Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the rcuscale.holdoff parameter when set too large, which can lead to a task blocking timeout...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a PM runtime enablement that causes tasks to block, potentially leading to a system hang...

EUVD-2025-20899

Malicious code in bioql PyPI...

CVE-2022-50089

CVE-2022-50089 affects the Linux kernel with the btrfs file system. The issue occurs when cow_file_range() fails mid-allocation (unlock=0) and may leave pages locked, potentially causing a hung task in zoned btrfs setups (as described in the provided reports). The included details show that the f...

CVE-2025-21942

In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: fix extent range end unlock in cowfilerange Running generic/751 on the for-next branch often results in a hang like below. They are both stack by locking an extent. This suggests someone forget to unlock an extent...

CVE-2025-21942

CVE-2025-21942 affects the Linux kernel btrfs zoned code. A hang can occur in cow_file_range() when unlocking extents if there is no active zone finish path or after partial allocations, due to unlock code being moved outside the loop by a commit. The fix sets the end to the end of the allocated ...

CVE-2025-21892 RDMA/mlx5: Fix the recovery flow of the UMR QP

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix the recovery flow of the UMR QP This patch addresses an issue in the recovery flow of the UMR QP, ensuring tasks do not get stuck, as highlighted by the call trace 1. During recovery, before transitioning the QP to...

CVE-2025-21892

CVE-2025-21892 affects the Linux kernel's RDMA mlx5 driver, specifically the UMR QP recovery path. A race during recovery could cause the firmware to skip flushing some CQEs with errors and discard them when transitioning to RESET, potentially losing CQEs and leaving tasks blocked. The referenced...

PT-2024-35654 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.8.0-2024-03-19-intel-next-iLS-24ww14 Description: The issue is related to possible deadlocks in the Bluetooth management MGMT component of the Linux kernel, caused by the hci cmd sync dequeue function. This ca...

CVE-2024-50155

In the Linux kernel, the following vulnerability has been resolved: netdevsim: use condresched in nsimdevtrapreportwork I am still seeing many syzbot reports hinting that syzbot might fool nsimdevtrapreportwork with hundreds of ports 1 Lets use condresched, and systemunboundwq instead of implicit...

Updated kernel packages fix security vulnerabilities

This kernel update is based on upstream 5.15.117 and fixes atleast the following security issues: In the Linux kernel through 6.2.7, fs/ntfs3/inode.c has an invalid kfree because it does not validate MFT flags before replaying logs CVE-2022-48425. An out-of-bounds memory access flaw was found in...