CVE-2025-38066
published 2025-06-18CVE-2025-38066: In the Linux kernel, the following vulnerability has been resolved: dm cache: prevent BUG_ON by blocking retries on failed device resumes A cache device…
medium5.5CVSS 3.1
AVLACLPRLUINSUCNINAH
In the Linux kernel, the following vulnerability has been resolved:
dm cache: prevent BUG_ON by blocking retries on failed device resumes
A cache device failing to resume due to mapping errors should not be
retried, as the failure leaves a partially initialized policy object.
Repeating the resume operation risks triggering BUG_ON when reloading
cache mappings into the incomplete policy object.
Reproduce steps:
1. create a cache metadata consisting of 512 or more cache blocks,
with some mappings stored in the first array block of the mapping
array. Here we use cache_restore v1.0 to build the metadata.
cat > cmeta.xml
EOF
dmsetup create cmeta --table "0 8192 linear /dev/sdc 0"
cache_restore -i cmeta.xml -o /dev/mapper/cmeta --metadata-version=2
dmsetup remove cmeta
2. wipe the second array block of the mapping array to simulate
data degradations.
mapping_root=$(dd if=/dev/sdc bs=1c count=8 skip=192 \
2>/dev/null | hexdump -e '1/8 "%u\n"')
ablock=$(dd if=/dev/sdc bs=1c count=8 skip=$((4096*mapping_root+2056)) \
2>/dev/null | hexdump -e '1/8 "%u\n"')
dd if=/dev/zero of=/dev/sdc bs=4k count=1 seek=$ablock
3. try bringing up the cache device. The resume is expected to fail
due to the broken array block.
dmsetup create cmeta --table "0 8192 linear /dev/sdc 0"
dmsetup create cdata --table "0 65536 linear /dev/sdc 8192"
dmsetup create corig --table "0 524288 linear /dev/sdc 262144"
dmsetup create cache --notable
dmsetup load cache --table "0 524288 cache /dev/mapper/cmeta \
/dev/mapper/cdata /dev/mapper/corig 128 2 metadata2 writethrough smq 0"
dmsetup resume cache
4. try resuming the cache again. An unexpected BUG_ON is triggered
while loading cache mappings.
dmsetup resume cache
Kernel logs:
(snip)
------------[ cut here ]------------
kernel BUG at drivers/md/dm-cache-policy-smq.c:752!
Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN NOPTI
CPU: 0 UID: 0 PID: 332 Comm: dmsetup Not tainted 6.13.4 #3
RIP: 0010:smq_load_mapping+0x3e5/0x570
Fix by disallowin
Affected
35 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | linux | < linux 6.1.147-1 (bookworm) | linux 6.1.147-1 (bookworm) |
| debian | linux-6.1 | < linux 6.1.147-1 (bookworm) | linux 6.1.147-1 (bookworm) |
| linux | linux | — | — |
| linux | linux | >= 66a636356647a9be8885c2ce2948de126577698a < c614584c2a66b538f469089ac089457a34590c14 | c614584c2a66b538f469089ac089457a34590c14 |
| linux | linux | >= 66a636356647a9be8885c2ce2948de126577698a < c5356a5e80442131e2714d0d26bb110590e4e568 | c5356a5e80442131e2714d0d26bb110590e4e568 |
| linux | linux | >= 66a636356647a9be8885c2ce2948de126577698a < 025c8f477625eb39006ded650e7d027bcfb20e79 | 025c8f477625eb39006ded650e7d027bcfb20e79 |
| linux | linux | >= 66a636356647a9be8885c2ce2948de126577698a < 00586b78eeb7c626a14ca13453a1631f88a7cf36 | 00586b78eeb7c626a14ca13453a1631f88a7cf36 |
| linux | linux | >= 66a636356647a9be8885c2ce2948de126577698a < 3986ef4a9b6a0d9c28bc325d8713beba5e67586f | 3986ef4a9b6a0d9c28bc325d8713beba5e67586f |
| linux | linux | >= 66a636356647a9be8885c2ce2948de126577698a < cc80a5cc520939d0a7d071cc4ae4b3c55ef171d0 | cc80a5cc520939d0a7d071cc4ae4b3c55ef171d0 |
| linux | linux | >= 66a636356647a9be8885c2ce2948de126577698a < f3128e3074e8af565cc6a66fe3384a56df87f803 | f3128e3074e8af565cc6a66fe3384a56df87f803 |
| linux | linux | >= 66a636356647a9be8885c2ce2948de126577698a < 5da692e2262b8f81993baa9592f57d12c2703dea | 5da692e2262b8f81993baa9592f57d12c2703dea |
| linux | linux_kernel | < 5.4.294 | 5.4.294 |
| linux | linux_kernel | >= 0 < 5.10.244-1 | 5.10.244-1 |
| linux | linux_kernel | >= 0 < 6.1.147-1 | 6.1.147-1 |
| linux | linux_kernel | >= 0 < 6.12.32-1 | 6.12.32-1 |
| linux | linux_kernel | >= 0 < 6.12.32-1 | 6.12.32-1 |
| linux | linux_kernel | >= 0 < 5.15.0-152.162 | 5.15.0-152.162 |
| linux | linux_kernel | >= 0 < 6.8.0-100.100 | 6.8.0-100.100 |
| linux | linux_kernel | >= 5.11 < 5.15.185 | 5.15.185 |
| linux | linux_kernel | >= 5.16 < 6.1.141 | 6.1.141 |
| linux | linux_kernel | >= 5.5 < 5.10.238 | 5.10.238 |
| linux | linux_kernel | >= 6.13 < 6.14.9 | 6.14.9 |
| linux | linux_kernel | >= 6.2 < 6.6.93 | 6.6.93 |
| linux | linux_kernel | >= 6.7 < 6.12.31 | 6.12.31 |
CVSS provenance
nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
osv5.5MEDIUM
Ubuntu
Linux kernel (Azure) vulnerabilities
vendor_ubuntu·2026-03-25·CVSS 3.2
CVE-2025-40068 [LOW] Linux kernel (Azure) vulnerabilities
Title: Linux kernel (Azure) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Qualys discovered that several vulnerabilities existed in the AppArmor
Linux kernel Security Module (LSM). An unprivileged local attacker could
use these issues to load, replace, and remove arbitrary AppArmor profiles
causing denial of service, exposure of sensitive information (kernel
memory), local privilege escalation, or possibly escape a container.
(LP: #2143853)
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that
Ubuntu
Linux kernel (Azure) vulnerabilities
vendor_ubuntu·2026-03-04·CVSS 3.2
CVE-2025-37956 [LOW] Linux kernel (Azure) vulnerabilities
Title: Linux kernel (Azure) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system
Ubuntu
Linux kernel (Azure FIPS) vulnerabilities
vendor_ubuntu·2026-03-04·CVSS 3.2
CVE-2025-38476 [LOW] Linux kernel (Azure FIPS) vulnerabilities
Title: Linux kernel (Azure FIPS) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the s
Ubuntu
Linux kernel (Xilinx) vulnerabilities
vendor_ubuntu·2026-02-24·CVSS 3.2
CVE-2025-38652 [LOW] Linux kernel (Xilinx) vulnerabilities
Title: Linux kernel (Xilinx) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the syste
Ubuntu
Linux kernel (IBM) vulnerabilities
vendor_ubuntu·2026-02-24·CVSS 3.2
CVE-2025-38014 [LOW] Linux kernel (IBM) vulnerabilities
Title: Linux kernel (IBM) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
Ubuntu
Linux kernel (Low Latency) vulnerabilities
vendor_ubuntu·2026-02-19·CVSS 3.2
CVE-2025-38702 [LOW] Linux kernel (Low Latency) vulnerabilities
Title: Linux kernel (Low Latency) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the
Ubuntu
Linux kernel (Low Latency NVIDIA) vulnerabilities
vendor_ubuntu·2026-02-19·CVSS 3.2
CVE-2025-38702 [LOW] Linux kernel (Low Latency NVIDIA) vulnerabilities
Title: Linux kernel (Low Latency NVIDIA) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromi
Ubuntu
Linux kernel (HWE) vulnerabilities
vendor_ubuntu·2026-02-19·CVSS 3.2
CVE-2025-38702 [LOW] Linux kernel (HWE) vulnerabilities
Title: Linux kernel (HWE) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2026-02-19·CVSS 3.2
CVE-2025-38014 [LOW] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This u
Ubuntu
Linux kernel (GCP FIPS) vulnerabilities
vendor_ubuntu·2026-02-18·CVSS 3.2
CVE-2025-38014 [LOW] Linux kernel (GCP FIPS) vulnerabilities
Title: Linux kernel (GCP FIPS) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the sys
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2026-02-17·CVSS 3.2
CVE-2025-38702 [LOW] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This u
Ubuntu
Linux kernel (FIPS) vulnerabilities
vendor_ubuntu·2026-02-17·CVSS 3.2
CVE-2025-38702 [LOW] Linux kernel (FIPS) vulnerabilities
Title: Linux kernel (FIPS) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
Ubuntu
Linux kernel (Real-time) vulnerabilities
vendor_ubuntu·2026-02-17·CVSS 3.2
CVE-2025-38014 [LOW] Linux kernel (Real-time) vulnerabilities
Title: Linux kernel (Real-time) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the sy
Ubuntu
Linux kernel (GCP) vulnerabilities
vendor_ubuntu·2026-02-12·CVSS 3.2
CVE-2025-38702 [LOW] Linux kernel (GCP) vulnerabilities
Title: Linux kernel (GCP) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
Ubuntu
Linux kernel (Real-time) vulnerabilities
vendor_ubuntu·2026-02-12·CVSS 3.2
CVE-2025-38014 [LOW] Linux kernel (Real-time) vulnerabilities
Title: Linux kernel (Real-time) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the sy
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2026-02-11·CVSS 3.2
CVE-2025-38702 [LOW] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This u
Ubuntu
Linux kernel (Raspberry Pi) vulnerabilities
vendor_ubuntu·2025-10-08
CVE-2025-38304 Linux kernel (Raspberry Pi) vulnerabilities
Title: Linux kernel (Raspberry Pi) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers;
- Android drivers;
- Bluetooth drivers;
- Bus devices;
- Clock framework and drivers;
- CPU frequency scaling framework;
- Hardware crypto device drivers;
- DMA engine subsystem;
- EDAC drivers;
- Arm Firmware Framework for ARMv8-A(FFA);
- FPGA Framework;
- GPIO subsystem;
- GPU drivers;
- HID subsystem;
- Hardware monitoring drivers;
- HW tracing;
- InfiniBand drivers;
-
Ubuntu
Linux kernel (Oracle) vulnerabilities
vendor_ubuntu·2025-10-01
CVE-2025-38092 Linux kernel (Oracle) vulnerabilities
Title: Linux kernel (Oracle) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers;
- Android drivers;
- Bluetooth drivers;
- Bus devices;
- Clock framework and drivers;
- CPU frequency scaling framework;
- Hardware crypto device drivers;
- DMA engine subsystem;
- EDAC drivers;
- Arm Firmware Framework for ARMv8-A(FFA);
- FPGA Framework;
- GPIO subsystem;
- GPU drivers;
- HID subsystem;
- Hardware monitoring drivers;
- HW tracing;
- InfiniBand drivers;
- IOMMU
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2025-09-26
CVE-2025-38071 Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers;
- Android drivers;
- Bluetooth drivers;
- Bus devices;
- Clock framework and drivers;
- CPU frequency scaling framework;
- Hardware crypto device drivers;
- DMA engine subsystem;
- EDAC drivers;
- Arm Firmware Framework for ARMv8-A(FFA);
- FPGA Framework;
- GPIO subsystem;
- GPU drivers;
- HID subsystem;
- Hardware monitoring drivers;
- HW tracing;
- InfiniBand drivers;
- IOMMU subsyste
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2025-09-25
CVE-2025-38106 Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers;
- Android drivers;
- Bluetooth drivers;
- Bus devices;
- Clock framework and drivers;
- CPU frequency scaling framework;
- Hardware crypto device drivers;
- DMA engine subsystem;
- EDAC drivers;
- Arm Firmware Framework for ARMv8-A(FFA);
- FPGA Framework;
- GPIO subsystem;
- GPU drivers;
- HID subsystem;
- Hardware monitoring drivers;
- HW tracing;
- InfiniBand drivers;
- IOMMU subsyste
Ubuntu
Linux kernel (OEM) vulnerabilities
vendor_ubuntu·2025-09-24
CVE-2025-38106 Linux kernel (OEM) vulnerabilities
Title: Linux kernel (OEM) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers;
- Android drivers;
- Bluetooth drivers;
- Bus devices;
- Clock framework and drivers;
- CPU frequency scaling framework;
- Hardware crypto device drivers;
- DMA engine subsystem;
- EDAC drivers;
- Arm Firmware Framework for ARMv8-A(FFA);
- FPGA Framework;
- GPIO subsystem;
- GPU drivers;
- HID subsystem;
- Hardware monitoring drivers;
- HW tracing;
- InfiniBand drivers;
- IOMMU su
Ubuntu
Linux kernel (Azure) vulnerabilities
vendor_ubuntu·2025-09-24
CVE-2025-38082 Linux kernel (Azure) vulnerabilities
Title: Linux kernel (Azure) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers;
- Android drivers;
- Bluetooth drivers;
- Bus devices;
- Clock framework and drivers;
- CPU frequency scaling framework;
- Hardware crypto device drivers;
- DMA engine subsystem;
- EDAC drivers;
- Arm Firmware Framework for ARMv8-A(FFA);
- FPGA Framework;
- GPIO subsystem;
- GPU drivers;
- HID subsystem;
- Hardware monitoring drivers;
- HW tracing;
- InfiniBand drivers;
- IOMMU
Ubuntu
Linux kernel (Real-time) vulnerabilities
vendor_ubuntu·2025-09-24
CVE-2025-38082 Linux kernel (Real-time) vulnerabilities
Title: Linux kernel (Real-time) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers;
- Android drivers;
- Bluetooth drivers;
- Bus devices;
- Clock framework and drivers;
- CPU frequency scaling framework;
- Hardware crypto device drivers;
- DMA engine subsystem;
- EDAC drivers;
- Arm Firmware Framework for ARMv8-A(FFA);
- FPGA Framework;
- GPIO subsystem;
- GPU drivers;
- HID subsystem;
- Hardware monitoring drivers;
- HW tracing;
- InfiniBand drivers;
- IO
Ubuntu
Linux kernel (Azure) vulnerabilities
vendor_ubuntu·2025-09-02
CVE-2022-49535 Linux kernel (Azure) vulnerabilities
Title: Linux kernel (Azure) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PA-RISC architecture;
- PowerPC architecture;
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- Serial ATA and Parallel ATA drivers;
- Bluetooth drivers;
- Bus devices;
- CPU frequency scaling framework;
- Buffer Sharing and Synchronization framework;
- DMA engine subsystem;
- Arm Firmware Framework for ARMv8-A(FFA);
- ARM SCMI message protocol;
- GPU drivers;
- HID subsystem;
- HSI subsystem;
- I2C subsystem;
- I3C subsystem;
- IIO subsystem;
- InfiniBand drivers;
- IOMMU subsystem;
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2025-08-28·CVSS 5.5
CVE-2025-38075 [MEDIUM] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Cryptographic API;
- Arm Firmware Framework for ARMv8-A(FFA);
- Multiple devices driver;
- Media drivers;
- Network drivers;
- NVDIMM (Non-Volatile Memory Device) drivers;
- NVME drivers;
- x86 platform drivers;
- TCM subsystem;
- Virtio drivers;
- File systems infrastructure;
- SMB network file system;
- LZO compression library;
- Digital Audio (PCM) driver;
- Tracing infrastructure;
- Padata parallel execution mechanism;
- CAN network layer;
- Networking core;
- TIPC protocol;
- ALSA framework;
(CVE-2025-380
Ubuntu
Linux kernel (Azure FIPS) vulnerabilities
vendor_ubuntu·2025-08-22
CVE-2024-46816 Linux kernel (Azure FIPS) vulnerabilities
Title: Linux kernel (Azure FIPS) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PA-RISC architecture;
- PowerPC architecture;
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- Serial ATA and Parallel ATA drivers;
- Bluetooth drivers;
- Bus devices;
- CPU frequency scaling framework;
- Buffer Sharing and Synchronization framework;
- DMA engine subsystem;
- Arm Firmware Framework for ARMv8-A(FFA);
- ARM SCMI message protocol;
- GPU drivers;
- HID subsystem;
- HSI subsystem;
- I2C subsystem;
- I3C subsystem;
- IIO subsystem;
- InfiniBand drivers;
- IOMMU subsys
Ubuntu
Linux kernel (Azure) vulnerabilities
vendor_ubuntu·2025-08-22
CVE-2024-50258 Linux kernel (Azure) vulnerabilities
Title: Linux kernel (Azure) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PA-RISC architecture;
- PowerPC architecture;
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- Serial ATA and Parallel ATA drivers;
- Bluetooth drivers;
- Bus devices;
- CPU frequency scaling framework;
- Buffer Sharing and Synchronization framework;
- DMA engine subsystem;
- Arm Firmware Framework for ARMv8-A(FFA);
- ARM SCMI message protocol;
- GPU drivers;
- HID subsystem;
- HSI subsystem;
- I2C subsystem;
- I3C subsystem;
- IIO subsystem;
- InfiniBand drivers;
- IOMMU subsystem;
Ubuntu
Linux kernel (NVIDIA) vulnerabilities
vendor_ubuntu·2025-08-21·CVSS 5.5
CVE-2025-38035 [MEDIUM] Linux kernel (NVIDIA) vulnerabilities
Title: Linux kernel (NVIDIA) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Cryptographic API;
- Arm Firmware Framework for ARMv8-A(FFA);
- Multiple devices driver;
- Media drivers;
- Network drivers;
- NVDIMM (Non-Volatile Memory Device) drivers;
- NVME drivers;
- x86 platform drivers;
- TCM subsystem;
- Virtio drivers;
- File systems infrastructure;
- SMB network file system;
- LZO compression library;
- Digital Audio (PCM) driver;
- Tracing infrastructure;
- Padata parallel execution mechanism;
- CAN network layer;
- Networking core;
- TIPC protocol;
- ALSA framework;
(CVE
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2025-08-20·CVSS 5.5
CVE-2025-38048 [MEDIUM] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Cryptographic API;
- Arm Firmware Framework for ARMv8-A(FFA);
- Multiple devices driver;
- Media drivers;
- Network drivers;
- NVDIMM (Non-Volatile Memory Device) drivers;
- NVME drivers;
- x86 platform drivers;
- TCM subsystem;
- Virtio drivers;
- File systems infrastructure;
- SMB network file system;
- LZO compression library;
- Digital Audio (PCM) driver;
- Tracing infrastructure;
- Padata parallel execution mechanism;
- CAN network layer;
- Networking core;
- TIPC protocol;
- ALSA framework;
(CVE-2025-380
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2025-08-20·CVSS 5.5
CVE-2025-38052 [MEDIUM] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Cryptographic API;
- Arm Firmware Framework for ARMv8-A(FFA);
- Multiple devices driver;
- Media drivers;
- Network drivers;
- NVDIMM (Non-Volatile Memory Device) drivers;
- NVME drivers;
- x86 platform drivers;
- TCM subsystem;
- Virtio drivers;
- File systems infrastructure;
- SMB network file system;
- LZO compression library;
- Digital Audio (PCM) driver;
- Tracing infrastructure;
- Padata parallel execution mechanism;
- CAN network layer;
- Networking core;
- TIPC protocol;
- ALSA framework;
(CVE-2025-380
Ubuntu
Linux kernel (FIPS) vulnerabilities
vendor_ubuntu·2025-08-19·CVSS 5.5
CVE-2025-38034 [MEDIUM] Linux kernel (FIPS) vulnerabilities
Title: Linux kernel (FIPS) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Cryptographic API;
- Arm Firmware Framework for ARMv8-A(FFA);
- Multiple devices driver;
- Media drivers;
- Network drivers;
- NVDIMM (Non-Volatile Memory Device) drivers;
- NVME drivers;
- x86 platform drivers;
- TCM subsystem;
- Virtio drivers;
- File systems infrastructure;
- SMB network file system;
- LZO compression library;
- Digital Audio (PCM) driver;
- Tracing infrastructure;
- Padata parallel execution mechanism;
- CAN network layer;
- Networking core;
- TIPC protocol;
- ALSA framework;
(CVE-2
Red Hat
kernel: dm cache: prevent BUG_ON by blocking retries on failed device resumes
vendor_redhat·2025-06-18·CVSS 5.5
CVE-2025-38066 [MEDIUM] kernel: dm cache: prevent BUG_ON by blocking retries on failed device resumes
kernel: dm cache: prevent BUG_ON by blocking retries on failed device resumes
In the Linux kernel, the following vulnerability has been resolved:
dm cache: prevent BUG_ON by blocking retries on failed device resumes
A cache device failing to resume due to mapping errors should not be
retried, as the failure leaves a partially initialized policy object.
Repeating the resume operation risks triggering BUG_ON when reloading
cache mappings into the incomplete policy object.
Reproduce steps:
1. create a cache metadata consisting of 512 or more cache blocks,
with some mappings stored in the first array block of the mapping
array. Here we use cache_restore v1.0 to build the metadata.
cat > cmeta.xml
EOF
dmsetup create cmeta --table "0 8192 linear /dev/sdc 0"
cache_restore -i cmeta.xml -o /dev/
Microsoft
dm cache: prevent BUG_ON by blocking retries on failed device resumes
vendor_msrc·2025-06-10·CVSS 7.0
CVE-2025-38066 [MEDIUM] CWE-617 dm cache: prevent BUG_ON by blocking retries on failed device resumes
dm cache: prevent BUG_ON by blocking retries on failed device resumes
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See this blog post for more information. If impact to additional products is identified, we will update the CVE to reflect this.
Mariner: Mariner
Linux: Linux
Customer Action Required: Yes
Remediation: CBL-Mariner Releases
Reference:
Debian
CVE-2025-38066: linux - In the Linux kernel, the following vulnerability has been resolved: dm cache: p...
vendor_debian·2025·CVSS 5.5
CVE-2025-38066 [MEDIUM] CVE-2025-38066: linux - In the Linux kernel, the following vulnerability has been resolved: dm cache: p...
In the Linux kernel, the following vulnerability has been resolved: dm cache: prevent BUG_ON by blocking retries on failed device resumes A cache device failing to resume due to mapping errors should not be retried, as the failure leaves a partially initialized policy object. Repeating the resume operation risks triggering BUG_ON when reloading cache mappings into the incomplete policy object. Reproduce steps: 1. create a cache metadata consisting of 512 or more cache blocks, with some mappings stored in the first array block of the mapping array. Here we use cache_restore v1.0 to build the metadata. cat > cmeta.xml EOF dmsetup create cmeta --table "0 8192 linear /dev/sdc 0" cache_restore -i cmeta.xml -o /dev/mapper/cmeta --metadata-version=2 dmsetup remove cmeta 2. wipe the second array b
OSV
linux-azure-6.8 vulnerabilities
osv·2026-03-25·CVSS 3.2
[LOW] linux-azure-6.8 vulnerabilities
linux-azure-6.8 vulnerabilities
Qualys discovered that several vulnerabilities existed in the AppArmor
Linux kernel Security Module (LSM). An unprivileged local attacker could
use these issues to load, replace, and remove arbitrary AppArmor profiles
causing denial of service, exposure of sensitive information (kernel
memory), local privilege escalation, or possibly escape a container.
(LP: #2143853)
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores,
OSV
linux-azure-fips vulnerabilities
osv·2026-03-04·CVSS 3.2
CVE-2024-36331 [LOW] linux-azure-fips vulnerabilities
linux-azure-fips vulnerabilities
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM32 architectur
OSV
linux-azure vulnerabilities
osv·2026-03-04·CVSS 3.2
CVE-2024-36331 [LOW] linux-azure vulnerabilities
linux-azure vulnerabilities
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM32 architecture;
-
OSV
linux-ibm, linux-ibm-6.8 vulnerabilities
osv·2026-02-24·CVSS 3.2
CVE-2024-36331 [LOW] linux-ibm, linux-ibm-6.8 vulnerabilities
linux-ibm, linux-ibm-6.8 vulnerabilities
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM32 arc
OSV
linux-xilinx vulnerabilities
osv·2026-02-24·CVSS 3.2
CVE-2024-36331 [LOW] linux-xilinx vulnerabilities
linux-xilinx vulnerabilities
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM32 architecture;
-
OSV
linux-hwe-6.8, linux-lowlatency-hwe-6.8 vulnerabilities
osv·2026-02-19·CVSS 3.2
CVE-2024-36331 [LOW] linux-hwe-6.8, linux-lowlatency-hwe-6.8 vulnerabilities
linux-hwe-6.8, linux-lowlatency-hwe-6.8 vulnerabilities
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsyste
OSV
linux-gcp, linux-gke vulnerabilities
osv·2026-02-19·CVSS 3.2
CVE-2024-36331 [LOW] linux-gcp, linux-gke vulnerabilities
linux-gcp, linux-gke vulnerabilities
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM32 archite
OSV
linux-nvidia-lowlatency vulnerabilities
osv·2026-02-19·CVSS 3.2
CVE-2024-36331 [LOW] linux-nvidia-lowlatency vulnerabilities
linux-nvidia-lowlatency vulnerabilities
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM32 arch
OSV
linux-lowlatency vulnerabilities
osv·2026-02-19·CVSS 3.2
CVE-2024-36331 [LOW] linux-lowlatency vulnerabilities
linux-lowlatency vulnerabilities
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM32 architectur
OSV
linux-gcp-fips vulnerabilities
osv·2026-02-18·CVSS 3.2
CVE-2024-36331 [LOW] linux-gcp-fips vulnerabilities
linux-gcp-fips vulnerabilities
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM32 architecture;
OSV
linux-aws-fips, linux-fips vulnerabilities
osv·2026-02-17·CVSS 3.2
CVE-2024-36331 [LOW] linux-aws-fips, linux-fips vulnerabilities
linux-aws-fips, linux-fips vulnerabilities
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM32 a
OSV
linux-realtime, linux-raspi-realtime vulnerabilities
osv·2026-02-17·CVSS 3.2
CVE-2024-36331 [LOW] linux-realtime, linux-raspi-realtime vulnerabilities
linux-realtime, linux-raspi-realtime vulnerabilities
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
OSV
linux-aws, linux-aws-6.8, linux-gkeop, linux-nvidia, linux-nvidia-6.8, linux-oracle, linux-oracle-6.8 vulnerabilities
osv·2026-02-17·CVSS 3.2
CVE-2024-36331 [LOW] linux-aws, linux-aws-6.8, linux-gkeop, linux-nvidia, linux-nvidia-6.8, linux-oracle, linux-oracle-6.8 vulnerabilities
linux-aws, linux-aws-6.8, linux-gkeop, linux-nvidia, linux-nvidia-6.8, linux-oracle, linux-oracle-6.8 vulnerabilities
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise th
OSV
linux-gcp-6.8 vulnerabilities
osv·2026-02-12·CVSS 3.2
CVE-2024-36331 [LOW] linux-gcp-6.8 vulnerabilities
linux-gcp-6.8 vulnerabilities
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM32 architecture;
OSV
linux-realtime-6.8 vulnerabilities
osv·2026-02-12·CVSS 3.2
CVE-2024-36331 [LOW] linux-realtime-6.8 vulnerabilities
linux-realtime-6.8 vulnerabilities
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM32 architect
OSV
linux, linux-raspi vulnerabilities
osv·2026-02-11·CVSS 3.2
CVE-2024-36331 [LOW] linux, linux-raspi vulnerabilities
linux, linux-raspi vulnerabilities
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM32 architect
OSV
linux, linux-aws, linux-gcp, linux-gcp-6.14, linux-oracle, linux-realtime vulnerabilities
osv·2025-12-03
linux, linux-aws, linux-gcp, linux-gcp-6.14, linux-oracle, linux-realtime vulnerabilities
linux, linux-aws, linux-gcp, linux-gcp-6.14, linux-oracle, linux-realtime vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers;
- Android drivers;
- Bluetooth drivers;
- Bus devices;
- Clock framework and drivers;
- CPU frequency scaling framework;
- Hardware crypto device drivers;
- DMA engine subsystem;
- EDAC drivers;
- Arm Firmware Framework for ARMv8-A(FFA);
- FPGA Framework;
- GPIO subsystem;
- GPU drivers;
- HID subsystem;
- Hardware monitoring drivers;
- HW tracing;
- InfiniBand drivers;
- IOMMU subsystem;
- Multipl
OSV
linux-raspi vulnerabilities
osv·2025-10-08
linux-raspi vulnerabilities
linux-raspi vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers;
- Android drivers;
- Bluetooth drivers;
- Bus devices;
- Clock framework and drivers;
- CPU frequency scaling framework;
- Hardware crypto device drivers;
- DMA engine subsystem;
- EDAC drivers;
- Arm Firmware Framework for ARMv8-A(FFA);
- FPGA Framework;
- GPIO subsystem;
- GPU drivers;
- HID subsystem;
- Hardware monitoring drivers;
- HW tracing;
- InfiniBand drivers;
- IOMMU subsystem;
- Multiple devices driver;
- Media drivers;
- VMware VMCI Driver;
- MTD
OSV
linux-oracle-6.14 vulnerabilities
osv·2025-10-01
linux-oracle-6.14 vulnerabilities
linux-oracle-6.14 vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers;
- Android drivers;
- Bluetooth drivers;
- Bus devices;
- Clock framework and drivers;
- CPU frequency scaling framework;
- Hardware crypto device drivers;
- DMA engine subsystem;
- EDAC drivers;
- Arm Firmware Framework for ARMv8-A(FFA);
- FPGA Framework;
- GPIO subsystem;
- GPU drivers;
- HID subsystem;
- Hardware monitoring drivers;
- HW tracing;
- InfiniBand drivers;
- IOMMU subsystem;
- Multiple devices driver;
- Media drivers;
- VMware VMCI Driver;
OSV
linux-aws-6.14, linux-hwe-6.14 vulnerabilities
osv·2025-09-26
linux-aws-6.14, linux-hwe-6.14 vulnerabilities
linux-aws-6.14, linux-hwe-6.14 vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers;
- Android drivers;
- Bluetooth drivers;
- Bus devices;
- Clock framework and drivers;
- CPU frequency scaling framework;
- Hardware crypto device drivers;
- DMA engine subsystem;
- EDAC drivers;
- Arm Firmware Framework for ARMv8-A(FFA);
- FPGA Framework;
- GPIO subsystem;
- GPU drivers;
- HID subsystem;
- Hardware monitoring drivers;
- HW tracing;
- InfiniBand drivers;
- IOMMU subsystem;
- Multiple devices driver;
- Media drivers;
- VMware
OSV
linux-realtime-6.14 vulnerabilities
osv·2025-09-24
linux-realtime-6.14 vulnerabilities
linux-realtime-6.14 vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers;
- Android drivers;
- Bluetooth drivers;
- Bus devices;
- Clock framework and drivers;
- CPU frequency scaling framework;
- Hardware crypto device drivers;
- DMA engine subsystem;
- EDAC drivers;
- Arm Firmware Framework for ARMv8-A(FFA);
- FPGA Framework;
- GPIO subsystem;
- GPU drivers;
- HID subsystem;
- Hardware monitoring drivers;
- HW tracing;
- InfiniBand drivers;
- IOMMU subsystem;
- Multiple devices driver;
- Media drivers;
- VMware VMCI Drive
OSV
linux-azure vulnerabilities
osv·2025-09-24
linux-azure vulnerabilities
linux-azure vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers;
- Android drivers;
- Bluetooth drivers;
- Bus devices;
- Clock framework and drivers;
- CPU frequency scaling framework;
- Hardware crypto device drivers;
- DMA engine subsystem;
- EDAC drivers;
- Arm Firmware Framework for ARMv8-A(FFA);
- FPGA Framework;
- GPIO subsystem;
- GPU drivers;
- HID subsystem;
- Hardware monitoring drivers;
- HW tracing;
- InfiniBand drivers;
- IOMMU subsystem;
- Multiple devices driver;
- Media drivers;
- VMware VMCI Driver;
- MTD
OSV
linux-oem-6.14 vulnerabilities
osv·2025-09-24
linux-oem-6.14 vulnerabilities
linux-oem-6.14 vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers;
- Android drivers;
- Bluetooth drivers;
- Bus devices;
- Clock framework and drivers;
- CPU frequency scaling framework;
- Hardware crypto device drivers;
- DMA engine subsystem;
- EDAC drivers;
- Arm Firmware Framework for ARMv8-A(FFA);
- FPGA Framework;
- GPIO subsystem;
- GPU drivers;
- HID subsystem;
- Hardware monitoring drivers;
- HW tracing;
- InfiniBand drivers;
- IOMMU subsystem;
- Multiple devices driver;
- Media drivers;
- VMware VMCI Driver;
-
OSV
linux-azure-5.15 vulnerabilities
osv·2025-09-02
linux-azure-5.15 vulnerabilities
linux-azure-5.15 vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PA-RISC architecture;
- PowerPC architecture;
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- Serial ATA and Parallel ATA drivers;
- Bluetooth drivers;
- Bus devices;
- CPU frequency scaling framework;
- Buffer Sharing and Synchronization framework;
- DMA engine subsystem;
- Arm Firmware Framework for ARMv8-A(FFA);
- ARM SCMI message protocol;
- GPU drivers;
- HID subsystem;
- HSI subsystem;
- I2C subsystem;
- I3C subsystem;
- IIO subsystem;
- InfiniBand drivers;
- IOMMU subsystem;
- IRQ chip drivers;
- MCB driver;
- Multiple devices driver;
- Media drivers;
OSV
linux-gke, linux-kvm vulnerabilities
osv·2025-08-28·CVSS 5.5
[MEDIUM] linux-gke, linux-kvm vulnerabilities
linux-gke, linux-kvm vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Cryptographic API;
- Arm Firmware Framework for ARMv8-A(FFA);
- Multiple devices driver;
- Media drivers;
- Network drivers;
- NVDIMM (Non-Volatile Memory Device) drivers;
- NVME drivers;
- x86 platform drivers;
- TCM subsystem;
- Virtio drivers;
- File systems infrastructure;
- SMB network file system;
- LZO compression library;
- Digital Audio (PCM) driver;
- Tracing infrastructure;
- Padata parallel execution mechanism;
- CAN network layer;
- Networking core;
- TIPC protocol;
- ALSA framework;
(CVE-2025-38079, CVE-2025-38048, CVE-2025-38075, CVE-2025-38077,
CVE-2025-3803
OSV
linux-azure-fips vulnerabilities
osv·2025-08-22
linux-azure-fips vulnerabilities
linux-azure-fips vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PA-RISC architecture;
- PowerPC architecture;
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- Serial ATA and Parallel ATA drivers;
- Bluetooth drivers;
- Bus devices;
- CPU frequency scaling framework;
- Buffer Sharing and Synchronization framework;
- DMA engine subsystem;
- Arm Firmware Framework for ARMv8-A(FFA);
- ARM SCMI message protocol;
- GPU drivers;
- HID subsystem;
- HSI subsystem;
- I2C subsystem;
- I3C subsystem;
- IIO subsystem;
- InfiniBand drivers;
- IOMMU subsystem;
- IRQ chip drivers;
- MCB driver;
- Multiple devices driver;
- Media drivers;
OSV
linux-azure vulnerabilities
osv·2025-08-22
linux-azure vulnerabilities
linux-azure vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PA-RISC architecture;
- PowerPC architecture;
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- Serial ATA and Parallel ATA drivers;
- Bluetooth drivers;
- Bus devices;
- CPU frequency scaling framework;
- Buffer Sharing and Synchronization framework;
- DMA engine subsystem;
- Arm Firmware Framework for ARMv8-A(FFA);
- ARM SCMI message protocol;
- GPU drivers;
- HID subsystem;
- HSI subsystem;
- I2C subsystem;
- I3C subsystem;
- IIO subsystem;
- InfiniBand drivers;
- IOMMU subsystem;
- IRQ chip drivers;
- MCB driver;
- Multiple devices driver;
- Media drivers;
- Mu
OSV
linux-nvidia vulnerabilities
osv·2025-08-21·CVSS 5.5
[MEDIUM] linux-nvidia vulnerabilities
linux-nvidia vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Cryptographic API;
- Arm Firmware Framework for ARMv8-A(FFA);
- Multiple devices driver;
- Media drivers;
- Network drivers;
- NVDIMM (Non-Volatile Memory Device) drivers;
- NVME drivers;
- x86 platform drivers;
- TCM subsystem;
- Virtio drivers;
- File systems infrastructure;
- SMB network file system;
- LZO compression library;
- Digital Audio (PCM) driver;
- Tracing infrastructure;
- Padata parallel execution mechanism;
- CAN network layer;
- Networking core;
- TIPC protocol;
- ALSA framework;
(CVE-2025-38079, CVE-2025-38048, CVE-2025-38075, CVE-2025-38077,
CVE-2025-38035, CVE-2
OSV
linux-ibm, linux-intel-iotg, linux-oracle, linux-raspi vulnerabilities
osv·2025-08-20·CVSS 5.5
[MEDIUM] linux-ibm, linux-intel-iotg, linux-oracle, linux-raspi vulnerabilities
linux-ibm, linux-intel-iotg, linux-oracle, linux-raspi vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Cryptographic API;
- Arm Firmware Framework for ARMv8-A(FFA);
- Multiple devices driver;
- Media drivers;
- Network drivers;
- NVDIMM (Non-Volatile Memory Device) drivers;
- NVME drivers;
- x86 platform drivers;
- TCM subsystem;
- Virtio drivers;
- File systems infrastructure;
- SMB network file system;
- LZO compression library;
- Digital Audio (PCM) driver;
- Tracing infrastructure;
- Padata parallel execution mechanism;
- CAN network layer;
- Networking core;
- TIPC protocol;
- ALSA framework;
(CVE-2025-38079, CVE-2025-38048, CVE-2025-38
OSV
linux, linux-aws, linux-aws-5.15, linux-gcp, linux-gcp-5.15, linux-gkeop, linux-hwe-5.15, linux-ibm-5.15, linux-intel-iot-realtime, linux-intel-iotg-5.15, linux-lowlatency, linux-lowlatency-hwe-5.15,
osv·2025-08-20·CVSS 5.5
[MEDIUM] linux, linux-aws, linux-aws-5.15, linux-gcp, linux-gcp-5.15, linux-gkeop, linux-hwe-5.15, linux-ibm-5.15, linux-intel-iot-realtime, linux-intel-iotg-5.15, linux-lowlatency, linux-lowlatency-hwe-5.15,
linux, linux-aws, linux-aws-5.15, linux-gcp, linux-gcp-5.15, linux-gkeop, linux-hwe-5.15, linux-ibm-5.15, linux-intel-iot-realtime, linux-intel-iotg-5.15, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia-tegra, linux-nvidia-tegra-5.15, linux-nvidia-tegra-igx, linux-oracle-5.15, linux-realtime, linux-xilinx-zynqmp vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Cryptographic API;
- Arm Firmware Framework for ARMv8-A(FFA);
- Multiple devices driver;
- Media drivers;
- Network drivers;
- NVDIMM (Non-Volatile Memory Device) drivers;
- NVME drivers;
- x86 platform drivers;
- TCM subsystem;
- Virtio drivers;
- File systems infrastructure;
OSV
linux-fips, linux-aws-fips, linux-gcp-fips vulnerabilities
osv·2025-08-19·CVSS 5.5
[MEDIUM] linux-fips, linux-aws-fips, linux-gcp-fips vulnerabilities
linux-fips, linux-aws-fips, linux-gcp-fips vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Cryptographic API;
- Arm Firmware Framework for ARMv8-A(FFA);
- Multiple devices driver;
- Media drivers;
- Network drivers;
- NVDIMM (Non-Volatile Memory Device) drivers;
- NVME drivers;
- x86 platform drivers;
- TCM subsystem;
- Virtio drivers;
- File systems infrastructure;
- SMB network file system;
- LZO compression library;
- Digital Audio (PCM) driver;
- Tracing infrastructure;
- Padata parallel execution mechanism;
- CAN network layer;
- Networking core;
- TIPC protocol;
- ALSA framework;
(CVE-2025-38052, CVE-2025-38078, CVE-2025-38079, CVE-202
OSV
CVE-2025-38066: In the Linux kernel, the following vulnerability has been resolved: dm cache: prevent BUG_ON by blocking retries on failed device resumes A cache devi
osv·2025-06-18·CVSS 5.5
CVE-2025-38066 [MEDIUM] CVE-2025-38066: In the Linux kernel, the following vulnerability has been resolved: dm cache: prevent BUG_ON by blocking retries on failed device resumes A cache devi
In the Linux kernel, the following vulnerability has been resolved: dm cache: prevent BUG_ON by blocking retries on failed device resumes A cache device failing to resume due to mapping errors should not be retried, as the failure leaves a partially initialized policy object. Repeating the resume operation risks triggering BUG_ON when reloading cache mappings into the incomplete policy object. Reproduce steps: 1. create a cache metadata consisting of 512 or more cache blocks, with some mappings stored in the first array block of the mapping array. Here we use cache_restore v1.0 to build the metadata. cat > cmeta.xml EOF dmsetup create cmeta --table "0 8192 linear /dev/sdc 0" cache_restore -i cmeta.xml -o /dev/mapper/cmeta --metadata-version=2 dmsetup remove cmeta 2. wipe the second array b
GHSA
GHSA-97x5-wjv7-8w72: In the Linux kernel, the following vulnerability has been resolved:
dm cache: prevent BUG_ON by blocking retries on failed device resumes
A cache de
ghsa_unreviewed·2025-06-18
CVE-2025-38066 [MEDIUM] CWE-617 GHSA-97x5-wjv7-8w72: In the Linux kernel, the following vulnerability has been resolved:
dm cache: prevent BUG_ON by blocking retries on failed device resumes
A cache de
In the Linux kernel, the following vulnerability has been resolved:
dm cache: prevent BUG_ON by blocking retries on failed device resumes
A cache device failing to resume due to mapping errors should not be
retried, as the failure leaves a partially initialized policy object.
Repeating the resume operation risks triggering BUG_ON when reloading
cache mappings into the incomplete policy object.
Reproduce steps:
1. create a cache metadata consisting of 512 or more cache blocks,
with some mappings stored in the first array block of the mapping
array. Here we use cache_restore v1.0 to build the metadata.
cat > cmeta.xml
EOF
dmsetup create cmeta --table "0 8192 linear /dev/sdc 0"
cache_restore -i cmeta.xml -o /dev/mapper/cmeta --metadata-version=2
dmsetup remove cmeta
2. wipe the sec
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://git.kernel.org/stable/c/00586b78eeb7c626a14ca13453a1631f88a7cf36https://git.kernel.org/stable/c/025c8f477625eb39006ded650e7d027bcfb20e79https://git.kernel.org/stable/c/3986ef4a9b6a0d9c28bc325d8713beba5e67586fhttps://git.kernel.org/stable/c/5da692e2262b8f81993baa9592f57d12c2703deahttps://git.kernel.org/stable/c/c5356a5e80442131e2714d0d26bb110590e4e568https://git.kernel.org/stable/c/c614584c2a66b538f469089ac089457a34590c14https://git.kernel.org/stable/c/cc80a5cc520939d0a7d071cc4ae4b3c55ef171d0https://git.kernel.org/stable/c/f3128e3074e8af565cc6a66fe3384a56df87f803https://lists.debian.org/debian-lts-announce/2025/10/msg00007.htmlhttps://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
2025-06-18
Published