DEBIAN-CVE-2026-31601

In the Linux kernel, the following vulnerability has been resolved: vfio/xe: Reorganize the init to decouple migration from reset Attempting to issue reset on VF devices that don't support migration leads to the following: BUG: unable to handle page fault for address: 00000000000011f8 PF:...

CVE-2026-23235

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix out-of-bounds access in sysfs attribute read/write Some f2fs sysfs attributes suffer from out-of-bounds memory access and incorrect handling of integer values whose size is not 4 bytes. For example: vm: echo 65537...

EUVD-2025-205086

In the Linux kernel, the following vulnerability has been resolved: md: init bioset in mddevinit IO operations may be needed before mdrun, such as updating metadata after writing sysfs. Without bioset, this triggers a NULL pointer dereference as below: BUG: kernel NULL pointer dereference, addres...

CVE-2025-68368

In CVE-2025-68368, the Linux kernel vulnerability arises in md: init bioset in mddev_init, where IO operations before md_run() (e.g., metadata updates after sysfs writes) can trigger a NULL pointer dereference if bioset is not initialized. Repro: mdadm -CR /dev/md0 -l1 -n2 /dev/sd[cd]; echo inact...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989790)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989790 advisory. In the Linux kernel, the following vulnerability has been resolved: hwmon: mlxreg-fan Return non-zero value when fan current state is enforced from sysfs Fan speed...

SUSE CVE-2023-53665

In the Linux kernel, the following vulnerability has been resolved: md: don't dereference mddev after exportrdev Except for initial reference, mddev-kobject is referenced by rdev-kobject, and if the last rdev is freed, there is no guarantee that mddev is still valid. Hence mddev should not be use...

CVE-2023-53665

CVE-2023-53665 : Linux kernel vulnerability in md/mdadm handling where after export_rdev(), mddev may be dereferenced via rdev->kobject; if the last rdev is freed, mddev might be invalid. This is caused by mddev->kobject being referenced by rdev->kobject and using mddev after export_rdev...

SUSE CVE-2017-14051

An integer overflow in the qla2x00sysfswriteoptromctl function in drivers/scsi/qla2xxx/qlaattr.c in the Linux kernel through 4.12.10 allows local users to cause a denial of service memory corruption and system crash by leveraging root access...

PT-2017-13225 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.12.10 Description: The issue is related to an integer overflow in the qla2x00 sysfs write optrom ctl function, which can be exploited by local users with root access to cause a denial of service, resulting in...

Ubuntu 5.04 / 5.10 : linux-source-2.6.10, linux-source-2.6.12 vulnerabilities (USN-281-1)

The sysmbind function did not properly verify the validity of the 'maxnod' argument. A local user could exploit this to trigger a buffer overflow, which caused a kernel crash. CVE-2006-0557 The SELinux module did not correctly handle the tracer SID when a process was already being traced. A local...