CVE-2025-38040
published 2025-06-18CVE-2025-38040: In the Linux kernel, the following vulnerability has been resolved: serial: mctrl_gpio: split disable_ms into sync and no_sync APIs The following splat has…
medium5.5CVSS 3.1
AVLACLPRLUINSUCNINAH
In the Linux kernel, the following vulnerability has been resolved:
serial: mctrl_gpio: split disable_ms into sync and no_sync APIs
The following splat has been observed on a SAMA5D27 platform using
atmel_serial:
BUG: sleeping function called from invalid context at kernel/irq/manage.c:738
in_atomic(): 1, irqs_disabled(): 128, non_block: 0, pid: 27, name: kworker/u5:0
preempt_count: 1, expected: 0
INFO: lockdep is turned off.
irq event stamp: 0
hardirqs last enabled at (0): [] 0x0
hardirqs last disabled at (0): [] copy_process+0x1c4c/0x7bec
softirqs last enabled at (0): [] copy_process+0x1ca0/0x7bec
softirqs last disabled at (0): [] 0x0
CPU: 0 UID: 0 PID: 27 Comm: kworker/u5:0 Not tainted 6.13.0-rc7+ #74
Hardware name: Atmel SAMA5
Workqueue: hci0 hci_power_on [bluetooth]
Call trace:
unwind_backtrace from show_stack+0x18/0x1c
show_stack from dump_stack_lvl+0x44/0x70
dump_stack_lvl from __might_resched+0x38c/0x598
__might_resched from disable_irq+0x1c/0x48
disable_irq from mctrl_gpio_disable_ms+0x74/0xc0
mctrl_gpio_disable_ms from atmel_disable_ms.part.0+0x80/0x1f4
atmel_disable_ms.part.0 from atmel_set_termios+0x764/0x11e8
atmel_set_termios from uart_change_line_settings+0x15c/0x994
uart_change_line_settings from uart_set_termios+0x2b0/0x668
uart_set_termios from tty_set_termios+0x600/0x8ec
tty_set_termios from ttyport_set_flow_control+0x188/0x1e0
ttyport_set_flow_control from wilc_setup+0xd0/0x524 [hci_wilc]
wilc_setup [hci_wilc] from hci_dev_open_sync+0x330/0x203c [bluetooth]
hci_dev_open_sync [bluetooth] from hci_dev_do_open+0x40/0xb0 [bluetooth]
hci_dev_do_open [bluetooth] from hci_power_on+0x12c/0x664 [bluetooth]
hci_power_on [bluetooth] from process_one_work+0x998/0x1a38
process_one_work from worker_thread+0x6e0/0xfb4
worker_thread from kthread+0x3d4/0x484
kthread from ret_from_fork+0x14/0x28
This warning is emitted when trying to toggle, at the highest level,
some flow control (with serdev_device_set_flow_control) in a device
driver. At the lowest level, t
Affected
31 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | linux | < linux 6.1.147-1 (bookworm) | linux 6.1.147-1 (bookworm) |
| debian | linux-6.1 | < linux 6.1.147-1 (bookworm) | linux 6.1.147-1 (bookworm) |
| linux | linux | — | — |
| linux | linux | >= ce59e48fdbad2aa6609ceb87e1306ec69e577e05 < 68435c1fa3db696db4f480385db9e50e26691d0d | 68435c1fa3db696db4f480385db9e50e26691d0d |
| linux | linux | >= ce59e48fdbad2aa6609ceb87e1306ec69e577e05 < c504c11b94d6e4ad818ca5578dffa8ff29ad0f20 | c504c11b94d6e4ad818ca5578dffa8ff29ad0f20 |
| linux | linux | >= ce59e48fdbad2aa6609ceb87e1306ec69e577e05 < e6a46719a2369eb5186d4f7e6c0478720ca1ec3d | e6a46719a2369eb5186d4f7e6c0478720ca1ec3d |
| linux | linux | >= ce59e48fdbad2aa6609ceb87e1306ec69e577e05 < 7187ec6b0b9ff22ebac2c3bb4178b7dbbdc0a55a | 7187ec6b0b9ff22ebac2c3bb4178b7dbbdc0a55a |
| linux | linux | >= ce59e48fdbad2aa6609ceb87e1306ec69e577e05 < 1bd2aad57da95f7f2d2bb52f7ad15c0f4993a685 | 1bd2aad57da95f7f2d2bb52f7ad15c0f4993a685 |
| linux | linux_kernel | < 6.1.141 | 6.1.141 |
| linux | linux_kernel | >= 0 < 6.1.147-1 | 6.1.147-1 |
| linux | linux_kernel | >= 0 < 6.12.32-1 | 6.12.32-1 |
| linux | linux_kernel | >= 0 < 6.12.32-1 | 6.12.32-1 |
| linux | linux_kernel | >= 0 < 6.8.0-100.100 | 6.8.0-100.100 |
| linux | linux_kernel | >= 6.13 < 6.14.9 | 6.14.9 |
| linux | linux_kernel | >= 6.2 < 6.6.93 | 6.6.93 |
| linux | linux_kernel | >= 6.7 < 6.12.31 | 6.12.31 |
| msrc | azl3_kernel_6.6.92.2-2_on_azure_linux_3.0 | — | — |
| msrc | azl3_kernel_6.6.96.1-1_on_azure_linux_3.0 | — | — |
| msrc | cbl2_kernel_5.15.186.1-1_on_cbl_mariner_2.0 | — | — |
| msrc | cbl2_kernel_5.15.200.1-1_on_cbl_mariner_2.0 | — | — |
| msrc | cbl2_kernel_5.15.202.1-1_on_cbl_mariner_2.0 | — | — |
| ubuntu | linux-aws | — | — |
| ubuntu | linux-aws-6.8 | — | — |
| ubuntu | linux-gkeop | — | — |
CVSS provenance
nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
osv5.5MEDIUM
Ubuntu
Linux kernel (Azure) vulnerabilities
vendor_ubuntu·2026-03-25·CVSS 3.2
CVE-2025-40068 [LOW] Linux kernel (Azure) vulnerabilities
Title: Linux kernel (Azure) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Qualys discovered that several vulnerabilities existed in the AppArmor
Linux kernel Security Module (LSM). An unprivileged local attacker could
use these issues to load, replace, and remove arbitrary AppArmor profiles
causing denial of service, exposure of sensitive information (kernel
memory), local privilege escalation, or possibly escape a container.
(LP: #2143853)
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that
Ubuntu
Linux kernel (Azure) vulnerabilities
vendor_ubuntu·2026-03-04·CVSS 3.2
CVE-2025-37956 [LOW] Linux kernel (Azure) vulnerabilities
Title: Linux kernel (Azure) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system
Ubuntu
Linux kernel (Azure FIPS) vulnerabilities
vendor_ubuntu·2026-03-04·CVSS 3.2
CVE-2025-38476 [LOW] Linux kernel (Azure FIPS) vulnerabilities
Title: Linux kernel (Azure FIPS) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the s
Ubuntu
Linux kernel (Xilinx) vulnerabilities
vendor_ubuntu·2026-02-24·CVSS 3.2
CVE-2025-38652 [LOW] Linux kernel (Xilinx) vulnerabilities
Title: Linux kernel (Xilinx) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the syste
Ubuntu
Linux kernel (IBM) vulnerabilities
vendor_ubuntu·2026-02-24·CVSS 3.2
CVE-2025-38014 [LOW] Linux kernel (IBM) vulnerabilities
Title: Linux kernel (IBM) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
Ubuntu
Linux kernel (Low Latency) vulnerabilities
vendor_ubuntu·2026-02-19·CVSS 3.2
CVE-2025-38702 [LOW] Linux kernel (Low Latency) vulnerabilities
Title: Linux kernel (Low Latency) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the
Ubuntu
Linux kernel (Low Latency NVIDIA) vulnerabilities
vendor_ubuntu·2026-02-19·CVSS 3.2
CVE-2025-38702 [LOW] Linux kernel (Low Latency NVIDIA) vulnerabilities
Title: Linux kernel (Low Latency NVIDIA) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromi
Ubuntu
Linux kernel (HWE) vulnerabilities
vendor_ubuntu·2026-02-19·CVSS 3.2
CVE-2025-38702 [LOW] Linux kernel (HWE) vulnerabilities
Title: Linux kernel (HWE) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2026-02-19·CVSS 3.2
CVE-2025-38014 [LOW] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This u
Ubuntu
Linux kernel (GCP FIPS) vulnerabilities
vendor_ubuntu·2026-02-18·CVSS 3.2
CVE-2025-38014 [LOW] Linux kernel (GCP FIPS) vulnerabilities
Title: Linux kernel (GCP FIPS) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the sys
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2026-02-17·CVSS 3.2
CVE-2025-38702 [LOW] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This u
Ubuntu
Linux kernel (FIPS) vulnerabilities
vendor_ubuntu·2026-02-17·CVSS 3.2
CVE-2025-38702 [LOW] Linux kernel (FIPS) vulnerabilities
Title: Linux kernel (FIPS) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
Ubuntu
Linux kernel (Real-time) vulnerabilities
vendor_ubuntu·2026-02-17·CVSS 3.2
CVE-2025-38014 [LOW] Linux kernel (Real-time) vulnerabilities
Title: Linux kernel (Real-time) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the sy
Ubuntu
Linux kernel (GCP) vulnerabilities
vendor_ubuntu·2026-02-12·CVSS 3.2
CVE-2025-38702 [LOW] Linux kernel (GCP) vulnerabilities
Title: Linux kernel (GCP) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
Ubuntu
Linux kernel (Real-time) vulnerabilities
vendor_ubuntu·2026-02-12·CVSS 3.2
CVE-2025-38014 [LOW] Linux kernel (Real-time) vulnerabilities
Title: Linux kernel (Real-time) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the sy
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2026-02-11·CVSS 3.2
CVE-2025-38702 [LOW] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This u
Ubuntu
Linux kernel (Raspberry Pi) vulnerabilities
vendor_ubuntu·2025-10-08
CVE-2025-38304 Linux kernel (Raspberry Pi) vulnerabilities
Title: Linux kernel (Raspberry Pi) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers;
- Android drivers;
- Bluetooth drivers;
- Bus devices;
- Clock framework and drivers;
- CPU frequency scaling framework;
- Hardware crypto device drivers;
- DMA engine subsystem;
- EDAC drivers;
- Arm Firmware Framework for ARMv8-A(FFA);
- FPGA Framework;
- GPIO subsystem;
- GPU drivers;
- HID subsystem;
- Hardware monitoring drivers;
- HW tracing;
- InfiniBand drivers;
-
Ubuntu
Linux kernel (Oracle) vulnerabilities
vendor_ubuntu·2025-10-01
CVE-2025-38092 Linux kernel (Oracle) vulnerabilities
Title: Linux kernel (Oracle) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers;
- Android drivers;
- Bluetooth drivers;
- Bus devices;
- Clock framework and drivers;
- CPU frequency scaling framework;
- Hardware crypto device drivers;
- DMA engine subsystem;
- EDAC drivers;
- Arm Firmware Framework for ARMv8-A(FFA);
- FPGA Framework;
- GPIO subsystem;
- GPU drivers;
- HID subsystem;
- Hardware monitoring drivers;
- HW tracing;
- InfiniBand drivers;
- IOMMU
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2025-09-26
CVE-2025-38071 Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers;
- Android drivers;
- Bluetooth drivers;
- Bus devices;
- Clock framework and drivers;
- CPU frequency scaling framework;
- Hardware crypto device drivers;
- DMA engine subsystem;
- EDAC drivers;
- Arm Firmware Framework for ARMv8-A(FFA);
- FPGA Framework;
- GPIO subsystem;
- GPU drivers;
- HID subsystem;
- Hardware monitoring drivers;
- HW tracing;
- InfiniBand drivers;
- IOMMU subsyste
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2025-09-25
CVE-2025-38106 Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers;
- Android drivers;
- Bluetooth drivers;
- Bus devices;
- Clock framework and drivers;
- CPU frequency scaling framework;
- Hardware crypto device drivers;
- DMA engine subsystem;
- EDAC drivers;
- Arm Firmware Framework for ARMv8-A(FFA);
- FPGA Framework;
- GPIO subsystem;
- GPU drivers;
- HID subsystem;
- Hardware monitoring drivers;
- HW tracing;
- InfiniBand drivers;
- IOMMU subsyste
Ubuntu
Linux kernel (OEM) vulnerabilities
vendor_ubuntu·2025-09-24
CVE-2025-38106 Linux kernel (OEM) vulnerabilities
Title: Linux kernel (OEM) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers;
- Android drivers;
- Bluetooth drivers;
- Bus devices;
- Clock framework and drivers;
- CPU frequency scaling framework;
- Hardware crypto device drivers;
- DMA engine subsystem;
- EDAC drivers;
- Arm Firmware Framework for ARMv8-A(FFA);
- FPGA Framework;
- GPIO subsystem;
- GPU drivers;
- HID subsystem;
- Hardware monitoring drivers;
- HW tracing;
- InfiniBand drivers;
- IOMMU su
Ubuntu
Linux kernel (Azure) vulnerabilities
vendor_ubuntu·2025-09-24
CVE-2025-38082 Linux kernel (Azure) vulnerabilities
Title: Linux kernel (Azure) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers;
- Android drivers;
- Bluetooth drivers;
- Bus devices;
- Clock framework and drivers;
- CPU frequency scaling framework;
- Hardware crypto device drivers;
- DMA engine subsystem;
- EDAC drivers;
- Arm Firmware Framework for ARMv8-A(FFA);
- FPGA Framework;
- GPIO subsystem;
- GPU drivers;
- HID subsystem;
- Hardware monitoring drivers;
- HW tracing;
- InfiniBand drivers;
- IOMMU
Ubuntu
Linux kernel (Real-time) vulnerabilities
vendor_ubuntu·2025-09-24
CVE-2025-38082 Linux kernel (Real-time) vulnerabilities
Title: Linux kernel (Real-time) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers;
- Android drivers;
- Bluetooth drivers;
- Bus devices;
- Clock framework and drivers;
- CPU frequency scaling framework;
- Hardware crypto device drivers;
- DMA engine subsystem;
- EDAC drivers;
- Arm Firmware Framework for ARMv8-A(FFA);
- FPGA Framework;
- GPIO subsystem;
- GPU drivers;
- HID subsystem;
- Hardware monitoring drivers;
- HW tracing;
- InfiniBand drivers;
- IO
Red Hat
kernel: serial: mctrl_gpio: split disable_ms into sync and no_sync APIs
vendor_redhat·2025-06-18·CVSS 5.5
CVE-2025-38040 [MEDIUM] CWE-20 kernel: serial: mctrl_gpio: split disable_ms into sync and no_sync APIs
kernel: serial: mctrl_gpio: split disable_ms into sync and no_sync APIs
In the Linux kernel, the following vulnerability has been resolved:
serial: mctrl_gpio: split disable_ms into sync and no_sync APIs
The following splat has been observed on a SAMA5D27 platform using
atmel_serial:
BUG: sleeping function called from invalid context at kernel/irq/manage.c:738
in_atomic(): 1, irqs_disabled(): 128, non_block: 0, pid: 27, name: kworker/u5:0
preempt_count: 1, expected: 0
INFO: lockdep is turned off.
irq event stamp: 0
hardirqs last enabled at (0): [] 0x0
hardirqs last disabled at (0): [] copy_process+0x1c4c/0x7bec
softirqs last enabled at (0): [] copy_process+0x1ca0/0x7bec
softirqs last disabled at (0): [] 0x0
CPU: 0 UID: 0 PID: 27 Comm: kworker/u5:0 Not tainted 6.13.0-rc7+ #74
Hardware name
Microsoft
serial: mctrl_gpio: split disable_ms into sync and no_sync APIs
vendor_msrc·2025-06-10·CVSS 7.0
CVE-2025-38040 [MEDIUM] serial: mctrl_gpio: split disable_ms into sync and no_sync APIs
serial: mctrl_gpio: split disable_ms into sync and no_sync APIs
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See this blog post for more information. If impact to additional products is identified, we will update the CVE to reflect this.
Mariner: Mariner
Linux: Linux
Customer Action Required: Yes
Remediation: CBL-Mariner Releases
Reference: https
Debian
CVE-2025-38040: linux - In the Linux kernel, the following vulnerability has been resolved: serial: mct...
vendor_debian·2025·CVSS 5.5
CVE-2025-38040 [MEDIUM] CVE-2025-38040: linux - In the Linux kernel, the following vulnerability has been resolved: serial: mct...
In the Linux kernel, the following vulnerability has been resolved: serial: mctrl_gpio: split disable_ms into sync and no_sync APIs The following splat has been observed on a SAMA5D27 platform using atmel_serial: BUG: sleeping function called from invalid context at kernel/irq/manage.c:738 in_atomic(): 1, irqs_disabled(): 128, non_block: 0, pid: 27, name: kworker/u5:0 preempt_count: 1, expected: 0 INFO: lockdep is turned off. irq event stamp: 0 hardirqs last enabled at (0): [] 0x0 hardirqs last disabled at (0): [] copy_process+0x1c4c/0x7bec softirqs last enabled at (0): [] copy_process+0x1ca0/0x7bec softirqs last disabled at (0): [] 0x0 CPU: 0 UID: 0 PID: 27 Comm: kworker/u5:0 Not tainted 6.13.0-rc7+ #74 Hardware name: Atmel SAMA5 Workqueue: hci0 hci_power_on [bluetooth] Call trace: unwind
OSV
linux-azure-6.8 vulnerabilities
osv·2026-03-25·CVSS 3.2
[LOW] linux-azure-6.8 vulnerabilities
linux-azure-6.8 vulnerabilities
Qualys discovered that several vulnerabilities existed in the AppArmor
Linux kernel Security Module (LSM). An unprivileged local attacker could
use these issues to load, replace, and remove arbitrary AppArmor profiles
causing denial of service, exposure of sensitive information (kernel
memory), local privilege escalation, or possibly escape a container.
(LP: #2143853)
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores,
OSV
linux-azure-fips vulnerabilities
osv·2026-03-04·CVSS 3.2
CVE-2024-36331 [LOW] linux-azure-fips vulnerabilities
linux-azure-fips vulnerabilities
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM32 architectur
OSV
linux-azure vulnerabilities
osv·2026-03-04·CVSS 3.2
CVE-2024-36331 [LOW] linux-azure vulnerabilities
linux-azure vulnerabilities
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM32 architecture;
-
OSV
linux-ibm, linux-ibm-6.8 vulnerabilities
osv·2026-02-24·CVSS 3.2
CVE-2024-36331 [LOW] linux-ibm, linux-ibm-6.8 vulnerabilities
linux-ibm, linux-ibm-6.8 vulnerabilities
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM32 arc
OSV
linux-xilinx vulnerabilities
osv·2026-02-24·CVSS 3.2
CVE-2024-36331 [LOW] linux-xilinx vulnerabilities
linux-xilinx vulnerabilities
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM32 architecture;
-
OSV
linux-hwe-6.8, linux-lowlatency-hwe-6.8 vulnerabilities
osv·2026-02-19·CVSS 3.2
CVE-2024-36331 [LOW] linux-hwe-6.8, linux-lowlatency-hwe-6.8 vulnerabilities
linux-hwe-6.8, linux-lowlatency-hwe-6.8 vulnerabilities
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsyste
OSV
linux-gcp, linux-gke vulnerabilities
osv·2026-02-19·CVSS 3.2
CVE-2024-36331 [LOW] linux-gcp, linux-gke vulnerabilities
linux-gcp, linux-gke vulnerabilities
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM32 archite
OSV
linux-nvidia-lowlatency vulnerabilities
osv·2026-02-19·CVSS 3.2
CVE-2024-36331 [LOW] linux-nvidia-lowlatency vulnerabilities
linux-nvidia-lowlatency vulnerabilities
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM32 arch
OSV
linux-lowlatency vulnerabilities
osv·2026-02-19·CVSS 3.2
CVE-2024-36331 [LOW] linux-lowlatency vulnerabilities
linux-lowlatency vulnerabilities
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM32 architectur
OSV
linux-gcp-fips vulnerabilities
osv·2026-02-18·CVSS 3.2
CVE-2024-36331 [LOW] linux-gcp-fips vulnerabilities
linux-gcp-fips vulnerabilities
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM32 architecture;
OSV
linux-aws-fips, linux-fips vulnerabilities
osv·2026-02-17·CVSS 3.2
CVE-2024-36331 [LOW] linux-aws-fips, linux-fips vulnerabilities
linux-aws-fips, linux-fips vulnerabilities
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM32 a
OSV
linux-realtime, linux-raspi-realtime vulnerabilities
osv·2026-02-17·CVSS 3.2
CVE-2024-36331 [LOW] linux-realtime, linux-raspi-realtime vulnerabilities
linux-realtime, linux-raspi-realtime vulnerabilities
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
OSV
linux-aws, linux-aws-6.8, linux-gkeop, linux-nvidia, linux-nvidia-6.8, linux-oracle, linux-oracle-6.8 vulnerabilities
osv·2026-02-17·CVSS 3.2
CVE-2024-36331 [LOW] linux-aws, linux-aws-6.8, linux-gkeop, linux-nvidia, linux-nvidia-6.8, linux-oracle, linux-oracle-6.8 vulnerabilities
linux-aws, linux-aws-6.8, linux-gkeop, linux-nvidia, linux-nvidia-6.8, linux-oracle, linux-oracle-6.8 vulnerabilities
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise th
OSV
linux-gcp-6.8 vulnerabilities
osv·2026-02-12·CVSS 3.2
CVE-2024-36331 [LOW] linux-gcp-6.8 vulnerabilities
linux-gcp-6.8 vulnerabilities
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM32 architecture;
OSV
linux-realtime-6.8 vulnerabilities
osv·2026-02-12·CVSS 3.2
CVE-2024-36331 [LOW] linux-realtime-6.8 vulnerabilities
linux-realtime-6.8 vulnerabilities
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM32 architect
OSV
linux, linux-raspi vulnerabilities
osv·2026-02-11·CVSS 3.2
CVE-2024-36331 [LOW] linux, linux-raspi vulnerabilities
linux, linux-raspi vulnerabilities
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM32 architect
OSV
linux, linux-aws, linux-gcp, linux-gcp-6.14, linux-oracle, linux-realtime vulnerabilities
osv·2025-12-03
linux, linux-aws, linux-gcp, linux-gcp-6.14, linux-oracle, linux-realtime vulnerabilities
linux, linux-aws, linux-gcp, linux-gcp-6.14, linux-oracle, linux-realtime vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers;
- Android drivers;
- Bluetooth drivers;
- Bus devices;
- Clock framework and drivers;
- CPU frequency scaling framework;
- Hardware crypto device drivers;
- DMA engine subsystem;
- EDAC drivers;
- Arm Firmware Framework for ARMv8-A(FFA);
- FPGA Framework;
- GPIO subsystem;
- GPU drivers;
- HID subsystem;
- Hardware monitoring drivers;
- HW tracing;
- InfiniBand drivers;
- IOMMU subsystem;
- Multipl
OSV
linux-raspi vulnerabilities
osv·2025-10-08
linux-raspi vulnerabilities
linux-raspi vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers;
- Android drivers;
- Bluetooth drivers;
- Bus devices;
- Clock framework and drivers;
- CPU frequency scaling framework;
- Hardware crypto device drivers;
- DMA engine subsystem;
- EDAC drivers;
- Arm Firmware Framework for ARMv8-A(FFA);
- FPGA Framework;
- GPIO subsystem;
- GPU drivers;
- HID subsystem;
- Hardware monitoring drivers;
- HW tracing;
- InfiniBand drivers;
- IOMMU subsystem;
- Multiple devices driver;
- Media drivers;
- VMware VMCI Driver;
- MTD
OSV
linux-oracle-6.14 vulnerabilities
osv·2025-10-01
linux-oracle-6.14 vulnerabilities
linux-oracle-6.14 vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers;
- Android drivers;
- Bluetooth drivers;
- Bus devices;
- Clock framework and drivers;
- CPU frequency scaling framework;
- Hardware crypto device drivers;
- DMA engine subsystem;
- EDAC drivers;
- Arm Firmware Framework for ARMv8-A(FFA);
- FPGA Framework;
- GPIO subsystem;
- GPU drivers;
- HID subsystem;
- Hardware monitoring drivers;
- HW tracing;
- InfiniBand drivers;
- IOMMU subsystem;
- Multiple devices driver;
- Media drivers;
- VMware VMCI Driver;
OSV
linux-aws-6.14, linux-hwe-6.14 vulnerabilities
osv·2025-09-26
linux-aws-6.14, linux-hwe-6.14 vulnerabilities
linux-aws-6.14, linux-hwe-6.14 vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers;
- Android drivers;
- Bluetooth drivers;
- Bus devices;
- Clock framework and drivers;
- CPU frequency scaling framework;
- Hardware crypto device drivers;
- DMA engine subsystem;
- EDAC drivers;
- Arm Firmware Framework for ARMv8-A(FFA);
- FPGA Framework;
- GPIO subsystem;
- GPU drivers;
- HID subsystem;
- Hardware monitoring drivers;
- HW tracing;
- InfiniBand drivers;
- IOMMU subsystem;
- Multiple devices driver;
- Media drivers;
- VMware
OSV
linux-realtime-6.14 vulnerabilities
osv·2025-09-24
linux-realtime-6.14 vulnerabilities
linux-realtime-6.14 vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers;
- Android drivers;
- Bluetooth drivers;
- Bus devices;
- Clock framework and drivers;
- CPU frequency scaling framework;
- Hardware crypto device drivers;
- DMA engine subsystem;
- EDAC drivers;
- Arm Firmware Framework for ARMv8-A(FFA);
- FPGA Framework;
- GPIO subsystem;
- GPU drivers;
- HID subsystem;
- Hardware monitoring drivers;
- HW tracing;
- InfiniBand drivers;
- IOMMU subsystem;
- Multiple devices driver;
- Media drivers;
- VMware VMCI Drive
OSV
linux-azure vulnerabilities
osv·2025-09-24
linux-azure vulnerabilities
linux-azure vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers;
- Android drivers;
- Bluetooth drivers;
- Bus devices;
- Clock framework and drivers;
- CPU frequency scaling framework;
- Hardware crypto device drivers;
- DMA engine subsystem;
- EDAC drivers;
- Arm Firmware Framework for ARMv8-A(FFA);
- FPGA Framework;
- GPIO subsystem;
- GPU drivers;
- HID subsystem;
- Hardware monitoring drivers;
- HW tracing;
- InfiniBand drivers;
- IOMMU subsystem;
- Multiple devices driver;
- Media drivers;
- VMware VMCI Driver;
- MTD
OSV
linux-oem-6.14 vulnerabilities
osv·2025-09-24
linux-oem-6.14 vulnerabilities
linux-oem-6.14 vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers;
- Android drivers;
- Bluetooth drivers;
- Bus devices;
- Clock framework and drivers;
- CPU frequency scaling framework;
- Hardware crypto device drivers;
- DMA engine subsystem;
- EDAC drivers;
- Arm Firmware Framework for ARMv8-A(FFA);
- FPGA Framework;
- GPIO subsystem;
- GPU drivers;
- HID subsystem;
- Hardware monitoring drivers;
- HW tracing;
- InfiniBand drivers;
- IOMMU subsystem;
- Multiple devices driver;
- Media drivers;
- VMware VMCI Driver;
-
GHSA
GHSA-8pcr-p4fc-6g8c: In the Linux kernel, the following vulnerability has been resolved:
serial: mctrl_gpio: split disable_ms into sync and no_sync APIs
The following sp
ghsa_unreviewed·2025-06-18
CVE-2025-38040 [MEDIUM] GHSA-8pcr-p4fc-6g8c: In the Linux kernel, the following vulnerability has been resolved:
serial: mctrl_gpio: split disable_ms into sync and no_sync APIs
The following sp
In the Linux kernel, the following vulnerability has been resolved:
serial: mctrl_gpio: split disable_ms into sync and no_sync APIs
The following splat has been observed on a SAMA5D27 platform using
atmel_serial:
BUG: sleeping function called from invalid context at kernel/irq/manage.c:738
in_atomic(): 1, irqs_disabled(): 128, non_block: 0, pid: 27, name: kworker/u5:0
preempt_count: 1, expected: 0
INFO: lockdep is turned off.
irq event stamp: 0
hardirqs last enabled at (0): [] 0x0
hardirqs last disabled at (0): [] copy_process+0x1c4c/0x7bec
softirqs last enabled at (0): [] copy_process+0x1ca0/0x7bec
softirqs last disabled at (0): [] 0x0
CPU: 0 UID: 0 PID: 27 Comm: kworker/u5:0 Not tainted 6.13.0-rc7+ #74
Hardware name: Atmel SAMA5
Workqueue: hci0 hci_power_on [bluetooth]
Call trace:
unw
OSV
CVE-2025-38040: In the Linux kernel, the following vulnerability has been resolved: serial: mctrl_gpio: split disable_ms into sync and no_sync APIs The following spla
osv·2025-06-18·CVSS 5.5
CVE-2025-38040 [MEDIUM] CVE-2025-38040: In the Linux kernel, the following vulnerability has been resolved: serial: mctrl_gpio: split disable_ms into sync and no_sync APIs The following spla
In the Linux kernel, the following vulnerability has been resolved: serial: mctrl_gpio: split disable_ms into sync and no_sync APIs The following splat has been observed on a SAMA5D27 platform using atmel_serial: BUG: sleeping function called from invalid context at kernel/irq/manage.c:738 in_atomic(): 1, irqs_disabled(): 128, non_block: 0, pid: 27, name: kworker/u5:0 preempt_count: 1, expected: 0 INFO: lockdep is turned off. irq event stamp: 0 hardirqs last enabled at (0): [] 0x0 hardirqs last disabled at (0): [] copy_process+0x1c4c/0x7bec softirqs last enabled at (0): [] copy_process+0x1ca0/0x7bec softirqs last disabled at (0): [] 0x0 CPU: 0 UID: 0 PID: 27 Comm: kworker/u5:0 Not tainted 6.13.0-rc7+ #74 Hardware name: Atmel SAMA5 Workqueue: hci0 hci_power_on [bluetooth] Call trace: unwind
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://git.kernel.org/stable/c/1bd2aad57da95f7f2d2bb52f7ad15c0f4993a685https://git.kernel.org/stable/c/68435c1fa3db696db4f480385db9e50e26691d0dhttps://git.kernel.org/stable/c/7187ec6b0b9ff22ebac2c3bb4178b7dbbdc0a55ahttps://git.kernel.org/stable/c/c504c11b94d6e4ad818ca5578dffa8ff29ad0f20https://git.kernel.org/stable/c/e6a46719a2369eb5186d4f7e6c0478720ca1ec3dhttps://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
2025-06-18
Published