CVE-2025-38552

In the Linux kernel, the following vulnerability has been resolved: mptcp: plug races between subflow fail and subflow creation We have races similar to the one addressed by the previous patch between subflow failing and additional subflow creation. They are just harder to trigger. The solution i...

CVE-2025-38552 mptcp: plug races between subflow fail and subflow creation

In the Linux kernel, the following vulnerability has been resolved: mptcp: plug races between subflow fail and subflow creation We have races similar to the one addressed by the previous patch between subflow failing and additional subflow creation. They are just harder to trigger. The solution i...

CVE-2025-38552

CVE-2025-38552 concerns the Linux kernel and addresses a race in MPTCP where subflow creation and subflow failure can collide. The issue arises from a race between a subflow failing and the creation of an additional subflow, which could lead to inconsistent socket state if not synchronized. The f...

CVE-2025-38546

In the Linux kernel, the following vulnerability has been resolved: atm: clip: Fix memory leak of struct clipvcc. ioctlATMARPMKIP allocates struct clipvcc and set it to vcc-userback. The code assumes that vccdestroysocket passes NULL skb to vcc-push when the socket is closed, and then clippush...

CVE-2025-38546

CVE-2025-38546 (Linux kernel: ATM clip memory leak) The vulnerability is in the ATM subsystem’s clip code. The ioctl ATMARPD_CTRL path assigns NULL to vcc->push(), which breaks the expected cleanup path and leaks memory for the allocated struct clip_vcc during ATMARP handling. The root cause i...

CVE-2025-38545 net: ethernet: ti: am65-cpsw-nuss: Fix skb size by accounting for skb_shared_info

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ti: am65-cpsw-nuss: Fix skb size by accounting for skbsharedinfo While transitioning from netdevallocipalign to buildskb, memory for the "skbsharedinfo" member of an "skb" was not allocated. Fix this by allocating...

CVE-2025-38545 net: ethernet: ti: am65-cpsw-nuss: Fix skb size by accounting for skb_shared_info

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ti: am65-cpsw-nuss: Fix skb size by accounting for skbsharedinfo While transitioning from netdevallocipalign to buildskb, memory for the "skbsharedinfo" member of an "skb" was not allocated. Fix this by allocating...

CVE-2025-38545

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ti: am65-cpsw-nuss: Fix skb size by accounting for skbsharedinfo While transitioning from netdevallocipalign to buildskb, memory for the "skbsharedinfo" member of an "skb" was not allocated. Fix this by allocating...

CVE-2025-38532

In the Linux kernel, the following vulnerability has been resolved: net: libwx: properly reset Rx ring descriptor When device reset is triggered by feature changes such as toggling Rx VLAN offload, wx-doreset is called to reinitialize Rx rings. The hardware descriptor ring may retain stale values...

CVE-2025-38532

CVE-2025-38532 affects the Linux kernel libwx RX path. When a device reset occurs due to feature changes (e.g., RX VLAN offload toggles), the hardware descriptor ring may retain stale values, leading to malformed SKBs if length handling isn’t reset. The patch fixes the reset sequence by ensuring ...

CVE-2025-38532

In the Linux kernel, the following vulnerability has been resolved: net: libwx: properly reset Rx ring descriptor When device reset is triggered by feature changes such as toggling Rx VLAN offload, wx-doreset is called to reinitialize Rx rings. The hardware descriptor ring may retain stale values...

CVE-2025-38532 net: libwx: properly reset Rx ring descriptor

In the Linux kernel, the following vulnerability has been resolved: net: libwx: properly reset Rx ring descriptor When device reset is triggered by feature changes such as toggling Rx VLAN offload, wx-doreset is called to reinitialize Rx rings. The hardware descriptor ring may retain stale values...

CVE-2025-38524

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix recv-recv race of completed call If a call receives an event such as incoming data, the call gets placed on the socket's queue and a thread in recvmsg can be awakened to go and process it. Once the thread has picked up...

CVE-2025-38513 wifi: zd1211rw: Fix potential NULL pointer dereference in zd_mac_tx_to_dev()

In the Linux kernel, the following vulnerability has been resolved: wifi: zd1211rw: Fix potential NULL pointer dereference in zdmactxtodev There is a potential NULL pointer dereference in zdmactxtodev. For example, the following is possible: T0 T1 zdmactxtodev / len == skbqueuelenq / while len...

CVE-2025-38513

In the Linux kernel, the following vulnerability has been resolved: wifi: zd1211rw: Fix potential NULL pointer dereference in zdmactxtodev There is a potential NULL pointer dereference in zdmactxtodev. For example, the following is possible: T0 T1 zdmactxtodev / len == skbqueuelenq / while len...

CVE-2025-38513 wifi: zd1211rw: Fix potential NULL pointer dereference in zd_mac_tx_to_dev()

In the Linux kernel, the following vulnerability has been resolved: wifi: zd1211rw: Fix potential NULL pointer dereference in zdmactxtodev There is a potential NULL pointer dereference in zdmactxtodev. For example, the following is possible: T0 T1 zdmactxtodev / len == skbqueuelenq / while len...

PT-2025-33588

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw exists in the Linux kernel related to memory allocation for the skb shared info member of an skb socket buffer during the transition from netdev alloc ip align to build skb...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not properly resetting the Rx ring descriptor, which could lead to the construction of malformed SKBs...

PT-2025-33556

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A potential NULL pointer dereference exists in the zd mac tx to dev function due to a race condition between checking the skb queue length and unconditionally dequeuing an skb...

OESA-2025-2006 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: vlan: enforce underlying device type Currently, VLAN devices can be created on top of non-ethernet devices. Besides the fact that it doesn't make much sense, thi...