SUSE CVE-2022-50874

In the Linux kernel, the following vulnerability has been resolved: RDMA/erdma: Fix refcount leak in erdmammap rdmausermmapentryget take reference, we should release it when not need anymore, add the missing rdmausermmapentryput in the error path to fix it...

Siemens SIMATIC S7-1500 Use After Free (CVE-2024-26957)

In the Linux kernel, the following vulnerability has been resolved: s390/zcrypt: fix reference counting on zcrypt card objects. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

CVE-2025-38349 eventpoll: don't decrement ep refcount while still holding the ep mutex

In the Linux kernel, the following vulnerability has been resolved: eventpoll: don't decrement ep refcount while still holding the ep mutex Jann Horn points out that epoll is decrementing the ep refcount and then doing a mutexunlock&ep-mtx; afterwards. That's very wrong, because it can lead to a...

CVE-2025-38235

In the Linux kernel, the following vulnerability has been resolved: HID: appletb-kbd: fix "appletbbacklight" backlight device reference counting During appletbkbdprobe, probe attempts to get the backlight device by name. When this happens backlightdevicegetbyname looks for a device in the backlig...

SUSE-SU-2025:0994-1 Security update for php8

This update for php8 fixes the following issues: - CVE-2024-11235: Fixed reference counting in phprequestshutdown causing Use-After-Free bsc1239666 - CVE-2025-1217: Fixed header parser of http stream wrapper not handling folded headers bsc1239664 - CVE-2025-1219: Fixed libxml streams using wrong...

CVE-2025-21841

In the Linux kernel, the following vulnerability has been resolved: cpufreq/amd-pstate: Fix cpufreqpolicy ref counting amdpstateupdatelimits takes a cpufreqpolicy reference but doesn't decrement the refcount in one of the exit paths, fix that...

CVE-2025-21841 cpufreq/amd-pstate: Fix cpufreq_policy ref counting

In the Linux kernel, the following vulnerability has been resolved: cpufreq/amd-pstate: Fix cpufreqpolicy ref counting amdpstateupdatelimits takes a cpufreqpolicy reference but doesn't decrement the refcount in one of the exit paths, fix that...

CVE-2022-49504 scsi: lpfc: Inhibit aborts if external loopback plug is inserted

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Inhibit aborts if external loopback plug is inserted After running a short external loopback test, when the external loopback is removed and a normal cable inserted that is directly connected to a target device, the...

CVE-2024-49870

In the Linux kernel, the following vulnerability has been resolved: cachefiles: fix dentry leak in cachefilesopenfile A dentry leak may be caused when a lookup cookie and a cull are concurrent: P1 | P2 ----------------------------------------------------------- cachefileslookupcookie...