EUVD-2026-38888

In the Linux kernel, the following vulnerability has been resolved: um: Fix potential race condition in TLB sync During the TLB sync, we need to traverse and modify the page table, so we should hold the page table lock. Since full SMP support for threads within the same process is still missing,...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: s390/uv: Do not call foliowaitwriteback without a folio reference. foliowaitwriteback requires that no spinlocks are held and that a folio reference is held, as documented. After we removed the PTL, the folio object could be free...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fixed a UAF Use-After-Free issue in closefiletableids. A use-after-free condition may occur if one thread destroys a file via ksmbdclosefd, while another thread holds a reference to that file. The existing checks on...

EUVD-2026-18732

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Open-code GGTT MMIO access protection GGTT MMIO access is currently protected by hotplug drmdeventer, which works correctly when the driver loads successfully and is later unbound or unloaded. However, if driver load fail...

ALPINE-CVE-2026-23554

The Intel EPT paging code uses an optimization to defer flushing of any cached EPT state until the p2m lock is dropped, so that multiple modifications done under the same locked region only issue a single flush. Freeing of paging structures however is not deferred until the flushing is done, and...

EUVD-2025-203745

In the Linux kernel, the following vulnerability has been resolved: ksmbd: ipc: fix use-after-free in ipcmsgsendrequest ipcmsgsendrequest waits for a generic netlink reply using an ipcmsgtableentry on the stack. The generic netlink handler handlegenericevent/handleresponse fills entry-response...

CVE-2025-68263 ksmbd: ipc: fix use-after-free in ipc_msg_send_request

In the Linux kernel, the following vulnerability has been resolved: ksmbd: ipc: fix use-after-free in ipcmsgsendrequest ipcmsgsendrequest waits for a generic netlink reply using an ipcmsgtableentry on the stack. The generic netlink handler handlegenericevent/handleresponse fills entry-response...

SUSE CVE-2025-40218

In the Linux kernel, the following vulnerability has been resolved: mm/damon/vaddr: do not repeat pteoffsetmaplock until success DAMON's virtual address space operation set implementation vaddr calls pteoffsetmaplock inside the page table walk callback function. This is for reading and writing pa...

CVE-2025-40218

CVE-2025-40218: In the Linux kernel, DAMON’s vaddr implementation was retrying pte_offset_map_lock() on failure, which could loop in scenarios where the target is a PMD migration entry, potentially causing a soft lockup when DAMON runs in parallel with CPU hotplug. The fix removes the retry-on-fa...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: mm/smaps: Fixed a race condition between smapshugetlbrange and migration. The smapshugetlbrange function handles the page table entry without holding the page table lock ptl. This may cause a concurrency issue with migration,...

EUVD-2022-55664

In the Linux kernel, the following vulnerability has been resolved: s390/netiucv: Fix return type of netiucvtx With clang's kernel control flow integrity kCFI, CONFIGCFICLANG, indirect call targets are validated against the expected function pointer prototype to make sure the call target is valid...

OESA-2025-2411 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: mm/smaps: fix race between smapshugetlbrange and migration smapshugetlbrange handles the pte without holdling ptl, and may be concurrenct with migration, leaing ...

EUVD-2025-28957

Malicious code in bioql PyPI...

SUSE CVE-2025-39754

In the Linux kernel, the following vulnerability has been resolved: mm/smaps: fix race between smapshugetlbrange and migration smapshugetlbrange handles the pte without holdling ptl, and may be concurrenct with migration, leaing to BUGON in pfnswapentrytopage. The race is as follows...

AZL-70952 CVE-2025-39754 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: mm/smaps: fix race between smapshugetlbrange and migration smapshugetlbrange handles the pte without holdling ptl, and may be concurrenct with migration, leaing to BUGON in pfnswapentrytopage. The race is as follows...

AZL-67175 CVE-2025-39754 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: mm/smaps: fix race between smapshugetlbrange and migration smapshugetlbrange handles the pte without holdling ptl, and may be concurrenct with migration, leaing to BUGON in pfnswapentrytopage. The race is as follows...

CVE-2025-39754 mm/smaps: fix race between smaps_hugetlb_range and migration

In the Linux kernel, the following vulnerability has been resolved: mm/smaps: fix race between smapshugetlbrange and migration smapshugetlbrange handles the pte without holdling ptl, and may be concurrenct with migration, leaing to BUGON in pfnswapentrytopage. The race is as follows...

CVE-2025-39754

CVE-2025-39754: Linux kernel race in mm/smaps between smaps_hugetlb_range and migration. The vulnerability arises when smaps_hugetlb_range() handles the page table without holding the ptl, racing with migration and potentially triggering a BUG_ON in pfn_swap_entry_to_page(). The fix is to hold th...

PT-2025-37213

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A race condition exists between smaps hugetlb range and page migration within the kernel’s memory management subsystem. Specifically, smaps hugetlb range accesses page table entries pt...

Linux Distros Unpatched Vulnerability : CVE-2025-37952

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ksmbd: Fix UAF in closefiletableids A use-after-free is possible if one thread destroys the file via ksmbdclosefd while another thread holds a reference to it...