linux kernel

The Linux kernel’s graphics stack received a surgical but important fix addressing a potential use‑after‑free (UAF) in the Intel i915 driver: gem_context_register() could make a newly created context visible to userspace before the kernel had finished using the context pointer, opening a race...

A compact change in the Linux networking stack — the removal of a debug warning from the FOU/GUE receive path — landed as CVE-2024-44940 and has prompted a surprisingly broad operational conversation: a one-line silence in gue_gro_receive stopped noisy, easily‑constructed packets from triggering...

A null-pointer bug in the Linux kernel’s Direct Rendering Manager (DRM) client code — tracked as CVE‑2024‑43894 — is small in code size but broad in potential reach because the affected component lives in the upstream kernel tree and is reused across many Linux artifacts. Microsoft’s public...

A subtle but consequential race in the Linux kernel’s memory-control-group (memcg) ID management has been fixed: CVE-2024-43892 describes an insufficiently synchronized idr_remove() path on mem_cgroup_idr that could let multiple memcgs acquire the same ID and, in concrete fleets, has been linked...

A race condition in the Linux kernel's Marvell mvpp2 network driver can corrupt the parser TCAM/SRAM state and silently deny network availability by dropping all incoming unicast traffic — a bug tracked as CVE-2025-22060 that was fixed in upstream kernel trees by serializing access to the...

A subtle race in the Linux wireless stack — tracked as CVE-2025-21979 — can let a queued wiphy work item run after its owning wiphy object has already been freed, producing a classic use-after-free that reliably threatens system availability and, in worst cases, integrity; the Linux kernel...

A subtle memory-management mistake in the Intel ISH HID driver has been assigned CVE-2025-21928 and fixed upstream — the bug is a classic use-after-free in ishtp_hid_remove() that can cause random system crashes shortly after the driver is removed and therefore represents a real availability...

A recently disclosed Linux-kernel vulnerability, tracked as CVE-2025-21945, fixes a subtle but consequential use‑after‑free in the in‑kernel SMB server (ksmbd) — the bug can reliably produce kernel instability and therefore presents a high availability risk for any system whose kernel includes...

The Linux kernel’s netfilter subsystem received a small but important fix in April 2025: an initialization oversight in the nf_conncount code was corrected so that newly allocated conncount tuples always set their per‑CPU and timestamp fields. The bug — tracked as CVE‑2025‑21959 — was reported...

A recently assigned Linux-kernel vulnerability, CVE-2025-22007, fixes a subtle but consequential Bluetooth error-handling bug in net/bluetooth/6lowpan.c where the function chan_alloc_skb_cb() could return NULL instead of the kernel’s standard error-pointer value; that incorrect return allows a...

A small, surgical correction to the Linux kernel’s Radeon driver landed in April 2025 after static analysis found an uninitialized-size error in radeon_vce_cs_parse() that could be triggered by a crafted userspace command stream and lead to denial-of-service conditions for affected hosts...

The Linux kernel’s ICE driver contains a subtle but consequential memory-management bug that can quietly erode system availability: during certain reset-driven reconfiguration paths the driver double‑allocates accelerated Receive Flow Steering (aRFS) data structures without freeing previously...

A small, targeted fix landed upstream this spring to close CVE-2025-21957 — a null‑dereference in the Linux SCSI qla1280 driver that can trigger a kernel oops (and therefore a denial-of-service) when the driver is built with its debugging path enabled and the runtime debug level exceeds 2...

The Linux kernel fix for CVE-2025-21943 addresses a subtle but practical race in the gpio-aggregator driver that can leave platform devices dangling and destabilize a host when module unload races with driver attribute handlers — the remedy is to hold a module reference (via try_module_get()) in...

The Linux kernel patch tracked as CVE-2022-48716 fixes a subtle but real bug in the ASoC codec driver for Qualcomm’s WCD938x family: mixer controls were using a channel id where a port id was required, allowing out-of-bounds access of an internal port_map array and risking corruption of the...

The Linux kernel received a targeted stability fix that addresses a NULL-pointer crash in the Renesas USBHS driver (tracked as CVE‑2025‑21917): maintainers now flush the delayed notify_hotplug work to ensure the hotplug worker cannot run against torn-down driver resources, preventing a...

The Linux kernel vulnerability tracked as CVE-2025-22104 — described upstream as “ibmvnic: Use kernel helpers for hex dumps” — is a local, out‑of‑bounds read bug in the IBM virtual network driver. Vendors and kernel maintainers fixed it by replacing ad‑hoc, unsafe hex‑printing logic with the...

A critical race-condition bug in the Linux kernel’s MD (Multiple Devices) subsystem — tracked as CVE-2025-22126 — was fixed upstream after researchers identified a use‑after‑free (UAF) that can occur when the kernel iterates the global list of md devices. The fix addresses a subtle iterator /...

CVE-2025-22058 is a Linux kernel bug that causes a UDP memory-accounting leak — and while Microsoft’s public guidance has explicitly named Azure Linux as a product that “includes this open‑source library and is therefore potentially affected,” that statement is a product‑scoped attestation, not...

A subtle but consequential Linux-kernel fix landed upstream this spring: CVE-2025-22010 closes a soft‑lockup hazard in the RDMA hns driver that could let a large memory‑region registration (MR) stall CPU cores for tens of seconds, producing real-world denial‑of‑service symptoms on RDMA‑enabled...