EUVD-2025-19825

Malicious code in bioql PyPI...

EUVD-2022-55194

Malicious code in bioql PyPI...

EUVD-2022-55156

Malicious code in bioql PyPI...

CVE-2022-50329 block, bfq: fix uaf for bfqq in bfq_exit_icq_bfqq

In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix uaf for bfqq in bfqexiticqbfqq Commit 64dc8c732f5c "block, bfq: fix possible uaf for 'bfqq-bic'" will access 'bic-bfqq' in bicsetbfqq, however, bfqexiticqbfqq can free bfqq first, and then call bicsetbfqq, which...

Security update for the Linux Kernel (Live Patch 27 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-15050055110 fixes several issues. The following security issues were fixed: CVE-2025-38001: netsched: hfsc: Address reentrant enqueue adding class to eltree twice bsc1244235. CVE-2025-38000: schhfsc: Fix qlen accounting bug when using peek in hfscenqueue...

CVE-2025-38118 Bluetooth: MGMT: Fix UAF on mgmt_remove_adv_monitor_complete

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix UAF on mgmtremoveadvmonitorcomplete This reworks MGMTOPREMOVEADVMONITOR to not use mgmtpendingadd to avoid crashes like bellow: ================================================================== BUG: KASAN:...

CVE-2025-38118

CVE-2025-38118 affects the Linux kernel Bluetooth MGMT subsystem. The flaw is a use-after-free in mgmt_remove_adv_monitor_complete (MGMT_OP_REMOVE_ADV_MONITOR path) caused by using mgmt_pending_add, leading to KASAN crashes. The issue is resolved by reworking MGMT_OP_REMOVE_ADV_MONITOR to avoid m...

EulerOS Virtualization 2.12.1 : kernel (EulerOS-SA-2025-1547)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : In the Linux kernel, the following vulnerability has been resolved:ntb: intel: Fix the NULL vs ISERR bug for debugfscreatedir The...

Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2025-959)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-959 advisory. In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifsdumpfullkey CVE-2024-35866 In the Linux kernel, the following vulnerability has been...

CVE-2025-21893

CVE-2025-21893 concerns a use-after-free in the Linux kernel key handling. The issue arises when the key’s usage reaches 0 and the garbage collector may touch the key after it could have been freed. The fix changes the reclamation logic from inspecting the key’s refcount in the garbage collector ...

kernel security update

3.10.0-1160.119.1.0.7 - ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices Benot Sevens CVE-2024-53197 Orabug: 37686305 - can: bcm: Fix UAF in bcmprocshow YueHaibing CVE-2023-52922 Orabug: 37686305 - HID: core: zero-initialize the report buffer Benot Sevens...

SUSE-SU-2025:1027-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-2201: Fixed information leak in x86/BHI bsc1217339. - CVE-2024-41092: drm/i915/gt: Fix potential UAF by revoke of fence registers bsc1228483. -...

kernel security update

4.18.0-553.45.110.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...

Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.10-2025-082 (ALASKERNEL-5.10-2025-082)

The version of kernel installed on the remote host is prior to 5.10.234-225.895. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2025-082 advisory. Integer Overflow or Wraparound vulnerability in Linux kernel on x86 and ARM md, raid, raid5 modules allo...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

CVE-2024-56675 bpf: Fix UAF via mismatching bpf_prog/attachment RCU flavors

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix UAF via mismatching bpfprog/attachment RCU flavors Uprobes always use bpfprogrunarrayuprobe under tasks-trace-RCU protection. But it is possible to attach a non-sleepable BPF program to a uprobe, and non-sleepable BPF...

CVE-2024-50280

CVE-2024-50280 : In the Linux kernel, the dm cache feature was fixed to avoid warning in flush_work() when cache creation fails due to destroying an uninitialized delayed_work waker. Root cause: cancel_delayed_work_sync() remained in the error path of cache_create(), risking a WARN_ON in certain ...

CVE-2022-49029 hwmon: (ibmpex) Fix possible UAF when ibmpex_register_bmc() fails

In the Linux kernel, the following vulnerability has been resolved: hwmon: ibmpex Fix possible UAF when ibmpexregisterbmc fails Smatch report warning as follows: drivers/hwmon/ibmpex.c:509 ibmpexregisterbmc warn: '&data-list' not removed from list If ibmpexfindsensors fails in ibmpexregisterbmc,...

AZL-50850 CVE-2024-49854 affecting package kernel for versions less than 6.6.56.1-5

In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix uaf for accessing wakerbfqq after splitting After commit 42c306ed7233 "block, bfq: don't break merge chain in bfqsplitbfqq", if the current procress is the last holder of bfqq, the bfqq can be freed after...