UBUNTU-CVE-2023-54195

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix timeout of a call that hasn't yet been granted a channel afsmakecall calls rxrpckernelbegincall to begin a call which may get stalled in the background waiting for a connection to become available; it then calls...

CVE-2023-54195 rxrpc: Fix timeout of a call that hasn't yet been granted a channel

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix timeout of a call that hasn't yet been granted a channel afsmakecall calls rxrpckernelbegincall to begin a call which may get stalled in the background waiting for a connection to become available; it then calls...

CVE-2025-68746

In the Linux kernel, the following vulnerability has been resolved: spi: tegra210-quad: Fix timeout handling When the CPU that the QSPI interrupt handler runs on typically CPU 0 is excessively busy, it can lead to rare cases of the IRQ thread not running before the transfer timeout is reached...

UBUNTU-CVE-2025-68746

In the Linux kernel, the following vulnerability has been resolved: spi: tegra210-quad: Fix timeout handling When the CPU that the QSPI interrupt handler runs on typically CPU 0 is excessively busy, it can lead to rare cases of the IRQ thread not running before the transfer timeout is reached...

CVE-2025-68258

In the Linux kernel, the following vulnerability has been resolved: comedi: multiq3: sanitize config options in multiq3attach Syzbot identified an issue 1 in multiq3attach that induces a task timeout due to open or COMEDIDEVCONFIG ioctl operations, specifically, in the case of multiq3 driver. Thi...

CVE-2023-53635

CVE-2023-53635 concerns a Linux kernel conntrack timeout bug in nfnetlink_queue: the nf_conn->timeout value could be doubled/subtracted due to incorrect handling when unconfirmed vs. confirmed conntracks. The connected OpenVAS/Nessus entries document the fix as separating how ct->timeout is...

CVE-2022-50166

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: When HCI work queue is drained, only queue chained work The HCI command, event, and data packet processing workqueue is drained to avoid deadlock in commit 76727c02c1e1 "Bluetooth: Call drainworkqueue before resetting...

SUSE CVE-2025-38075

In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsi: Fix timeout on deleted connection NOPIN response timer may expire on a deleted connection and crash with such logs: Did not receive response to NOPIN on CID: 0, failing connection for IT Nexus...

CVE-2022-50166

CVE-2022-50166 affects the Linux kernel Bluetooth HCI subsystem. When the HCI work queue is drained, a delayed command could still be queued to the drained workqueue, triggering a timeout in hci_cmd_timeout and a kernel warning. The root cause is the draining of the command/event/data processing ...

CVE-2022-50098 scsi: qla2xxx: Fix crash due to stale SRB access around I/O timeouts

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix crash due to stale SRB access around I/O timeouts Ensure SRB is returned during I/O timeout error escalation. If that is not possible fail the escalation path. Following crash stack was seen: BUG: unable to...

UBUNTU-CVE-2025-38075

In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsi: Fix timeout on deleted connection NOPIN response timer may expire on a deleted connection and crash with such logs: Did not receive response to NOPIN on CID: 0, failing connection for IT Nexus...

CVE-2025-38075 scsi: target: iscsi: Fix timeout on deleted connection

In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsi: Fix timeout on deleted connection NOPIN response timer may expire on a deleted connection and crash with such logs: Did not receive response to NOPIN on CID: 0, failing connection for IT Nexus...

CVE-2025-21829 RDMA/rxe: Fix the warning "__rxe_cleanup+0x12c/0x170 [rdma_rxe]"

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix the warning "rxecleanup+0x12c/0x170 rdmarxe" The Call Trace is as below: " ? showregs.cold+0x1a/0x1f ? rxecleanup+0x12c/0x170 rdmarxe ? warn+0x84/0xd0 ? rxecleanup+0x12c/0x170 rdmarxe ? reportbug+0x105/0x180 ?...

CVE-2022-49379 driver core: Fix wait_for_device_probe() & deferred_probe_timeout interaction

In the Linux kernel, the following vulnerability has been resolved: driver core: Fix waitfordeviceprobe & deferredprobetimeout interaction Mounting NFS rootfs was timing out when deferredprobetimeout was non-zero 1. This was because ipautoconfig initcall times out waiting for the network interfac...

Unbreakable Enterprise kernel security update

5.4.17-2136.340.4.1 - RDS: avoid queueing delayed work on an offlined cpu Praveen Kumar Kannoju Orabug: 37566743 5.4.17-2136.340.4 - ftrace: use preemptenable/disable notrace macros to avoid double fault Koichiro Den - nfsd: restore callback functionality for NFSv4.0 NeilBrown - i2c: pnx: Fix...

SUSE CVE-2024-50124

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix UAF on isosocktimeout conn-sk maybe have been unlinked/freed while waiting for isoconnlock so this checks if the conn-sk is still valid by checking if it part of isosklist...

DEBIAN-CVE-2024-41007

In the Linux kernel, the following vulnerability has been resolved: tcp: avoid too many retransmit packets If a TCP socket is using TCPUSERTIMEOUT, and the other peer retracted its window to zero, tcpretransmittimer can retransmit a packet every two jiffies 2 ms for HZ=1000, for about 4 minutes...

CLSA-2023-1697740212 glib2: Fix of 5 CVEs

Enable internal tests - Skip several failed tests from the check - CVE-2023-29499: Fix GVariant offset table entry size which is not checked in isnormal - CVE-2023-32611: Fix an issue where gvariantbyteswap can take a long time with some non-normal inputs - CVE-2023-32665: Fix GVariant...

PT-2025-37532

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to the Universal Serial Bus USB subsystem, specifically within the ucsi acpi component. A command completion timeout was initially increased to ...

Unbreakable Enterprise kernel security update

4.14.35-2047.512.6 - Revert 'rds/ib: recover rds connection from stuck rx path' Rohit Nair Orabug: 34039271 - uek-rpm: update kABI lists for new symbols Saeed Mirzamohammadi Orabug: 33993774 4.14.35-2047.512.5 - netfilter: nftables: initialize registers in nftdochain Pablo Neira Ayuso Orabug:...