CVE-2025-38564

In the Linux kernel, the following vulnerability has been resolved: perf/core: Handle buffer mapping fail correctly in perfmmap After successful allocation of a buffer or a successful attachment to an existing buffer perfmmap tries to map the buffer read only into the page table. If that fails, t...

CVE-2025-38563

In the Linux kernel, the following vulnerability has been resolved: perf/core: Prevent VMA split of buffer mappings The perf mmap code is careful about mmap'ing the user page with the ringbuffer and additionally the auxiliary buffer, when the event supports it. Once the first mapping is...

CVE-2025-38554

CVE-2025-38554 in the Linux kernel describes a use-after-free (UAF) involving VMAs: if vma->mm is freed after vma->vm_refcnt has dropped, a recycled VMA could be mishandled, leading to UAF. The race can occur when VMAs are recycled under RCU (with SLAB_TYPESAFE_BY_RCU) and lock_vma_under_rc...

CVE-2025-38554 mm: fix a UAF when vma->mm is freed after vma->vm_refcnt got dropped

In the Linux kernel, the following vulnerability has been resolved: mm: fix a UAF when vma-mm is freed after vma-vmrefcnt got dropped By inducing delays in the right places, Jann Horn created a reproducer for a hard to hit UAF issue that became possible after VMAs were allowed to be recycled by...

CVE-2025-38554

In the Linux kernel, the following vulnerability has been resolved: mm: fix a UAF when vma-mm is freed after vma-vmrefcnt got dropped By inducing delays in the right places, Jann Horn created a reproducer for a hard to hit UAF issue that became possible after VMAs were allowed to be recycled by...

CVE-2025-38554 mm: fix a UAF when vma->mm is freed after vma->vm_refcnt got dropped

In the Linux kernel, the following vulnerability has been resolved: mm: fix a UAF when vma-mm is freed after vma-vmrefcnt got dropped By inducing delays in the right places, Jann Horn created a reproducer for a hard to hit UAF issue that became possible after VMAs were allowed to be recycled by...

CVE-2025-50897

A vulnerability exists in riscv-boom SonicBOOM 1.2 BOOMv1.2 processor implementation, where valid virtual-to-physical address translations configured with write permissions PTEW in SV39 mode may incorrectly trigger a Store/AMO access fault during store instructions sd. This occurs despite the...

CVE-2025-50897

A vulnerability exists in riscv-boom SonicBOOM 1.2 BOOMv1.2 processor implementation, where valid virtual-to-physical address translations configured with write permissions PTEW in SV39 mode may incorrectly trigger a Store/AMO access fault during store instructions sd. This occurs despite the...

PT-2025-33753 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a use-after-free UAF issue within the memory management subsystem. This flaw occurs when a virtual memory area's VMA mm pointer is freed after the VMA's...

kernel: mm/hugetlb: unshare page tables during VMA split, not before

In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: unshare page tables during VMA split, not before Currently, splitvma triggers hugetlb page table unsharing through vmops-maysplit. This happens before the VMA lock and rmap locks are taken - which is too early, it...

CVE-2025-38510

In the Linux kernel, the following vulnerability has been resolved: kasan: remove kasanfindvmarea to prevent possible deadlock findvmarea couldn't be called in atomiccontext. If findvmarea is called to reports vm area information, kasan can trigger deadlock like: CPU0 CPU1 vmalloc; allocvmaparea;...

Linux Distros Unpatched Vulnerability : CVE-2018-19974

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In YARA 3.8.1, bytecode in a specially crafted compiled rule can read uninitialized data from VM scratch memory in libyara/exec.c. This can allow attackers to...

CVE-2025-38510

In the Linux kernel, the following vulnerability has been resolved: kasan: remove kasanfindvmarea to prevent possible deadlock findvmarea couldn't be called in atomiccontext. If findvmarea is called to reports vm area information, kasan can trigger deadlock like: CPU0 CPU1 vmalloc; allocvmaparea;...

CVE-2025-38510 kasan: remove kasan_find_vm_area() to prevent possible deadlock

In the Linux kernel, the following vulnerability has been resolved: kasan: remove kasanfindvmarea to prevent possible deadlock findvmarea couldn't be called in atomiccontext. If findvmarea is called to reports vm area information, kasan can trigger deadlock like: CPU0 CPU1 vmalloc; allocvmaparea;...

CVE-2025-38510

In the Linux kernel, the following vulnerability has been resolved: kasan: remove kasanfindvmarea to prevent possible deadlock findvmarea couldn't be called in atomiccontext. If findvmarea is called to reports vm area information, kasan can trigger deadlock like: CPU0 CPU1 vmalloc; allocvmaparea;...

CVE-2025-38510 kasan: remove kasan_find_vm_area() to prevent possible deadlock

In the Linux kernel, the following vulnerability has been resolved: kasan: remove kasanfindvmarea to prevent possible deadlock findvmarea couldn't be called in atomiccontext. If findvmarea is called to reports vm area information, kasan can trigger deadlock like: CPU0 CPU1 vmalloc; allocvmaparea;...

Oracle Linux 10 : kernel (ELSA-2025-13598)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-13598 advisory. - wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds - CVE-2025-38159 - Revert 'smb: client: fix TCP timers deadlock after rmmod'...

Linux Distros Unpatched Vulnerability : CVE-2021-47531

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix mmap to include VMIO and VMDONTDUMP In commit 510410bfc034 drm/msm: Implement...

Linux Distros Unpatched Vulnerability : CVE-2024-39477

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: do not call vmaaddreservation upon ENOMEM sysbot reported a splat 1 on...

kernel: mm/hugetlb: unshare page tables during VMA split, not before

In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: unshare page tables during VMA split, not before Currently, splitvma triggers hugetlb page table unsharing through vmops-maysplit. This happens before the VMA lock and rmap locks are taken - which is too early, it...