CVE-2025-68779

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Avoid unregistering PSP twice PSP is unregistered twice in: mlx5eremove - mlx5epspunregister mlx5eniccleanup - mlx5epspunregister This leads to a refcount underflow in some conditions: ------------ cut here -----------...

AZL-74456 CVE-2025-68775 affecting package kernel for versions less than 6.6.121.1-1

In the Linux kernel, the following vulnerability has been resolved: net/handshake: duplicate handshake cancellations leak socket When a handshake request is cancelled it is removed from the handshakenet-hnrequests list, but it is still present in the handshakerhashtbl until it is destroyed. If a...

AZL-74445 CVE-2025-68774 affecting package kernel for versions less than 6.6.121.1-1

In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix missing hfsbnodeget in hfsbnodecreate When sync and link are called concurrently, both threads may enter hfsbnodefind without finding the node in the hash table and proceed to create it. Thread A: hfspluswriteinode -...

UBUNTU-CVE-2025-68774

In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix missing hfsbnodeget in hfsbnodecreate When sync and link are called concurrently, both threads may enter hfsbnodefind without finding the node in the hash table and proceed to create it. Thread A: hfspluswriteinode -...

CVE-2025-68779

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Avoid unregistering PSP twice PSP is unregistered twice in: mlx5eremove - mlx5epspunregister mlx5eniccleanup - mlx5epspunregister This leads to a refcount underflow in some conditions: ------------ cut here -----------...

CVE-2025-68774

In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix missing hfsbnodeget in hfsbnodecreate When sync and link are called concurrently, both threads may enter hfsbnodefind without finding the node in the hash table and proceed to create it. Thread A: hfspluswriteinode -...

UBUNTU-CVE-2025-68779

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Avoid unregistering PSP twice PSP is unregistered twice in: mlx5eremove - mlx5epspunregister mlx5eniccleanup - mlx5epspunregister This leads to a refcount underflow in some conditions: ------------ cut here -----------...

UBUNTU-CVE-2025-68775

In the Linux kernel, the following vulnerability has been resolved: net/handshake: duplicate handshake cancellations leak socket When a handshake request is cancelled it is removed from the handshakenet-hnrequests list, but it is still present in the handshakerhashtbl until it is destroyed. If a...

CVE-2025-68779 net/mlx5e: Avoid unregistering PSP twice

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Avoid unregistering PSP twice PSP is unregistered twice in: mlx5eremove - mlx5epspunregister mlx5eniccleanup - mlx5epspunregister This leads to a refcount underflow in some conditions: ------------ cut here -----------...

CVE-2025-68779

The CVE-2025-68779 issue concerns the Linux kernel mlx5e/mlx5_core components (Mellanox ConnectX drivers) where PSP (Platform Security Processor) cleanup is performed twice during device removal. The double unregistration occurs via _mlx5e_remove -> mlx5e_psp_unregister and mlx5e_nic_cleanup -...

CVE-2025-68779 net/mlx5e: Avoid unregistering PSP twice

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Avoid unregistering PSP twice PSP is unregistered twice in: mlx5eremove - mlx5epspunregister mlx5eniccleanup - mlx5epspunregister This leads to a refcount underflow in some conditions: ------------ cut here -----------...

CVE-2025-68775 net/handshake: duplicate handshake cancellations leak socket

In the Linux kernel, the following vulnerability has been resolved: net/handshake: duplicate handshake cancellations leak socket When a handshake request is cancelled it is removed from the handshakenet-hnrequests list, but it is still present in the handshakerhashtbl until it is destroyed. If a...

CVE-2025-68775

CVE-2025-68775 concerns the Linux kernel, specifically the net/handshake cancellation path. The flaw arises when a handshake request is cancelled twice: the first cancellation removes the request from handshake_net->hn_requests but leaves it in handshake_rhashtbl; a second cancellation can cau...

CVE-2025-68774

In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix missing hfsbnodeget in hfsbnodecreate When sync and link are called concurrently, both threads may enter hfsbnodefind without finding the node in the hash table and proceed to create it. Thread A: hfspluswriteinode -...

CVE-2025-68774

CVE-2025-68774 describes a race in the Linux kernel HFS+ code where concurrent sync() and link() paths may create the same bnode. If both threads miss the hash table and attempt to create, one inserts the node with refcnt=1 while the other, upon finding the already-inserted node, reuses it withou...

CVE-2025-68774 hfsplus: fix missing hfs_bnode_get() in __hfs_bnode_create

In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix missing hfsbnodeget in hfsbnodecreate When sync and link are called concurrently, both threads may enter hfsbnodefind without finding the node in the hash table and proceed to create it. Thread A: hfspluswriteinode -...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: ext4: Mitigated the risk of underflow of the EA inode refcount during xattr updates. Syzkaller identified a path in ext4xattrinodeupdateref where the refcount of EA inodes is checked, and if it is already ref underflow:...

Linux Distros Unpatched Vulnerability : CVE-2025-68775

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net/handshake: duplicate handshake cancellations leak socket When a handshake request is...

MiracleLinux 9 : grub2-2.06-104.el9_6.ML.1 (AXSA:2025-10402:07)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10402:07 advisory. grub2: reader/jpeg: Heap OOB Write during JPEG parsing CVE-2024-45774 grub2: commands/extcmd: Missing check for failed allocation CVE-2024-45775...

MiracleLinux 8 : kernel-4.18.0-553.52.1.el8_10 (AXSA:2025-9961:32)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-9961:32 advisory. kernel: hwmon: coretemp fix pci device refcount leak in nv1aramnew CVE-2022-49011 kernel: netfilter: ipset: add missing range check in bitmapipuadt...