AZL-59126 CVE-2025-21833 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Avoid use of NULL after WARNONONCE There is a WARNONONCE to catch an unlikely situation when domainremovedevpasid can't find the pasid. In case it nevertheless happens we must avoid using a NULL pointer...

UBUNTU-CVE-2024-58085

In the Linux kernel, the following vulnerability has been resolved: tomoyo: don't emit warning in tomoyowritecontrol syzbot is reporting too large allocation warning at tomoyowritecontrol, for one can write a very very long line without new line character. To fix this warning, I use GFPNOWARN...

UBUNTU-CVE-2025-21833

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Avoid use of NULL after WARNONONCE There is a WARNONONCE to catch an unlikely situation when domainremovedevpasid can't find the pasid. In case it nevertheless happens we must avoid using a NULL pointer...

CVE-2025-21833 iommu/vt-d: Avoid use of NULL after WARN_ON_ONCE

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Avoid use of NULL after WARNONONCE There is a WARNONONCE to catch an unlikely situation when domainremovedevpasid can't find the pasid. In case it nevertheless happens we must avoid using a NULL pointer...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the iommu/vt-d module not handling NULL pointers correctly after a WARNONONCE trigger, which could lead to t...

SUSE CVE-2022-49497

In the Linux kernel, the following vulnerability has been resolved: net: remove two BUG from skbchecksumhelp I have a syzbot report that managed to get a crash in skbchecksumhelp If syzbot can trigger these BUG, it makes sense to replace them with more friendly WARNONONCE since skbchecksumhelp ca...

SUSE CVE-2022-49706

In the Linux kernel, the following vulnerability has been resolved: zonefs: fix zonefsiomapbegin for reads If a readahead is issued to a sequential zone file with an offset exactly equal to the current file size, the iomap type is set to IOMAPUNWRITTEN, which will prevent an IO, but the iomap...

DEBIAN-CVE-2022-49497

In the Linux kernel, the following vulnerability has been resolved: net: remove two BUG from skbchecksumhelp I have a syzbot report that managed to get a crash in skbchecksumhelp If syzbot can trigger these BUG, it makes sense to replace them with more friendly WARNONONCE since skbchecksumhelp ca...

UBUNTU-CVE-2022-49706

In the Linux kernel, the following vulnerability has been resolved: zonefs: fix zonefsiomapbegin for reads If a readahead is issued to a sequential zone file with an offset exactly equal to the current file size, the iomap type is set to IOMAPUNWRITTEN, which will prevent an IO, but the iomap...

UBUNTU-CVE-2022-49497

In the Linux kernel, the following vulnerability has been resolved: net: remove two BUG from skbchecksumhelp I have a syzbot report that managed to get a crash in skbchecksumhelp If syzbot can trigger these BUG, it makes sense to replace them with more friendly WARNONONCE since skbchecksumhelp ca...

CVE-2022-49497 net: remove two BUG() from skb_checksum_help()

In the Linux kernel, the following vulnerability has been resolved: net: remove two BUG from skbchecksumhelp I have a syzbot report that managed to get a crash in skbchecksumhelp If syzbot can trigger these BUG, it makes sense to replace them with more friendly WARNONONCE since skbchecksumhelp ca...

CLSA-2025-1738853271 Fix of 54 CVEs

CVE-url: https://ubuntu.com/security/CVE-2024-26595 - mlxsw: spectrumacltcam: Fix NULL pointer dereference in error path CVE-url: https://ubuntu.com/security/CVE-2024-38553/CVE-2024-38597 - netpoll: make ndopollcontroller optional - bonding: use netpollpolldev helper - netpoll: do not test...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net: sched: schmultiq: fix possible OOB write in multiqtune CVE-2024-36978 In the Linux kernel, the following vulnerability has been resolved: usb-storage: alauda: Check whether the media is initialized...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: IORINGOPREAD did not correctly consume the provided buffer list when CVE-2023-52926 In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fixed overflow check in mienumattr CVE-2024-27407 I...

SUSE CVE-2024-57913

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: ffs: Remove WARNON in functionfsbind This commit addresses an issue related to below kernel panic where paniconwarn is enabled. It is caused by the unnecessary use of WARNON in functionsfsbind, which easily leads to...

DEBIAN-CVE-2024-57913

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: ffs: Remove WARNON in functionfsbind This commit addresses an issue related to below kernel panic where paniconwarn is enabled. It is caused by the unnecessary use of WARNON in functionsfsbind, which easily leads to...

DEBIAN-CVE-2025-21654

In the Linux kernel, the following vulnerability has been resolved: ovl: support encoding fid from inode with no alias Dmitry Safonov reported that a WARNON assertion can be trigered by userspace when calling inotifyshowfdinfo for an overlayfs watched inode, whose dentry aliases were discarded wi...

UBUNTU-CVE-2025-21648

In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: clamp maximum hashtable size to INTMAX Use INTMAX as maximum size for the conntrack hashtable. Otherwise, it is possible to hit WARNONONCE in kvmallocnodenoprof when resizing hashtable because GFPNOWARN is...

DEBIAN-CVE-2024-57898

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: clear link ID from bitmap during link delete after clean up Currently, during link deletion, the link ID is first removed from the validlinks bitmap before performing any clean-up operations. However, some functio...

SUSE CVE-2024-49573

In the Linux kernel, the following vulnerability has been resolved: sched/fair: Fix NEXTBUDDY Adam reports that enabling NEXTBUDDY insta triggers a WARN in picknextentity. Moving clearbuddies up before the delayed dequeue bits ensures no -next buddy becomes delayed. Further ensure no new -next...