CVE-2025-40250

In CVE-2025-40250, Linux kernel code for mlx5 IRQ handling fixes how cleanup is performed when request_irq() fails. The mlx5_irq_alloc() path previously could inadvertently free the entire rmap, risking a crash if other threads access it after a failure to allocate IRQ vectors. The commit changes...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986389)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986389 advisory. In the Linux kernel, the following vulnerability has been resolved: isdn: mISDN: netjet: Fix crash in njprobe: 'njsetup' in netjet.c might fail with -EIO and in this...

EUVD-2025-13102

Malicious code in bioql PyPI...

CVE-2025-39785

In the Linux kernel, the following vulnerability has been resolved: drm/hisilicon/hibmc: fix irqrequest's irq name variable is local The local variable is passed in requestirq , and there will be use after free problem, which will make requestirq failed. Using the global irq name instead of it to...

CVE-2025-39785

CVE-2025-39785 is a Linux kernel vulnerability affecting the drm/hisilicon/hibmc path. The issue arises from using a local irq name variable in irq_request(); it is passed to request_irq() and can lead to a use-after-free, causing request_irq to fail. The fixes switch to using a global irq name i...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from local variables being passed to the requestirq function, which could lead to a post-release reuse issue...

CVE-2025-39685

Summary (CVE-2025-39685) : In the Linux kernel, the comedi pcl726 driver could trigger an out-of-bounds when an excessively large IRQ number was passed (example 0x80008000). The fix adds an interrupt number check to prevent passing an IRQ number that is too large. It notes that if it->options[...

CVE-2025-39685 comedi: pcl726: Prevent invalid irq number

In the Linux kernel, the following vulnerability has been resolved: comedi: pcl726: Prevent invalid irq number The reproducer passed in an irq number0x80008000 that was too large, which triggered the oob. Added an interrupt number check to prevent users from passing in an irq number that was too...

CVE-2025-23140 misc: pci_endpoint_test: Avoid issue of interrupts remaining after request_irq error

In the Linux kernel, the following vulnerability has been resolved: misc: pciendpointtest: Avoid issue of interrupts remaining after requestirq error After devmrequestirq fails with error in pciendpointtestrequestirq, the pciendpointtestfreeirqvectors is called assuming that all IRQs have been...

CVE-2024-42150

In the Linux kernel, the following vulnerability has been resolved: net: txgbe: remove separate irq request for MSI and INTx When using MSI or INTx interrupts, requestirq for pdev-irq will conflict with requestthreadedirq for txgbe-misc.irq, to cause system crash. So remove txgberequestirq for...

CVE-2024-37353

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2024-37353

...

CVE-2024-37353

CVE-2024-37353 is labeled as Rejected by its CNA in the initial document, but connected security feeds disclose a concrete Linux kernel issue in the virtio subsystem. The Nessus/NASL entry attributes the vulnerability to the virtio path: kernel: virtio: delete vq in vp_find_vqs_msix() when reques...

CVE-2021-47284

CVE-2021-47284 (Linux kernel) relates to isdn: mISDN: netjet crash in nj_probe. The issue occurs when nj_setup may fail with -EIO, leaving card->irq initialized and >0; a subsequent nj_release frees an IRQ that wasn’t requested. The fix deletes the prior assignment to card->irq and keeps...

CVE-2021-47284 isdn: mISDN: netjet: Fix crash in nj_probe:

In the Linux kernel, the following vulnerability has been resolved: isdn: mISDN: netjet: Fix crash in njprobe: 'njsetup' in netjet.c might fail with -EIO and in this case 'card-irq' is initialized and is bigger than zero. A subsequent call to 'njrelease' will free the irq that has not been...

CVE-2024-35907

In the Linux kernel, the following vulnerability has been resolved: mlxbfgige: call requestirq after NAPI initialized The mlxbfgige driver encounters a NULL pointer exception in mlxbfgigeopen when kdump is enabled. The sequence to reproduce the exception is as follows: a enable kdump b trigger...

CVE-2024-35907

Mode C: The CVE-2024-35907 issue affects the mlxbf_gige driver in the Linux kernel (BlueField-3 SmartNIC). The root cause is a NULL pointer dereference in mlxbf_gige_open() when kdump is enabled, traced to a pending RX interrupt that fires before request_irq(RX IRQ) is called, causing an interrup...

CVE-2024-26813 vfio/platform: Create persistent IRQ handlers

In the Linux kernel, the following vulnerability has been resolved: vfio/platform: Create persistent IRQ handlers The vfio-platform SETIRQS ioctl currently allows loopback triggering of an interrupt before a signaling eventfd has been configured by the user, which thereby allows a NULL pointer...

CVE-2024-26813 vfio/platform: Create persistent IRQ handlers

In the Linux kernel, the following vulnerability has been resolved: vfio/platform: Create persistent IRQ handlers The vfio-platform SETIRQS ioctl currently allows loopback triggering of an interrupt before a signaling eventfd has been configured by the user, which thereby allows a NULL pointer...