CVE-2025-38090
published 2025-06-30CVE-2025-38090: In the Linux kernel, the following vulnerability has been resolved: drivers/rapidio/rio_cm.c: prevent possible heap overwrite In…
medium5.5CVSS 3.1
AVLACLPRLUINSUCNINAH
In the Linux kernel, the following vulnerability has been resolved:
drivers/rapidio/rio_cm.c: prevent possible heap overwrite
In
riocm_cdev_ioctl(RIO_CM_CHAN_SEND)
-> cm_chan_msg_send()
-> riocm_ch_send()
cm_chan_msg_send() checks that userspace didn't send too much data but
riocm_ch_send() failed to check that userspace sent sufficient data. The
result is that riocm_ch_send() can write to fields in the rio_ch_chan_hdr
which were outside the bounds of the space which cm_chan_msg_send()
allocated.
Address this by teaching riocm_ch_send() to check that the entire
rio_ch_chan_hdr was copied in from userspace.
Affected
37 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | linux | < linux 6.1.147-1 (bookworm) | linux 6.1.147-1 (bookworm) |
| debian | linux-6.1 | < linux 6.1.147-1 (bookworm) | linux 6.1.147-1 (bookworm) |
| linux | linux | — | — |
| linux | linux | >= b6e8d4aa1110306378af0f3472a6b85a1f039a16 < a8b5ea2e302aa5cd00fc7addd8df53c9bde7b5f6 | a8b5ea2e302aa5cd00fc7addd8df53c9bde7b5f6 |
| linux | linux | >= b6e8d4aa1110306378af0f3472a6b85a1f039a16 < c03ddc183249f03fc7e057e02cae6f89144d0123 | c03ddc183249f03fc7e057e02cae6f89144d0123 |
| linux | linux | >= b6e8d4aa1110306378af0f3472a6b85a1f039a16 < 58f664614f8c3d6142ab81ae551e466dc6e092e8 | 58f664614f8c3d6142ab81ae551e466dc6e092e8 |
| linux | linux | >= b6e8d4aa1110306378af0f3472a6b85a1f039a16 < ecf5ee280b702270afb02f61b299d3dfe3ec7730 | ecf5ee280b702270afb02f61b299d3dfe3ec7730 |
| linux | linux | >= b6e8d4aa1110306378af0f3472a6b85a1f039a16 < 1921781ec4a8824bd0c520bf9363e28a880d14ec | 1921781ec4a8824bd0c520bf9363e28a880d14ec |
| linux | linux | >= b6e8d4aa1110306378af0f3472a6b85a1f039a16 < 1cce6ac47f4a2ac1766b8a188dc8c8f6d8df2a53 | 1cce6ac47f4a2ac1766b8a188dc8c8f6d8df2a53 |
| linux | linux | >= b6e8d4aa1110306378af0f3472a6b85a1f039a16 < 6d5c6711a55c35ce09b90705546050408d9d4b61 | 6d5c6711a55c35ce09b90705546050408d9d4b61 |
| linux | linux | >= b6e8d4aa1110306378af0f3472a6b85a1f039a16 < 50695153d7ddde3b1696dbf0085be0033bf3ddb3 | 50695153d7ddde3b1696dbf0085be0033bf3ddb3 |
| linux | linux_kernel | — | — |
| linux | linux_kernel | >= 0 < 5.10.244-1 | 5.10.244-1 |
| linux | linux_kernel | >= 0 < 6.1.147-1 | 6.1.147-1 |
| linux | linux_kernel | >= 0 < 6.12.35-1 | 6.12.35-1 |
| linux | linux_kernel | >= 0 < 6.12.35-1 | 6.12.35-1 |
| linux | linux_kernel | >= 0 < 5.15.0-156.166 | 5.15.0-156.166 |
| linux | linux_kernel | >= 0 < 6.8.0-100.100 | 6.8.0-100.100 |
| linux | linux_kernel | >= 4.8 < 5.4.295 | 5.4.295 |
| linux | linux_kernel | >= 5.11 < 5.15.186 | 5.15.186 |
| linux | linux_kernel | >= 5.16 < 6.1.142 | 6.1.142 |
| linux | linux_kernel | >= 5.5 < 5.10.239 | 5.10.239 |
| linux | linux_kernel | >= 6.13 < 6.15.4 | 6.15.4 |
| linux | linux_kernel | >= 6.2 < 6.6.95 | 6.6.95 |
CVSS provenance
nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
osv5.6MEDIUM
OSV
linux-azure-6.8 vulnerabilities
osv·2026-03-25·CVSS 3.2
[LOW] linux-azure-6.8 vulnerabilities
linux-azure-6.8 vulnerabilities
Qualys discovered that several vulnerabilities existed in the AppArmor
Linux kernel Security Module (LSM). An unprivileged local attacker could
use these issues to load, replace, and remove arbitrary AppArmor profiles
causing denial of service, exposure of sensitive information (kernel
memory), local privilege escalation, or possibly escape a container.
(LP: #2143853)
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores,
OSV
linux-azure-fips vulnerabilities
osv·2026-03-04·CVSS 3.2
CVE-2024-36331 [LOW] linux-azure-fips vulnerabilities
linux-azure-fips vulnerabilities
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM32 architectur
OSV
linux-azure vulnerabilities
osv·2026-03-04·CVSS 3.2
CVE-2024-36331 [LOW] linux-azure vulnerabilities
linux-azure vulnerabilities
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM32 architecture;
-
OSV
linux-ibm, linux-ibm-6.8 vulnerabilities
osv·2026-02-24·CVSS 3.2
CVE-2024-36331 [LOW] linux-ibm, linux-ibm-6.8 vulnerabilities
linux-ibm, linux-ibm-6.8 vulnerabilities
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM32 arc
OSV
linux-xilinx vulnerabilities
osv·2026-02-24·CVSS 3.2
CVE-2024-36331 [LOW] linux-xilinx vulnerabilities
linux-xilinx vulnerabilities
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM32 architecture;
-
OSV
linux-hwe-6.8, linux-lowlatency-hwe-6.8 vulnerabilities
osv·2026-02-19·CVSS 3.2
CVE-2024-36331 [LOW] linux-hwe-6.8, linux-lowlatency-hwe-6.8 vulnerabilities
linux-hwe-6.8, linux-lowlatency-hwe-6.8 vulnerabilities
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsyste
OSV
linux-gcp, linux-gke vulnerabilities
osv·2026-02-19·CVSS 3.2
CVE-2024-36331 [LOW] linux-gcp, linux-gke vulnerabilities
linux-gcp, linux-gke vulnerabilities
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM32 archite
OSV
linux-nvidia-lowlatency vulnerabilities
osv·2026-02-19·CVSS 3.2
CVE-2024-36331 [LOW] linux-nvidia-lowlatency vulnerabilities
linux-nvidia-lowlatency vulnerabilities
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM32 arch
OSV
linux-lowlatency vulnerabilities
osv·2026-02-19·CVSS 3.2
CVE-2024-36331 [LOW] linux-lowlatency vulnerabilities
linux-lowlatency vulnerabilities
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM32 architectur
OSV
linux-gcp-fips vulnerabilities
osv·2026-02-18·CVSS 3.2
CVE-2024-36331 [LOW] linux-gcp-fips vulnerabilities
linux-gcp-fips vulnerabilities
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM32 architecture;
OSV
linux-aws-fips, linux-fips vulnerabilities
osv·2026-02-17·CVSS 3.2
CVE-2024-36331 [LOW] linux-aws-fips, linux-fips vulnerabilities
linux-aws-fips, linux-fips vulnerabilities
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM32 a
OSV
linux-realtime, linux-raspi-realtime vulnerabilities
osv·2026-02-17·CVSS 3.2
CVE-2024-36331 [LOW] linux-realtime, linux-raspi-realtime vulnerabilities
linux-realtime, linux-raspi-realtime vulnerabilities
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
OSV
linux-aws, linux-aws-6.8, linux-gkeop, linux-nvidia, linux-nvidia-6.8, linux-oracle, linux-oracle-6.8 vulnerabilities
osv·2026-02-17·CVSS 3.2
CVE-2024-36331 [LOW] linux-aws, linux-aws-6.8, linux-gkeop, linux-nvidia, linux-nvidia-6.8, linux-oracle, linux-oracle-6.8 vulnerabilities
linux-aws, linux-aws-6.8, linux-gkeop, linux-nvidia, linux-nvidia-6.8, linux-oracle, linux-oracle-6.8 vulnerabilities
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise th
OSV
linux-gcp-6.8 vulnerabilities
osv·2026-02-12·CVSS 3.2
CVE-2024-36331 [LOW] linux-gcp-6.8 vulnerabilities
linux-gcp-6.8 vulnerabilities
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM32 architecture;
OSV
linux-realtime-6.8 vulnerabilities
osv·2026-02-12·CVSS 3.2
CVE-2024-36331 [LOW] linux-realtime-6.8 vulnerabilities
linux-realtime-6.8 vulnerabilities
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM32 architect
OSV
linux, linux-raspi vulnerabilities
osv·2026-02-11·CVSS 3.2
CVE-2024-36331 [LOW] linux, linux-raspi vulnerabilities
linux, linux-raspi vulnerabilities
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM32 architect
OSV
linux, linux-aws, linux-aws-5.15, linux-gcp, linux-gcp-5.15, linux-gke, linux-gkeop, linux-hwe-5.15, linux-ibm, linux-ibm-5.15, linux-intel-iotg, linux-intel-iotg-5.15, linux-lowlatency, linux-lowlate
osv·2025-12-03
linux, linux-aws, linux-aws-5.15, linux-gcp, linux-gcp-5.15, linux-gke, linux-gkeop, linux-hwe-5.15, linux-ibm, linux-ibm-5.15, linux-intel-iotg, linux-intel-iotg-5.15, linux-lowlatency, linux-lowlate
linux, linux-aws, linux-aws-5.15, linux-gcp, linux-gcp-5.15, linux-gke, linux-gkeop, linux-hwe-5.15, linux-ibm, linux-ibm-5.15, linux-intel-iotg, linux-intel-iotg-5.15, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-nvidia-tegra, linux-nvidia-tegra-5.15, linux-oracle, linux-raspi, linux-xilinx-zynqmp vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- x86 architecture;
- ACPI drivers;
- Serial ATA and Parallel ATA drivers;
- Drivers core;
- ATA over ethernet (AOE) driver;
- Network block device driver;
- Bus devices;
- Clock framework and drivers;
- Hardware crypto device drivers;
-
OSV
linux-hwe-6.14 vulnerabilities
osv·2025-11-04·CVSS 5.6
CVE-2024-36350 [MEDIUM] linux-hwe-6.14 vulnerabilities
linux-hwe-6.14 vulnerabilities
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- RISC-V architecture;
- S390 architecture;
- x86 architecture;
- ACPI drivers;
- Serial ATA and Parallel ATA drivers;
- ATM drivers;
- Drivers core;
- ATA over ethernet (AOE) driver;
OSV
linux-gcp-6.14 vulnerabilities
osv·2025-10-31·CVSS 5.6
CVE-2024-36350 [MEDIUM] linux-gcp-6.14 vulnerabilities
linux-gcp-6.14 vulnerabilities
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- RISC-V architecture;
- S390 architecture;
- x86 architecture;
- ACPI drivers;
- Serial ATA and Parallel ATA drivers;
- Drivers core;
- ATA over ethernet (AOE) driver;
- Ublk userspa
OSV
linux-aws-6.14 vulnerabilities
osv·2025-10-24·CVSS 5.6
CVE-2024-36350 [MEDIUM] linux-aws-6.14 vulnerabilities
linux-aws-6.14 vulnerabilities
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- RISC-V architecture;
- S390 architecture;
- x86 architecture;
- ACPI drivers;
- Serial ATA and Parallel ATA drivers;
- Drivers core;
- ATA over ethernet (AOE) driver;
- Ublk userspa
OSV
linux-realtime-6.14 vulnerabilities
osv·2025-10-22·CVSS 5.6
CVE-2024-36350 [MEDIUM] linux-realtime-6.14 vulnerabilities
linux-realtime-6.14 vulnerabilities
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- RISC-V architecture;
- S390 architecture;
- x86 architecture;
- ACPI drivers;
- Serial ATA and Parallel ATA drivers;
- Drivers core;
- ATA over ethernet (AOE) driver;
- Ublk us
OSV
linux-azure, linux-azure-6.14, linux-azure-nvidia-6.14 vulnerabilities
osv·2025-10-22·CVSS 5.6
CVE-2024-36350 [MEDIUM] linux-azure, linux-azure-6.14, linux-azure-nvidia-6.14 vulnerabilities
linux-azure, linux-azure-6.14, linux-azure-nvidia-6.14 vulnerabilities
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- RISC-V architecture;
- S390 architecture;
- x86 architecture;
- ACPI drivers;
- Serial ATA and Parallel ATA drivers;
- Drivers core;
- ATA ov
OSV
linux, linux-aws, linux-gcp, linux-oem-6.14, linux-oracle, linux-oracle-6.14, linux-raspi, linux-realtime vulnerabilities
osv·2025-10-21·CVSS 5.6
CVE-2024-36350 [MEDIUM] linux, linux-aws, linux-gcp, linux-oem-6.14, linux-oracle, linux-oracle-6.14, linux-raspi, linux-realtime vulnerabilities
linux, linux-aws, linux-gcp, linux-oem-6.14, linux-oracle, linux-oracle-6.14, linux-raspi, linux-realtime vulnerabilities
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- RISC-V architecture;
- S390 architecture;
- x86 architecture;
- ACPI drivers;
- Serial ATA
OSV
linux-nvidia-tegra-igx vulnerabilities
osv·2025-10-06
linux-nvidia-tegra-igx vulnerabilities
linux-nvidia-tegra-igx vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- x86 architecture;
- ACPI drivers;
- Serial ATA and Parallel ATA drivers;
- Drivers core;
- ATA over ethernet (AOE) driver;
- Network block device driver;
- Bus devices;
- Clock framework and drivers;
- Hardware crypto device drivers;
- DMA engine subsystem;
- EDAC drivers;
- GPU drivers;
- HID subsystem;
- InfiniBand drivers;
- Input Device (Miscellaneous) drivers;
- Multiple devices driver;
- Media drivers;
- VMware VMCI Driver;
- MMC subsystem;
- MTD block device drivers;
- Network drivers;
- Pin controllers subsystem;
- x86
OSV
linux-kvm vulnerabilities
osv·2025-10-01
linux-kvm vulnerabilities
linux-kvm vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- x86 architecture;
- ACPI drivers;
- Serial ATA and Parallel ATA drivers;
- Drivers core;
- ATA over ethernet (AOE) driver;
- Network block device driver;
- Bus devices;
- Clock framework and drivers;
- Hardware crypto device drivers;
- DMA engine subsystem;
- EDAC drivers;
- GPU drivers;
- HID subsystem;
- InfiniBand drivers;
- Input Device (Miscellaneous) drivers;
- Multiple devices driver;
- Media drivers;
- VMware VMCI Driver;
- MMC subsystem;
- MTD block device drivers;
- Network drivers;
- Pin controllers subsystem;
- x86 platform dri
OSV
linux-azure-5.15 vulnerabilities
osv·2025-10-01
linux-azure-5.15 vulnerabilities
linux-azure-5.15 vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- x86 architecture;
- ACPI drivers;
- Serial ATA and Parallel ATA drivers;
- Drivers core;
- ATA over ethernet (AOE) driver;
- Network block device driver;
- Bus devices;
- Clock framework and drivers;
- Hardware crypto device drivers;
- DMA engine subsystem;
- EDAC drivers;
- GPU drivers;
- HID subsystem;
- InfiniBand drivers;
- Input Device (Miscellaneous) drivers;
- Multiple devices driver;
- Media drivers;
- VMware VMCI Driver;
- MMC subsystem;
- MTD block device drivers;
- Network drivers;
- Pin controllers subsystem;
- x86 platf
OSV
linux-azure vulnerabilities
osv·2025-09-26
linux-azure vulnerabilities
linux-azure vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- x86 architecture;
- ACPI drivers;
- Serial ATA and Parallel ATA drivers;
- Drivers core;
- ATA over ethernet (AOE) driver;
- Network block device driver;
- Bus devices;
- Clock framework and drivers;
- Hardware crypto device drivers;
- DMA engine subsystem;
- EDAC drivers;
- GPU drivers;
- HID subsystem;
- InfiniBand drivers;
- Input Device (Miscellaneous) drivers;
- Multiple devices driver;
- Media drivers;
- VMware VMCI Driver;
- MMC subsystem;
- MTD block device drivers;
- Network drivers;
- Pin controllers subsystem;
- x86 platform d
OSV
linux-oracle-5.15 vulnerabilities
osv·2025-09-25
linux-oracle-5.15 vulnerabilities
linux-oracle-5.15 vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- x86 architecture;
- ACPI drivers;
- Serial ATA and Parallel ATA drivers;
- Drivers core;
- ATA over ethernet (AOE) driver;
- Network block device driver;
- Bus devices;
- Clock framework and drivers;
- Hardware crypto device drivers;
- DMA engine subsystem;
- EDAC drivers;
- GPU drivers;
- HID subsystem;
- InfiniBand drivers;
- Input Device (Miscellaneous) drivers;
- Multiple devices driver;
- Media drivers;
- VMware VMCI Driver;
- MMC subsystem;
- MTD block device drivers;
- Network drivers;
- Pin controllers subsystem;
- x86 plat
OSV
linux-intel-iot-realtime, linux-realtime vulnerabilities
osv·2025-09-25
linux-intel-iot-realtime, linux-realtime vulnerabilities
linux-intel-iot-realtime, linux-realtime vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- x86 architecture;
- ACPI drivers;
- Serial ATA and Parallel ATA drivers;
- Drivers core;
- ATA over ethernet (AOE) driver;
- Network block device driver;
- Bus devices;
- Clock framework and drivers;
- Hardware crypto device drivers;
- DMA engine subsystem;
- EDAC drivers;
- GPU drivers;
- HID subsystem;
- InfiniBand drivers;
- Input Device (Miscellaneous) drivers;
- Multiple devices driver;
- Media drivers;
- VMware VMCI Driver;
- MMC subsystem;
- MTD block device drivers;
- Network drivers;
- Pin controller
OSV
linux-azure-fips vulnerabilities
osv·2025-09-25
linux-azure-fips vulnerabilities
linux-azure-fips vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- x86 architecture;
- ACPI drivers;
- Serial ATA and Parallel ATA drivers;
- Drivers core;
- ATA over ethernet (AOE) driver;
- Network block device driver;
- Bus devices;
- Clock framework and drivers;
- Hardware crypto device drivers;
- DMA engine subsystem;
- EDAC drivers;
- GPU drivers;
- HID subsystem;
- InfiniBand drivers;
- Input Device (Miscellaneous) drivers;
- Multiple devices driver;
- Media drivers;
- VMware VMCI Driver;
- MMC subsystem;
- MTD block device drivers;
- Network drivers;
- Pin controllers subsystem;
- x86 platf
OSV
linux-aws-fips, linux-fips, linux-gcp-fips vulnerabilities
osv·2025-09-25
linux-aws-fips, linux-fips, linux-gcp-fips vulnerabilities
linux-aws-fips, linux-fips, linux-gcp-fips vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- x86 architecture;
- ACPI drivers;
- Serial ATA and Parallel ATA drivers;
- Drivers core;
- ATA over ethernet (AOE) driver;
- Network block device driver;
- Bus devices;
- Clock framework and drivers;
- Hardware crypto device drivers;
- DMA engine subsystem;
- EDAC drivers;
- GPU drivers;
- HID subsystem;
- InfiniBand drivers;
- Input Device (Miscellaneous) drivers;
- Multiple devices driver;
- Media drivers;
- VMware VMCI Driver;
- MMC subsystem;
- MTD block device drivers;
- Network drivers;
- Pin controll
OSV
CVE-2025-38090: In the Linux kernel, the following vulnerability has been resolved: drivers/rapidio/rio_cm
osv·2025-06-30·CVSS 5.5
CVE-2025-38090 [MEDIUM] CVE-2025-38090: In the Linux kernel, the following vulnerability has been resolved: drivers/rapidio/rio_cm
In the Linux kernel, the following vulnerability has been resolved: drivers/rapidio/rio_cm.c: prevent possible heap overwrite In riocm_cdev_ioctl(RIO_CM_CHAN_SEND) -> cm_chan_msg_send() -> riocm_ch_send() cm_chan_msg_send() checks that userspace didn't send too much data but riocm_ch_send() failed to check that userspace sent sufficient data. The result is that riocm_ch_send() can write to fields in the rio_ch_chan_hdr which were outside the bounds of the space which cm_chan_msg_send() allocated. Address this by teaching riocm_ch_send() to check that the entire rio_ch_chan_hdr was copied in from userspace.
GHSA
GHSA-vjwf-vf62-c8wp: In the Linux kernel, the following vulnerability has been resolved:
drivers/rapidio/rio_cm
ghsa_unreviewed·2025-06-30
CVE-2025-38090 [MEDIUM] GHSA-vjwf-vf62-c8wp: In the Linux kernel, the following vulnerability has been resolved:
drivers/rapidio/rio_cm
In the Linux kernel, the following vulnerability has been resolved:
drivers/rapidio/rio_cm.c: prevent possible heap overwrite
In
riocm_cdev_ioctl(RIO_CM_CHAN_SEND)
-> cm_chan_msg_send()
-> riocm_ch_send()
cm_chan_msg_send() checks that userspace didn't send too much data but
riocm_ch_send() failed to check that userspace sent sufficient data. The
result is that riocm_ch_send() can write to fields in the rio_ch_chan_hdr
which were outside the bounds of the space which cm_chan_msg_send()
allocated.
Address this by teaching riocm_ch_send() to check that the entire
rio_ch_chan_hdr was copied in from userspace.
Ubuntu
Linux kernel (Azure) vulnerabilities
vendor_ubuntu·2026-03-25·CVSS 3.2
CVE-2025-40068 [LOW] Linux kernel (Azure) vulnerabilities
Title: Linux kernel (Azure) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Qualys discovered that several vulnerabilities existed in the AppArmor
Linux kernel Security Module (LSM). An unprivileged local attacker could
use these issues to load, replace, and remove arbitrary AppArmor profiles
causing denial of service, exposure of sensitive information (kernel
memory), local privilege escalation, or possibly escape a container.
(LP: #2143853)
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that
Ubuntu
Linux kernel (Azure) vulnerabilities
vendor_ubuntu·2026-03-04·CVSS 3.2
CVE-2025-37956 [LOW] Linux kernel (Azure) vulnerabilities
Title: Linux kernel (Azure) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system
Ubuntu
Linux kernel (Azure FIPS) vulnerabilities
vendor_ubuntu·2026-03-04·CVSS 3.2
CVE-2025-38476 [LOW] Linux kernel (Azure FIPS) vulnerabilities
Title: Linux kernel (Azure FIPS) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the s
Ubuntu
Linux kernel (Xilinx) vulnerabilities
vendor_ubuntu·2026-02-24·CVSS 3.2
CVE-2025-38652 [LOW] Linux kernel (Xilinx) vulnerabilities
Title: Linux kernel (Xilinx) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the syste
Ubuntu
Linux kernel (IBM) vulnerabilities
vendor_ubuntu·2026-02-24·CVSS 3.2
CVE-2025-38014 [LOW] Linux kernel (IBM) vulnerabilities
Title: Linux kernel (IBM) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
Ubuntu
Linux kernel (Low Latency) vulnerabilities
vendor_ubuntu·2026-02-19·CVSS 3.2
CVE-2025-38702 [LOW] Linux kernel (Low Latency) vulnerabilities
Title: Linux kernel (Low Latency) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the
Ubuntu
Linux kernel (Low Latency NVIDIA) vulnerabilities
vendor_ubuntu·2026-02-19·CVSS 3.2
CVE-2025-38702 [LOW] Linux kernel (Low Latency NVIDIA) vulnerabilities
Title: Linux kernel (Low Latency NVIDIA) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromi
Ubuntu
Linux kernel (HWE) vulnerabilities
vendor_ubuntu·2026-02-19·CVSS 3.2
CVE-2025-38702 [LOW] Linux kernel (HWE) vulnerabilities
Title: Linux kernel (HWE) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2026-02-19·CVSS 3.2
CVE-2025-38014 [LOW] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This u
Ubuntu
Linux kernel (GCP FIPS) vulnerabilities
vendor_ubuntu·2026-02-18·CVSS 3.2
CVE-2025-38014 [LOW] Linux kernel (GCP FIPS) vulnerabilities
Title: Linux kernel (GCP FIPS) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the sys
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2026-02-17·CVSS 3.2
CVE-2025-38702 [LOW] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This u
Ubuntu
Linux kernel (FIPS) vulnerabilities
vendor_ubuntu·2026-02-17·CVSS 3.2
CVE-2025-38702 [LOW] Linux kernel (FIPS) vulnerabilities
Title: Linux kernel (FIPS) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
Ubuntu
Linux kernel (Real-time) vulnerabilities
vendor_ubuntu·2026-02-17·CVSS 3.2
CVE-2025-38014 [LOW] Linux kernel (Real-time) vulnerabilities
Title: Linux kernel (Real-time) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the sy
Ubuntu
Linux kernel (GCP) vulnerabilities
vendor_ubuntu·2026-02-12·CVSS 3.2
CVE-2025-38702 [LOW] Linux kernel (GCP) vulnerabilities
Title: Linux kernel (GCP) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
Ubuntu
Linux kernel (Real-time) vulnerabilities
vendor_ubuntu·2026-02-12·CVSS 3.2
CVE-2025-38014 [LOW] Linux kernel (Real-time) vulnerabilities
Title: Linux kernel (Real-time) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the sy
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2026-02-11·CVSS 3.2
CVE-2025-38702 [LOW] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This u
Ubuntu
Linux kernel (HWE) vulnerabilities
vendor_ubuntu·2025-11-04·CVSS 5.6
CVE-2025-38231 [MEDIUM] Linux kernel (HWE) vulnerabilities
Title: Linux kernel (HWE) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- RISC-V architecture;
- S390 architecture;
- x86 architecture;
- ACPI drivers;
- Serial ATA and Parallel
Ubuntu
Linux kernel (GCP) vulnerabilities
vendor_ubuntu·2025-10-31·CVSS 5.6
CVE-2025-38263 [MEDIUM] Linux kernel (GCP) vulnerabilities
Title: Linux kernel (GCP) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- RISC-V architecture;
- S390 architecture;
- x86 architecture;
- ACPI drivers;
- Serial ATA and Parallel
Ubuntu
Linux kernel (AWS) vulnerabilities
vendor_ubuntu·2025-10-24·CVSS 5.6
CVE-2024-36357 [MEDIUM] Linux kernel (AWS) vulnerabilities
Title: Linux kernel (AWS) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- RISC-V architecture;
- S390 architecture;
- x86 architecture;
- ACPI drivers;
- Serial ATA and Parallel
Ubuntu
Linux kernel (Azure) vulnerabilities
vendor_ubuntu·2025-10-22·CVSS 5.6
CVE-2025-38424 [MEDIUM] Linux kernel (Azure) vulnerabilities
Title: Linux kernel (Azure) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- RISC-V architecture;
- S390 architecture;
- x86 architecture;
- ACPI drivers;
- Serial ATA and Paralle
Ubuntu
Linux kernel (Real-time) vulnerabilities
vendor_ubuntu·2025-10-22·CVSS 5.6
CVE-2025-38373 [MEDIUM] Linux kernel (Real-time) vulnerabilities
Title: Linux kernel (Real-time) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- RISC-V architecture;
- S390 architecture;
- x86 architecture;
- ACPI drivers;
- Serial ATA and Par
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2025-10-21·CVSS 5.6
CVE-2025-38424 [MEDIUM] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores, potentially resulting in the leakage of
privileged information. A local attacker could possibly use this to expose
sensitive information. (CVE-2024-36350, CVE-2024-36357)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- RISC-V architecture;
- S390 architecture;
- x86 architecture;
- ACPI drivers;
- Serial ATA and Parallel ATA dr
Ubuntu
Linux kernel (NVIDIA Tegra IGX) vulnerabilities
vendor_ubuntu·2025-10-06
CVE-2025-38386 Linux kernel (NVIDIA Tegra IGX) vulnerabilities
Title: Linux kernel (NVIDIA Tegra IGX) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- x86 architecture;
- ACPI drivers;
- Serial ATA and Parallel ATA drivers;
- Drivers core;
- ATA over ethernet (AOE) driver;
- Network block device driver;
- Bus devices;
- Clock framework and drivers;
- Hardware crypto device drivers;
- DMA engine subsystem;
- EDAC drivers;
- GPU drivers;
- HID subsystem;
- InfiniBand drivers;
- Input Device (Miscellaneous) drivers;
- Multiple devices driver;
- Media drivers;
- VMware VMCI Driver;
- MMC subsystem;
Ubuntu
Linux kernel (KVM) vulnerabilities
vendor_ubuntu·2025-10-01
CVE-2025-38084 Linux kernel (KVM) vulnerabilities
Title: Linux kernel (KVM) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- x86 architecture;
- ACPI drivers;
- Serial ATA and Parallel ATA drivers;
- Drivers core;
- ATA over ethernet (AOE) driver;
- Network block device driver;
- Bus devices;
- Clock framework and drivers;
- Hardware crypto device drivers;
- DMA engine subsystem;
- EDAC drivers;
- GPU drivers;
- HID subsystem;
- InfiniBand drivers;
- Input Device (Miscellaneous) drivers;
- Multiple devices driver;
- Media drivers;
- VMware VMCI Driver;
- MMC subsystem;
- MTD block
Ubuntu
Linux kernel (Azure) vulnerabilities
vendor_ubuntu·2025-10-01
CVE-2025-38084 Linux kernel (Azure) vulnerabilities
Title: Linux kernel (Azure) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- x86 architecture;
- ACPI drivers;
- Serial ATA and Parallel ATA drivers;
- Drivers core;
- ATA over ethernet (AOE) driver;
- Network block device driver;
- Bus devices;
- Clock framework and drivers;
- Hardware crypto device drivers;
- DMA engine subsystem;
- EDAC drivers;
- GPU drivers;
- HID subsystem;
- InfiniBand drivers;
- Input Device (Miscellaneous) drivers;
- Multiple devices driver;
- Media drivers;
- VMware VMCI Driver;
- MMC subsystem;
- MTD bloc
Ubuntu
Linux kernel (Azure) vulnerabilities
vendor_ubuntu·2025-09-26
CVE-2025-38444 Linux kernel (Azure) vulnerabilities
Title: Linux kernel (Azure) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- x86 architecture;
- ACPI drivers;
- Serial ATA and Parallel ATA drivers;
- Drivers core;
- ATA over ethernet (AOE) driver;
- Network block device driver;
- Bus devices;
- Clock framework and drivers;
- Hardware crypto device drivers;
- DMA engine subsystem;
- EDAC drivers;
- GPU drivers;
- HID subsystem;
- InfiniBand drivers;
- Input Device (Miscellaneous) drivers;
- Multiple devices driver;
- Media drivers;
- VMware VMCI Driver;
- MMC subsystem;
- MTD bloc
Ubuntu
Linux kernel (Oracle) vulnerabilities
vendor_ubuntu·2025-09-25
CVE-2025-38203 Linux kernel (Oracle) vulnerabilities
Title: Linux kernel (Oracle) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- x86 architecture;
- ACPI drivers;
- Serial ATA and Parallel ATA drivers;
- Drivers core;
- ATA over ethernet (AOE) driver;
- Network block device driver;
- Bus devices;
- Clock framework and drivers;
- Hardware crypto device drivers;
- DMA engine subsystem;
- EDAC drivers;
- GPU drivers;
- HID subsystem;
- InfiniBand drivers;
- Input Device (Miscellaneous) drivers;
- Multiple devices driver;
- Media drivers;
- VMware VMCI Driver;
- MMC subsystem;
- MTD blo
Ubuntu
Linux kernel (Azure FIPS) vulnerabilities
vendor_ubuntu·2025-09-25
CVE-2025-38312 Linux kernel (Azure FIPS) vulnerabilities
Title: Linux kernel (Azure FIPS) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- x86 architecture;
- ACPI drivers;
- Serial ATA and Parallel ATA drivers;
- Drivers core;
- ATA over ethernet (AOE) driver;
- Network block device driver;
- Bus devices;
- Clock framework and drivers;
- Hardware crypto device drivers;
- DMA engine subsystem;
- EDAC drivers;
- GPU drivers;
- HID subsystem;
- InfiniBand drivers;
- Input Device (Miscellaneous) drivers;
- Multiple devices driver;
- Media drivers;
- VMware VMCI Driver;
- MMC subsystem;
- MTD
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2025-09-25
CVE-2025-38312 Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- x86 architecture;
- ACPI drivers;
- Serial ATA and Parallel ATA drivers;
- Drivers core;
- ATA over ethernet (AOE) driver;
- Network block device driver;
- Bus devices;
- Clock framework and drivers;
- Hardware crypto device drivers;
- DMA engine subsystem;
- EDAC drivers;
- GPU drivers;
- HID subsystem;
- InfiniBand drivers;
- Input Device (Miscellaneous) drivers;
- Multiple devices driver;
- Media drivers;
- VMware VMCI Driver;
- MMC subsystem;
- MTD block device
Ubuntu
Linux kernel (Real-time) vulnerabilities
vendor_ubuntu·2025-09-25
CVE-2025-38203 Linux kernel (Real-time) vulnerabilities
Title: Linux kernel (Real-time) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- x86 architecture;
- ACPI drivers;
- Serial ATA and Parallel ATA drivers;
- Drivers core;
- ATA over ethernet (AOE) driver;
- Network block device driver;
- Bus devices;
- Clock framework and drivers;
- Hardware crypto device drivers;
- DMA engine subsystem;
- EDAC drivers;
- GPU drivers;
- HID subsystem;
- InfiniBand drivers;
- Input Device (Miscellaneous) drivers;
- Multiple devices driver;
- Media drivers;
- VMware VMCI Driver;
- MMC subsystem;
- MTD
Ubuntu
Linux kernel (FIPS) vulnerabilities
vendor_ubuntu·2025-09-25
CVE-2025-38203 Linux kernel (FIPS) vulnerabilities
Title: Linux kernel (FIPS) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- x86 architecture;
- ACPI drivers;
- Serial ATA and Parallel ATA drivers;
- Drivers core;
- ATA over ethernet (AOE) driver;
- Network block device driver;
- Bus devices;
- Clock framework and drivers;
- Hardware crypto device drivers;
- DMA engine subsystem;
- EDAC drivers;
- GPU drivers;
- HID subsystem;
- InfiniBand drivers;
- Input Device (Miscellaneous) drivers;
- Multiple devices driver;
- Media drivers;
- VMware VMCI Driver;
- MMC subsystem;
- MTD block
Red Hat
kernel: drivers/rapidio/rio_cm.c: prevent possible heap overwrite
vendor_redhat·2025-06-30·CVSS 5.5
CVE-2025-38090 [MEDIUM] kernel: drivers/rapidio/rio_cm.c: prevent possible heap overwrite
kernel: drivers/rapidio/rio_cm.c: prevent possible heap overwrite
In the Linux kernel, the following vulnerability has been resolved:
drivers/rapidio/rio_cm.c: prevent possible heap overwrite
In
riocm_cdev_ioctl(RIO_CM_CHAN_SEND)
-> cm_chan_msg_send()
-> riocm_ch_send()
cm_chan_msg_send() checks that userspace didn't send too much data but
riocm_ch_send() failed to check that userspace sent sufficient data. The
result is that riocm_ch_send() can write to fields in the rio_ch_chan_hdr
which were outside the bounds of the space which cm_chan_msg_send()
allocated.
Address this by teaching riocm_ch_send() to check that the entire
rio_ch_chan_hdr was copied in from userspace.
Package: kernel (Red Hat Enterprise Linux 10) - Not affected
Package: kernel (Red Hat Enterprise Linux 6) - Not affec
Microsoft
drivers/rapidio/rio_cm.c: prevent possible heap overwrite
vendor_msrc·2025-06-10·CVSS 7.8
CVE-2025-38090 [MEDIUM] drivers/rapidio/rio_cm.c: prevent possible heap overwrite
drivers/rapidio/rio_cm.c: prevent possible heap overwrite
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See this blog post for more information. If impact to additional products is identified, we will update the CVE to reflect this.
Mariner: Mariner
Linux: Linux
Customer Action Required: Yes
Remediation: CBL-Mariner Releases
Reference: https://lea
Debian
CVE-2025-38090: linux - In the Linux kernel, the following vulnerability has been resolved: drivers/rap...
vendor_debian·2025·CVSS 5.5
CVE-2025-38090 [MEDIUM] CVE-2025-38090: linux - In the Linux kernel, the following vulnerability has been resolved: drivers/rap...
In the Linux kernel, the following vulnerability has been resolved: drivers/rapidio/rio_cm.c: prevent possible heap overwrite In riocm_cdev_ioctl(RIO_CM_CHAN_SEND) -> cm_chan_msg_send() -> riocm_ch_send() cm_chan_msg_send() checks that userspace didn't send too much data but riocm_ch_send() failed to check that userspace sent sufficient data. The result is that riocm_ch_send() can write to fields in the rio_ch_chan_hdr which were outside the bounds of the space which cm_chan_msg_send() allocated. Address this by teaching riocm_ch_send() to check that the entire rio_ch_chan_hdr was copied in from userspace.
Scope: local
bookworm: resolved (fixed in 6.1.147-1)
bullseye: resolved (fixed in 5.10.244-1)
forky: resolved (fixed in 6.12.35-1)
sid: resolved (fixed in 6.12.35-1)
trixie: resolved (fi
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://git.kernel.org/stable/c/1921781ec4a8824bd0c520bf9363e28a880d14echttps://git.kernel.org/stable/c/1cce6ac47f4a2ac1766b8a188dc8c8f6d8df2a53https://git.kernel.org/stable/c/50695153d7ddde3b1696dbf0085be0033bf3ddb3https://git.kernel.org/stable/c/58f664614f8c3d6142ab81ae551e466dc6e092e8https://git.kernel.org/stable/c/6d5c6711a55c35ce09b90705546050408d9d4b61https://git.kernel.org/stable/c/a8b5ea2e302aa5cd00fc7addd8df53c9bde7b5f6https://git.kernel.org/stable/c/c03ddc183249f03fc7e057e02cae6f89144d0123https://git.kernel.org/stable/c/ecf5ee280b702270afb02f61b299d3dfe3ec7730https://lists.debian.org/debian-lts-announce/2025/10/msg00007.htmlhttps://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
2025-06-30
Published