CVE-2025-40002 thunderbolt: Fix use-after-free in tb_dp_dprx_work

In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Fix use-after-free in tbdpdprxwork The original code relies on canceldelayedwork in tbdpdprxstop, which does not ensure that the delayed work item tunnel-dprxwork has fully completed if it was already running. This...

AZL-52917 CVE-2024-49940 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: l2tp: prevent possible tunnel refcount underflow When a session is created, it sets a backpointer to its tunnel. When the session refcount drops to 0, l2tpsessionfree drops the tunnel refcount if session-tunnel is non-NULL...