INFESA-2025:0006: kernel security update (Important)
Information about definition
Identificator: INFESA-2025:0006
Type: security
Release date: 2025-10-01 18:27:30 UTC
Information about package
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Vulnerabilities description
- CVE-2025-40300 "x86/vmscape: Enable the mitigation" - CVE-2025-40300 "x86/vmscape: Add conditional IBPB mitigation" - CVE-2024-47704 "drm/amd/display: Check link_res->hpo_dp_link_enc before using it" - CVE-2025-38502 "bpf: Fix oob access in cgroup local storage" - CVE-2025-37931 "btrfs: adjust subpage bit start based on sectorsize" - CVE-2025-39843 "mm: slub: avoid wake up kswapd in set_track_prepare" - CVE-2024-57924 "fs: relax assertions on failure to encode file handles" - CVE-2025-39838 "cifs: prevent NULL pointer dereference in UTF16 conversion" - CVE-2025-39839 "batman-adv: fix OOB read/write in network-coding decode" - CVE-2025-39841 "scsi: lpfc: Fix buffer free/clear order in deferred receive path" - CVE-2025-39842 "ocfs2: prevent release journal inode after journal shutdown" - CVE-2025-39844 "mm: move page table sync declarations to linux/pgtable.h" - CVE-2025-39845 "x86/mm/64: define ARCH_PAGE_TABLE_SYNC_MASK and arch_sync_kernel_mappings()" - CVE-2025-39846 "pcmcia: Fix a NULL pointer dereference in __iodyn_find_io_region()" - CVE-2025-39847 "ppp: fix memory leak in pad_compress_skb" - CVE-2025-39848 "ax25: properly unshare skbs in ax25_kiss_rcv()" - CVE-2025-39849 "wifi: cfg80211: sme: cap SSID length in __cfg80211_connect_result()" - CVE-2025-39853 "i40e: Fix potential invalid access when MAC list is empty" - CVE-2025-39857 "net/smc: fix one NULL pointer dereference in smc_ib_is_sg_need_sync()" - CVE-2025-39860 "Bluetooth: Fix use-after-free in l2cap_sock_cleanup_listen()" - CVE-2025-39864 "wifi: cfg80211: fix use-after-free in cmp_bss()" - CVE-2025-39865 "tee: fix NULL pointer dereference in tee_shm_put" - CVE-2025-39866 "fs: writeback: fix use-after-free in __mark_inode_dirty()"
Severity level
| CVE | Score CVSS 2.0 | Score CVSS 3.x | Score CVSS 4.0 |
|---|---|---|---|
|
NIST — CVE-2024-47704
|
no information | 5.5 | no information |
|
NIST — CVE-2024-57924
|
no information | no information | no information |
|
NIST — CVE-2025-37931
|
no information | no information | no information |
|
NIST — CVE-2025-38502
|
no information | no information | no information |
|
NIST — CVE-2025-39838
|
no information | no information | no information |
|
NIST — CVE-2025-39839
|
no information | no information | no information |
|
NIST — CVE-2025-39841
|
no information | no information | no information |
|
NIST — CVE-2025-39842
|
no information | no information | no information |
|
NIST — CVE-2025-39843
|
no information | no information | no information |
|
NIST — CVE-2025-39844
|
no information | no information | no information |
|
NIST — CVE-2025-39845
|
no information | no information | no information |
|
NIST — CVE-2025-39846
|
no information | no information | no information |
|
NIST — CVE-2025-39847
|
no information | no information | no information |
|
NIST — CVE-2025-39848
|
no information | no information | no information |
|
NIST — CVE-2025-39849
|
no information | no information | no information |
|
NIST — CVE-2025-39853
|
no information | no information | no information |
|
NIST — CVE-2025-39857
|
no information | no information | no information |
|
NIST — CVE-2025-39860
|
no information | no information | no information |
|
NIST — CVE-2025-39864
|
no information | no information | no information |
|
NIST — CVE-2025-39865
|
no information | no information | no information |
|
NIST — CVE-2025-39866
|
no information | no information | no information |
|
NIST — CVE-2025-40300
|
no information | no information | no information |
|
NIST — CVE-2025-40300
|
no information | no information | no information |
|
NIST — CVE-2025-40300
|
no information | no information | no information |
Updated packages
Preparing to download...