35 matches found
EUVD-2026-38820
In the Linux kernel, the following vulnerability has been resolved: iommu: Fix WARNON in iommugroupsetdomainnofail due to reset In iommugroupsetdomaininternal, concurrent domain attachments are rejected when any device in the group is recovering. This is necessary to fence concurrent attachments ...
UBUNTU-CVE-2026-46004
In the Linux kernel, the following vulnerability has been resolved: ALSA: caiaq: Handle probe errors properly The probe procedure of setupcard in caiaq driver doesn't treat the error cases gracefully, e.g. the error from sndcardregister calls sndcardfree but continues. This would lead to a UAF fo...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP3 kernel was updated to fix various security issues The following security issues were fixed: CVE-2022-50697: mrp: introduce active flags to prevent UAF when applicant uninit bsc1255594. CVE-2025-38129: pagepool: fix inconsistency for pagepoolringlock bsc1245723...
CVE-2025-40158
In the Linux kernel, the following vulnerability has been resolved: ipv6: use RCU in ip6output Use RCU in ip6output in order to use dstdevrcu to prevent possible UAF. We can remove rcureadlock/rcureadunlock pairs from ip6finishoutput2...
AZL-70025 CVE-2025-40158 affecting package kernel 6.6.126.1-1
In the Linux kernel, the following vulnerability has been resolved: ipv6: use RCU in ip6output Use RCU in ip6output in order to use dstdevrcu to prevent possible UAF. We can remove rcureadlock/rcureadunlock pairs from ip6finishoutput2...
CVE-2025-40139
CVE-2025-40139 affects the Linux kernel in the SMC (Shared Memory Communications) path. The issue is in the function smc_clc_prfx_set(), which is invoked during connect() and is not protected by RCU prior to dereferencing sk_dst_get(sk)->dev. This can lead to a use-after-free when the device i...
SUSE CVE-2025-40074
In the Linux kernel, the following vulnerability has been resolved: ipv4: start using dstdevrcu Change icmpv4xrlimallow, ipdefrag to prevent possible UAF. Change ipmrpreparexmit, ipmrqueuefwdxmit, ipmroutput, ipv4neighlookup to use lockdep enabled dstdevrcu...
EUVD-2025-5157
Malicious code in bioql PyPI...
EUVD-2025-4525
Malicious code in bioql PyPI...
EUVD-2025-5159
Malicious code in bioql PyPI...
EUVD-2024-50473
Malicious code in bioql PyPI...
EUVD-2022-54938
Malicious code in bioql PyPI...
EUVD-2025-5980
Malicious code in bioql PyPI...
CVE-2025-38180 net: atm: fix /proc/net/atm/lec handling
In the Linux kernel, the following vulnerability has been resolved: net: atm: fix /proc/net/atm/lec handling /proc/net/atm/lec must ensure safety against devlec changes. It appears it had devput calls without prior devhold, leading to imbalance and UAF...
CVE-2022-50083
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
CVE-2025-21999
Summary: CVE-2025-21999 affects the Linux kernel’s procfs inode creation path. A use-after-free (UAF) can occur when a module is freed (rmmod) while a /proc entry’s inode is instantiated, due to dereferencing pde->proc_ops that belongs to the module, after proc entry registration. The root cau...
CVE-2025-21762 arp: use RCU protection in arp_xmit()
In the Linux kernel, the following vulnerability has been resolved: arp: use RCU protection in arpxmit arpxmit can be called without RTNL or RCU protection. Use RCU protection to avoid potential UAF...
CVE-2025-21759 ipv6: mcast: extend RCU protection in igmp6_send()
In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: extend RCU protection in igmp6send igmp6send can be called without RTNL or RCU being held. Extend RCU protection so that we can safely fetch the net pointer and avoid a potential UAF. Note that we no longer can use...
CVE-2025-21759
In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: extend RCU protection in igmp6send igmp6send can be called without RTNL or RCU being held. Extend RCU protection so that we can safely fetch the net pointer and avoid a potential UAF. Note that we no longer can use...
CVE-2025-21731
In the Linux kernel, the following vulnerability has been resolved: nbd: don't allow reconnect after disconnect Following process can cause nbdconfig UAF: 1 grab nbdconfig temporarily; 2 nbdgenldisconnect flush all recvwork and release the initial reference: nbdgenldisconnect nbddisconnectandput...