Read Time:1 Minute, 27 Second
Chenyuan Yang discovered that the CEC driver driver in the Linux kernel
contained a use-after-free vulnerability. A local attacker could use this
to cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2024-23848)
Attila Szász discovered that the HFS+ file system implementation in the
Linux Kernel contained a heap overflow vulnerability. An attacker could use
a specially crafted file system image that, when mounted, could cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2025-0927)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
– PowerPC architecture;
– GPIO subsystem;
– GPU drivers;
– Media drivers;
– Network drivers;
– SCSI subsystem;
– Direct Digital Synthesis drivers;
– TTY drivers;
– 9P distributed file system;
– JFS file system;
– NILFS2 file system;
– File systems infrastructure;
– BPF subsystem;
– Netfilter;
– Memory management;
– Amateur Radio drivers;
– B.A.T.M.A.N. meshing protocol;
– Bluetooth subsystem;
– Ethernet bridge;
– Networking core;
– IPv4 networking;
– IPv6 networking;
– Open vSwitch;
– Network traffic control;
– TIPC protocol;
– Wireless networking;
(CVE-2024-50171, CVE-2023-52880, CVE-2023-52522, CVE-2024-53104,
CVE-2024-41064, CVE-2024-43892, CVE-2024-43900, CVE-2022-48772,
CVE-2024-50148, CVE-2024-41063, CVE-2024-44938, CVE-2023-52799,
CVE-2023-52818, CVE-2024-50134, CVE-2024-40943, CVE-2024-50117,
CVE-2024-26685, CVE-2024-36964, CVE-2024-36952, CVE-2024-53164,
CVE-2024-43893, CVE-2024-50229, CVE-2024-42070, CVE-2024-38567,
CVE-2024-38558, CVE-2024-40910, CVE-2024-44931, CVE-2024-36886,
CVE-2024-35896, CVE-2024-43863, CVE-2024-40911, CVE-2023-52488,
CVE-2024-42068, CVE-2024-50233, CVE-2024-49902, CVE-2024-53156,
CVE-2024-40981)
