kernel security

Microsoft confirmed a Windows kernel elevation-of-privilege flaw tracked as CVE-2024-30099 on June 11, 2024 — a time-of-check/time-of-use (TOCTOU) race-condition in kernel code that Microsoft rated as an important local Elevation of Privilege (EoP) and patched in the June 11, 2024 cumulative...

The Linux kernel has received a critical stability fix for a use‑after‑free in its NVMe stack: CVE‑2025‑68265 — described upstream as "nvme: fix admin request_queue lifetime" — which corrects the controller teardown ordering so that the controller's admin request_queue cannot be referenced after...

The Linux kernel has been assigned CVE-2025-68175 for a flaw in the NXP i.MX8 ISI (Image Sensor Interface) driver that can prematurely tear down an active video stream when userland issues a harmless query — a defect fixed upstream by moving streaming preparation and cleanup into the vb2...

The Linux kernel received a small but important patch that closes CVE-2025-68214 — a race in timer_shutdown_sync that could clear a timer’s function pointer while that timer was still active on another CPU, leaving a pending timer with a NULL callback and triggering a WARN_ON inside...

The Linux kernel received a targeted fix for CVE-2025-68193 that changes how the Intel Xe GuC control transport (CT) is torn down: maintainers added a devm-managed release action to ensure the CT is disabled before its backing buffer object (CTB) is freed, closing a deterministic use‑after‑free...

A small but critical defensive check landed in the AMDGPU Atom interpreter this month: a missing allocation check in amdgpu_atom_execute_table_locked could leave the driver with a NULL "WS" workspace pointer while its size field was non-zero, creating a deterministic NULL‑dereference that can...

A newly assigned CVE, CVE-2025-68257, closes a subtle but dangerous gap in the Linux kernel’s COMEDI driver by ensuring compat ioctl handlers verify whether a device is actually attached before performing operations — a change that eliminates a reproducible NULL-pointer kernel crash reported by...

A subtle but important kernel fix landed in mid‑December: a guarded change to the Radeon DRM driver removes an attempt to progress the wait queue from the dma‑fence “is_signaled” path, eliminating a class of self‑deadlocks that could hang the graphics stack. The patch — tracked as CVE‑2025‑68223...

The Linux kernel's F2FS driver has a newly assigned CVE — CVE-2025-40333 — describing an edge-case bug that can put the filesystem into an infinite loop inside __insert_extent_tree when presented with malformed extent metadata. The upstream maintainers fixed the logic by failing early and...

A locally reachable bug in the AMDGPU DRM driver was assigned CVE‑2025‑40334 after upstream Linux maintainers merged a defensive patch that validates user-provided GPU virtual addresses and buffer sizes for the userq (user-mode queue) facility, closing a reproducible crash/invalid-access...

Microsoft’s Security Update Guide lists CVE-2025-62465 as a DirectX Graphics Kernel denial-of-service (DoS) vulnerability that can be triggered by a local, authorized actor and that Microsoft has cataloged for remediation in its update feed. Background / Overview CVE-2025-62465 is reported as a...

Microsoft has assigned CVE-2025-62462 to a newly disclosed buffer over‑read in the Windows Projected File System (ProjFS) that can be abused by a local, authorized attacker to achieve elevation of privilege; the industry score for the issue is high (CVSS v3.1 ≈ 7.8) and the entry appears in...

A small but consequential fix landed in the stable Linux kernel this week to resolve CVE-2025-40306, an OrangeFS xattr-related bug that could lead to kernel oopses, hung processes and an accumulating kernel memory leak under repeated module activity — operators should treat this as a prioritized...

The Linux kernel has closed a small but important robustness hole in the ALSA usb‑audio stack: CVE‑2025‑40275 is a NULL‑pointer dereference in snd_usb_mixer_controls_badd that can be triggered by a crafted USB audio descriptor, and the upstream fix adds a simple NULL check to prevent an oops...

The short answer is: No — Azure Linux is not necessarily the only Microsoft product that includes the sunxi‑ng h616 clock code and is therefore potentially affected; it is the only Microsoft product Microsoft has publicly attested so far to include the upstream component for CVE‑2025‑38041, and...

Microsoft’s brief advisory that “Azure Linux includes this open‑source library and is therefore potentially affected” is accurate — but it is a product‑scoped attestation, not a categorical statement that no other Microsoft product could include the same vulnerable kernel code. Background /...

Microsoft’s public advisory for CVE-2025-38022 makes a precise, limited claim: Azure Linux includes the implicated open‑source kernel code and is therefore potentially affected — and Microsoft says it will expand its machine‑readable CSAF/VEX attestations if other Microsoft products are later...

A subtle but important race-condition in the Linux kernel’s process‑limit handling has been recorded as CVE‑2025‑40201: upstream maintainers changed kernel/sys.c to stop taking task_lock(tsk->group_leader) from unsafe contexts and instead make conditional use of tasklist_lock to avoid...

A kernel-level use-after-free (UAF) defect in the VMware graphics driver drm/vmwgfx has been assigned CVE‑2025‑40111 and fixed upstream; the problem stems from a resource from an arena allocator escaping the validation cleanup path, which can leave a freed node reachable in a duplicates...

A kernel flaw in the Sound Open Firmware (SOF) IPC4 topology code — tracked as CVE-2025-21870 — can cause NULL-pointer dereferences and broken audio pipelines on affected Linux kernels, and Microsoft’s public attestation that “Azure Linux includes this open‑source library and is therefore...