linux package
kernel
pkg:linux/kernel
Vulnerabilities (1,755)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-68188 | — | >= 4.12.0, < 6.12.58 | 6.12.58 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: tcp: use dst_dev_rcu() in tcp_fastopen_active_disable_ofo_check() Use RCU to avoid a pair of atomic operations and a potential UAF on dst_dev()->flags. | ||
| CVE-2025-68187 | — | >= 6.17.0, < 6.17.8 | 6.17.8 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: mdio: Check regmap pointer returned by device_node_to_regmap() The call to device_node_to_regmap() in airoha_mdio_probe() can return an ERR_PTR() if regmap initialization fails. Currently, the driver store | ||
| CVE-2025-68186 | — | >= 6.10.0, < 6.12.58 | 6.12.58 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Do not warn in ring_buffer_map_get_reader() when reader catches up The function ring_buffer_map_get_reader() is a bit more strict than the other get reader functions, and except for certain situati | ||
| CVE-2025-68185 | — | >= 2.6.12, < 5.4.302 | 5.4.302 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: nfs4_setup_readdir(): insufficient locking for ->d_parent->d_inode dereferencing Theoretically it's an oopsable race, but I don't believe one can manage to hit it on real hardware; might become doable on a KVM, | ||
| CVE-2025-68184 | — | >= 6.2.0, < 6.6.117 | 6.6.117 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Disable AFBC support on Mediatek DRM driver Commit c410fa9b07c3 ("drm/mediatek: Add AFBC support to Mediatek DRM driver") added AFBC support to Mediatek DRM and enabled the 32x8/split/sparse modif | ||
| CVE-2025-68183 | — | >= 5.14.0, < 6.6.117 | 6.6.117 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: ima: don't clear IMA_DIGSIG flag when setting or removing non-IMA xattr Currently when both IMA and EVM are in fix mode, the IMA signature will be reset to IMA hash if a program first stores IMA signature in se | ||
| CVE-2025-68182 | — | >= 6.15.0, < 6.17.8 | 6.17.8 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: fix potential use after free in iwl_mld_remove_link() This code frees "link" by calling kfree_rcu(link, rcu_head) and then it dereferences "link" to get the "link->fw_id". Save the "link->fw_id" | ||
| CVE-2025-68181 | — | >= 6.12.0, < 6.12.58 | 6.12.58 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/radeon: Remove calls to drm_put_dev() Since the allocation of the drivers main structure was changed to devm_drm_dev_alloc() drm_put_dev()'ing to trigger it to be free'd should be done by devres. However, | ||
| CVE-2025-68180 | — | >= 6.7.0, < 6.12.58 | 6.12.58 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix NULL deref in debugfs odm_combine_segments When a connector is connected but inactive (e.g., disabled by desktop environments), pipe_ctx->stream_res.tg will be destroyed. Then, reading odm_ | ||
| CVE-2025-68179 | — | >= 6.2.0, < 6.6.117 | 6.6.117 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: s390: Disable ARCH_WANT_OPTIMIZE_HUGETLB_VMEMMAP As reported by Luiz Capitulino enabling HVO on s390 leads to reproducible crashes. The problem is that kernel page tables are modified without flushing correspon | ||
| CVE-2025-68178 | — | >= 6.5.0, < 6.6.117 | 6.6.117 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: fix possible deadlock while configuring policy Following deadlock can be triggered easily by lockdep: WARNING: possible circular locking dependency detected 6.17.0-rc3-00124-ga12c2658ced0 #1665 Not | ||
| CVE-2025-68177 | — | >= 3.10.0, < 5.4.302 | 5.4.302 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: cpufreq/longhaul: handle NULL policy in longhaul_exit longhaul_exit() was calling cpufreq_cpu_get(0) without checking for a NULL policy pointer. On some systems, this could lead to a NULL dereference and a kern | ||
| CVE-2025-68176 | — | >= 5.9.0, < 5.10.247 | 5.10.247 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: PCI: cadence: Check for the existence of cdns_pcie::ops before using it cdns_pcie::ops might not be populated by all the Cadence glue drivers. This is going to be true for the upcoming Sophgo platform which doe | ||
| CVE-2025-68175 | — | >= 6.4.0, < 6.17.8 | 6.17.8 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: media: nxp: imx8-isi: Fix streaming cleanup on release The current implementation unconditionally calls mxc_isi_video_cleanup_streaming() in mxc_isi_video_release(). This can lead to situations where any releas | ||
| CVE-2025-68174 | — | >= 6.5.0, < 6.17.8 | 6.17.8 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: amd/amdkfd: enhance kfd process check in switch partition current switch partition only check if kfd_processes_table is empty. kfd_prcesses_table entry is deleted in kfd_process_notifier_release, but kfd_proces | ||
| CVE-2025-68173 | — | >= 4.5.0, < 6.1.159 | 6.1.159 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix softlockup in ftrace_module_enable A soft lockup was observed when loading amdgpu module. If a module has a lot of tracable functions, multiple calls to kallsyms_lookup can spend too much time in RC | ||
| CVE-2025-68172 | — | >= 6.3.0, < 6.6.117 | 6.6.117 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: crypto: aspeed - fix double free caused by devm The clock obtained via devm_clk_get_enabled() is automatically managed by devres and will be disabled and freed on driver detach. Manually calling clk_disable_unp | ||
| CVE-2025-68171 | — | >= 5.16.0, < 6.1.159 | 6.1.159 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Ensure XFD state on signal delivery Sean reported [1] the following splat when running KVM tests: WARNING: CPU: 232 PID: 15391 at xfd_validate_state+0x65/0x70 Call Trace: fpu__cle | ||
| CVE-2025-68170 | — | >= 6.12.0, < 6.12.58 | 6.12.58 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/radeon: Do not kfree() devres managed rdev Since the allocation of the drivers main structure was changed to devm_drm_dev_alloc() rdev is managed by devres and we shouldn't be calling kfree() on it. This f | ||
| CVE-2025-68169 | — | >= 6.15.0, < 6.17.8 | 6.17.8 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: netpoll: Fix deadlock in memory allocation under spinlock Fix a AA deadlock in refill_skbs() where memory allocation while holding skb_pool->lock can trigger a recursive lock acquisition attempt. The deadlock |
- CVE-2025-68188Dec 16, 2025affected >= 4.12.0, < 6.12.58fixed 6.12.58
In the Linux kernel, the following vulnerability has been resolved: tcp: use dst_dev_rcu() in tcp_fastopen_active_disable_ofo_check() Use RCU to avoid a pair of atomic operations and a potential UAF on dst_dev()->flags.
- CVE-2025-68187Dec 16, 2025affected >= 6.17.0, < 6.17.8fixed 6.17.8
In the Linux kernel, the following vulnerability has been resolved: net: mdio: Check regmap pointer returned by device_node_to_regmap() The call to device_node_to_regmap() in airoha_mdio_probe() can return an ERR_PTR() if regmap initialization fails. Currently, the driver store
- CVE-2025-68186Dec 16, 2025affected >= 6.10.0, < 6.12.58fixed 6.12.58
In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Do not warn in ring_buffer_map_get_reader() when reader catches up The function ring_buffer_map_get_reader() is a bit more strict than the other get reader functions, and except for certain situati
- CVE-2025-68185Dec 16, 2025affected >= 2.6.12, < 5.4.302fixed 5.4.302
In the Linux kernel, the following vulnerability has been resolved: nfs4_setup_readdir(): insufficient locking for ->d_parent->d_inode dereferencing Theoretically it's an oopsable race, but I don't believe one can manage to hit it on real hardware; might become doable on a KVM,
- CVE-2025-68184Dec 16, 2025affected >= 6.2.0, < 6.6.117fixed 6.6.117
In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Disable AFBC support on Mediatek DRM driver Commit c410fa9b07c3 ("drm/mediatek: Add AFBC support to Mediatek DRM driver") added AFBC support to Mediatek DRM and enabled the 32x8/split/sparse modif
- CVE-2025-68183Dec 16, 2025affected >= 5.14.0, < 6.6.117fixed 6.6.117
In the Linux kernel, the following vulnerability has been resolved: ima: don't clear IMA_DIGSIG flag when setting or removing non-IMA xattr Currently when both IMA and EVM are in fix mode, the IMA signature will be reset to IMA hash if a program first stores IMA signature in se
- CVE-2025-68182Dec 16, 2025affected >= 6.15.0, < 6.17.8fixed 6.17.8
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: fix potential use after free in iwl_mld_remove_link() This code frees "link" by calling kfree_rcu(link, rcu_head) and then it dereferences "link" to get the "link->fw_id". Save the "link->fw_id"
- CVE-2025-68181Dec 16, 2025affected >= 6.12.0, < 6.12.58fixed 6.12.58
In the Linux kernel, the following vulnerability has been resolved: drm/radeon: Remove calls to drm_put_dev() Since the allocation of the drivers main structure was changed to devm_drm_dev_alloc() drm_put_dev()'ing to trigger it to be free'd should be done by devres. However,
- CVE-2025-68180Dec 16, 2025affected >= 6.7.0, < 6.12.58fixed 6.12.58
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix NULL deref in debugfs odm_combine_segments When a connector is connected but inactive (e.g., disabled by desktop environments), pipe_ctx->stream_res.tg will be destroyed. Then, reading odm_
- CVE-2025-68179Dec 16, 2025affected >= 6.2.0, < 6.6.117fixed 6.6.117
In the Linux kernel, the following vulnerability has been resolved: s390: Disable ARCH_WANT_OPTIMIZE_HUGETLB_VMEMMAP As reported by Luiz Capitulino enabling HVO on s390 leads to reproducible crashes. The problem is that kernel page tables are modified without flushing correspon
- CVE-2025-68178Dec 16, 2025affected >= 6.5.0, < 6.6.117fixed 6.6.117
In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: fix possible deadlock while configuring policy Following deadlock can be triggered easily by lockdep: WARNING: possible circular locking dependency detected 6.17.0-rc3-00124-ga12c2658ced0 #1665 Not
- CVE-2025-68177Dec 16, 2025affected >= 3.10.0, < 5.4.302fixed 5.4.302
In the Linux kernel, the following vulnerability has been resolved: cpufreq/longhaul: handle NULL policy in longhaul_exit longhaul_exit() was calling cpufreq_cpu_get(0) without checking for a NULL policy pointer. On some systems, this could lead to a NULL dereference and a kern
- CVE-2025-68176Dec 16, 2025affected >= 5.9.0, < 5.10.247fixed 5.10.247
In the Linux kernel, the following vulnerability has been resolved: PCI: cadence: Check for the existence of cdns_pcie::ops before using it cdns_pcie::ops might not be populated by all the Cadence glue drivers. This is going to be true for the upcoming Sophgo platform which doe
- CVE-2025-68175Dec 16, 2025affected >= 6.4.0, < 6.17.8fixed 6.17.8
In the Linux kernel, the following vulnerability has been resolved: media: nxp: imx8-isi: Fix streaming cleanup on release The current implementation unconditionally calls mxc_isi_video_cleanup_streaming() in mxc_isi_video_release(). This can lead to situations where any releas
- CVE-2025-68174Dec 16, 2025affected >= 6.5.0, < 6.17.8fixed 6.17.8
In the Linux kernel, the following vulnerability has been resolved: amd/amdkfd: enhance kfd process check in switch partition current switch partition only check if kfd_processes_table is empty. kfd_prcesses_table entry is deleted in kfd_process_notifier_release, but kfd_proces
- CVE-2025-68173Dec 16, 2025affected >= 4.5.0, < 6.1.159fixed 6.1.159
In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix softlockup in ftrace_module_enable A soft lockup was observed when loading amdgpu module. If a module has a lot of tracable functions, multiple calls to kallsyms_lookup can spend too much time in RC
- CVE-2025-68172Dec 16, 2025affected >= 6.3.0, < 6.6.117fixed 6.6.117
In the Linux kernel, the following vulnerability has been resolved: crypto: aspeed - fix double free caused by devm The clock obtained via devm_clk_get_enabled() is automatically managed by devres and will be disabled and freed on driver detach. Manually calling clk_disable_unp
- CVE-2025-68171Dec 16, 2025affected >= 5.16.0, < 6.1.159fixed 6.1.159
In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Ensure XFD state on signal delivery Sean reported [1] the following splat when running KVM tests: WARNING: CPU: 232 PID: 15391 at xfd_validate_state+0x65/0x70 Call Trace: fpu__cle
- CVE-2025-68170Dec 16, 2025affected >= 6.12.0, < 6.12.58fixed 6.12.58
In the Linux kernel, the following vulnerability has been resolved: drm/radeon: Do not kfree() devres managed rdev Since the allocation of the drivers main structure was changed to devm_drm_dev_alloc() rdev is managed by devres and we shouldn't be calling kfree() on it. This f
- CVE-2025-68169Dec 16, 2025affected >= 6.15.0, < 6.17.8fixed 6.17.8
In the Linux kernel, the following vulnerability has been resolved: netpoll: Fix deadlock in memory allocation under spinlock Fix a AA deadlock in refill_skbs() where memory allocation while holding skb_pool->lock can trigger a recursive lock acquisition attempt. The deadlock
Page 56 of 88