CVE-2025-38122: In the Linux kernel, the following vulnerability has been resolved: gve: add missing NULL check for gve_alloc_pending_packet() in TX DQO…

CVE-2025-40068 [LOW] Linux kernel (Azure) vulnerabilities Title: Linux kernel (Azure) vulnerabilities Summary: Several security issues were fixed in the Linux kernel. Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module (LSM). An unprivileged local attacker could use these issues to load, replace, and remove arbitrary AppArmor profiles causing denial of service, exposure of sensitive information (kernel memory), local privilege escalation, or possibly escape a container. (LP: #2143853) It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. (CVE-2024-36331) Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos, and Flavien Solt discovered that

CVE-2025-37956 [LOW] Linux kernel (Azure) vulnerabilities Title: Linux kernel (Azure) vulnerabilities Summary: Several security issues were fixed in the Linux kernel. It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. (CVE-2024-36331) Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos, and Flavien Solt discovered that some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information. A local attacker could possibly use this to expose sensitive information. (CVE-2024-36350, CVE-2024-36357) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system

CVE-2025-38476 [LOW] Linux kernel (Azure FIPS) vulnerabilities Title: Linux kernel (Azure FIPS) vulnerabilities Summary: Several security issues were fixed in the Linux kernel. It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. (CVE-2024-36331) Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos, and Flavien Solt discovered that some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information. A local attacker could possibly use this to expose sensitive information. (CVE-2024-36350, CVE-2024-36357) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the s

CVE-2025-38652 [LOW] Linux kernel (Xilinx) vulnerabilities Title: Linux kernel (Xilinx) vulnerabilities Summary: Several security issues were fixed in the Linux kernel. It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. (CVE-2024-36331) Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos, and Flavien Solt discovered that some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information. A local attacker could possibly use this to expose sensitive information. (CVE-2024-36350, CVE-2024-36357) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the syste

CVE-2025-38014 [LOW] Linux kernel (IBM) vulnerabilities Title: Linux kernel (IBM) vulnerabilities Summary: Several security issues were fixed in the Linux kernel. It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. (CVE-2024-36331) Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos, and Flavien Solt discovered that some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information. A local attacker could possibly use this to expose sensitive information. (CVE-2024-36350, CVE-2024-36357) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

CVE-2025-38702 [LOW] Linux kernel (Low Latency) vulnerabilities Title: Linux kernel (Low Latency) vulnerabilities Summary: Several security issues were fixed in the Linux kernel. It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. (CVE-2024-36331) Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos, and Flavien Solt discovered that some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information. A local attacker could possibly use this to expose sensitive information. (CVE-2024-36350, CVE-2024-36357) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the

CVE-2025-38702 [LOW] Linux kernel (Low Latency NVIDIA) vulnerabilities Title: Linux kernel (Low Latency NVIDIA) vulnerabilities Summary: Several security issues were fixed in the Linux kernel. It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. (CVE-2024-36331) Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos, and Flavien Solt discovered that some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information. A local attacker could possibly use this to expose sensitive information. (CVE-2024-36350, CVE-2024-36357) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromi

CVE-2025-38702 [LOW] Linux kernel (HWE) vulnerabilities Title: Linux kernel (HWE) vulnerabilities Summary: Several security issues were fixed in the Linux kernel. It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. (CVE-2024-36331) Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos, and Flavien Solt discovered that some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information. A local attacker could possibly use this to expose sensitive information. (CVE-2024-36350, CVE-2024-36357) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

CVE-2025-38014 [LOW] Linux kernel vulnerabilities Title: Linux kernel vulnerabilities Summary: Several security issues were fixed in the Linux kernel. It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. (CVE-2024-36331) Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos, and Flavien Solt discovered that some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information. A local attacker could possibly use this to expose sensitive information. (CVE-2024-36350, CVE-2024-36357) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This u

CVE-2025-38014 [LOW] Linux kernel (GCP FIPS) vulnerabilities Title: Linux kernel (GCP FIPS) vulnerabilities Summary: Several security issues were fixed in the Linux kernel. It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. (CVE-2024-36331) Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos, and Flavien Solt discovered that some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information. A local attacker could possibly use this to expose sensitive information. (CVE-2024-36350, CVE-2024-36357) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the sys

CVE-2025-38702 [LOW] Linux kernel vulnerabilities Title: Linux kernel vulnerabilities Summary: Several security issues were fixed in the Linux kernel. It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. (CVE-2024-36331) Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos, and Flavien Solt discovered that some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information. A local attacker could possibly use this to expose sensitive information. (CVE-2024-36350, CVE-2024-36357) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This u

CVE-2025-38702 [LOW] Linux kernel (FIPS) vulnerabilities Title: Linux kernel (FIPS) vulnerabilities Summary: Several security issues were fixed in the Linux kernel. It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. (CVE-2024-36331) Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos, and Flavien Solt discovered that some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information. A local attacker could possibly use this to expose sensitive information. (CVE-2024-36350, CVE-2024-36357) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

CVE-2025-38014 [LOW] Linux kernel (Real-time) vulnerabilities Title: Linux kernel (Real-time) vulnerabilities Summary: Several security issues were fixed in the Linux kernel. It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. (CVE-2024-36331) Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos, and Flavien Solt discovered that some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information. A local attacker could possibly use this to expose sensitive information. (CVE-2024-36350, CVE-2024-36357) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the sy

CVE-2025-38702 [LOW] Linux kernel (GCP) vulnerabilities Title: Linux kernel (GCP) vulnerabilities Summary: Several security issues were fixed in the Linux kernel. It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. (CVE-2024-36331) Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos, and Flavien Solt discovered that some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information. A local attacker could possibly use this to expose sensitive information. (CVE-2024-36350, CVE-2024-36357) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

CVE-2025-38014 [LOW] Linux kernel (Real-time) vulnerabilities Title: Linux kernel (Real-time) vulnerabilities Summary: Several security issues were fixed in the Linux kernel. It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. (CVE-2024-36331) Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos, and Flavien Solt discovered that some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information. A local attacker could possibly use this to expose sensitive information. (CVE-2024-36350, CVE-2024-36357) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the sy

CVE-2025-38702 [LOW] Linux kernel vulnerabilities Title: Linux kernel vulnerabilities Summary: Several security issues were fixed in the Linux kernel. It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. (CVE-2024-36331) Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos, and Flavien Solt discovered that some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information. A local attacker could possibly use this to expose sensitive information. (CVE-2024-36350, CVE-2024-36357) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This u

CVE-2025-38304 Linux kernel (Raspberry Pi) vulnerabilities Title: Linux kernel (Raspberry Pi) vulnerabilities Summary: Several security issues were fixed in the Linux kernel. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - ACPI drivers; - Android drivers; - Bluetooth drivers; - Bus devices; - Clock framework and drivers; - CPU frequency scaling framework; - Hardware crypto device drivers; - DMA engine subsystem; - EDAC drivers; - Arm Firmware Framework for ARMv8-A(FFA); - FPGA Framework; - GPIO subsystem; - GPU drivers; - HID subsystem; - Hardware monitoring drivers; - HW tracing; - InfiniBand drivers; -

CVE-2025-38386 Linux kernel (NVIDIA Tegra IGX) vulnerabilities Title: Linux kernel (NVIDIA Tegra IGX) vulnerabilities Summary: Several security issues were fixed in the Linux kernel. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Serial ATA and Parallel ATA drivers; - Drivers core; - ATA over ethernet (AOE) driver; - Network block device driver; - Bus devices; - Clock framework and drivers; - Hardware crypto device drivers; - DMA engine subsystem; - EDAC drivers; - GPU drivers; - HID subsystem; - InfiniBand drivers; - Input Device (Miscellaneous) drivers; - Multiple devices driver; - Media drivers; - VMware VMCI Driver; - MMC subsystem;

CVE-2025-38084 Linux kernel (KVM) vulnerabilities Title: Linux kernel (KVM) vulnerabilities Summary: Several security issues were fixed in the Linux kernel. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Serial ATA and Parallel ATA drivers; - Drivers core; - ATA over ethernet (AOE) driver; - Network block device driver; - Bus devices; - Clock framework and drivers; - Hardware crypto device drivers; - DMA engine subsystem; - EDAC drivers; - GPU drivers; - HID subsystem; - InfiniBand drivers; - Input Device (Miscellaneous) drivers; - Multiple devices driver; - Media drivers; - VMware VMCI Driver; - MMC subsystem; - MTD block

CVE-2025-38084 Linux kernel (Azure) vulnerabilities Title: Linux kernel (Azure) vulnerabilities Summary: Several security issues were fixed in the Linux kernel. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Serial ATA and Parallel ATA drivers; - Drivers core; - ATA over ethernet (AOE) driver; - Network block device driver; - Bus devices; - Clock framework and drivers; - Hardware crypto device drivers; - DMA engine subsystem; - EDAC drivers; - GPU drivers; - HID subsystem; - InfiniBand drivers; - Input Device (Miscellaneous) drivers; - Multiple devices driver; - Media drivers; - VMware VMCI Driver; - MMC subsystem; - MTD bloc

CVE-2025-38092 Linux kernel (Oracle) vulnerabilities Title: Linux kernel (Oracle) vulnerabilities Summary: Several security issues were fixed in the Linux kernel. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - ACPI drivers; - Android drivers; - Bluetooth drivers; - Bus devices; - Clock framework and drivers; - CPU frequency scaling framework; - Hardware crypto device drivers; - DMA engine subsystem; - EDAC drivers; - Arm Firmware Framework for ARMv8-A(FFA); - FPGA Framework; - GPIO subsystem; - GPU drivers; - HID subsystem; - Hardware monitoring drivers; - HW tracing; - InfiniBand drivers; - IOMMU

CVE-2025-38071 Linux kernel vulnerabilities Title: Linux kernel vulnerabilities Summary: Several security issues were fixed in the Linux kernel. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - ACPI drivers; - Android drivers; - Bluetooth drivers; - Bus devices; - Clock framework and drivers; - CPU frequency scaling framework; - Hardware crypto device drivers; - DMA engine subsystem; - EDAC drivers; - Arm Firmware Framework for ARMv8-A(FFA); - FPGA Framework; - GPIO subsystem; - GPU drivers; - HID subsystem; - Hardware monitoring drivers; - HW tracing; - InfiniBand drivers; - IOMMU subsyste

CVE-2025-38444 Linux kernel (Azure) vulnerabilities Title: Linux kernel (Azure) vulnerabilities Summary: Several security issues were fixed in the Linux kernel. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Serial ATA and Parallel ATA drivers; - Drivers core; - ATA over ethernet (AOE) driver; - Network block device driver; - Bus devices; - Clock framework and drivers; - Hardware crypto device drivers; - DMA engine subsystem; - EDAC drivers; - GPU drivers; - HID subsystem; - InfiniBand drivers; - Input Device (Miscellaneous) drivers; - Multiple devices driver; - Media drivers; - VMware VMCI Driver; - MMC subsystem; - MTD bloc

CVE-2025-38203 Linux kernel (Oracle) vulnerabilities Title: Linux kernel (Oracle) vulnerabilities Summary: Several security issues were fixed in the Linux kernel. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Serial ATA and Parallel ATA drivers; - Drivers core; - ATA over ethernet (AOE) driver; - Network block device driver; - Bus devices; - Clock framework and drivers; - Hardware crypto device drivers; - DMA engine subsystem; - EDAC drivers; - GPU drivers; - HID subsystem; - InfiniBand drivers; - Input Device (Miscellaneous) drivers; - Multiple devices driver; - Media drivers; - VMware VMCI Driver; - MMC subsystem; - MTD blo

CVE-2025-38312 Linux kernel (Azure FIPS) vulnerabilities Title: Linux kernel (Azure FIPS) vulnerabilities Summary: Several security issues were fixed in the Linux kernel. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Serial ATA and Parallel ATA drivers; - Drivers core; - ATA over ethernet (AOE) driver; - Network block device driver; - Bus devices; - Clock framework and drivers; - Hardware crypto device drivers; - DMA engine subsystem; - EDAC drivers; - GPU drivers; - HID subsystem; - InfiniBand drivers; - Input Device (Miscellaneous) drivers; - Multiple devices driver; - Media drivers; - VMware VMCI Driver; - MMC subsystem; - MTD

CVE-2025-38312 Linux kernel vulnerabilities Title: Linux kernel vulnerabilities Summary: Several security issues were fixed in the Linux kernel. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Serial ATA and Parallel ATA drivers; - Drivers core; - ATA over ethernet (AOE) driver; - Network block device driver; - Bus devices; - Clock framework and drivers; - Hardware crypto device drivers; - DMA engine subsystem; - EDAC drivers; - GPU drivers; - HID subsystem; - InfiniBand drivers; - Input Device (Miscellaneous) drivers; - Multiple devices driver; - Media drivers; - VMware VMCI Driver; - MMC subsystem; - MTD block device

CVE-2025-38203 Linux kernel (Real-time) vulnerabilities Title: Linux kernel (Real-time) vulnerabilities Summary: Several security issues were fixed in the Linux kernel. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Serial ATA and Parallel ATA drivers; - Drivers core; - ATA over ethernet (AOE) driver; - Network block device driver; - Bus devices; - Clock framework and drivers; - Hardware crypto device drivers; - DMA engine subsystem; - EDAC drivers; - GPU drivers; - HID subsystem; - InfiniBand drivers; - Input Device (Miscellaneous) drivers; - Multiple devices driver; - Media drivers; - VMware VMCI Driver; - MMC subsystem; - MTD

CVE-2025-38106 Linux kernel vulnerabilities Title: Linux kernel vulnerabilities Summary: Several security issues were fixed in the Linux kernel. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - ACPI drivers; - Android drivers; - Bluetooth drivers; - Bus devices; - Clock framework and drivers; - CPU frequency scaling framework; - Hardware crypto device drivers; - DMA engine subsystem; - EDAC drivers; - Arm Firmware Framework for ARMv8-A(FFA); - FPGA Framework; - GPIO subsystem; - GPU drivers; - HID subsystem; - Hardware monitoring drivers; - HW tracing; - InfiniBand drivers; - IOMMU subsyste

CVE-2025-38203 Linux kernel (FIPS) vulnerabilities Title: Linux kernel (FIPS) vulnerabilities Summary: Several security issues were fixed in the Linux kernel. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Serial ATA and Parallel ATA drivers; - Drivers core; - ATA over ethernet (AOE) driver; - Network block device driver; - Bus devices; - Clock framework and drivers; - Hardware crypto device drivers; - DMA engine subsystem; - EDAC drivers; - GPU drivers; - HID subsystem; - InfiniBand drivers; - Input Device (Miscellaneous) drivers; - Multiple devices driver; - Media drivers; - VMware VMCI Driver; - MMC subsystem; - MTD block

CVE-2025-38106 Linux kernel (OEM) vulnerabilities Title: Linux kernel (OEM) vulnerabilities Summary: Several security issues were fixed in the Linux kernel. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - ACPI drivers; - Android drivers; - Bluetooth drivers; - Bus devices; - Clock framework and drivers; - CPU frequency scaling framework; - Hardware crypto device drivers; - DMA engine subsystem; - EDAC drivers; - Arm Firmware Framework for ARMv8-A(FFA); - FPGA Framework; - GPIO subsystem; - GPU drivers; - HID subsystem; - Hardware monitoring drivers; - HW tracing; - InfiniBand drivers; - IOMMU su

CVE-2025-38082 Linux kernel (Azure) vulnerabilities Title: Linux kernel (Azure) vulnerabilities Summary: Several security issues were fixed in the Linux kernel. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - ACPI drivers; - Android drivers; - Bluetooth drivers; - Bus devices; - Clock framework and drivers; - CPU frequency scaling framework; - Hardware crypto device drivers; - DMA engine subsystem; - EDAC drivers; - Arm Firmware Framework for ARMv8-A(FFA); - FPGA Framework; - GPIO subsystem; - GPU drivers; - HID subsystem; - Hardware monitoring drivers; - HW tracing; - InfiniBand drivers; - IOMMU

CVE-2025-38082 Linux kernel (Real-time) vulnerabilities Title: Linux kernel (Real-time) vulnerabilities Summary: Several security issues were fixed in the Linux kernel. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - ACPI drivers; - Android drivers; - Bluetooth drivers; - Bus devices; - Clock framework and drivers; - CPU frequency scaling framework; - Hardware crypto device drivers; - DMA engine subsystem; - EDAC drivers; - Arm Firmware Framework for ARMv8-A(FFA); - FPGA Framework; - GPIO subsystem; - GPU drivers; - HID subsystem; - Hardware monitoring drivers; - HW tracing; - InfiniBand drivers; - IO

CVE-2025-38122 [MEDIUM] gve: add missing NULL check for gve_alloc_pending_packet() in TX DQO gve: add missing NULL check for gve_alloc_pending_packet() in TX DQO FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See this blog post for more information. If impact to additional products is identified, we will update the CVE to reflect this. Mariner: Mariner Linux: Linux Customer Action Required: Yes Remediation: CBL-Mariner Releases Reference:

CVE-2025-38122 [MEDIUM] kernel: gve: add missing NULL check for gve_alloc_pending_packet() in TX DQO kernel: gve: add missing NULL check for gve_alloc_pending_packet() in TX DQO In the Linux kernel, the following vulnerability has been resolved: gve: add missing NULL check for gve_alloc_pending_packet() in TX DQO gve_alloc_pending_packet() can return NULL, but gve_tx_add_skb_dqo() did not check for this case before dereferencing the returned pointer. Add a missing NULL check to prevent a potential NULL pointer dereference when allocation fails. This improves robustness in low-memory scenarios. Package: kernel (Red Hat Enterprise Linux 10) - Fix deferred Package: kernel (Red Hat Enterprise Linux 6) - Not affected Package: kernel (Red Hat Enterprise Linux 7) - Not affected Package: kernel-rt (Red Hat Enterprise Linux 7) - Not affected Package: kernel (Red Hat Enterprise Linux 8) - Fix

CVE-2025-38122 [MEDIUM] CVE-2025-38122: linux - In the Linux kernel, the following vulnerability has been resolved: gve: add mi... In the Linux kernel, the following vulnerability has been resolved: gve: add missing NULL check for gve_alloc_pending_packet() in TX DQO gve_alloc_pending_packet() can return NULL, but gve_tx_add_skb_dqo() did not check for this case before dereferencing the returned pointer. Add a missing NULL check to prevent a potential NULL pointer dereference when allocation fails. This improves robustness in low-memory scenarios. Scope: local bookworm: resolved (fixed in 6.1.147-1) bullseye: resolved forky: resolved (fixed in 6.12.35-1) sid: resolved (fixed in 6.12.35-1) trixie: resolved (fixed in 6.12.35-1)

CVE-2025-38122 [MEDIUM] Linux Kernel up to 6.15.2 gve_alloc_pending_packet null pointer dereference (EUVD-2025-19821 / Nessus ID 248399) A vulnerability was found in Linux Kernel up to 5.15.185/6.1.141/6.6.93/6.12.33/6.15.2. It has been declared as critical. Affected is the function gve_alloc_pending_packet. Executing a manipulation can lead to null pointer dereference. This vulnerability appears as CVE-2025-38122. The attacker needs to be present on the local network. There is no available exploit. It is recommended to upgrade the affected component.

[LOW] linux-azure-6.8 vulnerabilities linux-azure-6.8 vulnerabilities Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module (LSM). An unprivileged local attacker could use these issues to load, replace, and remove arbitrary AppArmor profiles causing denial of service, exposure of sensitive information (kernel memory), local privilege escalation, or possibly escape a container. (LP: #2143853) It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. (CVE-2024-36331) Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos, and Flavien Solt discovered that some AMD processors may allow an attacker to infer data from previous stores,

CVE-2024-36331 [LOW] linux-azure-fips vulnerabilities linux-azure-fips vulnerabilities It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. (CVE-2024-36331) Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos, and Flavien Solt discovered that some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information. A local attacker could possibly use this to expose sensitive information. (CVE-2024-36350, CVE-2024-36357) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architectur

CVE-2024-36331 [LOW] linux-azure vulnerabilities linux-azure vulnerabilities It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. (CVE-2024-36331) Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos, and Flavien Solt discovered that some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information. A local attacker could possibly use this to expose sensitive information. (CVE-2024-36350, CVE-2024-36357) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; -

CVE-2024-36331 [LOW] linux-ibm, linux-ibm-6.8 vulnerabilities linux-ibm, linux-ibm-6.8 vulnerabilities It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. (CVE-2024-36331) Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos, and Flavien Solt discovered that some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information. A local attacker could possibly use this to expose sensitive information. (CVE-2024-36350, CVE-2024-36357) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 arc

CVE-2024-36331 [LOW] linux-xilinx vulnerabilities linux-xilinx vulnerabilities It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. (CVE-2024-36331) Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos, and Flavien Solt discovered that some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information. A local attacker could possibly use this to expose sensitive information. (CVE-2024-36350, CVE-2024-36357) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; -

CVE-2024-36331 [LOW] linux-hwe-6.8, linux-lowlatency-hwe-6.8 vulnerabilities linux-hwe-6.8, linux-lowlatency-hwe-6.8 vulnerabilities It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. (CVE-2024-36331) Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos, and Flavien Solt discovered that some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information. A local attacker could possibly use this to expose sensitive information. (CVE-2024-36350, CVE-2024-36357) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsyste

CVE-2024-36331 [LOW] linux-gcp, linux-gke vulnerabilities linux-gcp, linux-gke vulnerabilities It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. (CVE-2024-36331) Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos, and Flavien Solt discovered that some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information. A local attacker could possibly use this to expose sensitive information. (CVE-2024-36350, CVE-2024-36357) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 archite

CVE-2024-36331 [LOW] linux-nvidia-lowlatency vulnerabilities linux-nvidia-lowlatency vulnerabilities It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. (CVE-2024-36331) Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos, and Flavien Solt discovered that some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information. A local attacker could possibly use this to expose sensitive information. (CVE-2024-36350, CVE-2024-36357) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 arch

CVE-2024-36331 [LOW] linux-lowlatency vulnerabilities linux-lowlatency vulnerabilities It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. (CVE-2024-36331) Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos, and Flavien Solt discovered that some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information. A local attacker could possibly use this to expose sensitive information. (CVE-2024-36350, CVE-2024-36357) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architectur

CVE-2024-36331 [LOW] linux-gcp-fips vulnerabilities linux-gcp-fips vulnerabilities It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. (CVE-2024-36331) Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos, and Flavien Solt discovered that some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information. A local attacker could possibly use this to expose sensitive information. (CVE-2024-36350, CVE-2024-36357) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture;

CVE-2024-36331 [LOW] linux-aws-fips, linux-fips vulnerabilities linux-aws-fips, linux-fips vulnerabilities It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. (CVE-2024-36331) Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos, and Flavien Solt discovered that some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information. A local attacker could possibly use this to expose sensitive information. (CVE-2024-36350, CVE-2024-36357) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 a

CVE-2024-36331 [LOW] linux-realtime, linux-raspi-realtime vulnerabilities linux-realtime, linux-raspi-realtime vulnerabilities It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. (CVE-2024-36331) Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos, and Flavien Solt discovered that some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information. A local attacker could possibly use this to expose sensitive information. (CVE-2024-36350, CVE-2024-36357) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems:

CVE-2024-36331 [LOW] linux-aws, linux-aws-6.8, linux-gkeop, linux-nvidia, linux-nvidia-6.8, linux-oracle, linux-oracle-6.8 vulnerabilities linux-aws, linux-aws-6.8, linux-gkeop, linux-nvidia, linux-nvidia-6.8, linux-oracle, linux-oracle-6.8 vulnerabilities It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. (CVE-2024-36331) Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos, and Flavien Solt discovered that some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information. A local attacker could possibly use this to expose sensitive information. (CVE-2024-36350, CVE-2024-36357) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise th

CVE-2024-36331 [LOW] linux-gcp-6.8 vulnerabilities linux-gcp-6.8 vulnerabilities It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. (CVE-2024-36331) Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos, and Flavien Solt discovered that some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information. A local attacker could possibly use this to expose sensitive information. (CVE-2024-36350, CVE-2024-36357) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture;

CVE-2024-36331 [LOW] linux-realtime-6.8 vulnerabilities linux-realtime-6.8 vulnerabilities It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. (CVE-2024-36331) Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos, and Flavien Solt discovered that some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information. A local attacker could possibly use this to expose sensitive information. (CVE-2024-36350, CVE-2024-36357) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architect

CVE-2024-36331 [LOW] linux, linux-raspi vulnerabilities linux, linux-raspi vulnerabilities It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. (CVE-2024-36331) Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos, and Flavien Solt discovered that some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information. A local attacker could possibly use this to expose sensitive information. (CVE-2024-36350, CVE-2024-36357) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architect

linux, linux-aws, linux-aws-5.15, linux-gcp, linux-gcp-5.15, linux-gke, linux-gkeop, linux-hwe-5.15, linux-ibm, linux-ibm-5.15, linux-intel-iotg, linux-intel-iotg-5.15, linux-lowlatency, linux-lowlate linux, linux-aws, linux-aws-5.15, linux-gcp, linux-gcp-5.15, linux-gke, linux-gkeop, linux-hwe-5.15, linux-ibm, linux-ibm-5.15, linux-intel-iotg, linux-intel-iotg-5.15, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-nvidia-tegra, linux-nvidia-tegra-5.15, linux-oracle, linux-raspi, linux-xilinx-zynqmp vulnerabilities Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Serial ATA and Parallel ATA drivers; - Drivers core; - ATA over ethernet (AOE) driver; - Network block device driver; - Bus devices; - Clock framework and drivers; - Hardware crypto device drivers; -

linux, linux-aws, linux-gcp, linux-gcp-6.14, linux-oracle, linux-realtime vulnerabilities linux, linux-aws, linux-gcp, linux-gcp-6.14, linux-oracle, linux-realtime vulnerabilities Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - ACPI drivers; - Android drivers; - Bluetooth drivers; - Bus devices; - Clock framework and drivers; - CPU frequency scaling framework; - Hardware crypto device drivers; - DMA engine subsystem; - EDAC drivers; - Arm Firmware Framework for ARMv8-A(FFA); - FPGA Framework; - GPIO subsystem; - GPU drivers; - HID subsystem; - Hardware monitoring drivers; - HW tracing; - InfiniBand drivers; - IOMMU subsystem; - Multipl

linux-raspi vulnerabilities linux-raspi vulnerabilities Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - ACPI drivers; - Android drivers; - Bluetooth drivers; - Bus devices; - Clock framework and drivers; - CPU frequency scaling framework; - Hardware crypto device drivers; - DMA engine subsystem; - EDAC drivers; - Arm Firmware Framework for ARMv8-A(FFA); - FPGA Framework; - GPIO subsystem; - GPU drivers; - HID subsystem; - Hardware monitoring drivers; - HW tracing; - InfiniBand drivers; - IOMMU subsystem; - Multiple devices driver; - Media drivers; - VMware VMCI Driver; - MTD

linux-nvidia-tegra-igx vulnerabilities linux-nvidia-tegra-igx vulnerabilities Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Serial ATA and Parallel ATA drivers; - Drivers core; - ATA over ethernet (AOE) driver; - Network block device driver; - Bus devices; - Clock framework and drivers; - Hardware crypto device drivers; - DMA engine subsystem; - EDAC drivers; - GPU drivers; - HID subsystem; - InfiniBand drivers; - Input Device (Miscellaneous) drivers; - Multiple devices driver; - Media drivers; - VMware VMCI Driver; - MMC subsystem; - MTD block device drivers; - Network drivers; - Pin controllers subsystem; - x86

linux-kvm vulnerabilities linux-kvm vulnerabilities Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Serial ATA and Parallel ATA drivers; - Drivers core; - ATA over ethernet (AOE) driver; - Network block device driver; - Bus devices; - Clock framework and drivers; - Hardware crypto device drivers; - DMA engine subsystem; - EDAC drivers; - GPU drivers; - HID subsystem; - InfiniBand drivers; - Input Device (Miscellaneous) drivers; - Multiple devices driver; - Media drivers; - VMware VMCI Driver; - MMC subsystem; - MTD block device drivers; - Network drivers; - Pin controllers subsystem; - x86 platform dri

linux-oracle-6.14 vulnerabilities linux-oracle-6.14 vulnerabilities Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - ACPI drivers; - Android drivers; - Bluetooth drivers; - Bus devices; - Clock framework and drivers; - CPU frequency scaling framework; - Hardware crypto device drivers; - DMA engine subsystem; - EDAC drivers; - Arm Firmware Framework for ARMv8-A(FFA); - FPGA Framework; - GPIO subsystem; - GPU drivers; - HID subsystem; - Hardware monitoring drivers; - HW tracing; - InfiniBand drivers; - IOMMU subsystem; - Multiple devices driver; - Media drivers; - VMware VMCI Driver;

linux-azure-5.15 vulnerabilities linux-azure-5.15 vulnerabilities Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Serial ATA and Parallel ATA drivers; - Drivers core; - ATA over ethernet (AOE) driver; - Network block device driver; - Bus devices; - Clock framework and drivers; - Hardware crypto device drivers; - DMA engine subsystem; - EDAC drivers; - GPU drivers; - HID subsystem; - InfiniBand drivers; - Input Device (Miscellaneous) drivers; - Multiple devices driver; - Media drivers; - VMware VMCI Driver; - MMC subsystem; - MTD block device drivers; - Network drivers; - Pin controllers subsystem; - x86 platf

linux-aws-6.14, linux-hwe-6.14 vulnerabilities linux-aws-6.14, linux-hwe-6.14 vulnerabilities Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - ACPI drivers; - Android drivers; - Bluetooth drivers; - Bus devices; - Clock framework and drivers; - CPU frequency scaling framework; - Hardware crypto device drivers; - DMA engine subsystem; - EDAC drivers; - Arm Firmware Framework for ARMv8-A(FFA); - FPGA Framework; - GPIO subsystem; - GPU drivers; - HID subsystem; - Hardware monitoring drivers; - HW tracing; - InfiniBand drivers; - IOMMU subsystem; - Multiple devices driver; - Media drivers; - VMware

linux-azure vulnerabilities linux-azure vulnerabilities Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Serial ATA and Parallel ATA drivers; - Drivers core; - ATA over ethernet (AOE) driver; - Network block device driver; - Bus devices; - Clock framework and drivers; - Hardware crypto device drivers; - DMA engine subsystem; - EDAC drivers; - GPU drivers; - HID subsystem; - InfiniBand drivers; - Input Device (Miscellaneous) drivers; - Multiple devices driver; - Media drivers; - VMware VMCI Driver; - MMC subsystem; - MTD block device drivers; - Network drivers; - Pin controllers subsystem; - x86 platform d

linux-oracle-5.15 vulnerabilities linux-oracle-5.15 vulnerabilities Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Serial ATA and Parallel ATA drivers; - Drivers core; - ATA over ethernet (AOE) driver; - Network block device driver; - Bus devices; - Clock framework and drivers; - Hardware crypto device drivers; - DMA engine subsystem; - EDAC drivers; - GPU drivers; - HID subsystem; - InfiniBand drivers; - Input Device (Miscellaneous) drivers; - Multiple devices driver; - Media drivers; - VMware VMCI Driver; - MMC subsystem; - MTD block device drivers; - Network drivers; - Pin controllers subsystem; - x86 plat

linux-intel-iot-realtime, linux-realtime vulnerabilities linux-intel-iot-realtime, linux-realtime vulnerabilities Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Serial ATA and Parallel ATA drivers; - Drivers core; - ATA over ethernet (AOE) driver; - Network block device driver; - Bus devices; - Clock framework and drivers; - Hardware crypto device drivers; - DMA engine subsystem; - EDAC drivers; - GPU drivers; - HID subsystem; - InfiniBand drivers; - Input Device (Miscellaneous) drivers; - Multiple devices driver; - Media drivers; - VMware VMCI Driver; - MMC subsystem; - MTD block device drivers; - Network drivers; - Pin controller

linux-azure-fips vulnerabilities linux-azure-fips vulnerabilities Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Serial ATA and Parallel ATA drivers; - Drivers core; - ATA over ethernet (AOE) driver; - Network block device driver; - Bus devices; - Clock framework and drivers; - Hardware crypto device drivers; - DMA engine subsystem; - EDAC drivers; - GPU drivers; - HID subsystem; - InfiniBand drivers; - Input Device (Miscellaneous) drivers; - Multiple devices driver; - Media drivers; - VMware VMCI Driver; - MMC subsystem; - MTD block device drivers; - Network drivers; - Pin controllers subsystem; - x86 platf

linux-aws-fips, linux-fips, linux-gcp-fips vulnerabilities linux-aws-fips, linux-fips, linux-gcp-fips vulnerabilities Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Serial ATA and Parallel ATA drivers; - Drivers core; - ATA over ethernet (AOE) driver; - Network block device driver; - Bus devices; - Clock framework and drivers; - Hardware crypto device drivers; - DMA engine subsystem; - EDAC drivers; - GPU drivers; - HID subsystem; - InfiniBand drivers; - Input Device (Miscellaneous) drivers; - Multiple devices driver; - Media drivers; - VMware VMCI Driver; - MMC subsystem; - MTD block device drivers; - Network drivers; - Pin controll

linux-realtime-6.14 vulnerabilities linux-realtime-6.14 vulnerabilities Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - ACPI drivers; - Android drivers; - Bluetooth drivers; - Bus devices; - Clock framework and drivers; - CPU frequency scaling framework; - Hardware crypto device drivers; - DMA engine subsystem; - EDAC drivers; - Arm Firmware Framework for ARMv8-A(FFA); - FPGA Framework; - GPIO subsystem; - GPU drivers; - HID subsystem; - Hardware monitoring drivers; - HW tracing; - InfiniBand drivers; - IOMMU subsystem; - Multiple devices driver; - Media drivers; - VMware VMCI Drive

linux-azure vulnerabilities linux-azure vulnerabilities Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - ACPI drivers; - Android drivers; - Bluetooth drivers; - Bus devices; - Clock framework and drivers; - CPU frequency scaling framework; - Hardware crypto device drivers; - DMA engine subsystem; - EDAC drivers; - Arm Firmware Framework for ARMv8-A(FFA); - FPGA Framework; - GPIO subsystem; - GPU drivers; - HID subsystem; - Hardware monitoring drivers; - HW tracing; - InfiniBand drivers; - IOMMU subsystem; - Multiple devices driver; - Media drivers; - VMware VMCI Driver; - MTD

linux-oem-6.14 vulnerabilities linux-oem-6.14 vulnerabilities Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - ACPI drivers; - Android drivers; - Bluetooth drivers; - Bus devices; - Clock framework and drivers; - CPU frequency scaling framework; - Hardware crypto device drivers; - DMA engine subsystem; - EDAC drivers; - Arm Firmware Framework for ARMv8-A(FFA); - FPGA Framework; - GPIO subsystem; - GPU drivers; - HID subsystem; - Hardware monitoring drivers; - HW tracing; - InfiniBand drivers; - IOMMU subsystem; - Multiple devices driver; - Media drivers; - VMware VMCI Driver; -

CVE-2025-38122 [MEDIUM] CWE-476 GHSA-7pxg-rrcr-gqm5: In the Linux kernel, the following vulnerability has been resolved: gve: add missing NULL check for gve_alloc_pending_packet() in TX DQO gve_alloc_p In the Linux kernel, the following vulnerability has been resolved: gve: add missing NULL check for gve_alloc_pending_packet() in TX DQO gve_alloc_pending_packet() can return NULL, but gve_tx_add_skb_dqo() did not check for this case before dereferencing the returned pointer. Add a missing NULL check to prevent a potential NULL pointer dereference when allocation fails. This improves robustness in low-memory scenarios.

CVE-2025-38122 [MEDIUM] CVE-2025-38122: In the Linux kernel, the following vulnerability has been resolved: gve: add missing NULL check for gve_alloc_pending_packet() in TX DQO gve_alloc_pen In the Linux kernel, the following vulnerability has been resolved: gve: add missing NULL check for gve_alloc_pending_packet() in TX DQO gve_alloc_pending_packet() can return NULL, but gve_tx_add_skb_dqo() did not check for this case before dereferencing the returned pointer. Add a missing NULL check to prevent a potential NULL pointer dereference when allocation fails. This improves robustness in low-memory scenarios.