linux package
kernel
pkg:linux/kernel
Vulnerabilities (1,755)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-68328 | — | >= 5.4.0, < 5.10.247 | 5.10.247 | Dec 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: firmware: stratix10-svc: fix bug in saving controller data Fix the incorrect usage of platform_set_drvdata and dev_set_drvdata. They both are of the same data and overrides each other. This resulted in the rmmo | ||
| CVE-2025-68327 | — | >= 3.0.0, < 5.10.247 | 5.10.247 | Dec 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: usb: renesas_usbhs: Fix synchronous external abort on unbind A synchronous external abort occurs on the Renesas RZ/G3S SoC if unbind is executed after the configuration sequence described above: modprobe usb_f | ||
| CVE-2025-68326 | — | >= 6.17.0, < 6.17.11 | 6.17.11 | Dec 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/xe/guc: Fix stack_depot usage Add missing stack_depot_init() call when CONFIG_DRM_XE_DEBUG_GUC is enabled to fix the following call stack: [] BUG: kernel NULL pointer dereference, address: 000000000000000 | ||
| CVE-2025-68325 | — | < 5.10.248 | 5.10.248 | Dec 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_cake: Fix incorrect qlen reduction in cake_drop In cake_drop(), qdisc_tree_reduce_backlog() is used to update the qlen and backlog of the qdisc hierarchy. Its caller, cake_enqueue(), assumes that | ||
| CVE-2025-68324 | — | >= 2.6.12, < 6.12.63 | 6.12.63 | Dec 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: imm: Fix use-after-free bug caused by unfinished delayed work The delayed work item 'imm_tq' is initialized in imm_attach() and scheduled via imm_queuecommand() for processing SCSI commands. When the IMM | ||
| CVE-2025-68323 | — | >= 6.16.0, < 6.17.13 | 6.17.13 | Dec 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: fix use-after-free caused by uec->work The delayed work uec->work is scheduled in gaokun_ucsi_probe() but never properly canceled in gaokun_ucsi_remove(). This creates use-after-free scenarios | ||
| CVE-2025-68322 | — | >= 4.19.0, < 6.12.58 | 6.12.58 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: parisc: Avoid crash due to unaligned access in unwinder Guenter Roeck reported this kernel crash on his emulated B160L machine: Starting network: udhcpc: started, v1.36.1 Backtrace: [<104320d4>] unwind_once | ||
| CVE-2025-68321 | — | >= 4.18.0, < 5.15.197 | 5.15.197 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: page_pool: always add GFP_NOWARN for ATOMIC allocations Driver authors often forget to add GFP_NOWARN for page allocation from the datapath. This is annoying to users as OOMs are a fact of life, and we pretty m | ||
| CVE-2025-68320 | — | >= 5.17.0, < 6.6.117 | 6.6.117 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: lan966x: Fix sleeping in atomic context The following warning was seen when we try to connect using ssh to the device. BUG: sleeping function called from invalid context at kernel/locking/mutex.c:575 in_atomic | ||
| CVE-2025-68319 | — | >= 6.9.0, < 6.17.8 | 6.17.8 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: netconsole: Acquire su_mutex before navigating configs hierarchy There is a race between operations that iterate over the userdata cg_children list and concurrent add/remove of userdata items through configfs. | ||
| CVE-2025-68318 | — | >= 6.11.0, < 6.17.8 | 6.17.8 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: clk: thead: th1520-ap: set all AXI clocks to CLK_IS_CRITICAL The AXI crossbar of TH1520 has no proper timeout handling, which means gating AXI clocks can easily lead to bus timeout and thus system hang. Set al | ||
| CVE-2025-68317 | — | >= 6.10.0, < 6.12.58 | 6.12.58 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: io_uring/zctx: check chained notif contexts Send zc only links ubuf_info for requests coming from the same context. There are some ambiguous syz reports, so let's check the assumption on notification completion | ||
| CVE-2025-68316 | — | >= 6.13.0, < 6.17.8 | 6.17.8 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix invalid probe error return value After DME Link Startup, the error return value is set to the MIPI UniPro GenericErrorCode which can be 0 (SUCCESS) or 1 (FAILURE). Upon failure during driv | ||
| CVE-2025-68315 | — | >= 3.8.0, < 6.12.58 | 6.12.58 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to detect potential corrupted nid in free_nid_list As reported, on-disk footer.ino and footer.nid is the same and out-of-range, let's add sanity check on f2fs_alloc_nid() to detect any potential corru | ||
| CVE-2025-68314 | — | >= 6.17.0, < 6.17.8 | 6.17.8 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/msm: make sure last_fence is always updated Update last_fence in the vm-bind path instead of kernel managed path. last_fence is used to wait for work to finish in vm_bind contexts but not used for kernel m | ||
| CVE-2025-68313 | — | >= 6.8.0, < 6.12.58 | 6.12.58 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: x86/CPU/AMD: Add RDSEED fix for Zen5 There's an issue with RDSEED's 16-bit and 32-bit register output variants on Zen5 which return a random value of 0 "at a rate inconsistent with randomness while incorrectly | ||
| CVE-2025-68312 | — | < 5.4.302 | 5.4.302 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: usbnet: Prevents free active kevent The root cause of this issue are: 1. When probing the usbnet device, executing usbnet_link_change(dev, 0, 0); put the kevent work in global workqueue. However, the kevent has | ||
| CVE-2025-68311 | — | >= 6.5.0, < 6.12.58 | 6.12.58 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: tty: serial: ip22zilog: Use platform device for probing After commit 84a9582fd203 ("serial: core: Start managing serial controllers to enable runtime PM") serial drivers need to provide a device in struct uart_ | ||
| CVE-2025-68310 | — | >= 5.16.0, < 6.1.159 | 6.1.159 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: s390/pci: Avoid deadlock between PCI error recovery and mlx5 crdump Do not block PCI config accesses through pci_cfg_access_lock() when executing the s390 variant of PCI error recovery: Acquire just device_lock | ||
| CVE-2025-68309 | — | >= 6.16.0, < 6.17.8 | 6.17.8 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: PCI/AER: Fix NULL pointer access by aer_info The kzalloc(GFP_KERNEL) may return NULL, so all accesses to aer_info->xxx will result in kernel panic. Fix it. |
- CVE-2025-68328Dec 22, 2025affected >= 5.4.0, < 5.10.247fixed 5.10.247
In the Linux kernel, the following vulnerability has been resolved: firmware: stratix10-svc: fix bug in saving controller data Fix the incorrect usage of platform_set_drvdata and dev_set_drvdata. They both are of the same data and overrides each other. This resulted in the rmmo
- CVE-2025-68327Dec 22, 2025affected >= 3.0.0, < 5.10.247fixed 5.10.247
In the Linux kernel, the following vulnerability has been resolved: usb: renesas_usbhs: Fix synchronous external abort on unbind A synchronous external abort occurs on the Renesas RZ/G3S SoC if unbind is executed after the configuration sequence described above: modprobe usb_f
- CVE-2025-68326Dec 22, 2025affected >= 6.17.0, < 6.17.11fixed 6.17.11
In the Linux kernel, the following vulnerability has been resolved: drm/xe/guc: Fix stack_depot usage Add missing stack_depot_init() call when CONFIG_DRM_XE_DEBUG_GUC is enabled to fix the following call stack: [] BUG: kernel NULL pointer dereference, address: 000000000000000
- CVE-2025-68325Dec 18, 2025affected < 5.10.248fixed 5.10.248
In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_cake: Fix incorrect qlen reduction in cake_drop In cake_drop(), qdisc_tree_reduce_backlog() is used to update the qlen and backlog of the qdisc hierarchy. Its caller, cake_enqueue(), assumes that
- CVE-2025-68324Dec 18, 2025affected >= 2.6.12, < 6.12.63fixed 6.12.63
In the Linux kernel, the following vulnerability has been resolved: scsi: imm: Fix use-after-free bug caused by unfinished delayed work The delayed work item 'imm_tq' is initialized in imm_attach() and scheduled via imm_queuecommand() for processing SCSI commands. When the IMM
- CVE-2025-68323Dec 18, 2025affected >= 6.16.0, < 6.17.13fixed 6.17.13
In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: fix use-after-free caused by uec->work The delayed work uec->work is scheduled in gaokun_ucsi_probe() but never properly canceled in gaokun_ucsi_remove(). This creates use-after-free scenarios
- CVE-2025-68322Dec 16, 2025affected >= 4.19.0, < 6.12.58fixed 6.12.58
In the Linux kernel, the following vulnerability has been resolved: parisc: Avoid crash due to unaligned access in unwinder Guenter Roeck reported this kernel crash on his emulated B160L machine: Starting network: udhcpc: started, v1.36.1 Backtrace: [<104320d4>] unwind_once
- CVE-2025-68321Dec 16, 2025affected >= 4.18.0, < 5.15.197fixed 5.15.197
In the Linux kernel, the following vulnerability has been resolved: page_pool: always add GFP_NOWARN for ATOMIC allocations Driver authors often forget to add GFP_NOWARN for page allocation from the datapath. This is annoying to users as OOMs are a fact of life, and we pretty m
- CVE-2025-68320Dec 16, 2025affected >= 5.17.0, < 6.6.117fixed 6.6.117
In the Linux kernel, the following vulnerability has been resolved: lan966x: Fix sleeping in atomic context The following warning was seen when we try to connect using ssh to the device. BUG: sleeping function called from invalid context at kernel/locking/mutex.c:575 in_atomic
- CVE-2025-68319Dec 16, 2025affected >= 6.9.0, < 6.17.8fixed 6.17.8
In the Linux kernel, the following vulnerability has been resolved: netconsole: Acquire su_mutex before navigating configs hierarchy There is a race between operations that iterate over the userdata cg_children list and concurrent add/remove of userdata items through configfs.
- CVE-2025-68318Dec 16, 2025affected >= 6.11.0, < 6.17.8fixed 6.17.8
In the Linux kernel, the following vulnerability has been resolved: clk: thead: th1520-ap: set all AXI clocks to CLK_IS_CRITICAL The AXI crossbar of TH1520 has no proper timeout handling, which means gating AXI clocks can easily lead to bus timeout and thus system hang. Set al
- CVE-2025-68317Dec 16, 2025affected >= 6.10.0, < 6.12.58fixed 6.12.58
In the Linux kernel, the following vulnerability has been resolved: io_uring/zctx: check chained notif contexts Send zc only links ubuf_info for requests coming from the same context. There are some ambiguous syz reports, so let's check the assumption on notification completion
- CVE-2025-68316Dec 16, 2025affected >= 6.13.0, < 6.17.8fixed 6.17.8
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix invalid probe error return value After DME Link Startup, the error return value is set to the MIPI UniPro GenericErrorCode which can be 0 (SUCCESS) or 1 (FAILURE). Upon failure during driv
- CVE-2025-68315Dec 16, 2025affected >= 3.8.0, < 6.12.58fixed 6.12.58
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to detect potential corrupted nid in free_nid_list As reported, on-disk footer.ino and footer.nid is the same and out-of-range, let's add sanity check on f2fs_alloc_nid() to detect any potential corru
- CVE-2025-68314Dec 16, 2025affected >= 6.17.0, < 6.17.8fixed 6.17.8
In the Linux kernel, the following vulnerability has been resolved: drm/msm: make sure last_fence is always updated Update last_fence in the vm-bind path instead of kernel managed path. last_fence is used to wait for work to finish in vm_bind contexts but not used for kernel m
- CVE-2025-68313Dec 16, 2025affected >= 6.8.0, < 6.12.58fixed 6.12.58
In the Linux kernel, the following vulnerability has been resolved: x86/CPU/AMD: Add RDSEED fix for Zen5 There's an issue with RDSEED's 16-bit and 32-bit register output variants on Zen5 which return a random value of 0 "at a rate inconsistent with randomness while incorrectly
- CVE-2025-68312Dec 16, 2025affected < 5.4.302fixed 5.4.302
In the Linux kernel, the following vulnerability has been resolved: usbnet: Prevents free active kevent The root cause of this issue are: 1. When probing the usbnet device, executing usbnet_link_change(dev, 0, 0); put the kevent work in global workqueue. However, the kevent has
- CVE-2025-68311Dec 16, 2025affected >= 6.5.0, < 6.12.58fixed 6.12.58
In the Linux kernel, the following vulnerability has been resolved: tty: serial: ip22zilog: Use platform device for probing After commit 84a9582fd203 ("serial: core: Start managing serial controllers to enable runtime PM") serial drivers need to provide a device in struct uart_
- CVE-2025-68310Dec 16, 2025affected >= 5.16.0, < 6.1.159fixed 6.1.159
In the Linux kernel, the following vulnerability has been resolved: s390/pci: Avoid deadlock between PCI error recovery and mlx5 crdump Do not block PCI config accesses through pci_cfg_access_lock() when executing the s390 variant of PCI error recovery: Acquire just device_lock
- CVE-2025-68309Dec 16, 2025affected >= 6.16.0, < 6.17.8fixed 6.17.8
In the Linux kernel, the following vulnerability has been resolved: PCI/AER: Fix NULL pointer access by aer_info The kzalloc(GFP_KERNEL) may return NULL, so all accesses to aer_info->xxx will result in kernel panic. Fix it.
Page 50 of 88