DEBIAN-CVE-2025-38106

In the Linux kernel, the following vulnerability has been resolved: iouring: fix use-after-free of sq-thread in iouringshowfdinfo syzbot reports: BUG: KASAN: slab-use-after-free in getrusage+0x1109/0x1a60 Read of size 8 at addr ffff88810de2d2c8 by task a.out/304 CPU: 0 UID: 0 PID: 304 Comm: a.out...

AZL-64577 CVE-2025-38100 affecting package kernel for versions less than 6.6.96.1-1

In the Linux kernel, the following vulnerability has been resolved: x86/iopl: Cure TIFIOBITMAP inconsistencies iobitmapexit is invoked from exitthread when a task exists or when a fork fails. In the latter case the exitthread cleans up resources which were allocated during fork. iobitmapexit...

DEBIAN-CVE-2025-38100

In the Linux kernel, the following vulnerability has been resolved: x86/iopl: Cure TIFIOBITMAP inconsistencies iobitmapexit is invoked from exitthread when a task exists or when a fork fails. In the latter case the exitthread cleans up resources which were allocated during fork. iobitmapexit...

UBUNTU-CVE-2025-38170

In the Linux kernel, the following vulnerability has been resolved: arm64/fpsimd: Discard stale CPU state when handling SME traps The logic for handling SME traps manipulates saved FPSIMD/SVE/SME state incorrectly, and a race with preemption can result in a task having TIFSME set and...

UBUNTU-CVE-2025-38100

In the Linux kernel, the following vulnerability has been resolved: x86/iopl: Cure TIFIOBITMAP inconsistencies iobitmapexit is invoked from exitthread when a task exists or when a fork fails. In the latter case the exitthread cleans up resources which were allocated during fork. iobitmapexit...

UBUNTU-CVE-2025-38106

In the Linux kernel, the following vulnerability has been resolved: iouring: fix use-after-free of sq-thread in iouringshowfdinfo syzbot reports: BUG: KASAN: slab-use-after-free in getrusage+0x1109/0x1a60 Read of size 8 at addr ffff88810de2d2c8 by task a.out/304 CPU: 0 UID: 0 PID: 304 Comm: a.out...

UBUNTU-CVE-2025-38154

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Avoid using sksocket after free when sending The sk-sksocket is not locked or referenced in backlog thread, and during the call to skbsendsock, there is a race condition with the release of sksocket. All types of...

CVE-2025-38106 io_uring: fix use-after-free of sq->thread in __io_uring_show_fdinfo()

In the Linux kernel, the following vulnerability has been resolved: iouring: fix use-after-free of sq-thread in iouringshowfdinfo syzbot reports: BUG: KASAN: slab-use-after-free in getrusage+0x1109/0x1a60 Read of size 8 at addr ffff88810de2d2c8 by task a.out/304 CPU: 0 UID: 0 PID: 304 Comm: a.out...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from iouring releasing sq-thread after use in iouringshowfdinfo...

Vulnerabilities of components such as drivers, NVMe, and host kernels of the Linux operating system, which allow attackers to cause service failures

The vulnerability of components such as drivers, NVMe, and host kernels in the Linux operating system is related to errors during thread blocking. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability in the fs/ntfs3/namei.c component of the Linux operating system allows a hacker to induce a service failure.

The vulnerability of the fs/ntfs3/namei.c component in the Linux operating system is related to errors during thread blocking. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the UFS driver in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the UFS driver in the Linux operating system is related to errors during thread locking. Exploiting this vulnerability can allow an attacker to cause a service failure...

Moderate: glibc security update

The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name service cache daemon nscd used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fixes: glibc:...

ALSA-2025:9877 Moderate: glibc security update

The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name service cache daemon nscd used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fixes: glibc:...

CVE-2025-6693

A vulnerability, which was classified as critical, was found in RT-Thread up to 5.1.0. This affects the function sysdeviceopen/sysdeviceread/sysdevicecontrol/sysdeviceinit/sysdeviceclose/sysdevicewrite of the file components/drivers/core/device.c. The manipulation leads to memory corruption. It i...

OESA-2025-1669 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: btrfs: flush delalloc workers queue before stopping cleaner kthread during unmount During the unmount path, at closectree, we first stop the cleaner kthread, usi...

OESA-2025-1667 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: btrfs: flush delalloc workers queue before stopping cleaner kthread during unmount During the unmount path, at closectree, we first stop the cleaner kthread, usi...

CVE-2025-6693

A vulnerability, which was classified as critical, was found in RT-Thread up to 5.1.0. This affects the function sysdeviceopen/sysdeviceread/sysdevicecontrol/sysdeviceinit/sysdeviceclose/sysdevicewrite of the file components/drivers/core/device.c. The manipulation leads to memory corruption. It i...

CVE-2025-6693

A vulnerability, which was classified as critical, was found in RT-Thread up to 5.1.0. This affects the function sysdeviceopen/sysdeviceread/sysdevicecontrol/sysdeviceinit/sysdeviceclose/sysdevicewrite of the file components/drivers/core/device.c. The manipulation leads to memory corruption. It i...

CVE-2025-6693

CVE-2025-6693 affects RT-Thread up to 5.1.0. The vulnerability targets the file components/drivers/core/device.c, specifically the functions sys_device_open, sys_device_read, sys_device_control, sys_device_init, sys_device_close, and sys_device_write, causing memory corruption and enabling a loca...