CVE-2025-68304 Bluetooth: hci_core: lookup hci_conn on RX path on protocol side

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcicore: lookup hciconn on RX path on protocol side The hdev lock/lookup/unlock/use pattern in the packet RX path doesn't ensure hciconn is not concurrently modified/deleted. This locking appears to be leftover from...

CVE-2025-40350 net/mlx5e: RX, Fix generating skb from non-linear xdp_buff for striding RQ

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: RX, Fix generating skb from non-linear xdpbuff for striding RQ XDP programs can change the layout of an xdpbuff through bpfxdpadjusttail and bpfxdpadjusthead. Therefore, the driver cannot assume the size of the linear...

PT-2025-51708

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Bluetooth implementation within the Linux kernel, specifically in the hci core component. The issue relates to improper locking mechanisms when handling Bluetooth...

EUVD-2025-31832

A weakness has been identified in JhumanJ OpnForm up to 1.9.3. This affects an unknown function of the file /api/password/email of the component Forgotten Password Handler. This manipulation causes information exposure through discrepancy. It is possible to initiate the attack remotely. The attac...

CVE-2025-38165

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix panic when calling skblinearize The panic can be reproduced by executing the command: ./bench sockmap -c 2 -p 1 -a --rx-verdict-ingress --rx-strp 100000 Then a kernel panic was captured: ''' 657.460555 kernel BU...

CVE-2025-38165

CVE-2025-38165 affects the Linux kernel (bpf, sockmap) and can trigger a kernel panic when skb_linearize is called in the backlog path. The root cause, introduced by a prior skb_get usage to fix race conditions, caused panics for large RX payloads (e.g., when using the strparser to accumulate up ...

CVE-2025-38165 bpf, sockmap: Fix panic when calling skb_linearize

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix panic when calling skblinearize The panic can be reproduced by executing the command: ./bench sockmap -c 2 -p 1 -a --rx-verdict-ingress --rx-strp 100000 Then a kernel panic was captured: ''' 657.460555 kernel BU...

Astra Linux - уязвимость в linux-6.12

In the Linux kernel, the following vulnerability has been resolved: xsk: Fix race condition in AFXDP generic RX path Move rxlock from xsksocket to xskbuffpool. Fix synchronization for shared umem mode in generic RX path where multiple sockets share single xskbuffpool. RX queue is exclusive to...

SUSE CVE-2025-37920

In the Linux kernel, the following vulnerability has been resolved: xsk: Fix race condition in AFXDP generic RX path Move rxlock from xsksocket to xskbuffpool. Fix synchronization for shared umem mode in generic RX path where multiple sockets share single xskbuffpool. RX queue is exclusive to...

CVE-2025-37920

In the Linux kernel, the following vulnerability has been resolved: xsk: Fix race condition in AFXDP generic RX path Move rxlock from xsksocket to xskbuffpool. Fix synchronization for shared umem mode in generic RX path where multiple sockets share single xskbuffpool. RX queue is exclusive to...

CVE-2025-37920

In the Linux kernel, the following vulnerability has been resolved: xsk: Fix race condition in AFXDP generic RX path Move rxlock from xsksocket to xskbuffpool. Fix synchronization for shared umem mode in generic RX path where multiple sockets share single xskbuffpool. RX queue is exclusive to...

UBUNTU-CVE-2025-37920

In the Linux kernel, the following vulnerability has been resolved: xsk: Fix race condition in AFXDP generic RX path Move rxlock from xsksocket to xskbuffpool. Fix synchronization for shared umem mode in generic RX path where multiple sockets share single xskbuffpool. RX queue is exclusive to...

CVE-2025-37920 xsk: Fix race condition in AF_XDP generic RX path

In the Linux kernel, the following vulnerability has been resolved: xsk: Fix race condition in AFXDP generic RX path Move rxlock from xsksocket to xskbuffpool. Fix synchronization for shared umem mode in generic RX path where multiple sockets share single xskbuffpool. RX queue is exclusive to...

CVE-2025-37920 xsk: Fix race condition in AF_XDP generic RX path

In the Linux kernel, the following vulnerability has been resolved: xsk: Fix race condition in AFXDP generic RX path Move rxlock from xsksocket to xskbuffpool. Fix synchronization for shared umem mode in generic RX path where multiple sockets share single xskbuffpool. RX queue is exclusive to...

CVE-2025-37920

CVE-2025-37920 affects the Linux kernel in the AF_XDP path. The issue is a race condition in the generic RX path when multiple sockets share the same xsk_buff_pool (shared umem), with RX queues being socket-exclusive and FILL queues sharable. The fix moves the rx_lock from xsk_socket to the share...

kernel: net: phy: micrel: Fix potential null pointer dereference

In the Linux kernel, the following vulnerability has been resolved: net: phy: micrel: Fix potential null pointer dereference In lan8814getsigrx and lan8814getsigtx ptpparseheader may return NULL as ptpheader due to abnormal packet type or corrupted packet. Fix this bug by adding ptpheader check...

CVE-2023-52611

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: sdio: Honor the host maxreqsize in the RX path Lukas reports skboverpanic errors on his Banana Pi BPI-CM4 which comes with an Amlogic A311D G12B SoC and a RTL8822CS SDIO wifi/Bluetooth combo card. The error he observ...

DEBIAN-CVE-2023-52611

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: sdio: Honor the host maxreqsize in the RX path Lukas reports skboverpanic errors on his Banana Pi BPI-CM4 which comes with an Amlogic A311D G12B SoC and a RTL8822CS SDIO wifi/Bluetooth combo card. The error he observ...

CVE-2023-52611

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: sdio: Honor the host maxreqsize in the RX path Lukas reports skboverpanic errors on his Banana Pi BPI-CM4 which comes with an Amlogic A311D G12B SoC and a RTL8822CS SDIO wifi/Bluetooth combo card. The error he observ...

CVE-2023-52611 wifi: rtw88: sdio: Honor the host max_req_size in the RX path

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: sdio: Honor the host maxreqsize in the RX path Lukas reports skboverpanic errors on his Banana Pi BPI-CM4 which comes with an Amlogic A311D G12B SoC and a RTL8822CS SDIO wifi/Bluetooth combo card. The error he observ...