1534 matches found
CVE-2025-38188
In the Linux kernel, the following vulnerability has been resolved: drm/msm/a7xx: Call CPRESETCONTEXTSTATE Calling this packet is necessary when we switch contexts because there are various pieces of state used by userspace to synchronize between BR and BV that are persistent across submits and w...
CVE-2025-38182
In the Linux kernel, the following vulnerability has been resolved: ublk: santizize the arguments from userspace when adding a device Sanity check the values for queue depth and number of queues we get from userspace when adding a device...
AZL-64731 CVE-2025-38182 affecting package kernel for versions less than 6.6.96.1-1
In the Linux kernel, the following vulnerability has been resolved: ublk: santizize the arguments from userspace when adding a device Sanity check the values for queue depth and number of queues we get from userspace when adding a device...
UBUNTU-CVE-2025-38182
In the Linux kernel, the following vulnerability has been resolved: ublk: santizize the arguments from userspace when adding a device Sanity check the values for queue depth and number of queues we get from userspace when adding a device...
CVE-2025-46733 REE userspace code can panic TAs, leading to fTPM PCR reset and data disclosure
OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. In version 4.5.0, using a specially crafted tee-supplicant binary running in REE userspace, an attacker can trigger a panic in a TA that...
CVE-2025-38151
In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Fix hang when cmaneteventcallback fails to queuework The cited commit fixed a crash when cmaneteventcallback was called for a cmaid while work on that id from a previous call had not yet started. The work item was...
CVE-2025-38151 RDMA/cma: Fix hang when cma_netevent_callback fails to queue_work
In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Fix hang when cmaneteventcallback fails to queuework The cited commit fixed a crash when cmaneteventcallback was called for a cmaid while work on that id from a previous call had not yet started. The work item was...
CVE-2025-38151
Technical details about CVE-2025-38151 are not publicly provided in the supplied documents; no explicit information on affected kernel versions, root cause, impact, or patch is included. Monitor for updates.
CVE-2025-38151 RDMA/cma: Fix hang when cma_netevent_callback fails to queue_work
In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Fix hang when cmaneteventcallback fails to queuework The cited commit fixed a crash when cmaneteventcallback was called for a cmaid while work on that id from a previous call had not yet started. The work item was...
USN-7606-1: Linux kernel (OEM) vulnerabilities
It was discovered that the CIFS network file system implementation in the Linux kernel did not properly verify the target namespace when handling upcalls. An attacker could use this to expose sensitive information. CVE-2025-2312 Several security issues were discovered in the Linux kernel. An...
CVE-2025-38090
In the Linux kernel, the following vulnerability has been resolved: drivers/rapidio/riocm.c: prevent possible heap overwrite In riocmcdevioctlRIOCMCHANSEND - cmchanmsgsend - riocmchsend cmchanmsgsend checks that userspace didn't send too much data but riocmchsend failed to check that userspace se...
UBUNTU-CVE-2025-38090
In the Linux kernel, the following vulnerability has been resolved: drivers/rapidio/riocm.c: prevent possible heap overwrite In riocmcdevioctlRIOCMCHANSEND - cmchanmsgsend - riocmchsend cmchanmsgsend checks that userspace didn't send too much data but riocmchsend failed to check that userspace se...
CVE-2025-38090 drivers/rapidio/rio_cm.c: prevent possible heap overwrite
In the Linux kernel, the following vulnerability has been resolved: drivers/rapidio/riocm.c: prevent possible heap overwrite In riocmcdevioctlRIOCMCHANSEND - cmchanmsgsend - riocmchsend cmchanmsgsend checks that userspace didn't send too much data but riocmchsend failed to check that userspace se...
CVE-2025-38090 drivers/rapidio/rio_cm.c: prevent possible heap overwrite
In the Linux kernel, the following vulnerability has been resolved: drivers/rapidio/riocm.c: prevent possible heap overwrite In riocmcdevioctlRIOCMCHANSEND - cmchanmsgsend - riocmchsend cmchanmsgsend checks that userspace didn't send too much data but riocmchsend failed to check that userspace se...
CVE-2025-38090
CVE-2025-38090 concerns the Linux kernel: a heap overwrite could occur in drivers/rapidio/rio_cm.c due to incomplete validation in riocm_ch_send() when handling rio_ch_hdr data during RIO_CM_CHAN_SEND. The issue arises because cm_chan_msg_send() allocates space and checks userspace data size, but...
SUSE CVE-2022-50228
In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Don't BUG if userspace injects an interrupt with GIF=0 Don't BUG/WARN on interrupt injection due to GIF being cleared, since it's trivial for userspace to force the situation via KVMSETVCPUEVENTS even if having at least...
SUSE CVE-2025-38074
In the Linux kernel, the following vulnerability has been resolved: vhost-scsi: protect vq-logused with vq-mutex The vhost-scsi completion path may access vq-logbase when vq-logused is already set to false. vhost-thread QEMU-thread vhostscsicompletecmdwork - vhostaddused - vhostaddusedn if...
PT-2025-27957
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue concerns the Linux kernel, where a vulnerability has been resolved related to the ublk component. This involves sanitizing arguments from userspace when adding a device and...
CVE-2022-50228 KVM: SVM: Don't BUG if userspace injects an interrupt with GIF=0
In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Don't BUG if userspace injects an interrupt with GIF=0 Don't BUG/WARN on interrupt injection due to GIF being cleared, since it's trivial for userspace to force the situation via KVMSETVCPUEVENTS even if having at least...
CVE-2022-50215 scsi: sg: Allow waiting for commands to complete on removed device
In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Allow waiting for commands to complete on removed device When a SCSI device is removed while in active use, currently sg will immediately return -ENODEV on any attempt to wait for active commands that were sent before t...