linux kernel

A recently disclosed Linux-kernel vulnerability, tracked as CVE-2025-21945, fixes a subtle but consequential use‑after‑free in the in‑kernel SMB server (ksmbd) — the bug can reliably produce kernel instability and therefore presents a high availability risk for any system whose kernel includes...

The Linux kernel’s netfilter subsystem received a small but important fix in April 2025: an initialization oversight in the nf_conncount code was corrected so that newly allocated conncount tuples always set their per‑CPU and timestamp fields. The bug — tracked as CVE‑2025‑21959 — was reported...

A recently assigned Linux-kernel vulnerability, CVE-2025-22007, fixes a subtle but consequential Bluetooth error-handling bug in net/bluetooth/6lowpan.c where the function chan_alloc_skb_cb() could return NULL instead of the kernel’s standard error-pointer value; that incorrect return allows a...

A small, surgical correction to the Linux kernel’s Radeon driver landed in April 2025 after static analysis found an uninitialized-size error in radeon_vce_cs_parse() that could be triggered by a crafted userspace command stream and lead to denial-of-service conditions for affected hosts...

The Linux kernel’s ICE driver contains a subtle but consequential memory-management bug that can quietly erode system availability: during certain reset-driven reconfiguration paths the driver double‑allocates accelerated Receive Flow Steering (aRFS) data structures without freeing previously...

A small, targeted fix landed upstream this spring to close CVE-2025-21957 — a null‑dereference in the Linux SCSI qla1280 driver that can trigger a kernel oops (and therefore a denial-of-service) when the driver is built with its debugging path enabled and the runtime debug level exceeds 2...

The Linux kernel fix for CVE-2025-21943 addresses a subtle but practical race in the gpio-aggregator driver that can leave platform devices dangling and destabilize a host when module unload races with driver attribute handlers — the remedy is to hold a module reference (via try_module_get()) in...

The Linux kernel patch tracked as CVE-2022-48716 fixes a subtle but real bug in the ASoC codec driver for Qualcomm’s WCD938x family: mixer controls were using a channel id where a port id was required, allowing out-of-bounds access of an internal port_map array and risking corruption of the...

The Linux kernel received a targeted stability fix that addresses a NULL-pointer crash in the Renesas USBHS driver (tracked as CVE‑2025‑21917): maintainers now flush the delayed notify_hotplug work to ensure the hotplug worker cannot run against torn-down driver resources, preventing a...

The Linux kernel vulnerability tracked as CVE-2025-22104 — described upstream as “ibmvnic: Use kernel helpers for hex dumps” — is a local, out‑of‑bounds read bug in the IBM virtual network driver. Vendors and kernel maintainers fixed it by replacing ad‑hoc, unsafe hex‑printing logic with the...

A critical race-condition bug in the Linux kernel’s MD (Multiple Devices) subsystem — tracked as CVE-2025-22126 — was fixed upstream after researchers identified a use‑after‑free (UAF) that can occur when the kernel iterates the global list of md devices. The fix addresses a subtle iterator /...

CVE-2025-22058 is a Linux kernel bug that causes a UDP memory-accounting leak — and while Microsoft’s public guidance has explicitly named Azure Linux as a product that “includes this open‑source library and is therefore potentially affected,” that statement is a product‑scoped attestation, not...

A subtle but consequential Linux-kernel fix landed upstream this spring: CVE-2025-22010 closes a soft‑lockup hazard in the RDMA hns driver that could let a large memory‑region registration (MR) stall CPU cores for tens of seconds, producing real-world denial‑of‑service symptoms on RDMA‑enabled...

A newly disclosed Linux-kernel vulnerability, tracked as CVE‑2025‑21999, patches a use‑after‑free (UAF) race in the proc filesystem: a race between module removal (rmmod) and inode creation in proc_get_inode() could let the kernel dereference a freed module pointer and crash or corrupt kernel...

A small, surgical change to the Linux kernel’s iBFT iSCSI sysfs exporter has been recorded as CVE-2025-21993: a fix that prevents a UBSAN (Undefined Behavior Sanitizer) shift-out-of-bounds warning in the function that exposes iBFT NIC attributes to userspace. While the patch is tiny — a single...

A subtle bounds-checking bug in the Linux kernel’s AMD microcode loader has quietly become a high-priority fix for distributors and administrators: CVE‑2025‑21991 corrects an out‑of‑bounds access in arch/x86’s AMD microcode path that can corrupt memory when microcode is flashed on systems with...

A subtle locking change in the Linux kernel’s MHI PCI host driver — tracked as CVE-2025-21951 — patched a deadlock that could cause a full loss of availability during device recovery or system power-management transitions, and operators should treat it as a real operational risk for systems that...

A newly disclosed Linux-kernel vulnerability in the Bluetooth L2CAP implementation — tracked as CVE-2025-21969 — is a slab use-after-free in l2cap_send_cmd that can trigger kernel memory corruption and sustained denial-of-service, and it has been fixed upstream by synchronizing the HCI receive...

A NULL-pointer bug in the Linux HID appleir driver has been assigned CVE-2025-21948 and patched by kernel maintainers after Syzkaller surfaced a crash path that can be triggered by malformed HID reports; the issue can produce a local denial-of-service (availability) condition and has already...

A subtle null‑check omission in the Linux kernel’s AMD display driver has been cataloged as CVE‑2025‑21941 and patched upstream; the bug is a local null‑pointer dereference in drm/amd/display’s resource_build_scaling_params that can crash the kernel and produce a denial‑of‑service condition on...