OESA-2025-1408 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: nfc: nci: add flushworkqueue to prevent uaf Our detector found a concurrent use-after-free bug when detaching an NCI device. The main reason for this bug is the...

PT-2025-18453

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to the fixed version Description A vulnerability in the Linux kernel has been resolved, related to the RDMA/cma component. The issue occurs when multiple calls to cma netevent callback are made in quick succession,...

SUSE CVE-2025-21911

In the Linux kernel, the following vulnerability has been resolved: drm/imagination: avoid deadlock on fence release Do scheduler queue fence release processing on a workqueue, rather than in the release function itself. Fixes deadlock issues such as the following: 607.400437...

SUSE CVE-2025-21918

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Fix NULL pointer access Resources should be released only after all threads that utilize them have been destroyed. This commit ensures that resources are not released prematurely by waiting for the associated...

CVE-2025-21983

In the Linux kernel, the following vulnerability has been resolved: mm/slab/kvfreercu: Switch to WQMEMRECLAIM wq Currently kvfreercu APIs use a system workqueue which is "systemunboundwq" to driver RCU machinery to reclaim a memory. Recently, it has been noted that the following kernel warning ca...

DEBIAN-CVE-2025-21983

In the Linux kernel, the following vulnerability has been resolved: mm/slab/kvfreercu: Switch to WQMEMRECLAIM wq Currently kvfreercu APIs use a system workqueue which is "systemunboundwq" to driver RCU machinery to reclaim a memory. Recently, it has been noted that the following kernel warning ca...

DEBIAN-CVE-2025-21968

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix slab-use-after-free on hdcpwork Why A slab-use-after-free is reported when HDCP is destroyed but the propertyvalidatedwork queue is still running. How Cancel the delayed work when destroying workqueue. cherry...

DEBIAN-CVE-2025-21918

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Fix NULL pointer access Resources should be released only after all threads that utilize them have been destroyed. This commit ensures that resources are not released prematurely by waiting for the associated...

DEBIAN-CVE-2025-21911

In the Linux kernel, the following vulnerability has been resolved: drm/imagination: avoid deadlock on fence release Do scheduler queue fence release processing on a workqueue, rather than in the release function itself. Fixes deadlock issues such as the following: 607.400437...

UBUNTU-CVE-2025-21983

In the Linux kernel, the following vulnerability has been resolved: mm/slab/kvfreercu: Switch to WQMEMRECLAIM wq Currently kvfreercu APIs use a system workqueue which is "systemunboundwq" to driver RCU machinery to reclaim a memory. Recently, it has been noted that the following kernel warning ca...

UBUNTU-CVE-2025-21968

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix slab-use-after-free on hdcpwork Why A slab-use-after-free is reported when HDCP is destroyed but the propertyvalidatedwork queue is still running. How Cancel the delayed work when destroying workqueue. cherry...

UBUNTU-CVE-2025-21911

In the Linux kernel, the following vulnerability has been resolved: drm/imagination: avoid deadlock on fence release Do scheduler queue fence release processing on a workqueue, rather than in the release function itself. Fixes deadlock issues such as the following: 607.400437...

CVE-2025-21983 mm/slab/kvfree_rcu: Switch to WQ_MEM_RECLAIM wq

In the Linux kernel, the following vulnerability has been resolved: mm/slab/kvfreercu: Switch to WQMEMRECLAIM wq Currently kvfreercu APIs use a system workqueue which is "systemunboundwq" to driver RCU machinery to reclaim a memory. Recently, it has been noted that the following kernel warning ca...

CVE-2025-21983 mm/slab/kvfree_rcu: Switch to WQ_MEM_RECLAIM wq

In the Linux kernel, the following vulnerability has been resolved: mm/slab/kvfreercu: Switch to WQMEMRECLAIM wq Currently kvfreercu APIs use a system workqueue which is "systemunboundwq" to driver RCU machinery to reclaim a memory. Recently, it has been noted that the following kernel warning ca...

CVE-2025-21968 drm/amd/display: Fix slab-use-after-free on hdcp_work

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix slab-use-after-free on hdcpwork Why A slab-use-after-free is reported when HDCP is destroyed but the propertyvalidatedwork queue is still running. How Cancel the delayed work when destroying workqueue. cherry...

CVE-2025-21968

Vulnerability (CVE-2025-21968) in the Linux kernel affects the drm/amd/display component, specifically the hdcp_work path. A slab-use-after-free occurs when HDCP is destroyed but the property_validate_dwork delayed work queue is still running. The documented fix cancels the delayed work when dest...

CVE-2025-21918 usb: typec: ucsi: Fix NULL pointer access

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Fix NULL pointer access Resources should be released only after all threads that utilize them have been destroyed. This commit ensures that resources are not released prematurely by waiting for the associated...

CVE-2025-21918

CVE-2025-21918 is a Linux kernel vulnerability described in connected Azure Linux advisory: usb: typec: ucsi: Fix NULL pointer access. The issue arises from premature resource release; the fix ensures resources are freed only after the associated workqueue completes, preventing NULL-pointer acces...

CVE-2025-21911 drm/imagination: avoid deadlock on fence release

In the Linux kernel, the following vulnerability has been resolved: drm/imagination: avoid deadlock on fence release Do scheduler queue fence release processing on a workqueue, rather than in the release function itself. Fixes deadlock issues such as the following: 607.400437...

CVE-2025-21911 drm/imagination: avoid deadlock on fence release

In the Linux kernel, the following vulnerability has been resolved: drm/imagination: avoid deadlock on fence release Do scheduler queue fence release processing on a workqueue, rather than in the release function itself. Fixes deadlock issues such as the following: 607.400437...