Azure Linux 3.0 Security Update: kernel (CVE-2025-21759)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21759 advisory. - In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: extend RCU protection in...

UBUNTU-CVE-2025-40168

In the Linux kernel, the following vulnerability has been resolved: smc: Use skdstget and dstdevrcu in smcclcprfxmatch. smcclcprfxmatch is called from smclistenwork and not under RCU nor RTNL. Using skdstgetsk-dev could trigger UAF. Let's use skdstget and dstdevrcu. Note that the returned value o...

EUVD-2025-5156

Malicious code in bioql PyPI...

CVE-2025-21761

In the Linux kernel, the following vulnerability has been resolved: openvswitch: use RCU protection in ovsvportcmdfillinfo ovsvportcmdfillinfo can be called without RTNL or RCU. Use RCU protection and devnetrcu to avoid potential UAF...

CVE-2025-21763

Summary of CVE-2025-21763 : In the Linux kernel, __neigh_notify() can be invoked without RTNL or RCU protection, creating a potential use-after-free (UAF) scenario in neighbour handling. The mitigation is to apply RCU protection to neighbour notifications to prevent UAF. Connected advisories corr...

CVE-2025-21761 openvswitch: use RCU protection in ovs_vport_cmd_fill_info()

In the Linux kernel, the following vulnerability has been resolved: openvswitch: use RCU protection in ovsvportcmdfillinfo ovsvportcmdfillinfo can be called without RTNL or RCU. Use RCU protection and devnetrcu to avoid potential UAF...

DEBIAN-CVE-2024-35861

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifssignalcifsdforreconnect Skip sessions that are being teared down status == SESEXITING to avoid UAF...