CVE-2025-40271
published 2025-12-06CVE-2025-40271: In the Linux kernel, the following vulnerability has been resolved: fs/proc: fix uaf in proc_readdir_de() Pde is erased from subdir rbtree through rb_erase()…
PriorityP432high7.8
EXPLOIT
EPSS
0.54%
41.5th percentile
In the Linux kernel, the following vulnerability has been resolved:
fs/proc: fix uaf in proc_readdir_de()
Pde is erased from subdir rbtree through rb_erase(), but not set the node
to EMPTY, which may result in uaf access. We should use RB_CLEAR_NODE()
set the erased node to EMPTY, then pde_subdir_next() will return NULL to
avoid uaf access.
We found an uaf issue while using stress-ng testing, need to run testcase
getdent and tun in the same time. The steps of the issue is as follows:
1) use getdent to traverse dir /proc/pid/net/dev_snmp6/, and current
pde is tun3;
2) in the [time windows] unregister netdevice tun3 and tun2, and erase
them from rbtree. erase tun3 first, and then erase tun2. the
pde(tun2) will be released to slab;
3) continue to getdent process, then pde_subdir_next() will return
pde(tun2) which is released, it will case uaf access.
CPU 0 | CPU 1
traverse dir /proc/pid/net/dev_snmp6/ | unregister_netdevice(tun->dev) //tun3 tun2
sys_getdents64() |
iterate_dir() |
proc_readdir() |
proc_readdir_de() | snmp6_unregister_dev()
pde_get(de); | proc_remove()
read_unlock(&proc_subdir_lock); | remove_proc_subtree()
| write_lock(&proc_subdir_lock);
[time window] | rb_erase(&root->subdir_node, &parent->subdir);
| write_unlock(&proc_subdir_lock);
read_lock(&proc_subdir_lock); |
next = pde_subdir_next(de); |
pde_put(de); |
de = next; //UAF |
rbtree of dev_snmp6
|
pde(tun3)
/ \
NULL pde(tun2)
Affected
29 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | linux | < linux 6.1.159-1 (bookworm) | linux 6.1.159-1 (bookworm) |
| debian | linux-6.1 | < linux 6.1.159-1 (bookworm) | linux 6.1.159-1 (bookworm) |
| linux | linux | — | — |
| linux | linux | >= 710585d4922fd315f2cada8fbe550ae8ed23e994 < 1d1596d68a6f11d28f677eedf6cf5b17dbfeb491 | 1d1596d68a6f11d28f677eedf6cf5b17dbfeb491 |
| linux | linux | >= 710585d4922fd315f2cada8fbe550ae8ed23e994 < c81d0385500446efe48c305bbb83d47f2ae23a50 | c81d0385500446efe48c305bbb83d47f2ae23a50 |
| linux | linux | >= 710585d4922fd315f2cada8fbe550ae8ed23e994 < 4cba73c4c89219beef7685a47374bf88b1022369 | 4cba73c4c89219beef7685a47374bf88b1022369 |
| linux | linux | >= 710585d4922fd315f2cada8fbe550ae8ed23e994 < 6f2482745e510ae1dacc9b090194b9c5f918d774 | 6f2482745e510ae1dacc9b090194b9c5f918d774 |
| linux | linux | >= 710585d4922fd315f2cada8fbe550ae8ed23e994 < 67272c11f379d9aa5e0f6b16286b9d89b3f76046 | 67272c11f379d9aa5e0f6b16286b9d89b3f76046 |
| linux | linux | >= 710585d4922fd315f2cada8fbe550ae8ed23e994 < 623bb26127fb581a741e880e1e1a47d79aecb6f8 | 623bb26127fb581a741e880e1e1a47d79aecb6f8 |
| linux | linux | >= 710585d4922fd315f2cada8fbe550ae8ed23e994 < 03de7ff197a3d0e17d0d5c58fdac99a63cba8110 | 03de7ff197a3d0e17d0d5c58fdac99a63cba8110 |
| linux | linux | >= 710585d4922fd315f2cada8fbe550ae8ed23e994 < 895b4c0c79b092d732544011c3cecaf7322c36a1 | 895b4c0c79b092d732544011c3cecaf7322c36a1 |
| linux | linux_kernel | >= 0 < 5.10.247-1 | 5.10.247-1 |
| linux | linux_kernel | >= 0 < 6.1.159-1 | 6.1.159-1 |
| linux | linux_kernel | >= 0 < 6.12.63-1 | 6.12.63-1 |
| linux | linux_kernel | >= 0 < 6.17.9-1 | 6.17.9-1 |
| linux | linux_kernel | >= 0 < 5.15.0-173.183 | 5.15.0-173.183 |
| linux | linux_kernel | >= 0 < 6.8.0-106.106 | 6.8.0-106.106 |
| linux | linux_kernel | >= 0 < 6.17.0-14.14 | 6.17.0-14.14 |
| linux | linux_kernel | >= 3.19.0 < 5.4.302 | 5.4.302 |
| linux | linux_kernel | >= 5.11.0 < 5.15.197 | 5.15.197 |
| linux | linux_kernel | >= 5.16.0 < 6.1.159 | 6.1.159 |
| linux | linux_kernel | >= 5.5.0 < 5.10.247 | 5.10.247 |
| linux | linux_kernel | >= 6.13.0 < 6.17.9 | 6.17.9 |
| linux | linux_kernel | >= 6.2.0 < 6.6.117 | 6.6.117 |
| linux | linux_kernel | >= 6.7.0 < 6.12.59 | 6.12.59 |
CVSS provenance
osv7.8HIGH
vendor_ubuntu7.8HIGH
vendor_redhat7.0MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
linux-raspi vulnerabilities
osv·2026-04-01·CVSS 7.8
CVE-2026-23268 [HIGH] linux-raspi vulnerabilities
linux-raspi vulnerabilities
Qualys discovered that several vulnerabilities existed in the AppArmor
Linux kernel Security Module (LSM). An unprivileged local attacker could
use these issues to load, replace, and remove arbitrary AppArmor profiles
causing denial of service, exposure of sensitive information (kernel
memory), local privilege escalation, or possibly escape a container.
(LP: #2143853, CVE-2026-23268, CVE-2026-23269)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Nios II architecture;
- PowerPC architecture;
- Sun Sparc architecture;
- User-Mode Linux (UML);
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers;
- ATM
OSV
linux-raspi, linux-raspi-realtime vulnerabilities
osv·2026-04-01
linux-raspi, linux-raspi-realtime vulnerabilities
linux-raspi, linux-raspi-realtime vulnerabilities
Qualys discovered that several vulnerabilities existed in the AppArmor
Linux kernel Security Module (LSM). An unprivileged local attacker could
use these issues to load, replace, and remove arbitrary AppArmor profiles
causing denial of service, exposure of sensitive information (kernel
memory), local privilege escalation, or possibly escape a container.
(LP: #2143853)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- MIPS architecture;
- Nios II architecture;
- PA-RISC architecture;
- RISC-V architecture;
- S390 architecture;
- Sun Sparc architecture;
- User-Mode Linux (UML);
- x86 archi
OSV
linux-azure-6.8 vulnerabilities
osv·2026-03-25·CVSS 3.2
[LOW] linux-azure-6.8 vulnerabilities
linux-azure-6.8 vulnerabilities
Qualys discovered that several vulnerabilities existed in the AppArmor
Linux kernel Security Module (LSM). An unprivileged local attacker could
use these issues to load, replace, and remove arbitrary AppArmor profiles
causing denial of service, exposure of sensitive information (kernel
memory), local privilege escalation, or possibly escape a container.
(LP: #2143853)
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that some AMD processors may allow an attacker
to infer data from previous stores,
OSV
linux-azure vulnerabilities
osv·2026-03-25
linux-azure vulnerabilities
linux-azure vulnerabilities
Qualys discovered that several vulnerabilities existed in the AppArmor
Linux kernel Security Module (LSM). An unprivileged local attacker could
use these issues to load, replace, and remove arbitrary AppArmor profiles
causing denial of service, exposure of sensitive information (kernel
memory), local privilege escalation, or possibly escape a container.
(LP: #2143853)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- MIPS architecture;
- Nios II architecture;
- PA-RISC architecture;
- RISC-V architecture;
- S390 architecture;
- Sun Sparc architecture;
- User-Mode Linux (UML);
- x86 architecture;
- Xtensa arch
OSV
linux-intel-iot-realtime vulnerabilities
osv·2026-03-23
linux-intel-iot-realtime vulnerabilities
linux-intel-iot-realtime vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PowerPC architecture;
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers;
- ATM drivers;
- Drivers core;
- Network block device driver;
- Bluetooth drivers;
- Character device driver;
- TPM device driver;
- Data acquisition framework and drivers;
- Counter interface drivers;
- CPU frequency scaling framework;
- Intel Stratix 10 firmware drivers;
- GPU drivers;
- HID subsystem;
- Hardware monitoring drivers;
- IIO subsystem;
- InfiniBand drivers;
- Input Device core drivers;
- Input Device (Tablet) drivers;
- ISDN/mISDN subsystem;
- Macintos
OSV
linux-nvidia-tegra-igx vulnerabilities
osv·2026-03-23
linux-nvidia-tegra-igx vulnerabilities
linux-nvidia-tegra-igx vulnerabilities
Qualys discovered that several vulnerabilities existed in the AppArmor
Linux kernel Security Module (LSM). An unprivileged local attacker could
use these issues to load, replace, and remove arbitrary AppArmor profiles
causing denial of service, exposure of sensitive information (kernel
memory), local privilege escalation, or possibly escape a container.
(LP: #2143853)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PowerPC architecture;
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers;
- ATM drivers;
- Drivers core;
- Network block device driver;
- Bluetooth drivers;
- Character device
OSV
linux-aws-6.8 vulnerabilities
osv·2026-03-23
linux-aws-6.8 vulnerabilities
linux-aws-6.8 vulnerabilities
Qualys discovered that several vulnerabilities existed in the AppArmor
Linux kernel Security Module (LSM). An unprivileged local attacker could
use these issues to load, replace, and remove arbitrary AppArmor profiles
causing denial of service, exposure of sensitive information (kernel
memory), local privilege escalation, or possibly escape a container.
(LP: #2143853)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- MIPS architecture;
- Nios II architecture;
- PA-RISC architecture;
- RISC-V architecture;
- S390 architecture;
- Sun Sparc architecture;
- User-Mode Linux (UML);
- x86 architecture;
- Xtensa ar
OSV
linux-realtime, linux-realtime-6.8 vulnerabilities
osv·2026-03-17
linux-realtime, linux-realtime-6.8 vulnerabilities
linux-realtime, linux-realtime-6.8 vulnerabilities
Qualys discovered that several vulnerabilities existed in the AppArmor
Linux kernel Security Module (LSM). An unprivileged local attacker could
use these issues to load, replace, and remove arbitrary AppArmor profiles
causing denial of service, exposure of sensitive information (kernel
memory), local privilege escalation, or possibly escape a container.
(LP: #2143853)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- MIPS architecture;
- Nios II architecture;
- PA-RISC architecture;
- RISC-V architecture;
- S390 architecture;
- Sun Sparc architecture;
- User-Mode Linux (UML);
- x86 arch
OSV
linux-realtime vulnerabilities
osv·2026-03-17
linux-realtime vulnerabilities
linux-realtime vulnerabilities
Qualys discovered that several vulnerabilities existed in the AppArmor
Linux kernel Security Module (LSM). An unprivileged local attacker could
use these issues to load, replace, and remove arbitrary AppArmor profiles
causing denial of service, exposure of sensitive information (kernel
memory), local privilege escalation, or possibly escape a container.
(LP: #2143853)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PowerPC architecture;
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers;
- ATM drivers;
- Drivers core;
- Network block device driver;
- Bluetooth drivers;
- Character device driver;
OSV
linux-aws-5.15, linux-gcp-5.15, linux-gke, linux-hwe-5.15, linux-intel-iotg-5.15, linux-lowlatency-hwe-5.15, linux-oracle-5.15 vulnerabilities
osv·2026-03-17
linux-aws-5.15, linux-gcp-5.15, linux-gke, linux-hwe-5.15, linux-intel-iotg-5.15, linux-lowlatency-hwe-5.15, linux-oracle-5.15 vulnerabilities
linux-aws-5.15, linux-gcp-5.15, linux-gke, linux-hwe-5.15, linux-intel-iotg-5.15, linux-lowlatency-hwe-5.15, linux-oracle-5.15 vulnerabilities
Qualys discovered that several vulnerabilities existed in the AppArmor
Linux kernel Security Module (LSM). An unprivileged local attacker could
use these issues to load, replace, and remove arbitrary AppArmor profiles
causing denial of service, exposure of sensitive information (kernel
memory), local privilege escalation, or possibly escape a container.
(LP: #2143853)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PowerPC architecture;
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers
OSV
linux, linux-aws, linux-gcp, linux-gkeop, linux-ibm, linux-ibm-5.15, linux-intel-iotg, linux-kvm, linux-lowlatency, linux-nvidia, linux-nvidia-tegra, linux-nvidia-tegra-5.15, linux-oracle, linux-xilin
osv·2026-03-16
linux, linux-aws, linux-gcp, linux-gkeop, linux-ibm, linux-ibm-5.15, linux-intel-iotg, linux-kvm, linux-lowlatency, linux-nvidia, linux-nvidia-tegra, linux-nvidia-tegra-5.15, linux-oracle, linux-xilin
linux, linux-aws, linux-gcp, linux-gkeop, linux-ibm, linux-ibm-5.15, linux-intel-iotg, linux-kvm, linux-lowlatency, linux-nvidia, linux-nvidia-tegra, linux-nvidia-tegra-5.15, linux-oracle, linux-xilinx-zynqmp vulnerabilities
Qualys discovered that several vulnerabilities existed in the AppArmor
Linux kernel Security Module (LSM). An unprivileged local attacker could
use these issues to load, replace, and remove arbitrary AppArmor profiles
causing denial of service, exposure of sensitive information (kernel
memory), local privilege escalation, or possibly escape a container.
(LP: #2143853)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PowerPC architecture
OSV
linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency vulnerabilities
osv·2026-03-16
linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency vulnerabilities
linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency vulnerabilities
Qualys discovered that several vulnerabilities existed in the AppArmor
Linux kernel Security Module (LSM). An unprivileged local attacker could
use these issues to load, replace, and remove arbitrary AppArmor profiles
causing denial of service, exposure of sensitive information (kernel
memory), local privilege escalation, or possibly escape a container.
(LP: #2143853)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- MIPS architecture;
- Nios II architecture;
- PA-RISC architecture;
- RISC-V architecture;
- S390 architecture;
- Sun Sparc architecture;
- User-Mode Li
OSV
linux-fips, linux-aws-fips, linux-gcp-fips vulnerabilities
osv·2026-03-16
linux-fips, linux-aws-fips, linux-gcp-fips vulnerabilities
linux-fips, linux-aws-fips, linux-gcp-fips vulnerabilities
Qualys discovered that several vulnerabilities existed in the AppArmor
Linux kernel Security Module (LSM). An unprivileged local attacker could
use these issues to load, replace, and remove arbitrary AppArmor profiles
causing denial of service, exposure of sensitive information (kernel
memory), local privilege escalation, or possibly escape a container.
(LP: #2143853)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PowerPC architecture;
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers;
- ATM drivers;
- Drivers core;
- Network block device driver;
- Bluetooth drivers;
OSV
linux-fips, linux-aws-fips, linux-gcp-fips vulnerabilities
osv·2026-03-16
linux-fips, linux-aws-fips, linux-gcp-fips vulnerabilities
linux-fips, linux-aws-fips, linux-gcp-fips vulnerabilities
Qualys discovered that several vulnerabilities existed in the AppArmor
Linux kernel Security Module (LSM). An unprivileged local attacker could
use these issues to load, replace, and remove arbitrary AppArmor profiles
causing denial of service, exposure of sensitive information (kernel
memory), local privilege escalation, or possibly escape a container.
(LP: #2143853)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- MIPS architecture;
- Nios II architecture;
- PA-RISC architecture;
- RISC-V architecture;
- S390 architecture;
- Sun Sparc architecture;
- User-Mode Linux (UML);
-
OSV
linux, linux-aws, linux-gcp, linux-gcp-6.8, linux-gke, linux-gkeop, linux-hwe-6.8, linux-ibm, linux-ibm-6.8, linux-lowlatency, linux-lowlatency-hwe-6.8, linux-oracle, linux-oracle-6.8 vulnerabilities
osv·2026-03-16
linux, linux-aws, linux-gcp, linux-gcp-6.8, linux-gke, linux-gkeop, linux-hwe-6.8, linux-ibm, linux-ibm-6.8, linux-lowlatency, linux-lowlatency-hwe-6.8, linux-oracle, linux-oracle-6.8 vulnerabilities
linux, linux-aws, linux-gcp, linux-gcp-6.8, linux-gke, linux-gkeop, linux-hwe-6.8, linux-ibm, linux-ibm-6.8, linux-lowlatency, linux-lowlatency-hwe-6.8, linux-oracle, linux-oracle-6.8 vulnerabilities
Qualys discovered that several vulnerabilities existed in the AppArmor
Linux kernel Security Module (LSM). An unprivileged local attacker could
use these issues to load, replace, and remove arbitrary AppArmor profiles
causing denial of service, exposure of sensitive information (kernel
memory), local privilege escalation, or possibly escape a container.
(LP: #2143853)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- MIPS architecture;
- Ni
OSV
linux-azure vulnerabilities
osv·2026-02-24
linux-azure vulnerabilities
linux-azure vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- MIPS architecture;
- Nios II architecture;
- PA-RISC architecture;
- RISC-V architecture;
- S390 architecture;
- Sun Sparc architecture;
- x86 architecture;
- Xtensa architecture;
- Block layer subsystem;
- Cryptographic API;
- Compute Acceleration Framework;
- ACPI drivers;
- Drivers core;
- Network block device driver;
- Bluetooth drivers;
- Bus devices;
- Hardware random number generator core;
- Character device driver;
- Clock framework and drivers;
- Data acquisition framework and drivers;
- CPU frequency scaling framework;
- Hardware crypto device drivers
OSV
linux-oem-6.17 vulnerabilities
osv·2026-02-17
linux-oem-6.17 vulnerabilities
linux-oem-6.17 vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- MIPS architecture;
- Nios II architecture;
- PA-RISC architecture;
- RISC-V architecture;
- S390 architecture;
- Sun Sparc architecture;
- x86 architecture;
- Xtensa architecture;
- Block layer subsystem;
- Cryptographic API;
- Compute Acceleration Framework;
- ACPI drivers;
- Drivers core;
- Network block device driver;
- Bluetooth drivers;
- Bus devices;
- Hardware random number generator core;
- Character device driver;
- Clock framework and drivers;
- Data acquisition framework and drivers;
- CPU frequency scaling framework;
- Hardware crypto device driv
OSV
linux-aws, linux-oracle vulnerabilities
osv·2026-02-17
linux-aws, linux-oracle vulnerabilities
linux-aws, linux-oracle vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- MIPS architecture;
- Nios II architecture;
- PA-RISC architecture;
- RISC-V architecture;
- S390 architecture;
- Sun Sparc architecture;
- x86 architecture;
- Xtensa architecture;
- Block layer subsystem;
- Cryptographic API;
- Compute Acceleration Framework;
- ACPI drivers;
- Drivers core;
- Network block device driver;
- Bluetooth drivers;
- Bus devices;
- Hardware random number generator core;
- Character device driver;
- Clock framework and drivers;
- Data acquisition framework and drivers;
- CPU frequency scaling framework;
- Hardware crypto de
OSV
linux-gcp vulnerabilities
osv·2026-02-12
linux-gcp vulnerabilities
linux-gcp vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- MIPS architecture;
- Nios II architecture;
- PA-RISC architecture;
- RISC-V architecture;
- S390 architecture;
- Sun Sparc architecture;
- x86 architecture;
- Xtensa architecture;
- Block layer subsystem;
- Cryptographic API;
- Compute Acceleration Framework;
- ACPI drivers;
- Drivers core;
- Network block device driver;
- Bluetooth drivers;
- Bus devices;
- Hardware random number generator core;
- Character device driver;
- Clock framework and drivers;
- Data acquisition framework and drivers;
- CPU frequency scaling framework;
- Hardware crypto device drivers;
OSV
linux, linux-raspi, linux-realtime vulnerabilities
osv·2026-02-12
linux, linux-raspi, linux-realtime vulnerabilities
linux, linux-raspi, linux-realtime vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- MIPS architecture;
- Nios II architecture;
- PA-RISC architecture;
- RISC-V architecture;
- S390 architecture;
- Sun Sparc architecture;
- x86 architecture;
- Xtensa architecture;
- Block layer subsystem;
- Cryptographic API;
- Compute Acceleration Framework;
- ACPI drivers;
- Drivers core;
- Network block device driver;
- Bluetooth drivers;
- Bus devices;
- Hardware random number generator core;
- Character device driver;
- Clock framework and drivers;
- Data acquisition framework and drivers;
- CPU frequency scaling framework;
- Hardwar
GHSA
GHSA-r37x-wmxh-7hvh: In the Linux kernel, the following vulnerability has been resolved:
fs/proc: fix uaf in proc_readdir_de()
Pde is erased from subdir rbtree through r
ghsa_unreviewed·2025-12-07
CVE-2025-40271 GHSA-r37x-wmxh-7hvh: In the Linux kernel, the following vulnerability has been resolved:
fs/proc: fix uaf in proc_readdir_de()
Pde is erased from subdir rbtree through r
In the Linux kernel, the following vulnerability has been resolved:
fs/proc: fix uaf in proc_readdir_de()
Pde is erased from subdir rbtree through rb_erase(), but not set the node
to EMPTY, which may result in uaf access. We should use RB_CLEAR_NODE()
set the erased node to EMPTY, then pde_subdir_next() will return NULL to
avoid uaf access.
We found an uaf issue while using stress-ng testing, need to run testcase
getdent and tun in the same time. The steps of the issue is as follows:
1) use getdent to traverse dir /proc/pid/net/dev_snmp6/, and current
pde is tun3;
2) in the [time windows] unregister netdevice tun3 and tun2, and erase
them from rbtree. erase tun3 first, and then erase tun2. the
pde(tun2) will be released to slab;
3) continue to getdent process, then pde_subdir_next()
OSV
CVE-2025-40271: In the Linux kernel, the following vulnerability has been resolved: fs/proc: fix uaf in proc_readdir_de() Pde is erased from subdir rbtree through rb_
osv·2025-12-06
CVE-2025-40271 CVE-2025-40271: In the Linux kernel, the following vulnerability has been resolved: fs/proc: fix uaf in proc_readdir_de() Pde is erased from subdir rbtree through rb_
In the Linux kernel, the following vulnerability has been resolved: fs/proc: fix uaf in proc_readdir_de() Pde is erased from subdir rbtree through rb_erase(), but not set the node to EMPTY, which may result in uaf access. We should use RB_CLEAR_NODE() set the erased node to EMPTY, then pde_subdir_next() will return NULL to avoid uaf access. We found an uaf issue while using stress-ng testing, need to run testcase getdent and tun in the same time. The steps of the issue is as follows: 1) use getdent to traverse dir /proc/pid/net/dev_snmp6/, and current pde is tun3; 2) in the [time windows] unregister netdevice tun3 and tun2, and erase them from rbtree. erase tun3 first, and then erase tun2. the pde(tun2) will be released to slab; 3) continue to getdent process, then pde_subdir_next() will r
OSV
fs/proc: fix uaf in proc_readdir_de()
osv·2025-12-06
CVE-2025-40271 fs/proc: fix uaf in proc_readdir_de()
fs/proc: fix uaf in proc_readdir_de()
In the Linux kernel, the following vulnerability has been resolved:
fs/proc: fix uaf in proc_readdir_de()
Pde is erased from subdir rbtree through rb_erase(), but not set the node
to EMPTY, which may result in uaf access. We should use RB_CLEAR_NODE()
set the erased node to EMPTY, then pde_subdir_next() will return NULL to
avoid uaf access.
We found an uaf issue while using stress-ng testing, need to run testcase
getdent and tun in the same time. The steps of the issue is as follows:
1) use getdent to traverse dir /proc/pid/net/dev_snmp6/, and current
pde is tun3;
2) in the [time windows] unregister netdevice tun3 and tun2, and erase
them from rbtree. erase tun3 first, and then erase tun2. the
pde(tun2) will be released to slab;
3) continue to g
Ubuntu
Linux kernel (Xilinx) vulnerabilities
vendor_ubuntu·2026-05-07·CVSS 6.4
CVE-2025-68288 [MEDIUM] Linux kernel (Xilinx) vulnerabilities
Title: Linux kernel (Xilinx) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo
Rizzo discovered that some AMD Zen processors did not properly verify the
signature of CPU microcode. This flaw is known as EntrySign. A privileged
attacker could possibly use this issue to cause load malicious CPU
microcode causing loss of integrity and confidentiality. (CVE-2024-36347)
Qualys discovered that several vulnerabilities existed in the AppArmor
Linux kernel Security Module (LSM). An unprivileged local attacker could
use these issues to load, replace, and remove arbitrary AppArmor profiles
causing denial of service, exposure of sensitive information (kernel
memory), local privilege escalation,
Ubuntu
Linux kernel (Azure) vulnerabilities
vendor_ubuntu·2026-05-07·CVSS 7.8
CVE-2025-22058 [HIGH] Linux kernel (Azure) vulnerabilities
Title: Linux kernel (Azure) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Qualys discovered that several vulnerabilities existed in the AppArmor
Linux kernel Security Module (LSM). An unprivileged local attacker could
use these issues to load, replace, and remove arbitrary AppArmor profiles
causing denial of service, exposure of sensitive information (kernel
memory), local privilege escalation, or possibly escape a container.
(LP: #2143853, CVE-2026-23268, CVE-2026-23269, CVE-2026-23403,
CVE-2026-23404, CVE-2026-23405, CVE-2026-23406, CVE-2026-23407,
CVE-2026-23408, CVE-2026-23409, CVE-2026-23410, CVE-2026-23411)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corre
Ubuntu
Linux kernel (Azure) vulnerabilities
vendor_ubuntu·2026-04-13·CVSS 7.8
CVE-2024-53114 [HIGH] Linux kernel (Azure) vulnerabilities
Title: Linux kernel (Azure) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Qualys discovered that several vulnerabilities existed in the AppArmor
Linux kernel Security Module (LSM). An unprivileged local attacker could
use these issues to load, replace, and remove arbitrary AppArmor profiles
causing denial of service, exposure of sensitive information (kernel
memory), local privilege escalation, or possibly escape a container.
(LP: #2143853, CVE-2026-23268, CVE-2026-23269, CVE-2026-23403,
CVE-2026-23404, CVE-2026-23405, CVE-2026-23406, CVE-2026-23407,
CVE-2026-23408, CVE-2026-23409, CVE-2026-23410, CVE-2026-23411)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corre
Ubuntu
Linux kernel (Azure FIPS) vulnerabilities
vendor_ubuntu·2026-04-09·CVSS 7.8
CVE-2025-21833 [HIGH] Linux kernel (Azure FIPS) vulnerabilities
Title: Linux kernel (Azure FIPS) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Qualys discovered that several vulnerabilities existed in the AppArmor
Linux kernel Security Module (LSM). An unprivileged local attacker could
use these issues to load, replace, and remove arbitrary AppArmor profiles
causing denial of service, exposure of sensitive information (kernel
memory), local privilege escalation, or possibly escape a container.
(LP: #2143853, CVE-2026-23268, CVE-2026-23269, CVE-2026-23403,
CVE-2026-23404, CVE-2026-23405, CVE-2026-23406, CVE-2026-23407,
CVE-2026-23408, CVE-2026-23409, CVE-2026-23410, CVE-2026-23411)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update
Ubuntu
Linux kernel (Azure FIPS) vulnerabilities
vendor_ubuntu·2026-04-09·CVSS 7.8
CVE-2025-71125 [HIGH] Linux kernel (Azure FIPS) vulnerabilities
Title: Linux kernel (Azure FIPS) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Qualys discovered that several vulnerabilities existed in the AppArmor
Linux kernel Security Module (LSM). An unprivileged local attacker could
use these issues to load, replace, and remove arbitrary AppArmor profiles
causing denial of service, exposure of sensitive information (kernel
memory), local privilege escalation, or possibly escape a container.
(LP: #2143853, CVE-2026-23268, CVE-2026-23269, CVE-2026-23403,
CVE-2026-23404, CVE-2026-23405, CVE-2026-23406, CVE-2026-23407,
CVE-2026-23408, CVE-2026-23409, CVE-2026-23410, CVE-2026-23411)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update
Ubuntu
Linux kernel (Raspberry Pi) vulnerabilities
vendor_ubuntu·2026-04-01·CVSS 7.8
CVE-2025-38129 [HIGH] Linux kernel (Raspberry Pi) vulnerabilities
Title: Linux kernel (Raspberry Pi) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Qualys discovered that several vulnerabilities existed in the AppArmor
Linux kernel Security Module (LSM). An unprivileged local attacker could
use these issues to load, replace, and remove arbitrary AppArmor profiles
causing denial of service, exposure of sensitive information (kernel
memory), local privilege escalation, or possibly escape a container.
(LP: #2143853, CVE-2026-23268, CVE-2026-23269)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Nios II architecture;
- PowerPC architecture;
- Sun Sparc architecture;
- User-Mode Linux (UML);
Ubuntu
Linux kernel (Raspberry Pi) vulnerabilities
vendor_ubuntu·2026-04-01
CVE-2025-40301 Linux kernel (Raspberry Pi) vulnerabilities
Title: Linux kernel (Raspberry Pi) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Qualys discovered that several vulnerabilities existed in the AppArmor
Linux kernel Security Module (LSM). An unprivileged local attacker could
use these issues to load, replace, and remove arbitrary AppArmor profiles
causing denial of service, exposure of sensitive information (kernel
memory), local privilege escalation, or possibly escape a container.
(LP: #2143853)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- MIPS architecture;
- Nios II architecture;
- PA-RISC architecture;
- RISC-V architecture;
- S390 architect
Ubuntu
Linux kernel (Azure) vulnerabilities
vendor_ubuntu·2026-03-25·CVSS 3.2
CVE-2025-40068 [LOW] Linux kernel (Azure) vulnerabilities
Title: Linux kernel (Azure) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Qualys discovered that several vulnerabilities existed in the AppArmor
Linux kernel Security Module (LSM). An unprivileged local attacker could
use these issues to load, replace, and remove arbitrary AppArmor profiles
causing denial of service, exposure of sensitive information (kernel
memory), local privilege escalation, or possibly escape a container.
(LP: #2143853)
It was discovered that improper initialization of CPU cache memory could
allow a local attacker with hypervisor access to overwrite SEV-SNP guest
memory resulting in loss of data integrity. (CVE-2024-36331)
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos,
and Flavien Solt discovered that
Ubuntu
Linux kernel (Azure) vulnerabilities
vendor_ubuntu·2026-03-25
CVE-2025-40245 Linux kernel (Azure) vulnerabilities
Title: Linux kernel (Azure) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Qualys discovered that several vulnerabilities existed in the AppArmor
Linux kernel Security Module (LSM). An unprivileged local attacker could
use these issues to load, replace, and remove arbitrary AppArmor profiles
causing denial of service, exposure of sensitive information (kernel
memory), local privilege escalation, or possibly escape a container.
(LP: #2143853)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- MIPS architecture;
- Nios II architecture;
- PA-RISC architecture;
- RISC-V architecture;
- S390 architecture;
-
Ubuntu
Linux kernel (Intel IoTG Real-time) vulnerabilities
vendor_ubuntu·2026-03-23
CVE-2025-22022 Linux kernel (Intel IoTG Real-time) vulnerabilities
Title: Linux kernel (Intel IoTG Real-time) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PowerPC architecture;
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers;
- ATM drivers;
- Drivers core;
- Network block device driver;
- Bluetooth drivers;
- Character device driver;
- TPM device driver;
- Data acquisition framework and drivers;
- Counter interface drivers;
- CPU frequency scaling framework;
- Intel Stratix 10 firmware drivers;
- GPU drivers;
- HID subsystem;
- Hardware monitoring drivers;
- IIO subsystem;
- InfiniBand drivers;
- Input Devi
Ubuntu
Linux kernel (AWS) vulnerabilities
vendor_ubuntu·2026-03-23
CVE-2025-40068 Linux kernel (AWS) vulnerabilities
Title: Linux kernel (AWS) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Qualys discovered that several vulnerabilities existed in the AppArmor
Linux kernel Security Module (LSM). An unprivileged local attacker could
use these issues to load, replace, and remove arbitrary AppArmor profiles
causing denial of service, exposure of sensitive information (kernel
memory), local privilege escalation, or possibly escape a container.
(LP: #2143853)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- MIPS architecture;
- Nios II architecture;
- PA-RISC architecture;
- RISC-V architecture;
- S390 architecture;
- Su
Ubuntu
Linux kernel (NVIDIA Tegra IGX) vulnerabilities
vendor_ubuntu·2026-03-23
CVE-2025-71069 Linux kernel (NVIDIA Tegra IGX) vulnerabilities
Title: Linux kernel (NVIDIA Tegra IGX) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Qualys discovered that several vulnerabilities existed in the AppArmor
Linux kernel Security Module (LSM). An unprivileged local attacker could
use these issues to load, replace, and remove arbitrary AppArmor profiles
causing denial of service, exposure of sensitive information (kernel
memory), local privilege escalation, or possibly escape a container.
(LP: #2143853)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PowerPC architecture;
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers;
- ATM drivers;
- Dri
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2026-03-17
CVE-2025-71069 Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Qualys discovered that several vulnerabilities existed in the AppArmor
Linux kernel Security Module (LSM). An unprivileged local attacker could
use these issues to load, replace, and remove arbitrary AppArmor profiles
causing denial of service, exposure of sensitive information (kernel
memory), local privilege escalation, or possibly escape a container.
(LP: #2143853)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PowerPC architecture;
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers;
- ATM drivers;
- Drivers core;
- Networ
Ubuntu
Linux kernel (Real-time) vulnerabilities
vendor_ubuntu·2026-03-17
CVE-2025-71069 Linux kernel (Real-time) vulnerabilities
Title: Linux kernel (Real-time) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Qualys discovered that several vulnerabilities existed in the AppArmor
Linux kernel Security Module (LSM). An unprivileged local attacker could
use these issues to load, replace, and remove arbitrary AppArmor profiles
causing denial of service, exposure of sensitive information (kernel
memory), local privilege escalation, or possibly escape a container.
(LP: #2143853)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PowerPC architecture;
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers;
- ATM drivers;
- Drivers co
Ubuntu
Linux kernel (Real-time) vulnerabilities
vendor_ubuntu·2026-03-17
CVE-2025-40245 Linux kernel (Real-time) vulnerabilities
Title: Linux kernel (Real-time) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Qualys discovered that several vulnerabilities existed in the AppArmor
Linux kernel Security Module (LSM). An unprivileged local attacker could
use these issues to load, replace, and remove arbitrary AppArmor profiles
causing denial of service, exposure of sensitive information (kernel
memory), local privilege escalation, or possibly escape a container.
(LP: #2143853)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- MIPS architecture;
- Nios II architecture;
- PA-RISC architecture;
- RISC-V architecture;
- S390 architecture
Ubuntu
Linux kernel (FIPS) vulnerabilities
vendor_ubuntu·2026-03-16
CVE-2025-40068 Linux kernel (FIPS) vulnerabilities
Title: Linux kernel (FIPS) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Qualys discovered that several vulnerabilities existed in the AppArmor
Linux kernel Security Module (LSM). An unprivileged local attacker could
use these issues to load, replace, and remove arbitrary AppArmor profiles
causing denial of service, exposure of sensitive information (kernel
memory), local privilege escalation, or possibly escape a container.
(LP: #2143853)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- MIPS architecture;
- Nios II architecture;
- PA-RISC architecture;
- RISC-V architecture;
- S390 architecture;
- S
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2026-03-16
CVE-2025-71125 Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Qualys discovered that several vulnerabilities existed in the AppArmor
Linux kernel Security Module (LSM). An unprivileged local attacker could
use these issues to load, replace, and remove arbitrary AppArmor profiles
causing denial of service, exposure of sensitive information (kernel
memory), local privilege escalation, or possibly escape a container.
(LP: #2143853)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PowerPC architecture;
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers;
- ATM drivers;
- Drivers core;
- Networ
Ubuntu
Linux kernel (NVIDIA) vulnerabilities
vendor_ubuntu·2026-03-16
CVE-2025-40245 Linux kernel (NVIDIA) vulnerabilities
Title: Linux kernel (NVIDIA) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Qualys discovered that several vulnerabilities existed in the AppArmor
Linux kernel Security Module (LSM). An unprivileged local attacker could
use these issues to load, replace, and remove arbitrary AppArmor profiles
causing denial of service, exposure of sensitive information (kernel
memory), local privilege escalation, or possibly escape a container.
(LP: #2143853)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- MIPS architecture;
- Nios II architecture;
- PA-RISC architecture;
- RISC-V architecture;
- S390 architecture;
-
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2026-03-16
CVE-2025-39981 Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Qualys discovered that several vulnerabilities existed in the AppArmor
Linux kernel Security Module (LSM). An unprivileged local attacker could
use these issues to load, replace, and remove arbitrary AppArmor profiles
causing denial of service, exposure of sensitive information (kernel
memory), local privilege escalation, or possibly escape a container.
(LP: #2143853)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- MIPS architecture;
- Nios II architecture;
- PA-RISC architecture;
- RISC-V architecture;
- S390 architecture;
- Sun Spar
Ubuntu
Linux kernel (FIPS) vulnerabilities
vendor_ubuntu·2026-03-16
CVE-2025-71069 Linux kernel (FIPS) vulnerabilities
Title: Linux kernel (FIPS) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Qualys discovered that several vulnerabilities existed in the AppArmor
Linux kernel Security Module (LSM). An unprivileged local attacker could
use these issues to load, replace, and remove arbitrary AppArmor profiles
causing denial of service, exposure of sensitive information (kernel
memory), local privilege escalation, or possibly escape a container.
(LP: #2143853)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PowerPC architecture;
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers;
- ATM drivers;
- Drivers core;
-
Ubuntu
Linux kernel (Azure) vulnerabilities
vendor_ubuntu·2026-02-24
CVE-2025-40175 Linux kernel (Azure) vulnerabilities
Title: Linux kernel (Azure) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- MIPS architecture;
- Nios II architecture;
- PA-RISC architecture;
- RISC-V architecture;
- S390 architecture;
- Sun Sparc architecture;
- x86 architecture;
- Xtensa architecture;
- Block layer subsystem;
- Cryptographic API;
- Compute Acceleration Framework;
- ACPI drivers;
- Drivers core;
- Network block device driver;
- Bluetooth drivers;
- Bus devices;
- Hardware random number generator core;
- Character device driver;
- Clock framework and drivers;
- Data acquisition framewor
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2026-02-17
CVE-2025-40304 Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- MIPS architecture;
- Nios II architecture;
- PA-RISC architecture;
- RISC-V architecture;
- S390 architecture;
- Sun Sparc architecture;
- x86 architecture;
- Xtensa architecture;
- Block layer subsystem;
- Cryptographic API;
- Compute Acceleration Framework;
- ACPI drivers;
- Drivers core;
- Network block device driver;
- Bluetooth drivers;
- Bus devices;
- Hardware random number generator core;
- Character device driver;
- Clock framework and drivers;
- Data acquisition framework and dr
Ubuntu
Linux kernel (OEM) vulnerabilities
vendor_ubuntu·2026-02-17
CVE-2025-68242 Linux kernel (OEM) vulnerabilities
Title: Linux kernel (OEM) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- MIPS architecture;
- Nios II architecture;
- PA-RISC architecture;
- RISC-V architecture;
- S390 architecture;
- Sun Sparc architecture;
- x86 architecture;
- Xtensa architecture;
- Block layer subsystem;
- Cryptographic API;
- Compute Acceleration Framework;
- ACPI drivers;
- Drivers core;
- Network block device driver;
- Bluetooth drivers;
- Bus devices;
- Hardware random number generator core;
- Character device driver;
- Clock framework and drivers;
- Data acquisition framework
Ubuntu
Linux kernel (GCP) vulnerabilities
vendor_ubuntu·2026-02-12
CVE-2025-68242 Linux kernel (GCP) vulnerabilities
Title: Linux kernel (GCP) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- MIPS architecture;
- Nios II architecture;
- PA-RISC architecture;
- RISC-V architecture;
- S390 architecture;
- Sun Sparc architecture;
- x86 architecture;
- Xtensa architecture;
- Block layer subsystem;
- Cryptographic API;
- Compute Acceleration Framework;
- ACPI drivers;
- Drivers core;
- Network block device driver;
- Bluetooth drivers;
- Bus devices;
- Hardware random number generator core;
- Character device driver;
- Clock framework and drivers;
- Data acquisition framework
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2026-02-12
CVE-2025-40304 Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- MIPS architecture;
- Nios II architecture;
- PA-RISC architecture;
- RISC-V architecture;
- S390 architecture;
- Sun Sparc architecture;
- x86 architecture;
- Xtensa architecture;
- Block layer subsystem;
- Cryptographic API;
- Compute Acceleration Framework;
- ACPI drivers;
- Drivers core;
- Network block device driver;
- Bluetooth drivers;
- Bus devices;
- Hardware random number generator core;
- Character device driver;
- Clock framework and drivers;
- Data acquisition framework and dr
Red Hat
kernel: Linux kernel: Use-after-free in proc_readdir_de() can lead to privilege escalation or denial of service.
vendor_redhat·2025-12-06·CVSS 7.0
CVE-2025-40271 [MEDIUM] CWE-825 kernel: Linux kernel: Use-after-free in proc_readdir_de() can lead to privilege escalation or denial of service.
kernel: Linux kernel: Use-after-free in proc_readdir_de() can lead to privilege escalation or denial of service.
In the Linux kernel, the following vulnerability has been resolved:
fs/proc: fix uaf in proc_readdir_de()
Pde is erased from subdir rbtree through rb_erase(), but not set the node
to EMPTY, which may result in uaf access. We should use RB_CLEAR_NODE()
set the erased node to EMPTY, then pde_subdir_next() will return NULL to
avoid uaf access.
We found an uaf issue while using stress-ng testing, need to run testcase
getdent and tun in the same time. The steps of the issue is as follows:
1) use getdent to traverse dir /proc/pid/net/dev_snmp6/, and current
pde is tun3;
2) in the [time windows] unregister netdevice tun3 and tun2, and erase
them from rbtree. erase tun3 first, and then
Debian
CVE-2025-40271: linux - In the Linux kernel, the following vulnerability has been resolved: fs/proc: fi...
vendor_debian·2025
CVE-2025-40271 CVE-2025-40271: linux - In the Linux kernel, the following vulnerability has been resolved: fs/proc: fi...
In the Linux kernel, the following vulnerability has been resolved: fs/proc: fix uaf in proc_readdir_de() Pde is erased from subdir rbtree through rb_erase(), but not set the node to EMPTY, which may result in uaf access. We should use RB_CLEAR_NODE() set the erased node to EMPTY, then pde_subdir_next() will return NULL to avoid uaf access. We found an uaf issue while using stress-ng testing, need to run testcase getdent and tun in the same time. The steps of the issue is as follows: 1) use getdent to traverse dir /proc/pid/net/dev_snmp6/, and current pde is tun3; 2) in the [time windows] unregister netdevice tun3 and tun2, and erase them from rbtree. erase tun3 first, and then erase tun2. the pde(tun2) will be released to slab; 3) continue to getdent process, then pde_subdir_next() will r
No detection rules found.
https://git.kernel.org/stable/c/03de7ff197a3d0e17d0d5c58fdac99a63cba8110https://git.kernel.org/stable/c/1d1596d68a6f11d28f677eedf6cf5b17dbfeb491https://git.kernel.org/stable/c/4cba73c4c89219beef7685a47374bf88b1022369https://git.kernel.org/stable/c/623bb26127fb581a741e880e1e1a47d79aecb6f8https://git.kernel.org/stable/c/67272c11f379d9aa5e0f6b16286b9d89b3f76046https://git.kernel.org/stable/c/6f2482745e510ae1dacc9b090194b9c5f918d774https://git.kernel.org/stable/c/895b4c0c79b092d732544011c3cecaf7322c36a1https://git.kernel.org/stable/c/c81d0385500446efe48c305bbb83d47f2ae23a50https://cert-portal.siemens.com/productcert/html/ssa-253495.html
2025-12-06
Published