolved: perf/core: Fix WARNON!ctx in freeevent for partial init Move the getctxchildctx call and the childevent-ctx assignment to occur immediately after the child event is allocated. Ensure that childevent-ctx is non-NULL before any...

SUSE-SU-2023:3846-1 Security update for the Linux Kernel (Live Patch 34 for SLE 15 SP2)

This update for the Linux Kernel 5.3.18-15020024145 fixes several issues. The following security issues were fixed: - CVE-2023-3776: Fixed improper refcount update in clsfw leads to use-after-free bsc1215119. - CVE-2023-1829: Fixed a use-after-free vulnerability in the control index filter tcinde...

SUSE-SU-2023:3838-1 Security update for the Linux Kernel (Live Patch 40 for SLE 15 SP1)

This update for the Linux Kernel 4.12.14-150100197145 fixes several issues. The following security issues were fixed: - CVE-2023-3776: Fixed improper refcount update in clsfw leads to use-after-free bsc1215119. - CVE-2023-1829: Fixed a use-after-free vulnerability in the control index filter...

SUSE-SU-2023:3329-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-40982: Fixed transient execution attack called 'Gather Data Sampling' bsc1206418. - CVE-2023-0459: Fixed information leak in uaccessbeginnospec...

PT-2023-33319 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.158 Description: The issue is related to a pci device refcount leak in the nv1a ram new function. This problem was introduced in version v3.14 and is fixed in Linux Kernel version v5.10.158. The actual...