CVE-2024-35858

In the Linux kernel, the following vulnerability has been resolved: net: bcmasp: fix memory leak when bringing down interface When bringing down the TX rings we flush the rings but forget toreclaimed the flushed packets. This leads to a memory leak since wedo not free the dma mapped buffers. This a...

CVE-2024-36931

In the Linux kernel, the following vulnerability has been resolved: s390/cio: Ensure the copied buf is NUL terminated Currently, we allocate a lbuf-sized kernel buffer and copy lbuf fromuserspace to that buffer. Later, we use scanf on this buffer but we don'tensure that the string is terminated ins...

CVE-2024-36935

In the Linux kernel, the following vulnerability has been resolved: ice: ensure the copied buf is NUL terminated Currently, we allocate a count-sized kernel buffer and copy count bytesfrom userspace to that buffer. Later, we use sscanf on this buffer but wedon't ensure that the string is terminated...

CVE-2025-21851

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix softlockup in arena_map_free on 64k page kernel On an aarch64 kernel with CONFIG_PAGE_SIZE_64KB=y,arena_htab tests cause a segmentation fault and soft lockup.The same failure is not observed with 4k pages on aarch64. It tu...

CVE-2024-41011

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: don't allow mapping the MMIO HDP page with large pages We don't get the right offset in that case. The GPU hasan unused 4K area of the register BAR space into which you canremap registers. We remap the HDP flush registe...

CVE-2022-49863

In the Linux kernel, the following vulnerability has been resolved: can: af_can: fix NULL pointer dereference in can_rx_register() It causes NULL pointer dereference when testing as following:(a) use syscall(__NR_socket, 0x10ul, 3ul, 0) to create netlink socket.(b) use syscall(__NR_sendmsg, ...) to...