{"url":"http://public2.vulnerablecode.io/api/packages/195352?format=json","purl":"pkg:deb/debian/linux@5.10.223-1","type":"deb","namespace":"debian","name":"linux","version":"5.10.223-1","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"6.1.4-1","latest_non_vulnerable_version":"6.12.88-1~bpo12+1","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86321?format=json","vulnerability_id":"VCID-11fa-rzjz-nqbk","summary":"kernel: mm/slub: Avoid list corruption when removing a slab from the full list","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56566.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56566.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2334463","reference_id":"2334463","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2334463"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:6966","reference_id":"RHSA-2025:6966","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:6966"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-56566"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-11fa-rzjz-nqbk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/68695?format=json","vulnerability_id":"VCID-11wk-qy6x-kqct","summary":"kernel: tty: serial: imx: disable Ageing Timer interrupt request irq","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-54287.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-54287.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2426119","reference_id":"2426119","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2426119"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-54287"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-11wk-qy6x-kqct"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85587?format=json","vulnerability_id":"VCID-123n-sr2p-dugq","summary":"kernel: cgroup/cpuset: remove kernfs active break","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21634.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21634.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/11cb1d643a74665a4e14749414f48f82cbc15c64","reference_id":"11cb1d643a74665a4e14749414f48f82cbc15c64","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:54:20Z/"}],"url":"https://git.kernel.org/stable/c/11cb1d643a74665a4e14749414f48f82cbc15c64"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2338822","reference_id":"2338822","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2338822"},{"reference_url":"https://git.kernel.org/stable/c/3cb97a927fffe443e1e7e8eddbfebfdb062e86ed","reference_id":"3cb97a927fffe443e1e7e8eddbfebfdb062e86ed","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:54:20Z/"}],"url":"https://git.kernel.org/stable/c/3cb97a927fffe443e1e7e8eddbfebfdb062e86ed"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2025-21634"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-123n-sr2p-dugq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87433?format=json","vulnerability_id":"VCID-158d-q3ch-p3fk","summary":"In the Linux kernel, the following vulnerability has been resolved:  net: fec: remove .ndo_poll_controller to avoid deadlocks  There is a deadlock issue found in sungem driver, please refer to the commit ac0a230f719b (\"eth: sungem: remove .ndo_poll_controller to avoid deadlocks\"). The root cause of the issue is that netpoll is in atomic context and disable_irq() is called by .ndo_poll_controller interface of sungem driver, however, disable_irq() might sleep. After analyzing the implementation of fec_poll_controller(), the fec driver should have the same issue. Due to the fec driver uses NAPI for TX completions, the .ndo_poll_controller is unnecessary to be implemented in the fec driver, so fec_poll_controller() can be safely removed.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38553.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38553.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2293446","reference_id":"2293446","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2293446"},{"reference_url":"https://git.kernel.org/stable/c/87bcbc9b7e0b43a69d44efa5f32f11e32d08fa6f","reference_id":"87bcbc9b7e0b43a69d44efa5f32f11e32d08fa6f","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:14:47Z/"}],"url":"https://git.kernel.org/stable/c/87bcbc9b7e0b43a69d44efa5f32f11e32d08fa6f"},{"reference_url":"https://git.kernel.org/stable/c/accdd6b912c4219b8e056d1f1ad2e85bc66ee243","reference_id":"accdd6b912c4219b8e056d1f1ad2e85bc66ee243","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:14:47Z/"}],"url":"https://git.kernel.org/stable/c/accdd6b912c4219b8e056d1f1ad2e85bc66ee243"},{"reference_url":"https://git.kernel.org/stable/c/c2e0c58b25a0a0c37ec643255558c5af4450c9f5","reference_id":"c2e0c58b25a0a0c37ec643255558c5af4450c9f5","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:14:47Z/"}],"url":"https://git.kernel.org/stable/c/c2e0c58b25a0a0c37ec643255558c5af4450c9f5"},{"reference_url":"https://git.kernel.org/stable/c/d38625f71950e79e254515c5fc585552dad4b33e","reference_id":"d38625f71950e79e254515c5fc585552dad4b33e","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:14:47Z/"}],"url":"https://git.kernel.org/stable/c/d38625f71950e79e254515c5fc585552dad4b33e"},{"reference_url":"https://git.kernel.org/stable/c/e2348d8c61d03feece1de4c05f72e6e99f74c650","reference_id":"e2348d8c61d03feece1de4c05f72e6e99f74c650","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:14:47Z/"}],"url":"https://git.kernel.org/stable/c/e2348d8c61d03feece1de4c05f72e6e99f74c650"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-38553"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-158d-q3ch-p3fk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61489?format=json","vulnerability_id":"VCID-161a-dxha-yydc","summary":"kernel: crypto: ccp: Don't attempt to copy ID to userspace if PSP command failed","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31697.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31697.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2464427","reference_id":"2464427","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2464427"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-31697"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-161a-dxha-yydc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77807?format=json","vulnerability_id":"VCID-167j-v3qy-xfc9","summary":"kernel: drm/amd/display: Add null pointer check for get_first_active_display()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38362.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38362.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2383396","reference_id":"2383396","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2383396"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-38362"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-167j-v3qy-xfc9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83547?format=json","vulnerability_id":"VCID-177m-qfdy-tkc4","summary":"In the Linux kernel, the following vulnerability has been resolved:  KVM: VMX: Prevent RSB underflow before vmenter  On VMX, there are some balanced returns between the time the guest's SPEC_CTRL value is written, and the vmenter.  Balanced returns (matched by a preceding call) are usually ok, but it's at least theoretically possible an NMI with a deep call stack could empty the RSB before one of the returns.  For maximum paranoia, don't allow *any* returns (balanced or otherwise) between the SPEC_CTRL write and the vmenter.    [ bp: Fix 32-bit build. ]","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49610.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49610.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49610","reference_id":"","reference_type":"","scores":[{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03556","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49610"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2347926","reference_id":"2347926","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2347926"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7110","reference_id":"RHSA-2022:7110","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7110"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7683","reference_id":"RHSA-2022:7683","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7683"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8973","reference_id":"RHSA-2022:8973","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8973"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-49610"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-177m-qfdy-tkc4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88251?format=json","vulnerability_id":"VCID-178d-sayh-2fbh","summary":"kernel: io_uring: check if we need to reschedule during overflow flush","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-50060.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-50060.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2320616","reference_id":"2320616","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2320616"},{"reference_url":"https://git.kernel.org/stable/c/a2493904e95ce94bbec819d8f7f03b99976eb25c","reference_id":"a2493904e95ce94bbec819d8f7f03b99976eb25c","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:22:59Z/"}],"url":"https://git.kernel.org/stable/c/a2493904e95ce94bbec819d8f7f03b99976eb25c"},{"reference_url":"https://git.kernel.org/stable/c/c2eadeafce2d385b3f6d26a7f31fee5aba2bbbb0","reference_id":"c2eadeafce2d385b3f6d26a7f31fee5aba2bbbb0","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:22:59Z/"}],"url":"https://git.kernel.org/stable/c/c2eadeafce2d385b3f6d26a7f31fee5aba2bbbb0"},{"reference_url":"https://git.kernel.org/stable/c/eac2ca2d682f94f46b1973bdf5e77d85d77b8e53","reference_id":"eac2ca2d682f94f46b1973bdf5e77d85d77b8e53","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:22:59Z/"}],"url":"https://git.kernel.org/stable/c/eac2ca2d682f94f46b1973bdf5e77d85d77b8e53"},{"reference_url":"https://git.kernel.org/stable/c/f4ce3b5d26ce149e77e6b8e8f2058aa80e5b034e","reference_id":"f4ce3b5d26ce149e77e6b8e8f2058aa80e5b034e","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:22:59Z/"}],"url":"https://git.kernel.org/stable/c/f4ce3b5d26ce149e77e6b8e8f2058aa80e5b034e"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:20518","reference_id":"RHSA-2025:20518","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:20518"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-50060"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-178d-sayh-2fbh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64413?format=json","vulnerability_id":"VCID-178p-eb5m-pqc4","summary":"kernel: netfilter: nf_tables: release flowtable after rcu grace period on error","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23392.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23392.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451218","reference_id":"2451218","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451218"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21556","reference_id":"RHSA-2026:21556","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21556"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21557","reference_id":"RHSA-2026:21557","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21557"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:23224","reference_id":"RHSA-2026:23224","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:23224"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:23237","reference_id":"RHSA-2026:23237","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:23237"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2026-23392"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-178p-eb5m-pqc4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81885?format=json","vulnerability_id":"VCID-1b3w-mj7w-ubfw","summary":"In the Linux kernel, the following vulnerability has been resolved:  net/smc: Fix possible access to freed memory in link clear  After modifying the QP to the Error state, all RX WR would be completed with WC in IB_WC_WR_FLUSH_ERR status. Current implementation does not wait for it is done, but destroy the QP and free the link group directly. So there is a risk that accessing the freed memory in tasklet context.  Here is a crash example:   BUG: unable to handle page fault for address: ffffffff8f220860  #PF: supervisor write access in kernel mode  #PF: error_code(0x0002) - not-present page  PGD f7300e067 P4D f7300e067 PUD f7300f063 PMD 8c4e45063 PTE 800ffff08c9df060  Oops: 0002 [#1] SMP PTI  CPU: 1 PID: 0 Comm: swapper/1 Kdump: loaded Tainted: G S         OE     5.10.0-0607+ #23  Hardware name: Inspur NF5280M4/YZMB-00689-101, BIOS 4.1.20 07/09/2018  RIP: 0010:native_queued_spin_lock_slowpath+0x176/0x1b0  Code: f3 90 48 8b 32 48 85 f6 74 f6 eb d5 c1 ee 12 83 e0 03 83 ee 01 48 c1 e0 05 48 63 f6 48 05 00 c8 02 00 48 03 04 f5 00 09 98 8e <48> 89 10 8b 42 08 85 c0 75 09 f3 90 8b 42 08 85 c0 74 f7 48 8b 32  RSP: 0018:ffffb3b6c001ebd8 EFLAGS: 00010086  RAX: ffffffff8f220860 RBX: 0000000000000246 RCX: 0000000000080000  RDX: ffff91db1f86c800 RSI: 000000000000173c RDI: ffff91db62bace00  RBP: ffff91db62bacc00 R08: 0000000000000000 R09: c00000010000028b  R10: 0000000000055198 R11: ffffb3b6c001ea58 R12: ffff91db80e05010  R13: 000000000000000a R14: 0000000000000006 R15: 0000000000000040  FS:  0000000000000000(0000) GS:ffff91db1f840000(0000) knlGS:0000000000000000  CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033  CR2: ffffffff8f220860 CR3: 00000001f9580004 CR4: 00000000003706e0  DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000  DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400  Call Trace:   <IRQ>   _raw_spin_lock_irqsave+0x30/0x40   mlx5_ib_poll_cq+0x4c/0xc50 [mlx5_ib]   smc_wr_rx_tasklet_fn+0x56/0xa0 [smc]   tasklet_action_common.isra.21+0x66/0x100   __do_softirq+0xd5/0x29c   asm_call_irq_on_stack+0x12/0x20   </IRQ>   do_softirq_own_stack+0x37/0x40   irq_exit_rcu+0x9d/0xa0   sysvec_call_function_single+0x34/0x80   asm_sysvec_call_function_single+0x12/0x20","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48673.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48673.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-48673","reference_id":"","reference_type":"","scores":[{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.01027","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-48673"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2278938","reference_id":"2278938","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2278938"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-48673"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1b3w-mj7w-ubfw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85081?format=json","vulnerability_id":"VCID-1buj-1pqc-ufdw","summary":"kernel: md/md-bitmap: Synchronize bitmap_get_stats() with bitmap lifetime","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21712.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21712.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2348626","reference_id":"2348626","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2348626"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-21712"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1buj-1pqc-ufdw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62091?format=json","vulnerability_id":"VCID-1bux-ujdf-g7ct","summary":"kernel: nilfs2: fix NULL i_assoc_inode dereference in nilfs_mdt_save_to_shadow_map","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31577.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31577.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461561","reference_id":"2461561","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461561"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-31577"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1bux-ujdf-g7ct"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84571?format=json","vulnerability_id":"VCID-1c99-bwws-q3gp","summary":"In the Linux kernel, the following vulnerability has been resolved:  sh: push-switch: Reorder cleanup operations to avoid use-after-free bug  The original code puts flush_work() before timer_shutdown_sync() in switch_drv_remove(). Although we use flush_work() to stop the worker, it could be rescheduled in switch_timer(). As a result, a use-after-free bug can occur. The details are shown below:        (cpu 0)                    |      (cpu 1) switch_drv_remove()              |  flush_work()                    |   ...                            |  switch_timer // timer                                  |   schedule_work(&psw->work)  timer_shutdown_sync()           |  ...                             |  switch_work_handler // worker  kfree(psw) // free              |                                  |   psw->state = 0 // use  This patch puts timer_shutdown_sync() before flush_work() to mitigate the bugs. As a result, the worker and timer will be stopped safely before the deallocate operations.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52629.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52629.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2272204","reference_id":"2272204","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2272204"},{"reference_url":"https://git.kernel.org/stable/c/246f80a0b17f8f582b2c0996db02998239057c65","reference_id":"246f80a0b17f8f582b2c0996db02998239057c65","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-01T17:41:22Z/"}],"url":"https://git.kernel.org/stable/c/246f80a0b17f8f582b2c0996db02998239057c65"},{"reference_url":"https://git.kernel.org/stable/c/610dbd8ac271aa36080aac50b928d700ee3fe4de","reference_id":"610dbd8ac271aa36080aac50b928d700ee3fe4de","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-01T17:41:22Z/"}],"url":"https://git.kernel.org/stable/c/610dbd8ac271aa36080aac50b928d700ee3fe4de"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2023-52629"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1c99-bwws-q3gp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86277?format=json","vulnerability_id":"VCID-1etx-xbxk-qucx","summary":"kernel: mm/mempolicy: fix migrate_to_node() assuming there is at least one VMA in a MM","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56611.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56611.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/091c1dd2d4df6edd1beebe0e5863d4034ade9572","reference_id":"091c1dd2d4df6edd1beebe0e5863d4034ade9572","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T20:01:24Z/"}],"url":"https://git.kernel.org/stable/c/091c1dd2d4df6edd1beebe0e5863d4034ade9572"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2334432","reference_id":"2334432","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2334432"},{"reference_url":"https://git.kernel.org/stable/c/42d9fe2adf8613f9eea1f0c2619c9e2611eae0ea","reference_id":"42d9fe2adf8613f9eea1f0c2619c9e2611eae0ea","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T20:01:24Z/"}],"url":"https://git.kernel.org/stable/c/42d9fe2adf8613f9eea1f0c2619c9e2611eae0ea"},{"reference_url":"https://git.kernel.org/stable/c/a13b2b9b0b0b04612c7d81e3b3dfb485c5f7abc3","reference_id":"a13b2b9b0b0b04612c7d81e3b3dfb485c5f7abc3","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T20:01:24Z/"}],"url":"https://git.kernel.org/stable/c/a13b2b9b0b0b04612c7d81e3b3dfb485c5f7abc3"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:6966","reference_id":"RHSA-2025:6966","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:6966"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-56611"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1etx-xbxk-qucx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88434?format=json","vulnerability_id":"VCID-1f9p-95pb-kfes","summary":"In the Linux kernel, the following vulnerability has been resolved:  f2fs: fix return value of f2fs_convert_inline_inode()  If device is readonly, make f2fs_convert_inline_inode() return EROFS instead of zero, otherwise it may trigger panic during writeback of inline inode's dirty page as below:   f2fs_write_single_data_page+0xbb6/0x1e90 fs/f2fs/data.c:2888  f2fs_write_cache_pages fs/f2fs/data.c:3187 [inline]  __f2fs_write_data_pages fs/f2fs/data.c:3342 [inline]  f2fs_write_data_pages+0x1efe/0x3a90 fs/f2fs/data.c:3369  do_writepages+0x359/0x870 mm/page-writeback.c:2634  filemap_fdatawrite_wbc+0x125/0x180 mm/filemap.c:397  __filemap_fdatawrite_range mm/filemap.c:430 [inline]  file_write_and_wait_range+0x1aa/0x290 mm/filemap.c:788  f2fs_do_sync_file+0x68a/0x1ae0 fs/f2fs/file.c:276  generic_write_sync include/linux/fs.h:2806 [inline]  f2fs_file_write_iter+0x7bd/0x24e0 fs/f2fs/file.c:4977  call_write_iter include/linux/fs.h:2114 [inline]  new_sync_write fs/read_write.c:497 [inline]  vfs_write+0xa72/0xc90 fs/read_write.c:590  ksys_write+0x1a0/0x2c0 fs/read_write.c:643  do_syscall_x64 arch/x86/entry/common.c:52 [inline]  do_syscall_64+0xf5/0x240 arch/x86/entry/common.c:83  entry_SYSCALL_64_after_hwframe+0x77/0x7f","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-42296.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-42296.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/077f0e24b27c4b44841593c7edbd1993be9eecb5","reference_id":"077f0e24b27c4b44841593c7edbd1993be9eecb5","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:10:47Z/"}],"url":"https://git.kernel.org/stable/c/077f0e24b27c4b44841593c7edbd1993be9eecb5"},{"reference_url":"https://git.kernel.org/stable/c/1e7725814361c8c008d131db195cef8274ff26b8","reference_id":"1e7725814361c8c008d131db195cef8274ff26b8","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:10:47Z/"}],"url":"https://git.kernel.org/stable/c/1e7725814361c8c008d131db195cef8274ff26b8"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2305441","reference_id":"2305441","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2305441"},{"reference_url":"https://git.kernel.org/stable/c/47a8ddcdcaccd9b891db4574795e46a33a121ac2","reference_id":"47a8ddcdcaccd9b891db4574795e46a33a121ac2","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:10:47Z/"}],"url":"https://git.kernel.org/stable/c/47a8ddcdcaccd9b891db4574795e46a33a121ac2"},{"reference_url":"https://git.kernel.org/stable/c/70f5ef5f33c333cfb286116fa3af74ac9bc84f1b","reference_id":"70f5ef5f33c333cfb286116fa3af74ac9bc84f1b","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:10:47Z/"}],"url":"https://git.kernel.org/stable/c/70f5ef5f33c333cfb286116fa3af74ac9bc84f1b"},{"reference_url":"https://git.kernel.org/stable/c/a8eb3de28e7a365690c61161e7a07a4fc7c60bbf","reference_id":"a8eb3de28e7a365690c61161e7a07a4fc7c60bbf","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:10:47Z/"}],"url":"https://git.kernel.org/stable/c/a8eb3de28e7a365690c61161e7a07a4fc7c60bbf"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-42296"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1f9p-95pb-kfes"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88916?format=json","vulnerability_id":"VCID-1fan-53ze-auf7","summary":"In the Linux kernel, the following vulnerability has been resolved:  powerpc/rtas: Prevent Spectre v1 gadget construction in sys_rtas()  Smatch warns:    arch/powerpc/kernel/rtas.c:1932 __do_sys_rtas() warn: potential   spectre issue 'args.args' [r] (local cap)  The 'nargs' and 'nret' locals come directly from a user-supplied buffer and are used as indexes into a small stack-based array and as inputs to copy_to_user() after they are subject to bounds checks.  Use array_index_nospec() after the bounds checks to clamp these values for speculative execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-46774.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-46774.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/0974d03eb479384466d828d65637814bee6b26d7","reference_id":"0974d03eb479384466d828d65637814bee6b26d7","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:39:52Z/"}],"url":"https://git.kernel.org/stable/c/0974d03eb479384466d828d65637814bee6b26d7"},{"reference_url":"https://git.kernel.org/stable/c/1f1feff02e9da0dd0cdb195c428c42b5f9b6c771","reference_id":"1f1feff02e9da0dd0cdb195c428c42b5f9b6c771","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:39:52Z/"}],"url":"https://git.kernel.org/stable/c/1f1feff02e9da0dd0cdb195c428c42b5f9b6c771"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2313122","reference_id":"2313122","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2313122"},{"reference_url":"https://git.kernel.org/stable/c/68d8156480940b79227d58865ec5d2947b9384a8","reference_id":"68d8156480940b79227d58865ec5d2947b9384a8","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:39:52Z/"}],"url":"https://git.kernel.org/stable/c/68d8156480940b79227d58865ec5d2947b9384a8"},{"reference_url":"https://git.kernel.org/stable/c/a262c2dc833f2fe1bd5c53a4d899e7077d3b1da9","reference_id":"a262c2dc833f2fe1bd5c53a4d899e7077d3b1da9","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:39:52Z/"}],"url":"https://git.kernel.org/stable/c/a262c2dc833f2fe1bd5c53a4d899e7077d3b1da9"},{"reference_url":"https://git.kernel.org/stable/c/b137af795399d8b657bad1646c18561530f35ed1","reference_id":"b137af795399d8b657bad1646c18561530f35ed1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:39:52Z/"}],"url":"https://git.kernel.org/stable/c/b137af795399d8b657bad1646c18561530f35ed1"},{"reference_url":"https://git.kernel.org/stable/c/d2834ff1d9641a8695a09ea79cd901c7b6d4d05f","reference_id":"d2834ff1d9641a8695a09ea79cd901c7b6d4d05f","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:39:52Z/"}],"url":"https://git.kernel.org/stable/c/d2834ff1d9641a8695a09ea79cd901c7b6d4d05f"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-46774"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1fan-53ze-auf7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/76608?format=json","vulnerability_id":"VCID-1fvw-tgan-77c8","summary":"kernel: loop: Avoid updating block size under exclusive owner","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38709.json","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38709.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2393170","reference_id":"2393170","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2393170"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2025-38709"],"risk_score":2.9,"exploitability":"0.5","weighted_severity":"5.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1fvw-tgan-77c8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85643?format=json","vulnerability_id":"VCID-1gdk-cpvg-wydk","summary":"In the Linux kernel, the following vulnerability has been resolved:  drm/bridge: sii902x: Fix probing race issue  A null pointer dereference crash has been observed rarely on TI platforms using sii9022 bridge:  [   53.271356]  sii902x_get_edid+0x34/0x70 [sii902x] [   53.276066]  sii902x_bridge_get_edid+0x14/0x20 [sii902x] [   53.281381]  drm_bridge_get_edid+0x20/0x34 [drm] [   53.286305]  drm_bridge_connector_get_modes+0x8c/0xcc [drm_kms_helper] [   53.292955]  drm_helper_probe_single_connector_modes+0x190/0x538 [drm_kms_helper] [   53.300510]  drm_client_modeset_probe+0x1f0/0xbd4 [drm] [   53.305958]  __drm_fb_helper_initial_config_and_unlock+0x50/0x510 [drm_kms_helper] [   53.313611]  drm_fb_helper_initial_config+0x48/0x58 [drm_kms_helper] [   53.320039]  drm_fbdev_dma_client_hotplug+0x84/0xd4 [drm_dma_helper] [   53.326401]  drm_client_register+0x5c/0xa0 [drm] [   53.331216]  drm_fbdev_dma_setup+0xc8/0x13c [drm_dma_helper] [   53.336881]  tidss_probe+0x128/0x264 [tidss] [   53.341174]  platform_probe+0x68/0xc4 [   53.344841]  really_probe+0x188/0x3c4 [   53.348501]  __driver_probe_device+0x7c/0x16c [   53.352854]  driver_probe_device+0x3c/0x10c [   53.357033]  __device_attach_driver+0xbc/0x158 [   53.361472]  bus_for_each_drv+0x88/0xe8 [   53.365303]  __device_attach+0xa0/0x1b4 [   53.369135]  device_initial_probe+0x14/0x20 [   53.373314]  bus_probe_device+0xb0/0xb4 [   53.377145]  deferred_probe_work_func+0xcc/0x124 [   53.381757]  process_one_work+0x1f0/0x518 [   53.385770]  worker_thread+0x1e8/0x3dc [   53.389519]  kthread+0x11c/0x120 [   53.392750]  ret_from_fork+0x10/0x20  The issue here is as follows:  - tidss probes, but is deferred as sii902x is still missing. - sii902x starts probing and enters sii902x_init(). - sii902x calls drm_bridge_add(). Now the sii902x bridge is ready from   DRM's perspective. - sii902x calls sii902x_audio_codec_init() and   platform_device_register_data() - The registration of the audio platform device causes probing of the   deferred devices. - tidss probes, which eventually causes sii902x_bridge_get_edid() to be   called. - sii902x_bridge_get_edid() tries to use the i2c to read the edid.   However, the sii902x driver has not set up the i2c part yet, leading   to the crash.  Fix this by moving the drm_bridge_add() to the end of the sii902x_init(), which is also at the very end of sii902x_probe().","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26607.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26607.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/08ac6f132dd77e40f786d8af51140c96c6d739c9","reference_id":"08ac6f132dd77e40f786d8af51140c96c6d739c9","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-21T16:25:38Z/"}],"url":"https://git.kernel.org/stable/c/08ac6f132dd77e40f786d8af51140c96c6d739c9"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2267080","reference_id":"2267080","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2267080"},{"reference_url":"https://git.kernel.org/stable/c/2a4c6af7934a7b4c304542c38fee35e09cc1770c","reference_id":"2a4c6af7934a7b4c304542c38fee35e09cc1770c","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-21T16:25:38Z/"}],"url":"https://git.kernel.org/stable/c/2a4c6af7934a7b4c304542c38fee35e09cc1770c"},{"reference_url":"https://git.kernel.org/stable/c/56f96cf6eb11a1c2d594367c3becbfb06a855ec1","reference_id":"56f96cf6eb11a1c2d594367c3becbfb06a855ec1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-21T16:25:38Z/"}],"url":"https://git.kernel.org/stable/c/56f96cf6eb11a1c2d594367c3becbfb06a855ec1"},{"reference_url":"https://git.kernel.org/stable/c/e0f83c234ea7a3dec1f84e5d02caa1c51664a076","reference_id":"e0f83c234ea7a3dec1f84e5d02caa1c51664a076","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-21T16:25:38Z/"}],"url":"https://git.kernel.org/stable/c/e0f83c234ea7a3dec1f84e5d02caa1c51664a076"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-26607"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1gdk-cpvg-wydk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61013?format=json","vulnerability_id":"VCID-1gs1-55u4-bqee","summary":"kernel: ALSA: mixer: oss: Add card disconnect checkpoints","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43126.json","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43126.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467225","reference_id":"2467225","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467225"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-43126"],"risk_score":3.2,"exploitability":"0.5","weighted_severity":"6.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1gs1-55u4-bqee"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64788?format=json","vulnerability_id":"VCID-1gz6-5jgt-8ube","summary":"kernel: netfilter: nf_tables: unconditionally bump set->nelems before insertion","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23272.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23272.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2449571","reference_id":"2449571","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2449571"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2026-23272"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1gz6-5jgt-8ube"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83553?format=json","vulnerability_id":"VCID-1hj7-54q5-7kf5","summary":"In the Linux kernel, the following vulnerability has been resolved:  ASoC: Intel: sof_sdw: handle errors on card registration  If the card registration fails, typically because of deferred probes, the device properties added for headset codecs are not removed, which leads to kernel oopses in driver bind/unbind tests.  We already clean-up the device properties when the card is removed, this code can be moved as a helper and called upon card registration errors.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49617.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49617.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49617","reference_id":"","reference_type":"","scores":[{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21804","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49617"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2347995","reference_id":"2347995","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2347995"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-49617"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1hj7-54q5-7kf5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85987?format=json","vulnerability_id":"VCID-1huv-3vwr-jybe","summary":"In the Linux kernel, the following vulnerability has been resolved:  nvmet-fc: avoid deadlock on delete association path  When deleting an association the shutdown path is deadlocking because we try to flush the nvmet_wq nested. Avoid this by deadlock by deferring the put work into its own work item.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26769.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26769.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/1d86f79287206deec36d63b89c741cf542b6cadd","reference_id":"1d86f79287206deec36d63b89c741cf542b6cadd","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-16T14:13:29Z/"}],"url":"https://git.kernel.org/stable/c/1d86f79287206deec36d63b89c741cf542b6cadd"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2273180","reference_id":"2273180","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2273180"},{"reference_url":"https://git.kernel.org/stable/c/5e0bc09a52b6169ce90f7ac6e195791adb16cec4","reference_id":"5e0bc09a52b6169ce90f7ac6e195791adb16cec4","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-16T14:13:29Z/"}],"url":"https://git.kernel.org/stable/c/5e0bc09a52b6169ce90f7ac6e195791adb16cec4"},{"reference_url":"https://git.kernel.org/stable/c/710c69dbaccdac312e32931abcb8499c1525d397","reference_id":"710c69dbaccdac312e32931abcb8499c1525d397","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-16T14:13:29Z/"}],"url":"https://git.kernel.org/stable/c/710c69dbaccdac312e32931abcb8499c1525d397"},{"reference_url":"https://git.kernel.org/stable/c/9e6987f8937a7bd7516aa52f25cb7e12c0c92ee8","reference_id":"9e6987f8937a7bd7516aa52f25cb7e12c0c92ee8","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-16T14:13:29Z/"}],"url":"https://git.kernel.org/stable/c/9e6987f8937a7bd7516aa52f25cb7e12c0c92ee8"},{"reference_url":"https://git.kernel.org/stable/c/eaf0971fdabf2a93c1429dc6bedf3bbe85dffa30","reference_id":"eaf0971fdabf2a93c1429dc6bedf3bbe85dffa30","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-16T14:13:29Z/"}],"url":"https://git.kernel.org/stable/c/eaf0971fdabf2a93c1429dc6bedf3bbe85dffa30"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7000","reference_id":"RHSA-2024:7000","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7000"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7001","reference_id":"RHSA-2024:7001","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7001"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-26769"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1huv-3vwr-jybe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59582?format=json","vulnerability_id":"VCID-1jad-f5dd-3fez","summary":"kernel: wifi: mwifiex: fix use-after-free in mwifiex_adapter_cleanup()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46069.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46069.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482116","reference_id":"2482116","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482116"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-46069"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1jad-f5dd-3fez"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61121?format=json","vulnerability_id":"VCID-1jh4-z86q-c3ax","summary":"kernel: x86-64: rename misleadingly named '__copy_user_nocache()' function","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43073.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43073.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2466792","reference_id":"2466792","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2466792"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-43073"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1jh4-z86q-c3ax"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86890?format=json","vulnerability_id":"VCID-1pnf-prn5-2fhq","summary":"In the Linux kernel, the following vulnerability has been resolved:  ax25: fix use-after-free bugs caused by ax25_ds_del_timer  When the ax25 device is detaching, the ax25_dev_device_down() calls ax25_ds_del_timer() to cleanup the slave_timer. When the timer handler is running, the ax25_ds_del_timer() that calls del_timer() in it will return directly. As a result, the use-after-free bugs could happen, one of the scenarios is shown below:        (Thread 1)          |      (Thread 2)                           | ax25_ds_timeout() ax25_dev_device_down()    |   ax25_ds_del_timer()     |     del_timer()           |   ax25_dev_put() //FREE   |                           |  ax25_dev-> //USE  In order to mitigate bugs, when the device is detaching, use timer_shutdown_sync() to stop the timer.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-35887.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-35887.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2281695","reference_id":"2281695","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2281695"},{"reference_url":"https://git.kernel.org/stable/c/74204bf9050f7627aead9875fe4e07ba125cb19b","reference_id":"74204bf9050f7627aead9875fe4e07ba125cb19b","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-29T18:31:26Z/"}],"url":"https://git.kernel.org/stable/c/74204bf9050f7627aead9875fe4e07ba125cb19b"},{"reference_url":"https://git.kernel.org/stable/c/c6a368f9c7af4c14b14d390c2543af8001c9bdb9","reference_id":"c6a368f9c7af4c14b14d390c2543af8001c9bdb9","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-29T18:31:26Z/"}],"url":"https://git.kernel.org/stable/c/c6a368f9c7af4c14b14d390c2543af8001c9bdb9"},{"reference_url":"https://git.kernel.org/stable/c/fd819ad3ecf6f3c232a06b27423ce9ed8c20da89","reference_id":"fd819ad3ecf6f3c232a06b27423ce9ed8c20da89","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-29T18:31:26Z/"}],"url":"https://git.kernel.org/stable/c/fd819ad3ecf6f3c232a06b27423ce9ed8c20da89"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-35887"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1pnf-prn5-2fhq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83902?format=json","vulnerability_id":"VCID-1pp9-sx9y-b3e7","summary":"kernel: fbdev: hyperv_fb: Allow graceful removal of framebuffer","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21976.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21976.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2356664","reference_id":"2356664","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2356664"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:20095","reference_id":"RHSA-2025:20095","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:20095"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2025-21976"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1pp9-sx9y-b3e7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87262?format=json","vulnerability_id":"VCID-1pqd-rvyw-p3aj","summary":"In the Linux kernel, the following vulnerability has been resolved:  drm/amdkfd: range check cp bad op exception interrupts  Due to a CP interrupt bug, bad packet garbage exception codes are raised. Do a range check so that the debugger and runtime do not receive garbage codes. Update the user api to guard exception code type checking as well.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-36951.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-36951.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/0cac183b98d8a8c692c98e8dba37df15a9e9210d","reference_id":"0cac183b98d8a8c692c98e8dba37df15a9e9210d","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-30T18:43:30Z/"}],"url":"https://git.kernel.org/stable/c/0cac183b98d8a8c692c98e8dba37df15a9e9210d"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2284600","reference_id":"2284600","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2284600"},{"reference_url":"https://git.kernel.org/stable/c/41dc6791596656dd41100b85647ed489e1d5c2f2","reference_id":"41dc6791596656dd41100b85647ed489e1d5c2f2","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-30T18:43:30Z/"}],"url":"https://git.kernel.org/stable/c/41dc6791596656dd41100b85647ed489e1d5c2f2"},{"reference_url":"https://git.kernel.org/stable/c/b6735bfe941486c5dfc9c3085d2d75d4923f9449","reference_id":"b6735bfe941486c5dfc9c3085d2d75d4923f9449","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-30T18:43:30Z/"}],"url":"https://git.kernel.org/stable/c/b6735bfe941486c5dfc9c3085d2d75d4923f9449"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-36951"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1pqd-rvyw-p3aj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88060?format=json","vulnerability_id":"VCID-1qkb-bkts-a3hg","summary":"kernel: drm/amd/display: Add null check for head_pipe in dcn201_acquire_free_pipe_for_layer","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-49919.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-49919.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/16ce8fd94da8599bb6f0496895d392a69aead1c0","reference_id":"16ce8fd94da8599bb6f0496895d392a69aead1c0","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:40:36Z/"}],"url":"https://git.kernel.org/stable/c/16ce8fd94da8599bb6f0496895d392a69aead1c0"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2320470","reference_id":"2320470","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2320470"},{"reference_url":"https://git.kernel.org/stable/c/390d757621f5f35d11a63ed7d9d3262ead240064","reference_id":"390d757621f5f35d11a63ed7d9d3262ead240064","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:40:36Z/"}],"url":"https://git.kernel.org/stable/c/390d757621f5f35d11a63ed7d9d3262ead240064"},{"reference_url":"https://git.kernel.org/stable/c/8a1b1655a490a492a5a6987254c935ecce4eb9de","reference_id":"8a1b1655a490a492a5a6987254c935ecce4eb9de","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:40:36Z/"}],"url":"https://git.kernel.org/stable/c/8a1b1655a490a492a5a6987254c935ecce4eb9de"},{"reference_url":"https://git.kernel.org/stable/c/f22f4754aaa47d8c59f166ba3042182859e5dff7","reference_id":"f22f4754aaa47d8c59f166ba3042182859e5dff7","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:40:36Z/"}],"url":"https://git.kernel.org/stable/c/f22f4754aaa47d8c59f166ba3042182859e5dff7"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-49919"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1qkb-bkts-a3hg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84761?format=json","vulnerability_id":"VCID-1rfn-bwf4-cbhj","summary":"In the Linux kernel, the following vulnerability has been resolved:  virtio-blk: fix implicit overflow on virtio_max_dma_size  The following codes have an implicit conversion from size_t to u32: (u32)max_size = (size_t)virtio_max_dma_size(vdev);  This may lead overflow, Ex (size_t)4G -> (u32)0. Once virtio_max_dma_size() has a larger size than U32_MAX, use U32_MAX instead.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52762.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52762.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/017278f141141367f7d14b203e930b45b6ffffb9","reference_id":"017278f141141367f7d14b203e930b45b6ffffb9","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:37:09Z/"}],"url":"https://git.kernel.org/stable/c/017278f141141367f7d14b203e930b45b6ffffb9"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2282623","reference_id":"2282623","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2282623"},{"reference_url":"https://git.kernel.org/stable/c/472bd4787406bef2e8b41ee4c74d960a06a49a48","reference_id":"472bd4787406bef2e8b41ee4c74d960a06a49a48","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:37:09Z/"}],"url":"https://git.kernel.org/stable/c/472bd4787406bef2e8b41ee4c74d960a06a49a48"},{"reference_url":"https://git.kernel.org/stable/c/72775cad7f572bb2501f9ea609e1d20e68f0b38b","reference_id":"72775cad7f572bb2501f9ea609e1d20e68f0b38b","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:37:09Z/"}],"url":"https://git.kernel.org/stable/c/72775cad7f572bb2501f9ea609e1d20e68f0b38b"},{"reference_url":"https://git.kernel.org/stable/c/d667fe301dcbcb12d1d6494fc4b8abee2cb75d90","reference_id":"d667fe301dcbcb12d1d6494fc4b8abee2cb75d90","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:37:09Z/"}],"url":"https://git.kernel.org/stable/c/d667fe301dcbcb12d1d6494fc4b8abee2cb75d90"},{"reference_url":"https://git.kernel.org/stable/c/fafb51a67fb883eb2dde352539df939a251851be","reference_id":"fafb51a67fb883eb2dde352539df939a251851be","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:37:09Z/"}],"url":"https://git.kernel.org/stable/c/fafb51a67fb883eb2dde352539df939a251851be"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5101","reference_id":"RHSA-2024:5101","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5101"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5102","reference_id":"RHSA-2024:5102","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5102"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9315","reference_id":"RHSA-2024:9315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9315"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3935","reference_id":"RHSA-2025:3935","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3935"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-52762"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1rfn-bwf4-cbhj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59113?format=json","vulnerability_id":"VCID-1spb-f3x7-63es","summary":"kernel: mptcp: pm: ADD_ADDR rtx: free sk if last","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46170.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46170.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482542","reference_id":"2482542","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482542"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2026-46170"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1spb-f3x7-63es"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72271?format=json","vulnerability_id":"VCID-1sqd-m1nu-vfbs","summary":"kernel: ipv6: use RCU in ip6_xmit()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40135.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40135.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2414521","reference_id":"2414521","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2414521"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1690","reference_id":"RHSA-2026:1690","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1690"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2212","reference_id":"RHSA-2026:2212","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2212"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2264","reference_id":"RHSA-2026:2264","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2264"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22964","reference_id":"RHSA-2026:22964","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22964"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:23237","reference_id":"RHSA-2026:23237","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:23237"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2378","reference_id":"RHSA-2026:2378","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2378"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-40135"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1sqd-m1nu-vfbs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59439?format=json","vulnerability_id":"VCID-1tbz-yhnv-r3f4","summary":"kernel: rcu: Fix rcu_read_unlock() deadloop due to softirq","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45957.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45957.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482013","reference_id":"2482013","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482013"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-45957"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1tbz-yhnv-r3f4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84133?format=json","vulnerability_id":"VCID-1tfy-5k9r-bfe6","summary":"kernel: bnxt: Do not read past the end of test names","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53010.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53010.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2355506","reference_id":"2355506","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2355506"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6583","reference_id":"RHSA-2023:6583","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6583"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7077","reference_id":"RHSA-2023:7077","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7077"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-53010"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1tfy-5k9r-bfe6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88480?format=json","vulnerability_id":"VCID-1tjg-efzw-1kap","summary":"kernel: fsnotify: clear PARENT_WATCHED flags lazily","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47660.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47660.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/172e422ffea20a89bfdc672741c1aad6fbb5044e","reference_id":"172e422ffea20a89bfdc672741c1aad6fbb5044e","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:23:14Z/"}],"url":"https://git.kernel.org/stable/c/172e422ffea20a89bfdc672741c1aad6fbb5044e"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2317584","reference_id":"2317584","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2317584"},{"reference_url":"https://git.kernel.org/stable/c/3f3ef1d9f66b93913ce2171120d9226b55acd41d","reference_id":"3f3ef1d9f66b93913ce2171120d9226b55acd41d","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:23:14Z/"}],"url":"https://git.kernel.org/stable/c/3f3ef1d9f66b93913ce2171120d9226b55acd41d"},{"reference_url":"https://git.kernel.org/stable/c/7ef1d2e240c32b1f337a37232d037b07e3919e1a","reference_id":"7ef1d2e240c32b1f337a37232d037b07e3919e1a","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:23:14Z/"}],"url":"https://git.kernel.org/stable/c/7ef1d2e240c32b1f337a37232d037b07e3919e1a"},{"reference_url":"https://git.kernel.org/stable/c/d8c42405fc3507cc43ba7e4986a773c3fc633f6e","reference_id":"d8c42405fc3507cc43ba7e4986a773c3fc633f6e","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:23:14Z/"}],"url":"https://git.kernel.org/stable/c/d8c42405fc3507cc43ba7e4986a773c3fc633f6e"},{"reference_url":"https://git.kernel.org/stable/c/f9a48bc3dd9099935751458a5bbbea4b7c28abc8","reference_id":"f9a48bc3dd9099935751458a5bbbea4b7c28abc8","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:23:14Z/"}],"url":"https://git.kernel.org/stable/c/f9a48bc3dd9099935751458a5bbbea4b7c28abc8"},{"reference_url":"https://git.kernel.org/stable/c/fc1b1e135c3f72382f792e6c319fc088d5523ad5","reference_id":"fc1b1e135c3f72382f792e6c319fc088d5523ad5","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:23:14Z/"}],"url":"https://git.kernel.org/stable/c/fc1b1e135c3f72382f792e6c319fc088d5523ad5"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:6966","reference_id":"RHSA-2025:6966","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:6966"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-47660"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1tjg-efzw-1kap"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82854?format=json","vulnerability_id":"VCID-1tvs-pf61-sqdp","summary":"In the Linux kernel, the following vulnerability has been resolved:  scsi: qla2xxx: Fix premature hw access after PCI error  After a recoverable PCI error has been detected and recovered, qla driver needs to check to see if the error condition still persist and/or wait for the OS to give the resume signal.  Sep  8 22:26:03 localhost kernel: WARNING: CPU: 9 PID: 124606 at qla_tmpl.c:440 qla27xx_fwdt_entry_t266+0x55/0x60 [qla2xxx] Sep  8 22:26:03 localhost kernel: RIP: 0010:qla27xx_fwdt_entry_t266+0x55/0x60 [qla2xxx] Sep  8 22:26:03 localhost kernel: Call Trace: Sep  8 22:26:03 localhost kernel: ? qla27xx_walk_template+0xb1/0x1b0 [qla2xxx] Sep  8 22:26:03 localhost kernel: ? qla27xx_execute_fwdt_template+0x12a/0x160 [qla2xxx] Sep  8 22:26:03 localhost kernel: ? qla27xx_fwdump+0xa0/0x1c0 [qla2xxx] Sep  8 22:26:03 localhost kernel: ? qla2xxx_pci_mmio_enabled+0xfb/0x120 [qla2xxx] Sep  8 22:26:03 localhost kernel: ? report_mmio_enabled+0x44/0x80 Sep  8 22:26:03 localhost kernel: ? report_slot_reset+0x80/0x80 Sep  8 22:26:03 localhost kernel: ? pci_walk_bus+0x70/0x90 Sep  8 22:26:03 localhost kernel: ? aer_dev_correctable_show+0xc0/0xc0 Sep  8 22:26:03 localhost kernel: ? pcie_do_recovery+0x1bb/0x240 Sep  8 22:26:03 localhost kernel: ? aer_recover_work_func+0xaa/0xd0 Sep  8 22:26:03 localhost kernel: ? process_one_work+0x1a7/0x360 .. Sep  8 22:26:03 localhost kernel: qla2xxx [0000:42:00.2]-8041:22: detected PCI disconnect. Sep  8 22:26:03 localhost kernel: qla2xxx [0000:42:00.2]-107ff:22: qla27xx_fwdt_entry_t262: dump ram MB failed. Area 5h start 198013h end 198013h Sep  8 22:26:03 localhost kernel: qla2xxx [0000:42:00.2]-107ff:22: Unable to capture FW dump Sep  8 22:26:03 localhost kernel: qla2xxx [0000:42:00.2]-1015:22: cmd=0x0, waited 5221 msecs Sep  8 22:26:03 localhost kernel: qla2xxx [0000:42:00.2]-680d:22: mmio enabled returning. Sep  8 22:26:03 localhost kernel: qla2xxx [0000:42:00.2]-d04c:22: MBX Command timeout for cmd 0, iocontrol=ffffffff jiffies=10140f2e5 mb[0-3]=[0xffff 0xffff 0xffff 0xffff]","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49157.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49157.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49157","reference_id":"","reference_type":"","scores":[{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01448","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49157"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2348333","reference_id":"2348333","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2348333"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-49157"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1tvs-pf61-sqdp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59547?format=json","vulnerability_id":"VCID-1ukf-fgp9-uud3","summary":"kernel: net: qrtr: ns: Limit the maximum number of lookups","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46026.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46026.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482092","reference_id":"2482092","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482092"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-46026"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1ukf-fgp9-uud3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81907?format=json","vulnerability_id":"VCID-1v3m-p5gz-1bbh","summary":"kernel: um: work around sched_yield not yielding in time-travel mode","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-37880.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-37880.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2365244","reference_id":"2365244","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2365244"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2025-37880"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1v3m-p5gz-1bbh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85337?format=json","vulnerability_id":"VCID-1vmh-cf89-qff8","summary":"kernel: scsi: storvsc: Ratelimit warning logs to prevent VM denial of service","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21690.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21690.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/01d1ebdab9ccb73c952e1666a8a80abd194dbc55","reference_id":"01d1ebdab9ccb73c952e1666a8a80abd194dbc55","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:51:27Z/"}],"url":"https://git.kernel.org/stable/c/01d1ebdab9ccb73c952e1666a8a80abd194dbc55"},{"reference_url":"https://git.kernel.org/stable/c/088bde862f8d3d0fc52e40e66a0484a246837087","reference_id":"088bde862f8d3d0fc52e40e66a0484a246837087","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:51:27Z/"}],"url":"https://git.kernel.org/stable/c/088bde862f8d3d0fc52e40e66a0484a246837087"},{"reference_url":"https://git.kernel.org/stable/c/182a4b7c731e95c08cb47f14b87a272b6ab2b2da","reference_id":"182a4b7c731e95c08cb47f14b87a272b6ab2b2da","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:51:27Z/"}],"url":"https://git.kernel.org/stable/c/182a4b7c731e95c08cb47f14b87a272b6ab2b2da"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2344688","reference_id":"2344688","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2344688"},{"reference_url":"https://git.kernel.org/stable/c/81d4dd05c412ba04f9f6b85b718e6da833be290c","reference_id":"81d4dd05c412ba04f9f6b85b718e6da833be290c","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:51:27Z/"}],"url":"https://git.kernel.org/stable/c/81d4dd05c412ba04f9f6b85b718e6da833be290c"},{"reference_url":"https://git.kernel.org/stable/c/d0f0af1bafef33b3e2aa8c3a4ef44db48df9b0ea","reference_id":"d0f0af1bafef33b3e2aa8c3a4ef44db48df9b0ea","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:51:27Z/"}],"url":"https://git.kernel.org/stable/c/d0f0af1bafef33b3e2aa8c3a4ef44db48df9b0ea"},{"reference_url":"https://git.kernel.org/stable/c/d2138eab8cde61e0e6f62d0713e45202e8457d6d","reference_id":"d2138eab8cde61e0e6f62d0713e45202e8457d6d","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:51:27Z/"}],"url":"https://git.kernel.org/stable/c/d2138eab8cde61e0e6f62d0713e45202e8457d6d"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-21690"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1vmh-cf89-qff8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/67848?format=json","vulnerability_id":"VCID-1zp3-b7b7-e7fg","summary":"kernel: net: hv_netvsc: reject RSS hash key programming without RX indirection table","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23054.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23054.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2436818","reference_id":"2436818","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2436818"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2026-23054"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1zp3-b7b7-e7fg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88483?format=json","vulnerability_id":"VCID-21h8-ems3-gub1","summary":"kernel: wifi: iwlwifi: mvm: pause TCM when the firmware is stopped","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47673.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47673.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/0668ebc8c2282ca1e7eb96092a347baefffb5fe7","reference_id":"0668ebc8c2282ca1e7eb96092a347baefffb5fe7","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:19:40Z/"}],"url":"https://git.kernel.org/stable/c/0668ebc8c2282ca1e7eb96092a347baefffb5fe7"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2317592","reference_id":"2317592","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2317592"},{"reference_url":"https://git.kernel.org/stable/c/2c61b561baf92a2860c76c2302a62169e22c21cc","reference_id":"2c61b561baf92a2860c76c2302a62169e22c21cc","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:19:40Z/"}],"url":"https://git.kernel.org/stable/c/2c61b561baf92a2860c76c2302a62169e22c21cc"},{"reference_url":"https://git.kernel.org/stable/c/55086c97a55d781b04a2667401c75ffde190135c","reference_id":"55086c97a55d781b04a2667401c75ffde190135c","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:19:40Z/"}],"url":"https://git.kernel.org/stable/c/55086c97a55d781b04a2667401c75ffde190135c"},{"reference_url":"https://git.kernel.org/stable/c/5948a191906b54e10f02f6b7a7670243a39f99f4","reference_id":"5948a191906b54e10f02f6b7a7670243a39f99f4","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:19:40Z/"}],"url":"https://git.kernel.org/stable/c/5948a191906b54e10f02f6b7a7670243a39f99f4"},{"reference_url":"https://git.kernel.org/stable/c/a15df5f37fa3a8b7a8ec7a339d1e897bc524e28f","reference_id":"a15df5f37fa3a8b7a8ec7a339d1e897bc524e28f","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:19:40Z/"}],"url":"https://git.kernel.org/stable/c/a15df5f37fa3a8b7a8ec7a339d1e897bc524e28f"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-47673"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-21h8-ems3-gub1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84976?format=json","vulnerability_id":"VCID-22qe-9k22-skeh","summary":"kernel: drm/msm/gem: prevent integer overflow in msm_ioctl_gem_submit()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-52559.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-52559.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2348535","reference_id":"2348535","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2348535"},{"reference_url":"https://git.kernel.org/stable/c/2b99b2c4621d13bd4374ef384e8f1fc188d0a5df","reference_id":"2b99b2c4621d13bd4374ef384e8f1fc188d0a5df","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:30:56Z/"}],"url":"https://git.kernel.org/stable/c/2b99b2c4621d13bd4374ef384e8f1fc188d0a5df"},{"reference_url":"https://git.kernel.org/stable/c/2f1845e46c41ed500789d53dc45b383b7745c96c","reference_id":"2f1845e46c41ed500789d53dc45b383b7745c96c","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:30:56Z/"}],"url":"https://git.kernel.org/stable/c/2f1845e46c41ed500789d53dc45b383b7745c96c"},{"reference_url":"https://git.kernel.org/stable/c/3a47f4b439beb98e955d501c609dfd12b7836d61","reference_id":"3a47f4b439beb98e955d501c609dfd12b7836d61","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:30:56Z/"}],"url":"https://git.kernel.org/stable/c/3a47f4b439beb98e955d501c609dfd12b7836d61"},{"reference_url":"https://git.kernel.org/stable/c/e43a0f1327a1ee70754f8a0de6e0262cfa3e0b87","reference_id":"e43a0f1327a1ee70754f8a0de6e0262cfa3e0b87","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:30:56Z/"}],"url":"https://git.kernel.org/stable/c/e43a0f1327a1ee70754f8a0de6e0262cfa3e0b87"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-52559"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-22qe-9k22-skeh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60730?format=json","vulnerability_id":"VCID-25eu-bfsu-qkhe","summary":"kernel: drm/vc4: Fix memory leak of BO array in hang state","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43105.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43105.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467007","reference_id":"2467007","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467007"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-43105"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-25eu-bfsu-qkhe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69503?format=json","vulnerability_id":"VCID-25vf-su17-9kap","summary":"kernel: iio: accel: bmc150: Fix irq assumption regression","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68330.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68330.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2424334","reference_id":"2424334","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2424334"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-68330"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-25vf-su17-9kap"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86423?format=json","vulnerability_id":"VCID-27bb-nmga-s7e3","summary":"In the Linux kernel, the following vulnerability has been resolved:  tracing/trigger: Fix to return error if failed to alloc snapshot  Fix register_snapshot_trigger() to return error code if it failed to allocate a snapshot instead of 0 (success). Unless that, it will register snapshot trigger without an error.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26920.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26920.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/0958b33ef5a04ed91f61cef4760ac412080c4e08","reference_id":"0958b33ef5a04ed91f61cef4760ac412080c4e08","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-28T19:45:09Z/"}],"url":"https://git.kernel.org/stable/c/0958b33ef5a04ed91f61cef4760ac412080c4e08"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2275775","reference_id":"2275775","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2275775"},{"reference_url":"https://git.kernel.org/stable/c/36be97e9eb535fe3008a5cb040b1e56f29f2e398","reference_id":"36be97e9eb535fe3008a5cb040b1e56f29f2e398","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-28T19:45:09Z/"}],"url":"https://git.kernel.org/stable/c/36be97e9eb535fe3008a5cb040b1e56f29f2e398"},{"reference_url":"https://git.kernel.org/stable/c/4b001ef14baab16b553a002cb9979e31b8fc0c6b","reference_id":"4b001ef14baab16b553a002cb9979e31b8fc0c6b","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-28T19:45:09Z/"}],"url":"https://git.kernel.org/stable/c/4b001ef14baab16b553a002cb9979e31b8fc0c6b"},{"reference_url":"https://git.kernel.org/stable/c/6022c065c9ec465d84cebff8f480db083e4ee06b","reference_id":"6022c065c9ec465d84cebff8f480db083e4ee06b","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-28T19:45:09Z/"}],"url":"https://git.kernel.org/stable/c/6022c065c9ec465d84cebff8f480db083e4ee06b"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9315","reference_id":"RHSA-2024:9315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9315"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-26920"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-27bb-nmga-s7e3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/76133?format=json","vulnerability_id":"VCID-29u4-1tzu-73g2","summary":"kernel: parisc: Revise __get_user() to probe user read access","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39716.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39716.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2393482","reference_id":"2393482","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2393482"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-39716"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-29u4-1tzu-73g2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70242?format=json","vulnerability_id":"VCID-2brz-3f7f-yqcm","summary":"kernel: f2fs: fix to do sanity check on direct node in truncate_dnode()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53846.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53846.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2420324","reference_id":"2420324","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2420324"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2023-53846"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2brz-3f7f-yqcm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88903?format=json","vulnerability_id":"VCID-2c26-nuap-uqfa","summary":"In the Linux kernel, the following vulnerability has been resolved:  pci/hotplug/pnv_php: Fix hotplug driver crash on Powernv  The hotplug driver for powerpc (pci/hotplug/pnv_php.c) causes a kernel crash when we try to hot-unplug/disable the PCIe switch/bridge from the PHB.  The crash occurs because although the MSI data structure has been released during disable/hot-unplug path and it has been assigned with NULL, still during unregistration the code was again trying to explicitly disable the MSI which causes the NULL pointer dereference and kernel crash.  The patch fixes the check during unregistration path to prevent invoking pci_disable_msi/msix() since its data structure is already freed.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-46761.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-46761.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2313109","reference_id":"2313109","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2313109"},{"reference_url":"https://git.kernel.org/stable/c/335e35b748527f0c06ded9eebb65387f60647fda","reference_id":"335e35b748527f0c06ded9eebb65387f60647fda","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:43:48Z/"}],"url":"https://git.kernel.org/stable/c/335e35b748527f0c06ded9eebb65387f60647fda"},{"reference_url":"https://git.kernel.org/stable/c/438d522227374042b5c8798f8ce83bbe479dca4d","reference_id":"438d522227374042b5c8798f8ce83bbe479dca4d","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:43:48Z/"}],"url":"https://git.kernel.org/stable/c/438d522227374042b5c8798f8ce83bbe479dca4d"},{"reference_url":"https://git.kernel.org/stable/c/4eb4085c1346d19d4a05c55246eb93e74e671048","reference_id":"4eb4085c1346d19d4a05c55246eb93e74e671048","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:43:48Z/"}],"url":"https://git.kernel.org/stable/c/4eb4085c1346d19d4a05c55246eb93e74e671048"},{"reference_url":"https://git.kernel.org/stable/c/b82d4d5c736f4fd2ed224c35f554f50d1953d21e","reference_id":"b82d4d5c736f4fd2ed224c35f554f50d1953d21e","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:43:48Z/"}],"url":"https://git.kernel.org/stable/c/b82d4d5c736f4fd2ed224c35f554f50d1953d21e"},{"reference_url":"https://git.kernel.org/stable/c/bc1faed19db95abf0933b104910a3fb01b138f59","reference_id":"bc1faed19db95abf0933b104910a3fb01b138f59","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:43:48Z/"}],"url":"https://git.kernel.org/stable/c/bc1faed19db95abf0933b104910a3fb01b138f59"},{"reference_url":"https://git.kernel.org/stable/c/bfc44075b19740d372f989f21dd03168bfda0689","reference_id":"bfc44075b19740d372f989f21dd03168bfda0689","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:43:48Z/"}],"url":"https://git.kernel.org/stable/c/bfc44075b19740d372f989f21dd03168bfda0689"},{"reference_url":"https://git.kernel.org/stable/c/c0d8094dc740cfacf3775bbc6a1c4720459e8de4","reference_id":"c0d8094dc740cfacf3775bbc6a1c4720459e8de4","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:43:48Z/"}],"url":"https://git.kernel.org/stable/c/c0d8094dc740cfacf3775bbc6a1c4720459e8de4"},{"reference_url":"https://git.kernel.org/stable/c/c4c681999d385e28f84808bbf3a85ea8e982da55","reference_id":"c4c681999d385e28f84808bbf3a85ea8e982da55","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:43:48Z/"}],"url":"https://git.kernel.org/stable/c/c4c681999d385e28f84808bbf3a85ea8e982da55"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:6966","reference_id":"RHSA-2025:6966","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:6966"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-46761"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2c26-nuap-uqfa"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59457?format=json","vulnerability_id":"VCID-2cbk-z139-8fdc","summary":"kernel: selinux: fix overlayfs mmap() and mprotect() access checks","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46054.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46054.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482025","reference_id":"2482025","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482025"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2026-46054"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2cbk-z139-8fdc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62404?format=json","vulnerability_id":"VCID-2d46-pau7-pygs","summary":"kernel: scsi: ibmvfc: Fix OOB access in ibmvfc_discover_targets_done()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31464.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31464.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460715","reference_id":"2460715","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460715"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2026-31464"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2d46-pau7-pygs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84520?format=json","vulnerability_id":"VCID-2dd1-k12q-suf8","summary":"In the Linux kernel, the following vulnerability has been resolved:  media: rkisp1: Fix IRQ disable race issue  In rkisp1_isp_stop() and rkisp1_csi_disable() the driver masks the interrupts and then apparently assumes that the interrupt handler won't be running, and proceeds in the stop procedure. This is not the case, as the interrupt handler can already be running, which would lead to the ISP being disabled while the interrupt handler handling a captured frame.  This brings up two issues: 1) the ISP could be powered off while the interrupt handler is still running and accessing registers, leading to board lockup, and 2) the interrupt handler code and the code that disables the streaming might do things that conflict.  It is not clear to me if 2) causes a real issue, but 1) can be seen with a suitable delay (or printk in my case) in the interrupt handler, leading to board lockup.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52589.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52589.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2268327","reference_id":"2268327","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2268327"},{"reference_url":"https://git.kernel.org/stable/c/7bb1a2822aa2c2de4e09bf7c56dd93bd532f1fa7","reference_id":"7bb1a2822aa2c2de4e09bf7c56dd93bd532f1fa7","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-06T16:44:57Z/"}],"url":"https://git.kernel.org/stable/c/7bb1a2822aa2c2de4e09bf7c56dd93bd532f1fa7"},{"reference_url":"https://git.kernel.org/stable/c/870565f063a58576e8a4529f122cac4325c6b395","reference_id":"870565f063a58576e8a4529f122cac4325c6b395","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-06T16:44:57Z/"}],"url":"https://git.kernel.org/stable/c/870565f063a58576e8a4529f122cac4325c6b395"},{"reference_url":"https://git.kernel.org/stable/c/bf808f58681cab64c81cd814551814fd34e540fe","reference_id":"bf808f58681cab64c81cd814551814fd34e540fe","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-06T16:44:57Z/"}],"url":"https://git.kernel.org/stable/c/bf808f58681cab64c81cd814551814fd34e540fe"},{"reference_url":"https://git.kernel.org/stable/c/fab483438342984f2a315fe13c882a80f0f7e545","reference_id":"fab483438342984f2a315fe13c882a80f0f7e545","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-06T16:44:57Z/"}],"url":"https://git.kernel.org/stable/c/fab483438342984f2a315fe13c882a80f0f7e545"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-52589"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2dd1-k12q-suf8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87083?format=json","vulnerability_id":"VCID-2esz-sxqp-wkak","summary":"In the Linux kernel, the following vulnerability has been resolved:  Julia Lawall reported this null pointer dereference, this should fix it.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-36023.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-36023.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/214a6c4a28c11d67044e6cf3a0ab415050d9f03a","reference_id":"214a6c4a28c11d67044e6cf3a0ab415050d9f03a","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-13T20:24:38Z/"}],"url":"https://git.kernel.org/stable/c/214a6c4a28c11d67044e6cf3a0ab415050d9f03a"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2284425","reference_id":"2284425","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2284425"},{"reference_url":"https://git.kernel.org/stable/c/2e2177f94c0e0bc41323d7b6975a5f4820ed347e","reference_id":"2e2177f94c0e0bc41323d7b6975a5f4820ed347e","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-13T20:24:38Z/"}],"url":"https://git.kernel.org/stable/c/2e2177f94c0e0bc41323d7b6975a5f4820ed347e"},{"reference_url":"https://git.kernel.org/stable/c/9bf93dcfc453fae192fe5d7874b89699e8f800ac","reference_id":"9bf93dcfc453fae192fe5d7874b89699e8f800ac","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-13T20:24:38Z/"}],"url":"https://git.kernel.org/stable/c/9bf93dcfc453fae192fe5d7874b89699e8f800ac"},{"reference_url":"https://git.kernel.org/stable/c/b972e8ac3f44f693127a2806031962d100dfc4d1","reference_id":"b972e8ac3f44f693127a2806031962d100dfc4d1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-13T20:24:38Z/"}],"url":"https://git.kernel.org/stable/c/b972e8ac3f44f693127a2806031962d100dfc4d1"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-36023"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2esz-sxqp-wkak"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87818?format=json","vulnerability_id":"VCID-2f9k-b76u-wyhx","summary":"In the Linux kernel, the following vulnerability has been resolved:  xfs: don't walk off the end of a directory data block  This adds sanity checks for xfs_dir2_data_unused and xfs_dir2_data_entry to make sure don't stray beyond valid memory region. Before patching, the loop simply checks that the start offset of the dup and dep is within the range. So in a crafted image, if last entry is xfs_dir2_data_unused, we can change dup->length to dup->length-1 and leave 1 byte of space. In the next traversal, this space will be considered as dup or dep. We may encounter an out of bound read when accessing the fixed members.  In the patch, we make sure that the remaining bytes large enough to hold an unused entry before accessing xfs_dir2_data_unused and xfs_dir2_data_unused is XFS_DIR2_DATA_ALIGN byte aligned. We also make sure that the remaining bytes large enough to hold a dirent with a single-byte name before accessing xfs_dir2_data_entry.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-41013.json","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-41013.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/0c7fcdb6d06cdf8b19b57c17605215b06afa864a","reference_id":"0c7fcdb6d06cdf8b19b57c17605215b06afa864a","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:24:52Z/"}],"url":"https://git.kernel.org/stable/c/0c7fcdb6d06cdf8b19b57c17605215b06afa864a"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2300296","reference_id":"2300296","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2300296"},{"reference_url":"https://git.kernel.org/stable/c/b0932e4f9da85349d1c8f2a77d2a7a7163b8511d","reference_id":"b0932e4f9da85349d1c8f2a77d2a7a7163b8511d","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:24:52Z/"}],"url":"https://git.kernel.org/stable/c/b0932e4f9da85349d1c8f2a77d2a7a7163b8511d"},{"reference_url":"https://git.kernel.org/stable/c/ca96d83c93071f95cf962ce92406621a472df31b","reference_id":"ca96d83c93071f95cf962ce92406621a472df31b","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:24:52Z/"}],"url":"https://git.kernel.org/stable/c/ca96d83c93071f95cf962ce92406621a472df31b"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7000","reference_id":"RHSA-2024:7000","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7000"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7001","reference_id":"RHSA-2024:7001","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7001"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8617","reference_id":"RHSA-2024:8617","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8617"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-41013"],"risk_score":3.2,"exploitability":"0.5","weighted_severity":"6.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2f9k-b76u-wyhx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61574?format=json","vulnerability_id":"VCID-2fr6-h1xr-qfda","summary":"kernel: HID: core: Mitigate potential OOB by removing bogus memset()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43048.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43048.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2464494","reference_id":"2464494","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2464494"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2026-43048"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2fr6-h1xr-qfda"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75635?format=json","vulnerability_id":"VCID-2jb6-uj13-duft","summary":"kernel: media: pci: tw68: Fix null-ptr-deref bug in buf prepare and finish","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53244.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53244.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/1634b7adcc5bef645b3666fdd564e5952a9e24e0","reference_id":"1634b7adcc5bef645b3666fdd564e5952a9e24e0","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T17:58:42Z/"}],"url":"https://git.kernel.org/stable/c/1634b7adcc5bef645b3666fdd564e5952a9e24e0"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2395255","reference_id":"2395255","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2395255"},{"reference_url":"https://git.kernel.org/stable/c/3715c5e9a8f96b6ed0dcbea06da443efccac1ecc","reference_id":"3715c5e9a8f96b6ed0dcbea06da443efccac1ecc","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T17:58:42Z/"}],"url":"https://git.kernel.org/stable/c/3715c5e9a8f96b6ed0dcbea06da443efccac1ecc"},{"reference_url":"https://git.kernel.org/stable/c/3c67f49a6643d973e83968ea35806c7b5ae68b56","reference_id":"3c67f49a6643d973e83968ea35806c7b5ae68b56","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T17:58:42Z/"}],"url":"https://git.kernel.org/stable/c/3c67f49a6643d973e83968ea35806c7b5ae68b56"},{"reference_url":"https://git.kernel.org/stable/c/dcf632bca424e6ff8c8eb89c96694e7f05cd29b6","reference_id":"dcf632bca424e6ff8c8eb89c96694e7f05cd29b6","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T17:58:42Z/"}],"url":"https://git.kernel.org/stable/c/dcf632bca424e6ff8c8eb89c96694e7f05cd29b6"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-53244"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2jb6-uj13-duft"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64829?format=json","vulnerability_id":"VCID-2jg1-38an-tybe","summary":"kernel: tcp: secure_seq: add back ports to TS offset","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23247.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23247.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2448598","reference_id":"2448598","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2448598"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2026-23247"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2jg1-38an-tybe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75130?format=json","vulnerability_id":"VCID-2jgh-vspf-s7fr","summary":"kernel: net/mlx5: Handle pairing of E-switch via uplink un/load APIs","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53347.json","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53347.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/10cbfecc0f99f579fb170feee866c9efaab7ee47","reference_id":"10cbfecc0f99f579fb170feee866c9efaab7ee47","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T18:40:23Z/"}],"url":"https://git.kernel.org/stable/c/10cbfecc0f99f579fb170feee866c9efaab7ee47"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2396147","reference_id":"2396147","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2396147"},{"reference_url":"https://git.kernel.org/stable/c/2be5bd42a5bba1a05daedc86cf0e248210009669","reference_id":"2be5bd42a5bba1a05daedc86cf0e248210009669","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T18:40:23Z/"}],"url":"https://git.kernel.org/stable/c/2be5bd42a5bba1a05daedc86cf0e248210009669"},{"reference_url":"https://git.kernel.org/stable/c/b17294e7aa8c39dbb9c3e28e2d1983c88b94b387","reference_id":"b17294e7aa8c39dbb9c3e28e2d1983c88b94b387","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T18:40:23Z/"}],"url":"https://git.kernel.org/stable/c/b17294e7aa8c39dbb9c3e28e2d1983c88b94b387"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-53347"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2jgh-vspf-s7fr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60454?format=json","vulnerability_id":"VCID-2k1c-29fd-6qce","summary":"kernel: smb: client: require a full NFS mode SID before reading mode bits","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43350.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43350.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2468110","reference_id":"2468110","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2468110"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-43350"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2k1c-29fd-6qce"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80340?format=json","vulnerability_id":"VCID-2kqx-equ7-kuct","summary":"kernel: sched/core: Do not requeue task on CPU excluded from cpus_mask","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50100.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50100.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50100","reference_id":"","reference_type":"","scores":[{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20287","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50100"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2373679","reference_id":"2373679","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2373679"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2458","reference_id":"RHSA-2023:2458","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2951","reference_id":"RHSA-2023:2951","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2951"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-50100"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2kqx-equ7-kuct"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74757?format=json","vulnerability_id":"VCID-2npb-3bnx-1yf6","summary":"kernel: drm/amdgpu: fix memory leak in mes self test","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53370.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53370.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2396394","reference_id":"2396394","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2396394"},{"reference_url":"https://git.kernel.org/stable/c/31d7c3a4fc3d312a0646990767647925d5bde540","reference_id":"31d7c3a4fc3d312a0646990767647925d5bde540","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T18:53:19Z/"}],"url":"https://git.kernel.org/stable/c/31d7c3a4fc3d312a0646990767647925d5bde540"},{"reference_url":"https://git.kernel.org/stable/c/8d8c96efcec95736622381b2afc0fe9e317f88aa","reference_id":"8d8c96efcec95736622381b2afc0fe9e317f88aa","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T18:53:19Z/"}],"url":"https://git.kernel.org/stable/c/8d8c96efcec95736622381b2afc0fe9e317f88aa"},{"reference_url":"https://git.kernel.org/stable/c/ce3288d8d654b252ba832626e7de481c195ef20a","reference_id":"ce3288d8d654b252ba832626e7de481c195ef20a","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T18:53:19Z/"}],"url":"https://git.kernel.org/stable/c/ce3288d8d654b252ba832626e7de481c195ef20a"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2394","reference_id":"RHSA-2024:2394","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2394"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-53370"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2npb-3bnx-1yf6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84419?format=json","vulnerability_id":"VCID-2pf5-4z83-7uau","summary":"In the Linux kernel, the following vulnerability has been resolved:  drm/amd/display: Wake DMCUB before sending a command  [Why] We can hang in place trying to send commands when the DMCUB isn't powered on.  [How] For functions that execute within a DC context or DC lock we can wrap the direct calls to dm_execute_dmub_cmd/list with code that exits idle power optimizations and reallows once we're done with the command submission on success.  For DM direct submissions the DM will need to manage the enter/exit sequencing manually.  We cannot invoke a DMCUB command directly within the DM execution helper or we can deadlock.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52485.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52485.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2267195","reference_id":"2267195","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2267195"},{"reference_url":"https://git.kernel.org/stable/c/303197775a97416b62d4da69280d0c120a20e009","reference_id":"303197775a97416b62d4da69280d0c120a20e009","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-05T22:17:04Z/"}],"url":"https://git.kernel.org/stable/c/303197775a97416b62d4da69280d0c120a20e009"},{"reference_url":"https://git.kernel.org/stable/c/8892780834ae294bc3697c7d0e056d7743900b39","reference_id":"8892780834ae294bc3697c7d0e056d7743900b39","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-05T22:17:04Z/"}],"url":"https://git.kernel.org/stable/c/8892780834ae294bc3697c7d0e056d7743900b39"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2023-52485"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2pf5-4z83-7uau"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/68659?format=json","vulnerability_id":"VCID-2pm3-fbc1-x3hh","summary":"kernel: Linux kernel (vhost_vdpa): Denial of service via large memory unmap","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50851.json","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50851.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50851","reference_id":"","reference_type":"","scores":[{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05759","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50851"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2426092","reference_id":"2426092","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2426092"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-50851"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2pm3-fbc1-x3hh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66886?format=json","vulnerability_id":"VCID-2qzn-eh41-xyac","summary":"kernel: Linux kernel: Denial of Service in netdevsim due to race condition in BPF program list operations","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23126.json","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23126.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2439864","reference_id":"2439864","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2439864"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2026-23126"],"risk_score":2.9,"exploitability":"0.5","weighted_severity":"5.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2qzn-eh41-xyac"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88744?format=json","vulnerability_id":"VCID-2shz-31wj-wyg7","summary":"kernel: MIPS: cevt-r4k: Don&#39;t call get_c0_compare_int if timer irq is installed","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-46832.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-46832.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/189d3ed3b25beee26ffe2abed278208bece13f52","reference_id":"189d3ed3b25beee26ffe2abed278208bece13f52","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:03:39Z/"}],"url":"https://git.kernel.org/stable/c/189d3ed3b25beee26ffe2abed278208bece13f52"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315184","reference_id":"2315184","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315184"},{"reference_url":"https://git.kernel.org/stable/c/32ee0520159f1e8c2d6597c19690df452c528f30","reference_id":"32ee0520159f1e8c2d6597c19690df452c528f30","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:03:39Z/"}],"url":"https://git.kernel.org/stable/c/32ee0520159f1e8c2d6597c19690df452c528f30"},{"reference_url":"https://git.kernel.org/stable/c/50f2b98dc83de7809a5c5bf0ccf9af2e75c37c13","reference_id":"50f2b98dc83de7809a5c5bf0ccf9af2e75c37c13","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:03:39Z/"}],"url":"https://git.kernel.org/stable/c/50f2b98dc83de7809a5c5bf0ccf9af2e75c37c13"},{"reference_url":"https://git.kernel.org/stable/c/b1d2051373bfc65371ce4ac8911ed984d0178c98","reference_id":"b1d2051373bfc65371ce4ac8911ed984d0178c98","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:03:39Z/"}],"url":"https://git.kernel.org/stable/c/b1d2051373bfc65371ce4ac8911ed984d0178c98"},{"reference_url":"https://git.kernel.org/stable/c/d3ff0f98a52f0aafe35aa314d1c442f4318be3db","reference_id":"d3ff0f98a52f0aafe35aa314d1c442f4318be3db","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:03:39Z/"}],"url":"https://git.kernel.org/stable/c/d3ff0f98a52f0aafe35aa314d1c442f4318be3db"},{"reference_url":"https://git.kernel.org/stable/c/e6cd871627abbb459d0ff6521d6bb9cf9d9f7522","reference_id":"e6cd871627abbb459d0ff6521d6bb9cf9d9f7522","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:03:39Z/"}],"url":"https://git.kernel.org/stable/c/e6cd871627abbb459d0ff6521d6bb9cf9d9f7522"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-46832"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2shz-31wj-wyg7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73149?format=json","vulnerability_id":"VCID-2sxz-nbqh-4fgb","summary":"kernel: smc: Fix use-after-free in __pnet_find_base_ndev()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40064.json","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40064.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2406747","reference_id":"2406747","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2406747"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2721","reference_id":"RHSA-2026:2721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2722","reference_id":"RHSA-2026:2722","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2722"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3083","reference_id":"RHSA-2026:3083","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3083"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3110","reference_id":"RHSA-2026:3110","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3110"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4111","reference_id":"RHSA-2026:4111","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4111"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6954","reference_id":"RHSA-2026:6954","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6954"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9513","reference_id":"RHSA-2026:9513","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9513"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9514","reference_id":"RHSA-2026:9514","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9514"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9643","reference_id":"RHSA-2026:9643","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9643"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2025-40064"],"risk_score":3.2,"exploitability":"0.5","weighted_severity":"6.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2sxz-nbqh-4fgb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69027?format=json","vulnerability_id":"VCID-2z7a-nge8-b3dr","summary":"kernel: bpf: Fix stackmap overflow check in __bpf_get_stackid()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68378.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68378.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2424871","reference_id":"2424871","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2424871"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2025-68378"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2z7a-nge8-b3dr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66881?format=json","vulnerability_id":"VCID-2zsk-c8mg-p7hb","summary":"kernel: rxrpc: Fix data-race warning and potential load/store tearing","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23118.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23118.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2439860","reference_id":"2439860","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2439860"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-23118"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2zsk-c8mg-p7hb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64360?format=json","vulnerability_id":"VCID-35vu-aeh6-f7ep","summary":"kernel: scsi: core: Fix refcount leak for tagset_refcnt","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23296.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23296.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451174","reference_id":"2451174","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451174"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2026-23296"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-35vu-aeh6-f7ep"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80366?format=json","vulnerability_id":"VCID-36zp-1rvw-fyat","summary":"kernel: tty: n_gsm: fix deadlock and link starvation in outgoing data path","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50116.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50116.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50116","reference_id":"","reference_type":"","scores":[{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15941","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50116"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2373692","reference_id":"2373692","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2373692"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2394","reference_id":"RHSA-2024:2394","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2394"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2621","reference_id":"RHSA-2024:2621","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2621"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3138","reference_id":"RHSA-2024:3138","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3138"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-50116"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-36zp-1rvw-fyat"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81412?format=json","vulnerability_id":"VCID-382t-1gcu-7ybr","summary":"In the Linux kernel, the following vulnerability has been resolved:  USB: core: Make do_proc_control() and do_proc_bulk() killable  The USBDEVFS_CONTROL and USBDEVFS_BULK ioctls invoke usb_start_wait_urb(), which contains an uninterruptible wait with a user-specified timeout value.  If timeout value is very large and the device being accessed does not respond in a reasonable amount of time, the kernel will complain about \"Task X blocked for more than N seconds\", as found in testing by syzbot:  INFO: task syz-executor.0:8700 blocked for more than 143 seconds.       Not tainted 5.14.0-rc7-syzkaller #0 \"echo 0 > /proc/sys/kernel/hung_task_timeout_secs\" disables this message. task:syz-executor.0  state:D stack:23192 pid: 8700 ppid:  8455 flags:0x00004004 Call Trace:  context_switch kernel/sched/core.c:4681 [inline]  __schedule+0xc07/0x11f0 kernel/sched/core.c:5938  schedule+0x14b/0x210 kernel/sched/core.c:6017  schedule_timeout+0x98/0x2f0 kernel/time/timer.c:1857  do_wait_for_common+0x2da/0x480 kernel/sched/completion.c:85  __wait_for_common kernel/sched/completion.c:106 [inline]  wait_for_common kernel/sched/completion.c:117 [inline]  wait_for_completion_timeout+0x46/0x60 kernel/sched/completion.c:157  usb_start_wait_urb+0x167/0x550 drivers/usb/core/message.c:63  do_proc_bulk+0x978/0x1080 drivers/usb/core/devio.c:1236  proc_bulk drivers/usb/core/devio.c:1273 [inline]  usbdev_do_ioctl drivers/usb/core/devio.c:2547 [inline]  usbdev_ioctl+0x3441/0x6b10 drivers/usb/core/devio.c:2713 ...  To fix this problem, this patch replaces usbfs's calls to usb_control_msg() and usb_bulk_msg() with special-purpose code that does essentially the same thing (as recommended in the comment for usb_start_wait_urb()), except that it always uses a killable wait and it uses GFP_KERNEL rather than GFP_NOIO.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47582.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47582.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-47582","reference_id":"","reference_type":"","scores":[{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02929","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-47582"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2293247","reference_id":"2293247","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2293247"},{"reference_url":"https://git.kernel.org/stable/c/403716741c6c2c510dce44e88f085a740f535de6","reference_id":"403716741c6c2c510dce44e88f085a740f535de6","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:12:46Z/"}],"url":"https://git.kernel.org/stable/c/403716741c6c2c510dce44e88f085a740f535de6"},{"reference_url":"https://git.kernel.org/stable/c/ae8709b296d80c7f45aa1f35c0e7659ad69edce1","reference_id":"ae8709b296d80c7f45aa1f35c0e7659ad69edce1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:12:46Z/"}],"url":"https://git.kernel.org/stable/c/ae8709b296d80c7f45aa1f35c0e7659ad69edce1"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7000","reference_id":"RHSA-2024:7000","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7000"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7001","reference_id":"RHSA-2024:7001","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7001"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2021-47582"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-382t-1gcu-7ybr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84414?format=json","vulnerability_id":"VCID-397u-75rn-73gs","summary":"In the Linux kernel, the following vulnerability has been resolved:  arm64: errata: Add Cortex-A520 speculative unprivileged load workaround  Implement the workaround for ARM Cortex-A520 erratum 2966298. On an affected Cortex-A520 core, a speculatively executed unprivileged load might leak data from a privileged load via a cache side channel. The issue only exists for loads within a translation regime with the same translation (e.g. same ASID and VMID). Therefore, the issue only affects the return to EL0.  The workaround is to execute a TLBI before returning to EL0 after all loads of privileged data. A non-shareable TLBI to any address is sufficient.  The workaround isn't necessary if page table isolation (KPTI) is enabled, but for simplicity it will be. Page table isolation should normally be disabled for Cortex-A520 as it supports the CSV3 feature and the E0PD feature (used when KASLR is enabled).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52481.json","reference_id":"","reference_type":"","scores":[{"value":"6.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52481.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2267030","reference_id":"2267030","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2267030"},{"reference_url":"https://git.kernel.org/stable/c/32b0a4ffcaea44a00a61e40c0d1bcc50362aee25","reference_id":"32b0a4ffcaea44a00a61e40c0d1bcc50362aee25","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-29T20:42:26Z/"}],"url":"https://git.kernel.org/stable/c/32b0a4ffcaea44a00a61e40c0d1bcc50362aee25"},{"reference_url":"https://git.kernel.org/stable/c/471470bc7052d28ce125901877dd10e4c048e513","reference_id":"471470bc7052d28ce125901877dd10e4c048e513","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-29T20:42:26Z/"}],"url":"https://git.kernel.org/stable/c/471470bc7052d28ce125901877dd10e4c048e513"},{"reference_url":"https://git.kernel.org/stable/c/6e3ae2927b432a3b7c8374f14dbc1bd9ebe4372c","reference_id":"6e3ae2927b432a3b7c8374f14dbc1bd9ebe4372c","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-29T20:42:26Z/"}],"url":"https://git.kernel.org/stable/c/6e3ae2927b432a3b7c8374f14dbc1bd9ebe4372c"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-52481"],"risk_score":2.7,"exploitability":"0.5","weighted_severity":"5.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-397u-75rn-73gs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/68420?format=json","vulnerability_id":"VCID-39k9-dnc1-v7g1","summary":"Null pointer reference in some Intel(R) Graphics Drivers for Windows* before version 26.20.100.7212 and before version Linux kernel version 5.5 may allow a privileged user to potentially enable a denial of service via local access.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12364.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12364.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-12364","reference_id":"","reference_type":"","scores":[{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34463","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-12364"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1930251","reference_id":"1930251","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1930251"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1578","reference_id":"RHSA-2021:1578","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1578"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1620","reference_id":"RHSA-2021:1620","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1620"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1739","reference_id":"RHSA-2021:1739","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1739"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2314","reference_id":"RHSA-2021:2314","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2314"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2316","reference_id":"RHSA-2021:2316","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2316"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2020-12364"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-39k9-dnc1-v7g1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79766?format=json","vulnerability_id":"VCID-3a7u-bm7a-qkeu","summary":"kernel: dm: fix unconditional IO throttle caused by REQ_PREFLUSH","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38063.json","reference_id":"","reference_type":"","scores":[{"value":"6.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38063.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2373387","reference_id":"2373387","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2373387"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-38063"],"risk_score":2.7,"exploitability":"0.5","weighted_severity":"5.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3a7u-bm7a-qkeu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85148?format=json","vulnerability_id":"VCID-3aqs-q9h8-3bhf","summary":"kernel: tty: xilinx_uartps: split sysrq handling","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21820.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21820.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2348916","reference_id":"2348916","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2348916"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-21820"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3aqs-q9h8-3bhf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84204?format=json","vulnerability_id":"VCID-3bee-63cg-ekg2","summary":"A flaw was found in the Linux kernel's ksmbd component. A race condition between smb2 close operation and logoff in multichannel connections could result in a use-after-free issue.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-32256.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-32256.json"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2385885","reference_id":"2385885","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-01T19:19:19Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2385885"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10","reference_id":"cpe:/o:redhat:enterprise_linux:10","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9","reference_id":"cpe:/o:redhat:enterprise_linux:9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2023-32256","reference_id":"CVE-2023-32256","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-01T19:19:19Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2023-32256"},{"reference_url":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=abcc506a9a71976a8b4c9bf3ee6efd13229c1e19","reference_id":"?id=abcc506a9a71976a8b4c9bf3ee6efd13229c1e19","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-01T19:19:19Z/"}],"url":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=abcc506a9a71976a8b4c9bf3ee6efd13229c1e19"},{"reference_url":"https://www.zerodayinitiative.com/advisories/ZDI-23-704/","reference_id":"ZDI-23-704","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-01T19:19:19Z/"}],"url":"https://www.zerodayinitiative.com/advisories/ZDI-23-704/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-32256"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3bee-63cg-ekg2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74294?format=json","vulnerability_id":"VCID-3bwg-yjbx-77f8","summary":"kernel: ceph: fix race condition validating r_parent before applying state","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39927.json","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39927.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/15f519e9f883b316d86e2bb6b767a023aafd9d83","reference_id":"15f519e9f883b316d86e2bb6b767a023aafd9d83","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T17:39:17Z/"}],"url":"https://git.kernel.org/stable/c/15f519e9f883b316d86e2bb6b767a023aafd9d83"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2400636","reference_id":"2400636","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2400636"},{"reference_url":"https://git.kernel.org/stable/c/2bfe45987eb346e299d9f763f9cd05f77011519f","reference_id":"2bfe45987eb346e299d9f763f9cd05f77011519f","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T17:39:17Z/"}],"url":"https://git.kernel.org/stable/c/2bfe45987eb346e299d9f763f9cd05f77011519f"},{"reference_url":"https://git.kernel.org/stable/c/db378e6f83ec705c6091c65d482d555edc2b0a72","reference_id":"db378e6f83ec705c6091c65d482d555edc2b0a72","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T17:39:17Z/"}],"url":"https://git.kernel.org/stable/c/db378e6f83ec705c6091c65d482d555edc2b0a72"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17241","reference_id":"RHSA-2025:17241","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17241"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2025-39927"],"risk_score":2.9,"exploitability":"0.5","weighted_severity":"5.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3bwg-yjbx-77f8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74536?format=json","vulnerability_id":"VCID-3bzw-j1zt-6qe9","summary":"kernel: Kernel: Bluetooth HCI local DoS","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-58241.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-58241.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2397785","reference_id":"2397785","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2397785"},{"reference_url":"https://git.kernel.org/stable/c/989fa5171f005ecf63440057218d8aeb1795287d","reference_id":"989fa5171f005ecf63440057218d8aeb1795287d","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T19:27:13Z/"}],"url":"https://git.kernel.org/stable/c/989fa5171f005ecf63440057218d8aeb1795287d"},{"reference_url":"https://git.kernel.org/stable/c/cfdb13a54e05eb98d9940cb6d1a13e7f994d811f","reference_id":"cfdb13a54e05eb98d9940cb6d1a13e7f994d811f","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T19:27:13Z/"}],"url":"https://git.kernel.org/stable/c/cfdb13a54e05eb98d9940cb6d1a13e7f994d811f"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-58241"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3bzw-j1zt-6qe9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79069?format=json","vulnerability_id":"VCID-3cdu-n6se-ruhe","summary":"kernel: mm: fix uprobe pte be overwritten when expanding vma","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38207.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38207.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2376371","reference_id":"2376371","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2376371"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2025-38207"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3cdu-n6se-ruhe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82804?format=json","vulnerability_id":"VCID-3db8-54s1-n3aj","summary":"In the Linux kernel, the following vulnerability has been resolved:  staging: vchiq_arm: Avoid NULL ptr deref in vchiq_dump_platform_instances  vchiq_get_state() can return a NULL pointer. So handle this cases and avoid a NULL pointer derefence in vchiq_dump_platform_instances.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49106.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49106.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49106","reference_id":"","reference_type":"","scores":[{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.0382","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49106"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/176df12b38c70b0a45e6392a0ee5bc83489dfc29","reference_id":"176df12b38c70b0a45e6392a0ee5bc83489dfc29","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:49:08Z/"}],"url":"https://git.kernel.org/stable/c/176df12b38c70b0a45e6392a0ee5bc83489dfc29"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2347663","reference_id":"2347663","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2347663"},{"reference_url":"https://git.kernel.org/stable/c/4627250cabaa80278d3ab01ad107893cea83799f","reference_id":"4627250cabaa80278d3ab01ad107893cea83799f","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:49:08Z/"}],"url":"https://git.kernel.org/stable/c/4627250cabaa80278d3ab01ad107893cea83799f"},{"reference_url":"https://git.kernel.org/stable/c/51e5e5c34c22c0bfec0808d8c33e0b2fcf4c7c89","reference_id":"51e5e5c34c22c0bfec0808d8c33e0b2fcf4c7c89","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:49:08Z/"}],"url":"https://git.kernel.org/stable/c/51e5e5c34c22c0bfec0808d8c33e0b2fcf4c7c89"},{"reference_url":"https://git.kernel.org/stable/c/aa899e686d442c63d50f4d369cc02dbbf0941cb0","reference_id":"aa899e686d442c63d50f4d369cc02dbbf0941cb0","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:49:08Z/"}],"url":"https://git.kernel.org/stable/c/aa899e686d442c63d50f4d369cc02dbbf0941cb0"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-49106"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3db8-54s1-n3aj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82807?format=json","vulnerability_id":"VCID-3e4b-espr-akc5","summary":"In the Linux kernel, the following vulnerability has been resolved:  ceph: fix inode reference leakage in ceph_get_snapdir()  The ceph_get_inode() will search for or insert a new inode into the hash for the given vino, and return a reference to it. If new is non-NULL, its reference is consumed.  We should release the reference when in error handing cases.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49109.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49109.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49109","reference_id":"","reference_type":"","scores":[{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01205","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49109"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2347730","reference_id":"2347730","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2347730"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8267","reference_id":"RHSA-2022:8267","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8267"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-49109"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3e4b-espr-akc5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88488?format=json","vulnerability_id":"VCID-3f9e-w3b3-zyf5","summary":"In the Linux kernel, the following vulnerability has been resolved:  PCI: keystone: Fix NULL pointer dereference in case of DT error in ks_pcie_setup_rc_app_regs()  If IORESOURCE_MEM is not provided in Device Tree due to any error, resource_list_first_type() will return NULL and pci_parse_request_of_pci_ranges() will just emit a warning.  This will cause a NULL pointer dereference. Fix this bug by adding NULL return check.  Found by Linux Verification Center (linuxtesting.org) with SVACE.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-43823.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-43823.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/0a6f1b5fe8ef8268aaa069035639968ceeea0a23","reference_id":"0a6f1b5fe8ef8268aaa069035639968ceeea0a23","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:08:54Z/"}],"url":"https://git.kernel.org/stable/c/0a6f1b5fe8ef8268aaa069035639968ceeea0a23"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2305481","reference_id":"2305481","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2305481"},{"reference_url":"https://git.kernel.org/stable/c/a231707a91f323af1e5d9f1722055ec2fc1c7775","reference_id":"a231707a91f323af1e5d9f1722055ec2fc1c7775","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:08:54Z/"}],"url":"https://git.kernel.org/stable/c/a231707a91f323af1e5d9f1722055ec2fc1c7775"},{"reference_url":"https://git.kernel.org/stable/c/bbba48ad67c53feea05936ea1e029dcca8057506","reference_id":"bbba48ad67c53feea05936ea1e029dcca8057506","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:08:54Z/"}],"url":"https://git.kernel.org/stable/c/bbba48ad67c53feea05936ea1e029dcca8057506"},{"reference_url":"https://git.kernel.org/stable/c/dbcdd1863ba2ec9b76ec131df25d797709e05597","reference_id":"dbcdd1863ba2ec9b76ec131df25d797709e05597","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:08:54Z/"}],"url":"https://git.kernel.org/stable/c/dbcdd1863ba2ec9b76ec131df25d797709e05597"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:6966","reference_id":"RHSA-2025:6966","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:6966"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-43823"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3f9e-w3b3-zyf5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61854?format=json","vulnerability_id":"VCID-3fxt-tc69-6qcq","summary":"kernel: netfilter: xt_multiport: validate range encoding in checkentry","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31681.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31681.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461753","reference_id":"2461753","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461753"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-31681"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3fxt-tc69-6qcq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88707?format=json","vulnerability_id":"VCID-3gdq-pnb3-vbdn","summary":"kernel: drm/amd/amdgpu: Check tbo resource pointer","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-46807.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-46807.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315158","reference_id":"2315158","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315158"},{"reference_url":"https://git.kernel.org/stable/c/2be1eb6304d9623ba21dd6f3e68ffb753a759635","reference_id":"2be1eb6304d9623ba21dd6f3e68ffb753a759635","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:19:59Z/"}],"url":"https://git.kernel.org/stable/c/2be1eb6304d9623ba21dd6f3e68ffb753a759635"},{"reference_url":"https://git.kernel.org/stable/c/4dfec5f5501a27e0a0da00e136d65ef9011ded4c","reference_id":"4dfec5f5501a27e0a0da00e136d65ef9011ded4c","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:19:59Z/"}],"url":"https://git.kernel.org/stable/c/4dfec5f5501a27e0a0da00e136d65ef9011ded4c"},{"reference_url":"https://git.kernel.org/stable/c/6cd2b872643bb29bba01a8ac739138db7bd79007","reference_id":"6cd2b872643bb29bba01a8ac739138db7bd79007","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:19:59Z/"}],"url":"https://git.kernel.org/stable/c/6cd2b872643bb29bba01a8ac739138db7bd79007"},{"reference_url":"https://git.kernel.org/stable/c/e55e3904ffeaff81715256a711b1a61f4ad5258a","reference_id":"e55e3904ffeaff81715256a711b1a61f4ad5258a","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:19:59Z/"}],"url":"https://git.kernel.org/stable/c/e55e3904ffeaff81715256a711b1a61f4ad5258a"},{"reference_url":"https://git.kernel.org/stable/c/e8765364d4f3aaf88c7abe0a4fc99089d059ab49","reference_id":"e8765364d4f3aaf88c7abe0a4fc99089d059ab49","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:19:59Z/"}],"url":"https://git.kernel.org/stable/c/e8765364d4f3aaf88c7abe0a4fc99089d059ab49"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:6966","reference_id":"RHSA-2025:6966","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:6966"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-46807"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3gdq-pnb3-vbdn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82883?format=json","vulnerability_id":"VCID-3gjk-d9sj-sfhw","summary":"In the Linux kernel, the following vulnerability has been resolved:  net/sched: act_ct: fix ref leak when switching zones  When switching zones or network namespaces without doing a ct clear in between, it is now leaking a reference to the old ct entry. That's because tcf_ct_skb_nfct_cached() returns false and tcf_ct_flow_table_lookup() may simply overwrite it.  The fix is to, as the ct entry is not reusable, free it already at tcf_ct_skb_nfct_cached().","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49183.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49183.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49183","reference_id":"","reference_type":"","scores":[{"value":"0.00136","scoring_system":"epss","scoring_elements":"0.33102","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49183"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2347743","reference_id":"2347743","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2347743"},{"reference_url":"https://git.kernel.org/stable/c/4bb42d73def9411e5cad885b9811987d72431df1","reference_id":"4bb42d73def9411e5cad885b9811987d72431df1","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:47:32Z/"}],"url":"https://git.kernel.org/stable/c/4bb42d73def9411e5cad885b9811987d72431df1"},{"reference_url":"https://git.kernel.org/stable/c/9222a08be539cbb7a8e0d46cbc7ab9e4db273eb8","reference_id":"9222a08be539cbb7a8e0d46cbc7ab9e4db273eb8","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:47:32Z/"}],"url":"https://git.kernel.org/stable/c/9222a08be539cbb7a8e0d46cbc7ab9e4db273eb8"},{"reference_url":"https://git.kernel.org/stable/c/b24793a37d91aacad7cb9893b226a7924a89636a","reference_id":"b24793a37d91aacad7cb9893b226a7924a89636a","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:47:32Z/"}],"url":"https://git.kernel.org/stable/c/b24793a37d91aacad7cb9893b226a7924a89636a"},{"reference_url":"https://git.kernel.org/stable/c/bcb74e132a76ce0502bb33d5b65533a4ed72d159","reference_id":"bcb74e132a76ce0502bb33d5b65533a4ed72d159","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:47:32Z/"}],"url":"https://git.kernel.org/stable/c/bcb74e132a76ce0502bb33d5b65533a4ed72d159"},{"reference_url":"https://git.kernel.org/stable/c/bcbf4e5c3b5b373cd61528392dd1ec8e9c0fd33d","reference_id":"bcbf4e5c3b5b373cd61528392dd1ec8e9c0fd33d","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:47:32Z/"}],"url":"https://git.kernel.org/stable/c/bcbf4e5c3b5b373cd61528392dd1ec8e9c0fd33d"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-49183"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3gjk-d9sj-sfhw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59255?format=json","vulnerability_id":"VCID-3gu9-1ek3-tbb7","summary":"kernel: drm/gem: Fix inconsistent plane dimension calculation in drm_gem_fb_init_with_funcs()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46209.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46209.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482636","reference_id":"2482636","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482636"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-46209"],"risk_score":3.2,"exploitability":"0.5","weighted_severity":"6.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3gu9-1ek3-tbb7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73698?format=json","vulnerability_id":"VCID-3gv2-szvg-jybh","summary":"kernel: iommu/amd/pgtbl: Fix possible race while increase page table level","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39961.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39961.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2402723","reference_id":"2402723","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2402723"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2025-39961"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3gv2-szvg-jybh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84757?format=json","vulnerability_id":"VCID-3h3b-gupb-c7en","summary":"In the Linux kernel, the following vulnerability has been resolved:  riscv: VMAP_STACK overflow detection thread-safe  commit 31da94c25aea (\"riscv: add VMAP_STACK overflow detection\") added support for CONFIG_VMAP_STACK. If overflow is detected, CPU switches to `shadow_stack` temporarily before switching finally to per-cpu `overflow_stack`.  If two CPUs/harts are racing and end up in over flowing kernel stack, one or both will end up corrupting each other state because `shadow_stack` is not per-cpu. This patch optimizes per-cpu overflow stack switch by directly picking per-cpu `overflow_stack` and gets rid of `shadow_stack`.  Following are the changes in this patch   - Defines an asm macro to obtain per-cpu symbols in destination    register.  - In entry.S, when overflow is detected, per-cpu overflow stack is    located using per-cpu asm macro. Computing per-cpu symbol requires    a temporary register. x31 is saved away into CSR_SCRATCH    (CSR_SCRATCH is anyways zero since we're in kernel).  Please see Links for additional relevant disccussion and alternative solution.  Tested by `echo EXHAUST_STACK > /sys/kernel/debug/provoke-crash/DIRECT` Kernel crash log below   Insufficient stack space to handle exception!/debug/provoke-crash/DIRECT  Task stack:     [0xff20000010a98000..0xff20000010a9c000]  Overflow stack: [0xff600001f7d98370..0xff600001f7d99370]  CPU: 1 PID: 205 Comm: bash Not tainted 6.1.0-rc2-00001-g328a1f96f7b9 #34  Hardware name: riscv-virtio,qemu (DT)  epc : __memset+0x60/0xfc   ra : recursive_loop+0x48/0xc6 [lkdtm]  epc : ffffffff808de0e4 ra : ffffffff0163a752 sp : ff20000010a97e80   gp : ffffffff815c0330 tp : ff600000820ea280 t0 : ff20000010a97e88   t1 : 000000000000002e t2 : 3233206874706564 s0 : ff20000010a982b0   s1 : 0000000000000012 a0 : ff20000010a97e88 a1 : 0000000000000000   a2 : 0000000000000400 a3 : ff20000010a98288 a4 : 0000000000000000   a5 : 0000000000000000 a6 : fffffffffffe43f0 a7 : 00007fffffffffff   s2 : ff20000010a97e88 s3 : ffffffff01644680 s4 : ff20000010a9be90   s5 : ff600000842ba6c0 s6 : 00aaaaaac29e42b0 s7 : 00fffffff0aa3684   s8 : 00aaaaaac2978040 s9 : 0000000000000065 s10: 00ffffff8a7cad10   s11: 00ffffff8a76a4e0 t3 : ffffffff815dbaf4 t4 : ffffffff815dbaf4   t5 : ffffffff815dbab8 t6 : ff20000010a9bb48  status: 0000000200000120 badaddr: ff20000010a97e88 cause: 000000000000000f  Kernel panic - not syncing: Kernel stack overflow  CPU: 1 PID: 205 Comm: bash Not tainted 6.1.0-rc2-00001-g328a1f96f7b9 #34  Hardware name: riscv-virtio,qemu (DT)  Call Trace:  [<ffffffff80006754>] dump_backtrace+0x30/0x38  [<ffffffff808de798>] show_stack+0x40/0x4c  [<ffffffff808ea2a8>] dump_stack_lvl+0x44/0x5c  [<ffffffff808ea2d8>] dump_stack+0x18/0x20  [<ffffffff808dec06>] panic+0x126/0x2fe  [<ffffffff800065ea>] walk_stackframe+0x0/0xf0  [<ffffffff0163a752>] recursive_loop+0x48/0xc6 [lkdtm]  SMP: stopping secondary CPUs  ---[ end Kernel panic - not syncing: Kernel stack overflow ]---","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52761.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52761.json"},{"reference_url":"https://git.kernel.org/stable/c/1493baaf09e3c1899959c8a107cd1207e16d1788","reference_id":"1493baaf09e3c1899959c8a107cd1207e16d1788","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-11T15:20:22Z/"}],"url":"https://git.kernel.org/stable/c/1493baaf09e3c1899959c8a107cd1207e16d1788"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2282739","reference_id":"2282739","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2282739"},{"reference_url":"https://git.kernel.org/stable/c/be97d0db5f44c0674480cb79ac6f5b0529b84c76","reference_id":"be97d0db5f44c0674480cb79ac6f5b0529b84c76","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-11T15:20:22Z/"}],"url":"https://git.kernel.org/stable/c/be97d0db5f44c0674480cb79ac6f5b0529b84c76"},{"reference_url":"https://git.kernel.org/stable/c/eff53aea3855f71992c043cebb1c00988c17ee20","reference_id":"eff53aea3855f71992c043cebb1c00988c17ee20","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-11T15:20:22Z/"}],"url":"https://git.kernel.org/stable/c/eff53aea3855f71992c043cebb1c00988c17ee20"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2023-52761"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3h3b-gupb-c7en"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85124?format=json","vulnerability_id":"VCID-3hbk-8fxp-qqcy","summary":"kernel: memory: tegra20-emc: fix an OF node reference bug in tegra_emc_find_node_by_ram_code()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-58034.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-58034.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2348890","reference_id":"2348890","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2348890"},{"reference_url":"https://git.kernel.org/stable/c/3b02273446e23961d910b50cc12528faec649fb2","reference_id":"3b02273446e23961d910b50cc12528faec649fb2","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-04T17:59:56Z/"}],"url":"https://git.kernel.org/stable/c/3b02273446e23961d910b50cc12528faec649fb2"},{"reference_url":"https://git.kernel.org/stable/c/755e44538c190c31de9090d8e8821d228fcfd416","reference_id":"755e44538c190c31de9090d8e8821d228fcfd416","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-04T17:59:56Z/"}],"url":"https://git.kernel.org/stable/c/755e44538c190c31de9090d8e8821d228fcfd416"},{"reference_url":"https://git.kernel.org/stable/c/b9784e5cde1f9fb83661a70e580e381ae1264d12","reference_id":"b9784e5cde1f9fb83661a70e580e381ae1264d12","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-04T17:59:56Z/"}],"url":"https://git.kernel.org/stable/c/b9784e5cde1f9fb83661a70e580e381ae1264d12"},{"reference_url":"https://git.kernel.org/stable/c/c144423cb07e4e227a8572d5742ca2b36ada770d","reference_id":"c144423cb07e4e227a8572d5742ca2b36ada770d","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-04T17:59:56Z/"}],"url":"https://git.kernel.org/stable/c/c144423cb07e4e227a8572d5742ca2b36ada770d"},{"reference_url":"https://git.kernel.org/stable/c/c3def10c610ae046aaa61d00528e7bd15e4ad8d3","reference_id":"c3def10c610ae046aaa61d00528e7bd15e4ad8d3","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-04T17:59:56Z/"}],"url":"https://git.kernel.org/stable/c/c3def10c610ae046aaa61d00528e7bd15e4ad8d3"},{"reference_url":"https://git.kernel.org/stable/c/e9d07e91de140679eeaf275f47ad154467cb9e05","reference_id":"e9d07e91de140679eeaf275f47ad154467cb9e05","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-04T17:59:56Z/"}],"url":"https://git.kernel.org/stable/c/e9d07e91de140679eeaf275f47ad154467cb9e05"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-58034"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3hbk-8fxp-qqcy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88902?format=json","vulnerability_id":"VCID-3hmq-thga-u3du","summary":"In the Linux kernel, the following vulnerability has been resolved:  wifi: rtw88: usb: schedule rx work after everything is set up  Right now it's possible to hit NULL pointer dereference in rtw_rx_fill_rx_status on hw object and/or its fields because initialization routine can start getting USB replies before rtw_dev is fully setup.  The stack trace looks like this:  rtw_rx_fill_rx_status rtw8821c_query_rx_desc rtw_usb_rx_handler ... queue_work rtw_usb_read_port_complete ... usb_submit_urb rtw_usb_rx_resubmit rtw_usb_init_rx rtw_usb_probe  So while we do the async stuff rtw_usb_probe continues and calls rtw_register_hw, which does all kinds of initialization (e.g. via ieee80211_register_hw) that rtw_rx_fill_rx_status relies on.  Fix this by moving the first usb_submit_urb after everything is set up.  For me, this bug manifested as: [    8.893177] rtw_8821cu 1-1:1.2: band wrong, packet dropped [    8.910904] rtw_8821cu 1-1:1.2: hw->conf.chandef.chan NULL in rtw_rx_fill_rx_status because I'm using Larry's backport of rtw88 driver with the NULL checks in rtw_rx_fill_rx_status.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-46760.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-46760.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2313108","reference_id":"2313108","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2313108"},{"reference_url":"https://git.kernel.org/stable/c/25eaef533bf3ccc6fee5067aac16f41f280e343e","reference_id":"25eaef533bf3ccc6fee5067aac16f41f280e343e","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:44:05Z/"}],"url":"https://git.kernel.org/stable/c/25eaef533bf3ccc6fee5067aac16f41f280e343e"},{"reference_url":"https://git.kernel.org/stable/c/adc539784c98a7cc602cbf557debfc2e7b9be8b3","reference_id":"adc539784c98a7cc602cbf557debfc2e7b9be8b3","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:44:05Z/"}],"url":"https://git.kernel.org/stable/c/adc539784c98a7cc602cbf557debfc2e7b9be8b3"},{"reference_url":"https://git.kernel.org/stable/c/c83d464b82a8ad62ec9077637f75d73fe955635a","reference_id":"c83d464b82a8ad62ec9077637f75d73fe955635a","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:44:05Z/"}],"url":"https://git.kernel.org/stable/c/c83d464b82a8ad62ec9077637f75d73fe955635a"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-46760"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3hmq-thga-u3du"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59184?format=json","vulnerability_id":"VCID-3hvr-8xh7-q3dh","summary":"kernel: tracepoint: balance regfunc() on func_add() failure in tracepoint_add_func()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46196.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46196.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482590","reference_id":"2482590","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482590"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-46196"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3hvr-8xh7-q3dh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81572?format=json","vulnerability_id":"VCID-3m37-3h19-zyej","summary":"kernel: bpf: Scrub packet on bpf_redirect_peer","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-37959.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-37959.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2367570","reference_id":"2367570","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2367570"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-37959"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3m37-3h19-zyej"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74348?format=json","vulnerability_id":"VCID-3mtg-ze3a-p3e8","summary":"kernel: net: ethernet: ti: am65-cpsw: Fix PM runtime leakage in am65_cpsw_nuss_ndo_slave_open()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50461.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50461.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50461","reference_id":"","reference_type":"","scores":[{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02323","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50461"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2400728","reference_id":"2400728","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2400728"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-50461"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3mtg-ze3a-p3e8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86613?format=json","vulnerability_id":"VCID-3n6g-mr9x-abcj","summary":"In the Linux kernel, the following vulnerability has been resolved:  f2fs: compress: fix to cover normal cluster write with cp_rwsem  When we overwrite compressed cluster w/ normal cluster, we should not unlock cp_rwsem during f2fs_write_raw_pages(), otherwise data will be corrupted if partial blocks were persisted before CP & SPOR, due to cluster metadata wasn't updated atomically.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27034.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27034.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2278465","reference_id":"2278465","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2278465"},{"reference_url":"https://git.kernel.org/stable/c/2b1b14d9fc94b8feae20808684c8af28ec80f45b","reference_id":"2b1b14d9fc94b8feae20808684c8af28ec80f45b","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-09T18:39:02Z/"}],"url":"https://git.kernel.org/stable/c/2b1b14d9fc94b8feae20808684c8af28ec80f45b"},{"reference_url":"https://git.kernel.org/stable/c/52982edfcefd475cc34af663d5c47c0cddaa5739","reference_id":"52982edfcefd475cc34af663d5c47c0cddaa5739","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-09T18:39:02Z/"}],"url":"https://git.kernel.org/stable/c/52982edfcefd475cc34af663d5c47c0cddaa5739"},{"reference_url":"https://git.kernel.org/stable/c/542c8b3c774a480bfd0804291a12f6f2391b0cd1","reference_id":"542c8b3c774a480bfd0804291a12f6f2391b0cd1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-09T18:39:02Z/"}],"url":"https://git.kernel.org/stable/c/542c8b3c774a480bfd0804291a12f6f2391b0cd1"},{"reference_url":"https://git.kernel.org/stable/c/75abfd61392b1db391bde6d738a30d685b843286","reference_id":"75abfd61392b1db391bde6d738a30d685b843286","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-09T18:39:02Z/"}],"url":"https://git.kernel.org/stable/c/75abfd61392b1db391bde6d738a30d685b843286"},{"reference_url":"https://git.kernel.org/stable/c/7d420eaaa18ec8e2bb4eeab8c65c00492ef6f416","reference_id":"7d420eaaa18ec8e2bb4eeab8c65c00492ef6f416","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-09T18:39:02Z/"}],"url":"https://git.kernel.org/stable/c/7d420eaaa18ec8e2bb4eeab8c65c00492ef6f416"},{"reference_url":"https://git.kernel.org/stable/c/fd244524c2cf07b5f4c3fe8abd6a99225c76544b","reference_id":"fd244524c2cf07b5f4c3fe8abd6a99225c76544b","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-09T18:39:02Z/"}],"url":"https://git.kernel.org/stable/c/fd244524c2cf07b5f4c3fe8abd6a99225c76544b"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-27034"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3n6g-mr9x-abcj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64345?format=json","vulnerability_id":"VCID-3p4f-tpzm-hqeq","summary":"kernel: sched/deadline: Fix missing ENQUEUE_REPLENISH during PI de-boosting","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23371.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23371.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451161","reference_id":"2451161","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451161"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2026-23371"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3p4f-tpzm-hqeq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80997?format=json","vulnerability_id":"VCID-3sey-18kv-3fch","summary":"In the Linux kernel, the following vulnerability has been resolved:  scsi: core: Fix scsi_mode_sense() buffer length handling  Several problems exist with scsi_mode_sense() buffer length handling:   1) The allocation length field of the MODE SENSE(10) command is 16-bits,     occupying bytes 7 and 8 of the CDB. With this command, access to mode     pages larger than 255 bytes is thus possible. However, the CDB     allocation length field is set by assigning len to byte 8 only, thus     truncating buffer length larger than 255.   2) If scsi_mode_sense() is called with len smaller than 8 with     sdev->use_10_for_ms set, or smaller than 4 otherwise, the buffer length     is increased to 8 and 4 respectively, and the buffer is zero filled     with these increased values, thus corrupting the memory following the     buffer.  Fix these 2 problems by using put_unaligned_be16() to set the allocation length field of MODE SENSE(10) CDB and by returning an error when len is too small.  Furthermore, if len is larger than 255B, always try MODE SENSE(10) first, even if the device driver did not set sdev->use_10_for_ms. In case of invalid opcode error for MODE SENSE(10), access to mode pages larger than 255 bytes are not retried using MODE SENSE(6). To avoid buffer length overflows for the MODE_SENSE(10) case, check that len is smaller than 65535 bytes.  While at it, also fix the folowing:   * Use get_unaligned_be16() to retrieve the mode data length and block    descriptor length fields of the mode sense reply header instead of using    an open coded calculation.   * Fix the kdoc dbd argument explanation: the DBD bit stands for Disable    Block Descriptor, which is the opposite of what the dbd argument    description was.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47182.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47182.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-47182","reference_id":"","reference_type":"","scores":[{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04369","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-47182"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/17b49bcbf8351d3dbe57204468ac34f033ed60bc","reference_id":"17b49bcbf8351d3dbe57204468ac34f033ed60bc","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:50:20Z/"}],"url":"https://git.kernel.org/stable/c/17b49bcbf8351d3dbe57204468ac34f033ed60bc"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2274627","reference_id":"2274627","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2274627"},{"reference_url":"https://git.kernel.org/stable/c/e15de347faf4a9f494cbd4e9a623d343dc1b5851","reference_id":"e15de347faf4a9f494cbd4e9a623d343dc1b5851","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:50:20Z/"}],"url":"https://git.kernel.org/stable/c/e15de347faf4a9f494cbd4e9a623d343dc1b5851"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2021-47182"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3sey-18kv-3fch"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70282?format=json","vulnerability_id":"VCID-3sps-7a98-5yb7","summary":"kernel: iio: adc: ina2xx: avoid NULL pointer dereference on OF device match","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53834.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53834.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2420357","reference_id":"2420357","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2420357"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-53834"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3sps-7a98-5yb7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74918?format=json","vulnerability_id":"VCID-3szw-ar24-6uad","summary":"kernel: btrfs: don't check PageError in __extent_writepage","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53429.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53429.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2396517","reference_id":"2396517","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2396517"},{"reference_url":"https://git.kernel.org/stable/c/3e92499e3b004baffb479d61e191b41b604ece9a","reference_id":"3e92499e3b004baffb479d61e191b41b604ece9a","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T19:14:32Z/"}],"url":"https://git.kernel.org/stable/c/3e92499e3b004baffb479d61e191b41b604ece9a"},{"reference_url":"https://git.kernel.org/stable/c/d40be032ecd8ee1ca033bee43c7755d21fb4d72a","reference_id":"d40be032ecd8ee1ca033bee43c7755d21fb4d72a","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T19:14:32Z/"}],"url":"https://git.kernel.org/stable/c/d40be032ecd8ee1ca033bee43c7755d21fb4d72a"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2023-53429"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3szw-ar24-6uad"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85741?format=json","vulnerability_id":"VCID-3t8r-ykfq-4qh7","summary":"In the Linux kernel, the following vulnerability has been resolved:  netfilter: nft_limit: reject configurations that cause integer overflow  Reject bogus configs where internal token counter wraps around. This only occurs with very very large requests, such as 17gbyte/s.  Its better to reject this rather than having incorrect ratelimit.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26668.json","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26668.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/00c2c29aa36d1d1827c51a3720e9f893a22c7c6a","reference_id":"00c2c29aa36d1d1827c51a3720e9f893a22c7c6a","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:53:39Z/"}],"url":"https://git.kernel.org/stable/c/00c2c29aa36d1d1827c51a3720e9f893a22c7c6a"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2272797","reference_id":"2272797","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2272797"},{"reference_url":"https://git.kernel.org/stable/c/79d4efd75e7dbecd855a3b8a63e65f7265f466e1","reference_id":"79d4efd75e7dbecd855a3b8a63e65f7265f466e1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:53:39Z/"}],"url":"https://git.kernel.org/stable/c/79d4efd75e7dbecd855a3b8a63e65f7265f466e1"},{"reference_url":"https://git.kernel.org/stable/c/9882495d02ecc490604f747437a40626dc9160d0","reference_id":"9882495d02ecc490604f747437a40626dc9160d0","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:53:39Z/"}],"url":"https://git.kernel.org/stable/c/9882495d02ecc490604f747437a40626dc9160d0"},{"reference_url":"https://git.kernel.org/stable/c/bc6e242bb74e2ae616bfd2b250682b738e781c9b","reference_id":"bc6e242bb74e2ae616bfd2b250682b738e781c9b","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:53:39Z/"}],"url":"https://git.kernel.org/stable/c/bc6e242bb74e2ae616bfd2b250682b738e781c9b"},{"reference_url":"https://git.kernel.org/stable/c/c9d9eb9c53d37cdebbad56b91e40baf42d5a97aa","reference_id":"c9d9eb9c53d37cdebbad56b91e40baf42d5a97aa","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:53:39Z/"}],"url":"https://git.kernel.org/stable/c/c9d9eb9c53d37cdebbad56b91e40baf42d5a97aa"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4823","reference_id":"RHSA-2024:4823","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4823"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4831","reference_id":"RHSA-2024:4831","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4831"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5928","reference_id":"RHSA-2024:5928","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5928"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-26668"],"risk_score":3.2,"exploitability":"0.5","weighted_severity":"6.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3t8r-ykfq-4qh7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73860?format=json","vulnerability_id":"VCID-3un9-nmex-mbd4","summary":"kernel: blk-iolatency: Fix memory leak on add_disk() failures","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50550.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50550.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50550","reference_id":"","reference_type":"","scores":[{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02323","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50550"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2402244","reference_id":"2402244","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2402244"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6583","reference_id":"RHSA-2023:6583","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6583"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-50550"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3un9-nmex-mbd4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/67997?format=json","vulnerability_id":"VCID-3uvm-47qa-uubq","summary":"kernel: Linux kernel: Memory leak in gs_usb module can lead to denial of service via improper USB Request Block handling.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23031.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23031.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2435661","reference_id":"2435661","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2435661"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2026-23031"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3uvm-47qa-uubq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86857?format=json","vulnerability_id":"VCID-3vy8-kr4h-ebaw","summary":"In the Linux kernel, the following vulnerability has been resolved:  smb: client: fix potential UAF in smb2_is_valid_lease_break()  Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-35864.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-35864.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2281769","reference_id":"2281769","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2281769"},{"reference_url":"https://git.kernel.org/stable/c/705c76fbf726c7a2f6ff9143d4013b18daaaebf1","reference_id":"705c76fbf726c7a2f6ff9143d4013b18daaaebf1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-29T18:32:19Z/"}],"url":"https://git.kernel.org/stable/c/705c76fbf726c7a2f6ff9143d4013b18daaaebf1"},{"reference_url":"https://git.kernel.org/stable/c/a8344e2b69bde63f713b0aa796d70dbeadffddfb","reference_id":"a8344e2b69bde63f713b0aa796d70dbeadffddfb","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-29T18:32:19Z/"}],"url":"https://git.kernel.org/stable/c/a8344e2b69bde63f713b0aa796d70dbeadffddfb"},{"reference_url":"https://git.kernel.org/stable/c/c868cabdf6fdd61bea54532271f4708254e57fc5","reference_id":"c868cabdf6fdd61bea54532271f4708254e57fc5","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-29T18:32:19Z/"}],"url":"https://git.kernel.org/stable/c/c868cabdf6fdd61bea54532271f4708254e57fc5"},{"reference_url":"https://git.kernel.org/stable/c/f92739fdd4522c4291277136399353d7c341fae4","reference_id":"f92739fdd4522c4291277136399353d7c341fae4","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-29T18:32:19Z/"}],"url":"https://git.kernel.org/stable/c/f92739fdd4522c4291277136399353d7c341fae4"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9315","reference_id":"RHSA-2024:9315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9315"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-35864"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3vy8-kr4h-ebaw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69158?format=json","vulnerability_id":"VCID-3wby-5ykg-43db","summary":"kernel: Linux kernel: Denial of Service vulnerability in RDMA/rxe component","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-54028.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-54028.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2424983","reference_id":"2424983","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2424983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2394","reference_id":"RHSA-2024:2394","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2394"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-54028"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3wby-5ykg-43db"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60893?format=json","vulnerability_id":"VCID-3wu3-cc3e-7ya4","summary":"kernel: ASoC: qcom: q6asm: drop DSP responses for closed data streams","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43204.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43204.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467142","reference_id":"2467142","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467142"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2026-43204"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3wu3-cc3e-7ya4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77153?format=json","vulnerability_id":"VCID-3wv1-u76y-uugs","summary":"kernel: smb: client: fix use-after-free in cifs_oplock_break","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38527.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38527.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2388928","reference_id":"2388928","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2388928"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:16880","reference_id":"RHSA-2025:16880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:16880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:16904","reference_id":"RHSA-2025:16904","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:16904"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17122","reference_id":"RHSA-2025:17122","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17122"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17123","reference_id":"RHSA-2025:17123","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17123"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17124","reference_id":"RHSA-2025:17124","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17124"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17241","reference_id":"RHSA-2025:17241","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17241"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17397","reference_id":"RHSA-2025:17397","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17397"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17398","reference_id":"RHSA-2025:17398","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17398"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17570","reference_id":"RHSA-2025:17570","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17570"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18054","reference_id":"RHSA-2025:18054","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18054"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18098","reference_id":"RHSA-2025:18098","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18098"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:20518","reference_id":"RHSA-2025:20518","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:20518"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21667","reference_id":"RHSA-2025:21667","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21667"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22752","reference_id":"RHSA-2025:22752","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22752"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-38527"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3wv1-u76y-uugs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/76783?format=json","vulnerability_id":"VCID-3x55-s73a-puej","summary":"kernel: gfs2: No more self recovery","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38659.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38659.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2390364","reference_id":"2390364","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2390364"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-38659"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3x55-s73a-puej"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80591?format=json","vulnerability_id":"VCID-3xhc-g93q-suba","summary":"Insufficient control flow management for the Intel(R) 82599 Ethernet Controllers and Adapters may allow an authenticated user to potentially enable denial of service via local access.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33061.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33061.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-33061","reference_id":"","reference_type":"","scores":[{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.14283","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-33061"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2024713","reference_id":"2024713","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2024713"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2021-33061"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3xhc-g93q-suba"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84725?format=json","vulnerability_id":"VCID-41tk-hr98-j3h9","summary":"kernel: rxrpc: Fix handling of received connection abort","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-58053.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-58053.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2350369","reference_id":"2350369","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2350369"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-58053"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-41tk-hr98-j3h9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62304?format=json","vulnerability_id":"VCID-41xc-sefr-57b4","summary":"kernel: spi: use generic driver_override infrastructure","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31487.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31487.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460640","reference_id":"2460640","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460640"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-31487"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-41xc-sefr-57b4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59254?format=json","vulnerability_id":"VCID-42ue-3ewg-ubd9","summary":"kernel: fbcon: Avoid OOB font access if console rotation fails","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46191.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46191.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482635","reference_id":"2482635","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482635"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-46191"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-42ue-3ewg-ubd9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59276?format=json","vulnerability_id":"VCID-43ax-mak6-zyc5","summary":"kernel: vsock/virtio: fix accept queue count leak on transport mismatch","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46214.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46214.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482652","reference_id":"2482652","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482652"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-46214"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-43ax-mak6-zyc5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81480?format=json","vulnerability_id":"VCID-43sp-skb2-2ycq","summary":"In the Linux kernel, the following vulnerability has been resolved:  drm/amd/pm: fix a potential gpu_metrics_table memory leak  Memory is allocated for gpu_metrics_table in renoir_init_smc_tables(), but not freed in int smu_v12_0_fini_smc_tables(). Free it!","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47658.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47658.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-47658","reference_id":"","reference_type":"","scores":[{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06569","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-47658"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2348132","reference_id":"2348132","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2348132"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2021-47658"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-43sp-skb2-2ycq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61980?format=json","vulnerability_id":"VCID-44gm-9wg7-4bc3","summary":"kernel: xfrm: clear trailing padding in build_polexpire()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31664.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31664.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461482","reference_id":"2461482","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461482"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2026-31664"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-44gm-9wg7-4bc3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60447?format=json","vulnerability_id":"VCID-47nb-wvz8-tkez","summary":"kernel: drm/v3d: Set DMA segment size to avoid debug warnings","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43302.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43302.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2468103","reference_id":"2468103","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2468103"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2026-43302"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-47nb-wvz8-tkez"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60379?format=json","vulnerability_id":"VCID-488g-7axm-n7ah","summary":"kernel: md raid: fix hang when stopping arrays with metadata through dm-raid","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43309.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43309.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2468037","reference_id":"2468037","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2468037"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2026-43309"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-488g-7axm-n7ah"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81559?format=json","vulnerability_id":"VCID-49e3-1w7f-nucx","summary":"kernel: bnxt_en: Fix out-of-bound memcpy() during ethtool -w","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-37911.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-37911.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2367542","reference_id":"2367542","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2367542"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-37911"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-49e3-1w7f-nucx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79610?format=json","vulnerability_id":"VCID-4c6c-pxxy-uyav","summary":"kernel: Linux kernel: LZO compression buffer overrun due to insufficient output buffer checks","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38068.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38068.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2373318","reference_id":"2373318","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2373318"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-38068"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4c6c-pxxy-uyav"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73897?format=json","vulnerability_id":"VCID-4cgr-89rj-cqb1","summary":"kernel: md: fix soft lockup in status_resync","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53620.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53620.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2402268","reference_id":"2402268","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2402268"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6583","reference_id":"RHSA-2023:6583","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6583"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7077","reference_id":"RHSA-2023:7077","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7077"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7539","reference_id":"RHSA-2023:7539","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7539"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-53620"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4cgr-89rj-cqb1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59269?format=json","vulnerability_id":"VCID-4e6b-wgqw-sbhp","summary":"kernel: isofs: validate block number from NFS file handle in isofs_export_iget","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46124.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46124.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482646","reference_id":"2482646","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482646"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-46124"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4e6b-wgqw-sbhp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/68269?format=json","vulnerability_id":"VCID-4eys-kqm3-xkd1","summary":"kernel: parisc: Do not reprogram affinitiy on ASP chip","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-71121.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-71121.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2429608","reference_id":"2429608","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2429608"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-71121"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4eys-kqm3-xkd1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79075?format=json","vulnerability_id":"VCID-4f6c-qu8g-a3dq","summary":"kernel: sched/rt: Fix race in push_rt_task","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38234.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38234.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2376375","reference_id":"2376375","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2376375"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:20095","reference_id":"RHSA-2025:20095","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:20095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:20518","reference_id":"RHSA-2025:20518","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:20518"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8246","reference_id":"RHSA-2025:8246","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8246"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8247","reference_id":"RHSA-2025:8247","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8247"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9348","reference_id":"RHSA-2025:9348","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9348"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9584","reference_id":"RHSA-2025:9584","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9584"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2025-38234"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4f6c-qu8g-a3dq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86689?format=json","vulnerability_id":"VCID-4guc-1n3q-c7hj","summary":"In the Linux kernel, the following vulnerability has been resolved:  phonet/pep: fix racy skb_queue_empty() use  The receive queues are protected by their respective spin-lock, not the socket lock. This could lead to skb_peek() unexpectedly returning NULL or a pointer to an already dequeued socket buffer.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27402.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27402.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/0a9f558c72c47472c38c05fcb72c70abb9104277","reference_id":"0a9f558c72c47472c38c05fcb72c70abb9104277","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-31T18:37:04Z/"}],"url":"https://git.kernel.org/stable/c/0a9f558c72c47472c38c05fcb72c70abb9104277"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2281129","reference_id":"2281129","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2281129"},{"reference_url":"https://git.kernel.org/stable/c/7d2a894d7f487dcb894df023e9d3014cf5b93fe5","reference_id":"7d2a894d7f487dcb894df023e9d3014cf5b93fe5","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-31T18:37:04Z/"}],"url":"https://git.kernel.org/stable/c/7d2a894d7f487dcb894df023e9d3014cf5b93fe5"},{"reference_url":"https://git.kernel.org/stable/c/7d3914a477eed92b48c493a8631cc4554ab4fd4f","reference_id":"7d3914a477eed92b48c493a8631cc4554ab4fd4f","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-31T18:37:04Z/"}],"url":"https://git.kernel.org/stable/c/7d3914a477eed92b48c493a8631cc4554ab4fd4f"},{"reference_url":"https://git.kernel.org/stable/c/8ef4fcc7014b9f93619851d6b78d6cc2789a4c88","reference_id":"8ef4fcc7014b9f93619851d6b78d6cc2789a4c88","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-31T18:37:04Z/"}],"url":"https://git.kernel.org/stable/c/8ef4fcc7014b9f93619851d6b78d6cc2789a4c88"},{"reference_url":"https://git.kernel.org/stable/c/9d5523e065b568e79dfaa2ea1085a5bcf74baf78","reference_id":"9d5523e065b568e79dfaa2ea1085a5bcf74baf78","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-31T18:37:04Z/"}],"url":"https://git.kernel.org/stable/c/9d5523e065b568e79dfaa2ea1085a5bcf74baf78"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-27402"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4guc-1n3q-c7hj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73472?format=json","vulnerability_id":"VCID-4h23-6r98-8fah","summary":"kernel: Linux kernel: uvcvideo Denial of Service from invalid UVC entity IDs","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40016.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40016.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2405130","reference_id":"2405130","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2405130"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-40016"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4h23-6r98-8fah"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74165?format=json","vulnerability_id":"VCID-4h5b-jec2-tkhu","summary":"kernel: drm/amdgpu: unmap and remove csa_va properly","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53545.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53545.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2401539","reference_id":"2401539","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2401539"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2394","reference_id":"RHSA-2024:2394","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2394"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-53545"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4h5b-jec2-tkhu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59344?format=json","vulnerability_id":"VCID-4hug-t24z-kucs","summary":"kernel: ocfs2: split transactions in dio completion to avoid credit exhaustion","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46080.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46080.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2481928","reference_id":"2481928","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2481928"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-46080"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4hug-t24z-kucs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66970?format=json","vulnerability_id":"VCID-4jpy-r5eq-5ke2","summary":"kernel: net: fix segmentation of forwarding fraglist GRO","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23154.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23154.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2439933","reference_id":"2439933","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2439933"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2026-23154"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4jpy-r5eq-5ke2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86867?format=json","vulnerability_id":"VCID-4k62-j7rj-rkfm","summary":"In the Linux kernel, the following vulnerability has been resolved:  smb: client: fix UAF in smb2_reconnect_server()  The UAF bug is due to smb2_reconnect_server() accessing a session that is already being teared down by another thread that is executing __cifs_put_smb_ses().  This can happen when (a) the client has connection to the server but no session or (b) another thread ends up setting @ses->ses_status again to something different than SES_EXITING.  To fix this, we need to make sure to unconditionally set @ses->ses_status to SES_EXITING and prevent any other threads from setting a new status while we're still tearing it down.  The following can be reproduced by adding some delay to right after the ipc is freed in __cifs_put_smb_ses() - which will give smb2_reconnect_server() worker a chance to run and then accessing @ses->ipc:  kinit ... mount.cifs //srv/share /mnt/1 -o sec=krb5,nohandlecache,echo_interval=10 [disconnect srv] ls /mnt/1 &>/dev/null sleep 30 kdestroy [reconnect srv] sleep 10 umount /mnt/1 ... CIFS: VFS: Verify user has a krb5 ticket and keyutils is installed CIFS: VFS: \\\\srv Send error in SessSetup = -126 CIFS: VFS: Verify user has a krb5 ticket and keyutils is installed CIFS: VFS: \\\\srv Send error in SessSetup = -126 general protection fault, probably for non-canonical address 0x6b6b6b6b6b6b6b6b: 0000 [#1] PREEMPT SMP NOPTI CPU: 3 PID: 50 Comm: kworker/3:1 Not tainted 6.9.0-rc2 #1 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-1.fc39 04/01/2014 Workqueue: cifsiod smb2_reconnect_server [cifs] RIP: 0010:__list_del_entry_valid_or_report+0x33/0xf0 Code: 4f 08 48 85 d2 74 42 48 85 c9 74 59 48 b8 00 01 00 00 00 00 ad de 48 39 c2 74 61 48 b8 22 01 00 00 00 00 74 69 <48> 8b 01 48 39 f8 75 7b 48 8b 72 08 48 39 c6 0f 85 88 00 00 00 b8 RSP: 0018:ffffc900001bfd70 EFLAGS: 00010a83 RAX: dead000000000122 RBX: ffff88810da53838 RCX: 6b6b6b6b6b6b6b6b RDX: 6b6b6b6b6b6b6b6b RSI: ffffffffc02f6878 RDI: ffff88810da53800 RBP: ffff88810da53800 R08: 0000000000000001 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000001 R12: ffff88810c064000 R13: 0000000000000001 R14: ffff88810c064000 R15: ffff8881039cc000 FS: 0000000000000000(0000) GS:ffff888157c00000(0000) knlGS:0000000000000000 CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007fe3728b1000 CR3: 000000010caa4000 CR4: 0000000000750ef0 PKRU: 55555554 Call Trace:  <TASK>  ? die_addr+0x36/0x90  ? exc_general_protection+0x1c1/0x3f0  ? asm_exc_general_protection+0x26/0x30  ? __list_del_entry_valid_or_report+0x33/0xf0  __cifs_put_smb_ses+0x1ae/0x500 [cifs]  smb2_reconnect_server+0x4ed/0x710 [cifs]  process_one_work+0x205/0x6b0  worker_thread+0x191/0x360  ? __pfx_worker_thread+0x10/0x10  kthread+0xe2/0x110  ? __pfx_kthread+0x10/0x10  ret_from_fork+0x34/0x50  ? __pfx_kthread+0x10/0x10  ret_from_fork_asm+0x1a/0x30  </TASK>","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-35870.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-35870.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2281740","reference_id":"2281740","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2281740"},{"reference_url":"https://git.kernel.org/stable/c/24a9799aa8efecd0eb55a75e35f9d8e6400063aa","reference_id":"24a9799aa8efecd0eb55a75e35f9d8e6400063aa","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-17T17:38:54Z/"}],"url":"https://git.kernel.org/stable/c/24a9799aa8efecd0eb55a75e35f9d8e6400063aa"},{"reference_url":"https://git.kernel.org/stable/c/45f2beda1f1bc3d962ec07db1ccc3197c25499a5","reference_id":"45f2beda1f1bc3d962ec07db1ccc3197c25499a5","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-17T17:38:54Z/"}],"url":"https://git.kernel.org/stable/c/45f2beda1f1bc3d962ec07db1ccc3197c25499a5"},{"reference_url":"https://git.kernel.org/stable/c/6202996a1c1887e83d0b3b0fcd86d0e5e6910ea0","reference_id":"6202996a1c1887e83d0b3b0fcd86d0e5e6910ea0","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-17T17:38:54Z/"}],"url":"https://git.kernel.org/stable/c/6202996a1c1887e83d0b3b0fcd86d0e5e6910ea0"},{"reference_url":"https://git.kernel.org/stable/c/755fe68cd4b59e1d2a2dd3286177fd4404f57fed","reference_id":"755fe68cd4b59e1d2a2dd3286177fd4404f57fed","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-17T17:38:54Z/"}],"url":"https://git.kernel.org/stable/c/755fe68cd4b59e1d2a2dd3286177fd4404f57fed"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4106","reference_id":"RHSA-2024:4106","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4106"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4108","reference_id":"RHSA-2024:4108","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4108"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4349","reference_id":"RHSA-2024:4349","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4349"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-35870"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4k62-j7rj-rkfm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59158?format=json","vulnerability_id":"VCID-4mw2-3r37-cfae","summary":"kernel: media: rc: xbox_remote: heed DMA restrictions","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46236.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46236.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482573","reference_id":"2482573","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482573"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-46236"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4mw2-3r37-cfae"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60430?format=json","vulnerability_id":"VCID-4n2r-jb5u-cfds","summary":"kernel: most: core: fix leak on early registration failure","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43317.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43317.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2468090","reference_id":"2468090","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2468090"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-43317"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4n2r-jb5u-cfds"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59395?format=json","vulnerability_id":"VCID-4pjf-e5f7-mycu","summary":"kernel: crypto: atmel-tdes - fix DMA sync direction","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46077.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46077.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2481974","reference_id":"2481974","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2481974"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-46077"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4pjf-e5f7-mycu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84197?format=json","vulnerability_id":"VCID-4rhd-ybek-5bep","summary":"A vulnerability has been identified in the Linux kernel's ksmbd component (kernel SMB/CIFS server). A security control designed to prevent dictionary attacks, which introduces a 5-second delay during session setup, can be bypassed through the use of asynchronous requests. This bypass negates the intended anti-brute-force protection, potentially allowing attackers to conduct dictionary attacks more efficiently against user credentials or other authentication mechanisms.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-32251.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-32251.json"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2385852","reference_id":"2385852","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-01T13:29:42Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2385852"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10","reference_id":"cpe:/o:redhat:enterprise_linux:10","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9","reference_id":"cpe:/o:redhat:enterprise_linux:9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2023-32251","reference_id":"CVE-2023-32251","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-01T13:29:42Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2023-32251"},{"reference_url":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b096d97f47326b1e2dbdef1c91fab69ffda54d17","reference_id":"?id=b096d97f47326b1e2dbdef1c91fab69ffda54d17","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-01T13:29:42Z/"}],"url":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b096d97f47326b1e2dbdef1c91fab69ffda54d17"},{"reference_url":"https://www.zerodayinitiative.com/advisories/ZDI-23-699/","reference_id":"ZDI-23-699","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-01T13:29:42Z/"}],"url":"https://www.zerodayinitiative.com/advisories/ZDI-23-699/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-32251"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4rhd-ybek-5bep"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74150?format=json","vulnerability_id":"VCID-4rrw-ddx6-9bbb","summary":"kernel: btrfs: insert tree mod log move in push_node_left","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53538.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53538.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2401528","reference_id":"2401528","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2401528"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2023-53538"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4rrw-ddx6-9bbb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87580?format=json","vulnerability_id":"VCID-4syw-6j26-mqh4","summary":"In the Linux kernel, the following vulnerability has been resolved:  watchdog: cpu5wdt.c: Fix use-after-free bug caused by cpu5wdt_trigger  When the cpu5wdt module is removing, the origin code uses del_timer() to de-activate the timer. If the timer handler is running, del_timer() could not stop it and will return directly. If the port region is released by release_region() and then the timer handler cpu5wdt_trigger() calls outb() to write into the region that is released, the use-after-free bug will happen.  Change del_timer() to timer_shutdown_sync() in order that the timer handler could be finished before the port region is released.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38630.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38630.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2293697","reference_id":"2293697","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2293697"},{"reference_url":"https://git.kernel.org/stable/c/573601521277119f2e2ba5f28ae6e87fc594f4d4","reference_id":"573601521277119f2e2ba5f28ae6e87fc594f4d4","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:09:05Z/"}],"url":"https://git.kernel.org/stable/c/573601521277119f2e2ba5f28ae6e87fc594f4d4"},{"reference_url":"https://git.kernel.org/stable/c/9b1c063ffc075abf56f63e55d70b9778ff534314","reference_id":"9b1c063ffc075abf56f63e55d70b9778ff534314","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:09:05Z/"}],"url":"https://git.kernel.org/stable/c/9b1c063ffc075abf56f63e55d70b9778ff534314"},{"reference_url":"https://git.kernel.org/stable/c/f19686d616500cd0d47b30cee82392b53f7f784a","reference_id":"f19686d616500cd0d47b30cee82392b53f7f784a","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:09:05Z/"}],"url":"https://git.kernel.org/stable/c/f19686d616500cd0d47b30cee82392b53f7f784a"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-38630"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4syw-6j26-mqh4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87989?format=json","vulnerability_id":"VCID-4tqf-7deq-9fav","summary":"In the Linux kernel, the following vulnerability has been resolved:  drm/amdgpu: avoid using null object of framebuffer  Instead of using state->fb->obj[0] directly, get object from framebuffer by calling drm_gem_fb_get_obj() and return error code when object is null to avoid using null object of framebuffer.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-41093.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-41093.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2300488","reference_id":"2300488","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2300488"},{"reference_url":"https://git.kernel.org/stable/c/330c8c1453848c04d335bad81371a66710210800","reference_id":"330c8c1453848c04d335bad81371a66710210800","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:20:32Z/"}],"url":"https://git.kernel.org/stable/c/330c8c1453848c04d335bad81371a66710210800"},{"reference_url":"https://git.kernel.org/stable/c/6ce0544cabaa608018d5922ab404dc656a9d8447","reference_id":"6ce0544cabaa608018d5922ab404dc656a9d8447","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:20:32Z/"}],"url":"https://git.kernel.org/stable/c/6ce0544cabaa608018d5922ab404dc656a9d8447"},{"reference_url":"https://git.kernel.org/stable/c/7f35e01cb0ea4d295f5c067bb5c67dfcddaf05bc","reference_id":"7f35e01cb0ea4d295f5c067bb5c67dfcddaf05bc","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:20:32Z/"}],"url":"https://git.kernel.org/stable/c/7f35e01cb0ea4d295f5c067bb5c67dfcddaf05bc"},{"reference_url":"https://git.kernel.org/stable/c/bcfa48ff785bd121316592b131ff6531e3e696bb","reference_id":"bcfa48ff785bd121316592b131ff6531e3e696bb","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:20:32Z/"}],"url":"https://git.kernel.org/stable/c/bcfa48ff785bd121316592b131ff6531e3e696bb"},{"reference_url":"https://git.kernel.org/stable/c/dd9ec0ea4cdde0fc48116e63969fc83e81d7ef46","reference_id":"dd9ec0ea4cdde0fc48116e63969fc83e81d7ef46","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:20:32Z/"}],"url":"https://git.kernel.org/stable/c/dd9ec0ea4cdde0fc48116e63969fc83e81d7ef46"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10771","reference_id":"RHSA-2024:10771","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10771"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10772","reference_id":"RHSA-2024:10772","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10772"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10773","reference_id":"RHSA-2024:10773","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10773"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6993","reference_id":"RHSA-2024:6993","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6993"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8856","reference_id":"RHSA-2024:8856","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8856"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8870","reference_id":"RHSA-2024:8870","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8870"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9315","reference_id":"RHSA-2024:9315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9315"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-41093"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4tqf-7deq-9fav"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70889?format=json","vulnerability_id":"VCID-4utg-88mn-nqht","summary":"kernel: s390/ctcm: Fix double-kfree","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40253.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40253.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2418871","reference_id":"2418871","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2418871"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-40253"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4utg-88mn-nqht"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59409?format=json","vulnerability_id":"VCID-4w8u-eyqr-vybb","summary":"kernel: net: bridge: use a stable FDB dst snapshot in RCU readers","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46086.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46086.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2481989","reference_id":"2481989","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2481989"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-46086"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4w8u-eyqr-vybb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88571?format=json","vulnerability_id":"VCID-4yvc-u8ju-byh3","summary":"In the Linux kernel, the following vulnerability has been resolved:  RDMA/hns: Fix soft lockup under heavy CEQE load  CEQEs are handled in interrupt handler currently. This may cause the CPU core staying in interrupt context too long and lead to soft lockup under heavy load.  Handle CEQEs in BH workqueue and set an upper limit for the number of CEQE handled by a single call of work handler.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-43872.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-43872.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/06580b33c183c9f98e2a2ca96a86137179032c08","reference_id":"06580b33c183c9f98e2a2ca96a86137179032c08","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:06:16Z/"}],"url":"https://git.kernel.org/stable/c/06580b33c183c9f98e2a2ca96a86137179032c08"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2306366","reference_id":"2306366","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2306366"},{"reference_url":"https://git.kernel.org/stable/c/2fdf34038369c0a27811e7b4680662a14ada1d6b","reference_id":"2fdf34038369c0a27811e7b4680662a14ada1d6b","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:06:16Z/"}],"url":"https://git.kernel.org/stable/c/2fdf34038369c0a27811e7b4680662a14ada1d6b"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-43872"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4yvc-u8ju-byh3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88307?format=json","vulnerability_id":"VCID-4yxa-fq12-xqb8","summary":"In the Linux kernel, the following vulnerability has been resolved:  gve: Account for stopped queues when reading NIC stats  We now account for the fact that the NIC might send us stats for a subset of queues. Without this change, gve_get_ethtool_stats might make an invalid access on the priv->stats_report->stats array.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-42162.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-42162.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2301540","reference_id":"2301540","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2301540"},{"reference_url":"https://git.kernel.org/stable/c/32675d828c8a392e20d5b42375ed112c407e4b62","reference_id":"32675d828c8a392e20d5b42375ed112c407e4b62","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:14:49Z/"}],"url":"https://git.kernel.org/stable/c/32675d828c8a392e20d5b42375ed112c407e4b62"},{"reference_url":"https://git.kernel.org/stable/c/af9bcf910b1f86244f39e15e701b2dc564b469a6","reference_id":"af9bcf910b1f86244f39e15e701b2dc564b469a6","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:14:49Z/"}],"url":"https://git.kernel.org/stable/c/af9bcf910b1f86244f39e15e701b2dc564b469a6"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-42162"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4yxa-fq12-xqb8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87867?format=json","vulnerability_id":"VCID-4zt2-g3gp-sufg","summary":"kernel: f2fs: fix to avoid use-after-free in f2fs_stop_gc_thread()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47691.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47691.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2320170","reference_id":"2320170","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2320170"},{"reference_url":"https://git.kernel.org/stable/c/7c339dee7eb0f8e4cadc317c595f898ef04dae30","reference_id":"7c339dee7eb0f8e4cadc317c595f898ef04dae30","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T13:05:54Z/"}],"url":"https://git.kernel.org/stable/c/7c339dee7eb0f8e4cadc317c595f898ef04dae30"},{"reference_url":"https://git.kernel.org/stable/c/c7f114d864ac91515bb07ac271e9824a20f5ed95","reference_id":"c7f114d864ac91515bb07ac271e9824a20f5ed95","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T13:05:54Z/"}],"url":"https://git.kernel.org/stable/c/c7f114d864ac91515bb07ac271e9824a20f5ed95"},{"reference_url":"https://git.kernel.org/stable/c/d79343cd66343709e409d96b2abb139a0a55ce34","reference_id":"d79343cd66343709e409d96b2abb139a0a55ce34","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T13:05:54Z/"}],"url":"https://git.kernel.org/stable/c/d79343cd66343709e409d96b2abb139a0a55ce34"},{"reference_url":"https://git.kernel.org/stable/c/fc18e655b62ac6bc9f12f5de0d749b4a3fe1e812","reference_id":"fc18e655b62ac6bc9f12f5de0d749b4a3fe1e812","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T13:05:54Z/"}],"url":"https://git.kernel.org/stable/c/fc18e655b62ac6bc9f12f5de0d749b4a3fe1e812"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-47691"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4zt2-g3gp-sufg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87852?format=json","vulnerability_id":"VCID-52aq-8f12-6qdr","summary":"In the Linux kernel, the following vulnerability has been resolved:  skmsg: Skip zero length skb in sk_msg_recvmsg  When running BPF selftests (./test_progs -t sockmap_basic) on a Loongarch platform, the following kernel panic occurs:    [...]   Oops[#1]:   CPU: 22 PID: 2824 Comm: test_progs Tainted: G           OE  6.10.0-rc2+ #18   Hardware name: LOONGSON Dabieshan/Loongson-TC542F0, BIOS Loongson-UDK2018      ... ...      ra: 90000000048bf6c0 sk_msg_recvmsg+0x120/0x560     ERA: 9000000004162774 copy_page_to_iter+0x74/0x1c0    CRMD: 000000b0 (PLV0 -IE -DA +PG DACF=CC DACM=CC -WE)    PRMD: 0000000c (PPLV0 +PIE +PWE)    EUEN: 00000007 (+FPE +SXE +ASXE -BTE)    ECFG: 00071c1d (LIE=0,2-4,10-12 VS=7)   ESTAT: 00010000 [PIL] (IS= ECode=1 EsubCode=0)    BADV: 0000000000000040    PRID: 0014c011 (Loongson-64bit, Loongson-3C5000)   Modules linked in: bpf_testmod(OE) xt_CHECKSUM xt_MASQUERADE xt_conntrack   Process test_progs (pid: 2824, threadinfo=0000000000863a31, task=...)   Stack : ...   Call Trace:   [<9000000004162774>] copy_page_to_iter+0x74/0x1c0   [<90000000048bf6c0>] sk_msg_recvmsg+0x120/0x560   [<90000000049f2b90>] tcp_bpf_recvmsg_parser+0x170/0x4e0   [<90000000049aae34>] inet_recvmsg+0x54/0x100   [<900000000481ad5c>] sock_recvmsg+0x7c/0xe0   [<900000000481e1a8>] __sys_recvfrom+0x108/0x1c0   [<900000000481e27c>] sys_recvfrom+0x1c/0x40   [<9000000004c076ec>] do_syscall+0x8c/0xc0   [<9000000003731da4>] handle_syscall+0xc4/0x160   Code: ...   ---[ end trace 0000000000000000 ]---   Kernel panic - not syncing: Fatal exception   Kernel relocated by 0x3510000    .text @ 0x9000000003710000    .data @ 0x9000000004d70000    .bss  @ 0x9000000006469400   ---[ end Kernel panic - not syncing: Fatal exception ]---   [...]  This crash happens every time when running sockmap_skb_verdict_shutdown subtest in sockmap_basic.  This crash is because a NULL pointer is passed to page_address() in the sk_msg_recvmsg(). Due to the different implementations depending on the architecture, page_address(NULL) will trigger a panic on Loongarch platform but not on x86 platform. So this bug was hidden on x86 platform for a while, but now it is exposed on Loongarch platform. The root cause is that a zero length skb (skb->len == 0) was put on the queue.  This zero length skb is a TCP FIN packet, which was sent by shutdown(), invoked in test_sockmap_skb_verdict_shutdown():  \tshutdown(p1, SHUT_WR);  In this case, in sk_psock_skb_ingress_enqueue(), num_sge is zero, and no page is put to this sge (see sg_set_page in sg_set_page), but this empty sge is queued into ingress_msg list.  And in sk_msg_recvmsg(), this empty sge is used, and a NULL page is got by sg_page(sge). Pass this NULL page to copy_page_to_iter(), which passes it to kmap_local_page() and to page_address(), then kernel panics.  To solve this, we should skip this zero length skb. So in sk_msg_recvmsg(), if copy is zero, that means it's a zero length skb, skip invoking copy_page_to_iter(). We are using the EFAULT return triggered by copy_page_to_iter to check for is_fin in tcp_bpf.c.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-41048.json","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-41048.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/195b7bcdfc5adc5b2468f279dd9eb7eebd2e7632","reference_id":"195b7bcdfc5adc5b2468f279dd9eb7eebd2e7632","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:22:50Z/"}],"url":"https://git.kernel.org/stable/c/195b7bcdfc5adc5b2468f279dd9eb7eebd2e7632"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2300419","reference_id":"2300419","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2300419"},{"reference_url":"https://git.kernel.org/stable/c/b180739b45a38b4caa88fe16bb5273072e6613dc","reference_id":"b180739b45a38b4caa88fe16bb5273072e6613dc","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:22:50Z/"}],"url":"https://git.kernel.org/stable/c/b180739b45a38b4caa88fe16bb5273072e6613dc"},{"reference_url":"https://git.kernel.org/stable/c/f0c18025693707ec344a70b6887f7450bf4c826b","reference_id":"f0c18025693707ec344a70b6887f7450bf4c826b","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:22:50Z/"}],"url":"https://git.kernel.org/stable/c/f0c18025693707ec344a70b6887f7450bf4c826b"},{"reference_url":"https://git.kernel.org/stable/c/f8bd689f37f4198a4c61c4684f591ba639595b97","reference_id":"f8bd689f37f4198a4c61c4684f591ba639595b97","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:22:50Z/"}],"url":"https://git.kernel.org/stable/c/f8bd689f37f4198a4c61c4684f591ba639595b97"},{"reference_url":"https://git.kernel.org/stable/c/fb61d7b9fb6ef0032de469499a54dab4c7260d0d","reference_id":"fb61d7b9fb6ef0032de469499a54dab4c7260d0d","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:22:50Z/"}],"url":"https://git.kernel.org/stable/c/fb61d7b9fb6ef0032de469499a54dab4c7260d0d"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-41048"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-52aq-8f12-6qdr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/68310?format=json","vulnerability_id":"VCID-53ct-dtua-tbea","summary":"kernel: Input: alps - fix use-after-free bugs caused by dev3_register_work","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68822.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68822.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2429053","reference_id":"2429053","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2429053"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2025-68822"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-53ct-dtua-tbea"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59590?format=json","vulnerability_id":"VCID-54jw-hc51-5kak","summary":"kernel: rxrpc: Fix re-decryption of RESPONSE packets","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45988.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45988.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482123","reference_id":"2482123","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482123"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-45988"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-54jw-hc51-5kak"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59937?format=json","vulnerability_id":"VCID-589p-yept-hyg7","summary":"kernel: fbdev: udlfb: add vm_ops to dlfb_ops_mmap to prevent use-after-free","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43497.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43497.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2480458","reference_id":"2480458","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2480458"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-43497"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-589p-yept-hyg7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70210?format=json","vulnerability_id":"VCID-5921-dn22-g3g9","summary":"kernel: cifs: fix session state check in reconnect to avoid use-after-free issue","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53794.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53794.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2420290","reference_id":"2420290","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2420290"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-53794"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5921-dn22-g3g9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84522?format=json","vulnerability_id":"VCID-5at1-tqba-6kfg","summary":"In the Linux kernel, the following vulnerability has been resolved:  ocfs2: Avoid touching renamed directory if parent does not change  The VFS will not be locking moved directory if its parent does not change. Change ocfs2 rename code to avoid touching renamed directory if its parent does not change as without locking that can corrupt the filesystem.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52590.json","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52590.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2268325","reference_id":"2268325","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2268325"},{"reference_url":"https://git.kernel.org/stable/c/9d618d19b29c2943527e3a43da0a35aea91062fc","reference_id":"9d618d19b29c2943527e3a43da0a35aea91062fc","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:55:58Z/"}],"url":"https://git.kernel.org/stable/c/9d618d19b29c2943527e3a43da0a35aea91062fc"},{"reference_url":"https://git.kernel.org/stable/c/de940cede3c41624e2de27f805b490999f419df9","reference_id":"de940cede3c41624e2de27f805b490999f419df9","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:55:58Z/"}],"url":"https://git.kernel.org/stable/c/de940cede3c41624e2de27f805b490999f419df9"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2023-52590"],"risk_score":3.2,"exploitability":"0.5","weighted_severity":"6.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5at1-tqba-6kfg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64784?format=json","vulnerability_id":"VCID-5au8-v1ew-xfbj","summary":"kernel: net: add xmit recursion limit to tunnel xmit functions","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23276.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23276.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2449561","reference_id":"2449561","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2449561"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-23276"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5au8-v1ew-xfbj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86221?format=json","vulnerability_id":"VCID-5e2p-bgdk-m3dj","summary":"kernel: RDMA/mlx5: Move events notifier registration to be after device registration","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-53224.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-53224.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2334399","reference_id":"2334399","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2334399"},{"reference_url":"https://git.kernel.org/stable/c/542bd62b7a7f37182c9ef192c2bd25d118c144e4","reference_id":"542bd62b7a7f37182c9ef192c2bd25d118c144e4","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T20:03:20Z/"}],"url":"https://git.kernel.org/stable/c/542bd62b7a7f37182c9ef192c2bd25d118c144e4"},{"reference_url":"https://git.kernel.org/stable/c/6b0acf6a94c31efa43fce4edc22413a3390f9c05","reference_id":"6b0acf6a94c31efa43fce4edc22413a3390f9c05","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T20:03:20Z/"}],"url":"https://git.kernel.org/stable/c/6b0acf6a94c31efa43fce4edc22413a3390f9c05"},{"reference_url":"https://git.kernel.org/stable/c/921fcf2971a1e8d3b904ba2c2905b96f4ec3d4ad","reference_id":"921fcf2971a1e8d3b904ba2c2905b96f4ec3d4ad","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T20:03:20Z/"}],"url":"https://git.kernel.org/stable/c/921fcf2971a1e8d3b904ba2c2905b96f4ec3d4ad"},{"reference_url":"https://git.kernel.org/stable/c/ede132a5cf559f3ab35a4c28bac4f4a6c20334d8","reference_id":"ede132a5cf559f3ab35a4c28bac4f4a6c20334d8","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T20:03:20Z/"}],"url":"https://git.kernel.org/stable/c/ede132a5cf559f3ab35a4c28bac4f4a6c20334d8"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:6966","reference_id":"RHSA-2025:6966","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:6966"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-53224"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5e2p-bgdk-m3dj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70452?format=json","vulnerability_id":"VCID-5eew-2b3m-jbgb","summary":"kernel: drm/amd/display: fix mapping to non-allocated address","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53753.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53753.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2419927","reference_id":"2419927","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2419927"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6583","reference_id":"RHSA-2023:6583","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6583"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7077","reference_id":"RHSA-2023:7077","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7077"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-53753"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5eew-2b3m-jbgb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82810?format=json","vulnerability_id":"VCID-5gt8-jah2-33gf","summary":"In the Linux kernel, the following vulnerability has been resolved:  mt76: fix monitor mode crash with sdio driver  mt7921s driver may receive frames with fragment buffers. If there is a CTS packet received in monitor mode, the payload is 10 bytes only and need 6 bytes header padding after RXD buffer. However, only RXD in the first linear buffer, if we pull buffer size RXD-size+6 bytes with skb_pull(), that would trigger \"BUG_ON(skb->len < skb->data_len)\" in __skb_pull().  To avoid the nonlinear buffer issue, enlarge the RXD size from 128 to 256 to make sure all MCU operation in linear buffer.  [   52.007562] kernel BUG at include/linux/skbuff.h:2313! [   52.007578] Internal error: Oops - BUG: 0 [#1] PREEMPT SMP [   52.007987] pc : skb_pull+0x48/0x4c [   52.008015] lr : mt7921_queue_rx_skb+0x494/0x890 [mt7921_common] [   52.008361] Call trace: [   52.008377]  skb_pull+0x48/0x4c [   52.008400]  mt76s_net_worker+0x134/0x1b0 [mt76_sdio 35339a92c6eb7d4bbcc806a1d22f56365565135c] [   52.008431]  __mt76_worker_fn+0xe8/0x170 [mt76 ef716597d11a77150bc07e3fdd68eeb0f9b56917] [   52.008449]  kthread+0x148/0x3ac [   52.008466]  ret_from_fork+0x10/0x30","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49112.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49112.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49112","reference_id":"","reference_type":"","scores":[{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.10137","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49112"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2347778","reference_id":"2347778","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2347778"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-49112"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5gt8-jah2-33gf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82110?format=json","vulnerability_id":"VCID-5gyc-6acn-5fff","summary":"kernel: bpf: check changes_pkt_data property for extension programs","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-58100.json","reference_id":"","reference_type":"","scores":[{"value":"6.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-58100.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2364097","reference_id":"2364097","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2364097"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-58100"],"risk_score":2.7,"exploitability":"0.5","weighted_severity":"5.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5gyc-6acn-5fff"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73477?format=json","vulnerability_id":"VCID-5hpq-769v-hkgc","summary":"kernel: spi: cadence-quadspi: Implement refcount to handle unbind during busy","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40005.json","reference_id":"","reference_type":"","scores":[{"value":"5.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40005.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2405134","reference_id":"2405134","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2405134"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-40005"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5hpq-769v-hkgc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77100?format=json","vulnerability_id":"VCID-5j8s-mjp8-47h9","summary":"kernel: padata: Fix pd UAF once and for all","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38584.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38584.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2389501","reference_id":"2389501","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2389501"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2025-38584"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5j8s-mjp8-47h9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88476?format=json","vulnerability_id":"VCID-5kgw-xr1e-8feg","summary":"kernel: drm/amd/display: Correct the defined value for AMDGPU_DMUB_NOTIFICATION_MAX","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-46871.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-46871.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2317581","reference_id":"2317581","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2317581"},{"reference_url":"https://git.kernel.org/stable/c/800a5ab673c4a61ca220cce177386723d91bdb37","reference_id":"800a5ab673c4a61ca220cce177386723d91bdb37","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:24:03Z/"}],"url":"https://git.kernel.org/stable/c/800a5ab673c4a61ca220cce177386723d91bdb37"},{"reference_url":"https://git.kernel.org/stable/c/9f404b0bc2df3880758fb3c3bc7496f596f347d7","reference_id":"9f404b0bc2df3880758fb3c3bc7496f596f347d7","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:24:03Z/"}],"url":"https://git.kernel.org/stable/c/9f404b0bc2df3880758fb3c3bc7496f596f347d7"},{"reference_url":"https://git.kernel.org/stable/c/ad28d7c3d989fc5689581664653879d664da76f0","reference_id":"ad28d7c3d989fc5689581664653879d664da76f0","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:24:03Z/"}],"url":"https://git.kernel.org/stable/c/ad28d7c3d989fc5689581664653879d664da76f0"},{"reference_url":"https://git.kernel.org/stable/c/c592b6355b9b57b8e59fc5978ce1e14f64488a98","reference_id":"c592b6355b9b57b8e59fc5978ce1e14f64488a98","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:24:03Z/"}],"url":"https://git.kernel.org/stable/c/c592b6355b9b57b8e59fc5978ce1e14f64488a98"},{"reference_url":"https://git.kernel.org/stable/c/e1896f381d27466c26cb44b4450eae05cd59dfd0","reference_id":"e1896f381d27466c26cb44b4450eae05cd59dfd0","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:24:03Z/"}],"url":"https://git.kernel.org/stable/c/e1896f381d27466c26cb44b4450eae05cd59dfd0"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:6966","reference_id":"RHSA-2025:6966","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:6966"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-46871"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5kgw-xr1e-8feg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59377?format=json","vulnerability_id":"VCID-5kze-9ku6-83dn","summary":"kernel: misc: ibmasm: fix OOB MMIO read in ibmasm_handle_mouse_interrupt()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46022.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46022.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2481955","reference_id":"2481955","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2481955"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-46022"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5kze-9ku6-83dn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74479?format=json","vulnerability_id":"VCID-5m3u-ac6v-xqg5","summary":"kernel: iw_cxgb4: Fix potential NULL dereference in c4iw_fill_res_cm_id_entry()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53476.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53476.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2400821","reference_id":"2400821","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2400821"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2394","reference_id":"RHSA-2024:2394","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2394"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3138","reference_id":"RHSA-2024:3138","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3138"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-53476"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5m3u-ac6v-xqg5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87801?format=json","vulnerability_id":"VCID-5mav-3aap-pkee","summary":"In the Linux kernel, the following vulnerability has been resolved:  ext4: fix uninitialized ratelimit_state->lock access in __ext4_fill_super()  In the following concurrency we will access the uninitialized rs->lock:  ext4_fill_super   ext4_register_sysfs    // sysfs registered msg_ratelimit_interval_ms                              // Other processes modify rs->interval to                              // non-zero via msg_ratelimit_interval_ms   ext4_orphan_cleanup     ext4_msg(sb, KERN_INFO, \"Errors on filesystem, \"       __ext4_msg         ___ratelimit(&(EXT4_SB(sb)->s_msg_ratelimit_state)           if (!rs->interval)  // do nothing if interval is 0             return 1;           raw_spin_trylock_irqsave(&rs->lock, flags)             raw_spin_trylock(lock)               _raw_spin_trylock                 __raw_spin_trylock                   spin_acquire(&lock->dep_map, 0, 1, _RET_IP_)                     lock_acquire                       __lock_acquire                         register_lock_class                           assign_lock_key                             dump_stack();   ratelimit_state_init(&sbi->s_msg_ratelimit_state, 5 * HZ, 10);     raw_spin_lock_init(&rs->lock);     // init rs->lock here  and get the following dump_stack:  ========================================================= INFO: trying to register non-static key. The code is fine but needs lockdep annotation, or maybe you didn't initialize this object before use? turning off the locking correctness validator. CPU: 12 PID: 753 Comm: mount Tainted: G E 6.7.0-rc6-next-20231222 #504 [...] Call Trace:  dump_stack_lvl+0xc5/0x170  dump_stack+0x18/0x30  register_lock_class+0x740/0x7c0  __lock_acquire+0x69/0x13a0  lock_acquire+0x120/0x450  _raw_spin_trylock+0x98/0xd0  ___ratelimit+0xf6/0x220  __ext4_msg+0x7f/0x160 [ext4]  ext4_orphan_cleanup+0x665/0x740 [ext4]  __ext4_fill_super+0x21ea/0x2b10 [ext4]  ext4_fill_super+0x14d/0x360 [ext4] [...] =========================================================  Normally interval is 0 until s_msg_ratelimit_state is initialized, so ___ratelimit() does nothing. But registering sysfs precedes initializing rs->lock, so it is possible to change rs->interval to a non-zero value via the msg_ratelimit_interval_ms interface of sysfs while rs->lock is uninitialized, and then a call to ext4_msg triggers the problem by accessing an uninitialized rs->lock. Therefore register sysfs after all initializations are complete to avoid such problems.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-40998.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-40998.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2297582","reference_id":"2297582","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2297582"},{"reference_url":"https://git.kernel.org/stable/c/23afcd52af06880c6c913a0ad99022b8937b575c","reference_id":"23afcd52af06880c6c913a0ad99022b8937b575c","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:01:25Z/"}],"url":"https://git.kernel.org/stable/c/23afcd52af06880c6c913a0ad99022b8937b575c"},{"reference_url":"https://git.kernel.org/stable/c/645267906944a9aeec9d5c56ee24a9096a288798","reference_id":"645267906944a9aeec9d5c56ee24a9096a288798","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:01:25Z/"}],"url":"https://git.kernel.org/stable/c/645267906944a9aeec9d5c56ee24a9096a288798"},{"reference_url":"https://git.kernel.org/stable/c/b4b4fda34e535756f9e774fb2d09c4537b7dfd1c","reference_id":"b4b4fda34e535756f9e774fb2d09c4537b7dfd1c","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:01:25Z/"}],"url":"https://git.kernel.org/stable/c/b4b4fda34e535756f9e774fb2d09c4537b7dfd1c"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7000","reference_id":"RHSA-2024:7000","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7000"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7001","reference_id":"RHSA-2024:7001","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7001"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8107","reference_id":"RHSA-2024:8107","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8107"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8613","reference_id":"RHSA-2024:8613","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8613"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8614","reference_id":"RHSA-2024:8614","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8614"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8616","reference_id":"RHSA-2024:8616","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8616"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8617","reference_id":"RHSA-2024:8617","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8617"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-40998"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5mav-3aap-pkee"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81850?format=json","vulnerability_id":"VCID-5mfx-cbsw-x3f4","summary":"In the Linux kernel, the following vulnerability has been resolved:  sfc/siena: fix null pointer dereference in efx_hard_start_xmit  Like in previous patch for sfc, prevent potential (but unlikely) NULL pointer dereference.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48646.json","reference_id":"","reference_type":"","scores":[{"value":"4.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48646.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-48646","reference_id":"","reference_type":"","scores":[{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.01014","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-48646"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2277816","reference_id":"2277816","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2277816"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-48646"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5mfx-cbsw-x3f4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87676?format=json","vulnerability_id":"VCID-5pm9-xw78-c7cc","summary":"In the Linux kernel, the following vulnerability has been resolved:  ax25: Fix refcount imbalance on inbound connections  When releasing a socket in ax25_release(), we call netdev_put() to decrease the refcount on the associated ax.25 device. However, the execution path for accepting an incoming connection never calls netdev_hold(). This imbalance leads to refcount errors, and ultimately to kernel crashes.  A typical call trace for the above situation will start with one of the following errors:      refcount_t: decrement hit 0; leaking memory.     refcount_t: underflow; use-after-free.  And will then have a trace like:      Call Trace:     <TASK>     ? show_regs+0x64/0x70     ? __warn+0x83/0x120     ? refcount_warn_saturate+0xb2/0x100     ? report_bug+0x158/0x190     ? prb_read_valid+0x20/0x30     ? handle_bug+0x3e/0x70     ? exc_invalid_op+0x1c/0x70     ? asm_exc_invalid_op+0x1f/0x30     ? refcount_warn_saturate+0xb2/0x100     ? refcount_warn_saturate+0xb2/0x100     ax25_release+0x2ad/0x360     __sock_release+0x35/0xa0     sock_close+0x19/0x20     [...]  On reboot (or any attempt to remove the interface), the kernel gets stuck in an infinite loop:      unregister_netdevice: waiting for ax0 to become free. Usage count = 0  This patch corrects these issues by ensuring that we call netdev_hold() and ax25_dev_hold() for new connections in ax25_accept(). This makes the logic leading to ax25_accept() match the logic for ax25_bind(): in both cases we increment the refcount, which is ultimately decremented in ax25_release().","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-40910.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-40910.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2297494","reference_id":"2297494","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2297494"},{"reference_url":"https://git.kernel.org/stable/c/3c34fb0bd4a4237592c5ecb5b2e2531900c55774","reference_id":"3c34fb0bd4a4237592c5ecb5b2e2531900c55774","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:06:05Z/"}],"url":"https://git.kernel.org/stable/c/3c34fb0bd4a4237592c5ecb5b2e2531900c55774"},{"reference_url":"https://git.kernel.org/stable/c/52100fd74ad07b53a4666feafff1cd11436362d3","reference_id":"52100fd74ad07b53a4666feafff1cd11436362d3","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:06:05Z/"}],"url":"https://git.kernel.org/stable/c/52100fd74ad07b53a4666feafff1cd11436362d3"},{"reference_url":"https://git.kernel.org/stable/c/a723a6c8d4831cc8e2c7b0c9f3f0c010d4671964","reference_id":"a723a6c8d4831cc8e2c7b0c9f3f0c010d4671964","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:06:05Z/"}],"url":"https://git.kernel.org/stable/c/a723a6c8d4831cc8e2c7b0c9f3f0c010d4671964"},{"reference_url":"https://git.kernel.org/stable/c/f4df9d6c8d4e4c818252b0419c2165d66eabd4eb","reference_id":"f4df9d6c8d4e4c818252b0419c2165d66eabd4eb","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:06:05Z/"}],"url":"https://git.kernel.org/stable/c/f4df9d6c8d4e4c818252b0419c2165d66eabd4eb"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-40910"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5pm9-xw78-c7cc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59141?format=json","vulnerability_id":"VCID-5ppr-xdw3-fyab","summary":"kernel: batman-adv: bla: put backbone reference on failed claim hash insert","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46231.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46231.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482562","reference_id":"2482562","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482562"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-46231"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5ppr-xdw3-fyab"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69805?format=json","vulnerability_id":"VCID-5qa4-qfey-5fas","summary":"kernel: f2fs: fix to detect potential corrupted nid in free_nid_list","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68315.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68315.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2422826","reference_id":"2422826","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2422826"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2025-68315"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5qa4-qfey-5fas"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60047?format=json","vulnerability_id":"VCID-5qn2-7uv7-fbf9","summary":"kernel: net: qrtr: ns: Limit the maximum server registration per node","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43491.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43491.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479813","reference_id":"2479813","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479813"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-43491"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5qn2-7uv7-fbf9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82382?format=json","vulnerability_id":"VCID-5rbz-2b61-q3gk","summary":"In the Linux kernel, the following vulnerability has been resolved:  btrfs: get rid of warning on transaction commit when using flushoncommit  When using the flushoncommit mount option, during almost every transaction commit we trigger a warning from __writeback_inodes_sb_nr():    $ cat fs/fs-writeback.c:   (...)   static void __writeback_inodes_sb_nr(struct super_block *sb, ...   {         (...)         WARN_ON(!rwsem_is_locked(&sb->s_umount));         (...)   }   (...)  The trace produced in dmesg looks like the following:    [947.473890] WARNING: CPU: 5 PID: 930 at fs/fs-writeback.c:2610 __writeback_inodes_sb_nr+0x7e/0xb3   [947.481623] Modules linked in: nfsd nls_cp437 cifs asn1_decoder cifs_arc4 fscache cifs_md4 ipmi_ssif   [947.489571] CPU: 5 PID: 930 Comm: btrfs-transacti Not tainted 95.16.3-srb-asrock-00001-g36437ad63879 #186   [947.497969] RIP: 0010:__writeback_inodes_sb_nr+0x7e/0xb3   [947.502097] Code: 24 10 4c 89 44 24 18 c6 (...)   [947.519760] RSP: 0018:ffffc90000777e10 EFLAGS: 00010246   [947.523818] RAX: 0000000000000000 RBX: 0000000000963300 RCX: 0000000000000000   [947.529765] RDX: 0000000000000000 RSI: 000000000000fa51 RDI: ffffc90000777e50   [947.535740] RBP: ffff888101628a90 R08: ffff888100955800 R09: ffff888100956000   [947.541701] R10: 0000000000000002 R11: 0000000000000001 R12: ffff888100963488   [947.547645] R13: ffff888100963000 R14: ffff888112fb7200 R15: ffff888100963460   [947.553621] FS:  0000000000000000(0000) GS:ffff88841fd40000(0000) knlGS:0000000000000000   [947.560537] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033   [947.565122] CR2: 0000000008be50c4 CR3: 000000000220c000 CR4: 00000000001006e0   [947.571072] Call Trace:   [947.572354]  <TASK>   [947.573266]  btrfs_commit_transaction+0x1f1/0x998   [947.576785]  ? start_transaction+0x3ab/0x44e   [947.579867]  ? schedule_timeout+0x8a/0xdd   [947.582716]  transaction_kthread+0xe9/0x156   [947.585721]  ? btrfs_cleanup_transaction.isra.0+0x407/0x407   [947.590104]  kthread+0x131/0x139   [947.592168]  ? set_kthread_struct+0x32/0x32   [947.595174]  ret_from_fork+0x22/0x30   [947.597561]  </TASK>   [947.598553] ---[ end trace 644721052755541c ]---  This is because we started using writeback_inodes_sb() to flush delalloc when committing a transaction (when using -o flushoncommit), in order to avoid deadlocks with filesystem freeze operations. This change was made by commit ce8ea7cc6eb313 (\"btrfs: don't call btrfs_start_delalloc_roots in flushoncommit\"). After that change we started producing that warning, and every now and then a user reports this since the warning happens too often, it spams dmesg/syslog, and a user is unsure if this reflects any problem that might compromise the filesystem's reliability.  We can not just lock the sb->s_umount semaphore before calling writeback_inodes_sb(), because that would at least deadlock with filesystem freezing, since at fs/super.c:freeze_super() sync_filesystem() is called while we are holding that semaphore in write mode, and that can trigger a transaction commit, resulting in a deadlock. It would also trigger the same type of deadlock in the unmount path. Possibly, it could also introduce some other locking dependencies that lockdep would report.  To fix this call try_to_writeback_inodes_sb() instead of writeback_inodes_sb(), because that will try to read lock sb->s_umount and then will only call writeback_inodes_sb() if it was able to lock it. This is fine because the cases where it can't read lock sb->s_umount are during a filesystem unmount or during a filesystem freeze - in those cases sb->s_umount is write locked and sync_filesystem() is called, which calls writeback_inodes_sb(). In other words, in all cases where we can't take a read lock on sb->s_umount, writeback is already being triggered elsewhere.  An alternative would be to call btrfs_start_delalloc_roots() with a number of pages different from LONG_MAX, for example matching the number of delalloc bytes we currently have, in  ---truncated---","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48920.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48920.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-48920","reference_id":"","reference_type":"","scores":[{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06315","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-48920"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2307173","reference_id":"2307173","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2307173"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-48920"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5rbz-2b61-q3gk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81887?format=json","vulnerability_id":"VCID-5rkd-q9hm-zfes","summary":"In the Linux kernel, the following vulnerability has been resolved:  erofs: fix pcluster use-after-free on UP platforms  During stress testing with CONFIG_SMP disabled, KASAN reports as below:  ================================================================== BUG: KASAN: use-after-free in __mutex_lock+0xe5/0xc30 Read of size 8 at addr ffff8881094223f8 by task stress/7789  CPU: 0 PID: 7789 Comm: stress Not tainted 6.0.0-rc1-00002-g0d53d2e882f9 #3 Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011 Call Trace:  <TASK> ..  __mutex_lock+0xe5/0xc30 ..  z_erofs_do_read_page+0x8ce/0x1560 ..  z_erofs_readahead+0x31c/0x580 .. Freed by task 7787  kasan_save_stack+0x1e/0x40  kasan_set_track+0x20/0x30  kasan_set_free_info+0x20/0x40  __kasan_slab_free+0x10c/0x190  kmem_cache_free+0xed/0x380  rcu_core+0x3d5/0xc90  __do_softirq+0x12d/0x389  Last potentially related work creation:  kasan_save_stack+0x1e/0x40  __kasan_record_aux_stack+0x97/0xb0  call_rcu+0x3d/0x3f0  erofs_shrink_workstation+0x11f/0x210  erofs_shrink_scan+0xdc/0x170  shrink_slab.constprop.0+0x296/0x530  drop_slab+0x1c/0x70  drop_caches_sysctl_handler+0x70/0x80  proc_sys_call_handler+0x20a/0x2f0  vfs_write+0x555/0x6c0  ksys_write+0xbe/0x160  do_syscall_64+0x3b/0x90  The root cause is that erofs_workgroup_unfreeze() doesn't reset to orig_val thus it causes a race that the pcluster reuses unexpectedly before freeing.  Since UP platforms are quite rare now, such path becomes unnecessary. Let's drop such specific-designed path directly instead.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48674.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48674.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-48674","reference_id":"","reference_type":"","scores":[{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03632","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-48674"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2278937","reference_id":"2278937","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2278937"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-48674"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5rkd-q9hm-zfes"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60405?format=json","vulnerability_id":"VCID-5ss5-e46g-6bc8","summary":"kernel: ext4: move ext4_percpu_param_init() before ext4_mb_init()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43288.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43288.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2468063","reference_id":"2468063","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2468063"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-43288"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5ss5-e46g-6bc8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60786?format=json","vulnerability_id":"VCID-5vbu-bbrx-b7et","summary":"kernel: fbcon: check return value of con2fb_acquire_newinfo()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43123.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43123.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467067","reference_id":"2467067","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467067"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2026-43123"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5vbu-bbrx-b7et"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78704?format=json","vulnerability_id":"VCID-5vdc-navr-vud4","summary":"kernel: f2fs: fix to bail out in get_new_segment()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38333.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38333.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2379242","reference_id":"2379242","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2379242"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2025-38333"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5vdc-navr-vud4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88698?format=json","vulnerability_id":"VCID-5vmy-uhxd-7qcr","summary":"kernel: drm/amd/display: added NULL check at start of dc_validate_stream","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-46802.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-46802.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/154a50bf4221a6a6ccf88d565b8184da7c40a2dd","reference_id":"154a50bf4221a6a6ccf88d565b8184da7c40a2dd","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:21:06Z/"}],"url":"https://git.kernel.org/stable/c/154a50bf4221a6a6ccf88d565b8184da7c40a2dd"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315153","reference_id":"2315153","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315153"},{"reference_url":"https://git.kernel.org/stable/c/26c56049cc4f1705b498df013949427692a4b0d5","reference_id":"26c56049cc4f1705b498df013949427692a4b0d5","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:21:06Z/"}],"url":"https://git.kernel.org/stable/c/26c56049cc4f1705b498df013949427692a4b0d5"},{"reference_url":"https://git.kernel.org/stable/c/356fcce9cdbfe338a275e9e1836adfdd7f5c52a9","reference_id":"356fcce9cdbfe338a275e9e1836adfdd7f5c52a9","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:21:06Z/"}],"url":"https://git.kernel.org/stable/c/356fcce9cdbfe338a275e9e1836adfdd7f5c52a9"},{"reference_url":"https://git.kernel.org/stable/c/6bf920193ba1853bad780bba565a789246d9003c","reference_id":"6bf920193ba1853bad780bba565a789246d9003c","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:21:06Z/"}],"url":"https://git.kernel.org/stable/c/6bf920193ba1853bad780bba565a789246d9003c"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-46802"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5vmy-uhxd-7qcr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85928?format=json","vulnerability_id":"VCID-5wew-24rt-h7eb","summary":"kernel: drm/sti: avoid potential dereference of error pointers","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56776.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56776.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2336553","reference_id":"2336553","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2336553"},{"reference_url":"https://git.kernel.org/stable/c/40725c5fabee804fecce41d4d5c5bae80c45e1c4","reference_id":"40725c5fabee804fecce41d4d5c5bae80c45e1c4","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:56:38Z/"}],"url":"https://git.kernel.org/stable/c/40725c5fabee804fecce41d4d5c5bae80c45e1c4"},{"reference_url":"https://git.kernel.org/stable/c/831214f77037de02afc287eae93ce97f218d8c04","reference_id":"831214f77037de02afc287eae93ce97f218d8c04","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:56:38Z/"}],"url":"https://git.kernel.org/stable/c/831214f77037de02afc287eae93ce97f218d8c04"},{"reference_url":"https://git.kernel.org/stable/c/8ab73ac97c0fa528f66eeccd9bb53eb6eb7d20dc","reference_id":"8ab73ac97c0fa528f66eeccd9bb53eb6eb7d20dc","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:56:38Z/"}],"url":"https://git.kernel.org/stable/c/8ab73ac97c0fa528f66eeccd9bb53eb6eb7d20dc"},{"reference_url":"https://git.kernel.org/stable/c/e98ff67f5a68114804607de549c2350d27628fc7","reference_id":"e98ff67f5a68114804607de549c2350d27628fc7","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:56:38Z/"}],"url":"https://git.kernel.org/stable/c/e98ff67f5a68114804607de549c2350d27628fc7"},{"reference_url":"https://git.kernel.org/stable/c/f67786293193cf01ebcc6fdbcbd1587b24f52679","reference_id":"f67786293193cf01ebcc6fdbcbd1587b24f52679","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:56:38Z/"}],"url":"https://git.kernel.org/stable/c/f67786293193cf01ebcc6fdbcbd1587b24f52679"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-56776"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5wew-24rt-h7eb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/67841?format=json","vulnerability_id":"VCID-5xrf-e87u-h7c5","summary":"kernel: pNFS: Fix a deadlock when returning a delegation during open()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23050.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23050.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2436813","reference_id":"2436813","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2436813"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-23050"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5xrf-e87u-h7c5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/58983?format=json","vulnerability_id":"VCID-5zhd-68v6-27dc","summary":"kernel: clk: qcom: gfx3d: add parent to parent request map","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46247.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46247.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2484463","reference_id":"2484463","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2484463"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2026-46247"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5zhd-68v6-27dc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/68084?format=json","vulnerability_id":"VCID-61es-uvb3-u7ah","summary":"kernel: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23004.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23004.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2432662","reference_id":"2432662","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2432662"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-23004"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-61es-uvb3-u7ah"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59108?format=json","vulnerability_id":"VCID-6292-znkq-7fd1","summary":"kernel: ipmi: Add limits to event and receive message requests","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46177.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46177.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482539","reference_id":"2482539","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482539"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-46177"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6292-znkq-7fd1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60776?format=json","vulnerability_id":"VCID-63v1-tm38-zyfn","summary":"kernel: most: core: fix resource leak in most_register_interface error paths","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-71272.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-71272.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467061","reference_id":"2467061","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467061"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2025-71272"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-63v1-tm38-zyfn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59215?format=json","vulnerability_id":"VCID-6598-5a6d-hbew","summary":"kernel: fanotify: fix false positive on permission events","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46150.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46150.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482612","reference_id":"2482612","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482612"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-46150"],"risk_score":3.2,"exploitability":"0.5","weighted_severity":"6.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6598-5a6d-hbew"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84081?format=json","vulnerability_id":"VCID-65n6-vk9g-4ya3","summary":"In the Linux kernel before 5.17, drivers/phy/tegra/xusb.c mishandles the tegra_xusb_find_port_node return value. Callers expect NULL in the error case, but an error pointer is used.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-23000.json","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-23000.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-23000","reference_id":"","reference_type":"","scores":[{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02044","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-23000"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/torvalds/linux/commit/045a31b95509c8f25f5f04ec5e0dec5cd09f2c5f","reference_id":"045a31b95509c8f25f5f04ec5e0dec5cd09f2c5f","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-06T15:56:56Z/"}],"url":"https://github.com/torvalds/linux/commit/045a31b95509c8f25f5f04ec5e0dec5cd09f2c5f"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2182435","reference_id":"2182435","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2182435"},{"reference_url":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.17","reference_id":"ChangeLog-5.17","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-06T15:56:56Z/"}],"url":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.17"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230331-0004/","reference_id":"ntap-20230331-0004","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-06T15:56:56Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230331-0004/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-23000"],"risk_score":2.3,"exploitability":"0.5","weighted_severity":"4.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-65n6-vk9g-4ya3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86034?format=json","vulnerability_id":"VCID-677t-cs4y-vfeh","summary":"In the Linux kernel, the following vulnerability has been resolved:  Both cadence-quadspi ->runtime_suspend() and ->runtime_resume() implementations start with:  \tstruct cqspi_st *cqspi = dev_get_drvdata(dev); \tstruct spi_controller *host = dev_get_drvdata(dev);  This obviously cannot be correct, unless \"struct cqspi_st\" is the first member of \" struct spi_controller\", or the other way around, but it is not the case. \"struct spi_controller\" is allocated by devm_spi_alloc_host(), which allocates an extra amount of memory for private data, used to store \"struct cqspi_st\".  The ->probe() function of the cadence-quadspi driver then sets the device drvdata to store the address of the \"struct cqspi_st\" structure. Therefore:  \tstruct cqspi_st *cqspi = dev_get_drvdata(dev);  is correct, but:  \tstruct spi_controller *host = dev_get_drvdata(dev);  is not, as it makes \"host\" point not to a \"struct spi_controller\" but to the same \"struct cqspi_st\" structure as above.  This obviously leads to bad things (memory corruption, kernel crashes) directly during ->probe(), as ->probe() enables the device using PM runtime, leading the ->runtime_resume() hook being called, which in turns calls spi_controller_resume() with the wrong pointer.  This has at least been reported [0] to cause a kernel crash, but the exact behavior will depend on the memory contents.  [0] https://lore.kernel.org/all/20240226121803.5a7r5wkpbbowcxgx@dhruva/  This issue potentially affects all platforms that are currently using the cadence-quadspi driver.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26807.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26807.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/03f1573c9587029730ca68503f5062105b122f61","reference_id":"03f1573c9587029730ca68503f5062105b122f61","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:50:43Z/"}],"url":"https://git.kernel.org/stable/c/03f1573c9587029730ca68503f5062105b122f61"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2273416","reference_id":"2273416","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2273416"},{"reference_url":"https://git.kernel.org/stable/c/2c914aac9522f6e93822c18dff233d3e92399c81","reference_id":"2c914aac9522f6e93822c18dff233d3e92399c81","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:50:43Z/"}],"url":"https://git.kernel.org/stable/c/2c914aac9522f6e93822c18dff233d3e92399c81"},{"reference_url":"https://git.kernel.org/stable/c/32ce3bb57b6b402de2aec1012511e7ac4e7449dc","reference_id":"32ce3bb57b6b402de2aec1012511e7ac4e7449dc","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:50:43Z/"}],"url":"https://git.kernel.org/stable/c/32ce3bb57b6b402de2aec1012511e7ac4e7449dc"},{"reference_url":"https://git.kernel.org/stable/c/34e1d5c4407c78de0e3473e1fbf8fb74dbe66d03","reference_id":"34e1d5c4407c78de0e3473e1fbf8fb74dbe66d03","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:50:43Z/"}],"url":"https://git.kernel.org/stable/c/34e1d5c4407c78de0e3473e1fbf8fb74dbe66d03"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-26807"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-677t-cs4y-vfeh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74324?format=json","vulnerability_id":"VCID-67sb-cp9w-aqfu","summary":"kernel: scsi: ufs: core: Fix handling of lrbp->cmd","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53510.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53510.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2400714","reference_id":"2400714","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2400714"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:6966","reference_id":"RHSA-2025:6966","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:6966"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-53510"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-67sb-cp9w-aqfu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74061?format=json","vulnerability_id":"VCID-686s-91xk-53bs","summary":"kernel: cpufreq: davinci: Fix clk use after free","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53544.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53544.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2401474","reference_id":"2401474","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2401474"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2394","reference_id":"RHSA-2024:2394","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2394"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-53544"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-686s-91xk-53bs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59188?format=json","vulnerability_id":"VCID-68tr-q3r5-eqhe","summary":"kernel: spi: mpc52xx: fix use-after-free on registration failure","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46241.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46241.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482593","reference_id":"2482593","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482593"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-46241"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-68tr-q3r5-eqhe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59578?format=json","vulnerability_id":"VCID-68u4-cn8r-sbeg","summary":"kernel: udf: fix partition descriptor append bookkeeping","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45991.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45991.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482113","reference_id":"2482113","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482113"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-45991"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-68u4-cn8r-sbeg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66885?format=json","vulnerability_id":"VCID-6a7n-4p12-nuf6","summary":"kernel: btrfs: send: check for inline extents in range_is_hole_in_parent()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23141.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23141.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2439863","reference_id":"2439863","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2439863"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2026-23141"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6a7n-4p12-nuf6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83351?format=json","vulnerability_id":"VCID-6awh-zz4e-yudw","summary":"In the Linux kernel, the following vulnerability has been resolved:  btrfs: fix anon_dev leak in create_subvol()  When btrfs_qgroup_inherit(), btrfs_alloc_tree_block, or btrfs_insert_root() fail in create_subvol(), we return without freeing anon_dev. Reorganize the error handling in create_subvol() to fix this.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49469.json","reference_id":"","reference_type":"","scores":[{"value":"2.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49469.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49469","reference_id":"","reference_type":"","scores":[{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21804","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49469"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2348012","reference_id":"2348012","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2348012"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-49469"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6awh-zz4e-yudw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/76625?format=json","vulnerability_id":"VCID-6b37-vrxv-nkhw","summary":"kernel: exfat: add cluster chain loop check for dir","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38692.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38692.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2393175","reference_id":"2393175","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2393175"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2025-38692"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6b37-vrxv-nkhw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82304?format=json","vulnerability_id":"VCID-6b38-guvk-qkdf","summary":"kernel: tracing: Do not let histogram values have some modifiers","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53093.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53093.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2363771","reference_id":"2363771","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2363771"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-53093"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6b38-guvk-qkdf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81475?format=json","vulnerability_id":"VCID-6bea-7bgn-euhk","summary":"In the Linux kernel, the following vulnerability has been resolved:  media: davinci: vpif: fix use-after-free on driver unbind  The driver allocates and registers two platform device structures during probe, but the devices were never deregistered on driver unbind.  This results in a use-after-free on driver unbind as the device structures were allocated using devres and would be freed by driver core when remove() returns.  Fix this by adding the missing deregistration calls to the remove() callback and failing probe on registration errors.  Note that the platform device structures must be freed using a proper release callback to avoid leaking associated resources like device names.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47653.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47653.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-47653","reference_id":"","reference_type":"","scores":[{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.06045","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-47653"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2347697","reference_id":"2347697","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2347697"},{"reference_url":"https://git.kernel.org/stable/c/43acb728bbc40169d2e2425e84a80068270974be","reference_id":"43acb728bbc40169d2e2425e84a80068270974be","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-27T18:17:48Z/"}],"url":"https://git.kernel.org/stable/c/43acb728bbc40169d2e2425e84a80068270974be"},{"reference_url":"https://git.kernel.org/stable/c/6512c3c39cb6b573b791ce45365818a38b76afbe","reference_id":"6512c3c39cb6b573b791ce45365818a38b76afbe","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-27T18:17:48Z/"}],"url":"https://git.kernel.org/stable/c/6512c3c39cb6b573b791ce45365818a38b76afbe"},{"reference_url":"https://git.kernel.org/stable/c/9ffc602e14d7b9f7e7cb2f67e18dfef9ef8af676","reference_id":"9ffc602e14d7b9f7e7cb2f67e18dfef9ef8af676","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-27T18:17:48Z/"}],"url":"https://git.kernel.org/stable/c/9ffc602e14d7b9f7e7cb2f67e18dfef9ef8af676"},{"reference_url":"https://git.kernel.org/stable/c/b5a3bb7f6f164eb6ee74ef4898dcd019b2063448","reference_id":"b5a3bb7f6f164eb6ee74ef4898dcd019b2063448","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-27T18:17:48Z/"}],"url":"https://git.kernel.org/stable/c/b5a3bb7f6f164eb6ee74ef4898dcd019b2063448"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2021-47653"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6bea-7bgn-euhk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86242?format=json","vulnerability_id":"VCID-6ccm-6dwt-bkfs","summary":"In the Linux kernel, the following vulnerability has been resolved:  spi: lpspi: Avoid potential use-after-free in probe()  fsl_lpspi_probe() is allocating/disposing memory manually with spi_alloc_host()/spi_alloc_target(), but uses devm_spi_register_controller(). In case of error after the latter call the memory will be explicitly freed in the probe function by spi_controller_put() call, but used afterwards by \"devm\" management outside probe() (spi_unregister_controller() <- devm_spi_unregister() below).  Unable to handle kernel NULL pointer dereference at virtual address 0000000000000070 ... Call trace:  kernfs_find_ns  kernfs_find_and_get_ns  sysfs_remove_group  sysfs_remove_groups  device_remove_attrs  device_del  spi_unregister_controller  devm_spi_unregister  release_nodes  devres_release_all  really_probe  driver_probe_device  __device_attach_driver  bus_for_each_drv  __device_attach  device_initial_probe  bus_probe_device  deferred_probe_work_func  process_one_work  worker_thread  kthread  ret_from_fork","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26866.json","reference_id":"","reference_type":"","scores":[{"value":"4.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26866.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/1543418e82789cc383cd36d41469983c64e3fc7f","reference_id":"1543418e82789cc383cd36d41469983c64e3fc7f","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-28T19:57:41Z/"}],"url":"https://git.kernel.org/stable/c/1543418e82789cc383cd36d41469983c64e3fc7f"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2275719","reference_id":"2275719","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2275719"},{"reference_url":"https://git.kernel.org/stable/c/2ae0ab0143fcc06190713ed81a6486ed0ad3c861","reference_id":"2ae0ab0143fcc06190713ed81a6486ed0ad3c861","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-28T19:57:41Z/"}],"url":"https://git.kernel.org/stable/c/2ae0ab0143fcc06190713ed81a6486ed0ad3c861"},{"reference_url":"https://git.kernel.org/stable/c/996ce839606afd0fef91355627868022aa73eb68","reference_id":"996ce839606afd0fef91355627868022aa73eb68","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-28T19:57:41Z/"}],"url":"https://git.kernel.org/stable/c/996ce839606afd0fef91355627868022aa73eb68"},{"reference_url":"https://git.kernel.org/stable/c/da83ed350e4604b976e94239b08d8e2e7eaee7ea","reference_id":"da83ed350e4604b976e94239b08d8e2e7eaee7ea","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-28T19:57:41Z/"}],"url":"https://git.kernel.org/stable/c/da83ed350e4604b976e94239b08d8e2e7eaee7ea"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-26866"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6ccm-6dwt-bkfs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61562?format=json","vulnerability_id":"VCID-6cya-7s19-bqb5","summary":"kernel: usb: gadget: f_ecm: Fix net_device lifecycle with device_move","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31725.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31725.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2464484","reference_id":"2464484","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2464484"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-31725"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6cya-7s19-bqb5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83091?format=json","vulnerability_id":"VCID-6cyj-9h3b-fuha","summary":"kernel: net: mvpp2: Prevent parser TCAM memory corruption","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-22060.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-22060.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2360201","reference_id":"2360201","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2360201"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-22060"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6cyj-9h3b-fuha"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75706?format=json","vulnerability_id":"VCID-6d72-e9nq-6qa2","summary":"kernel: drm/amdgpu: fix calltrace warning in amddrm_buddy_fini","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53152.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53152.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2395307","reference_id":"2395307","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2395307"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2394","reference_id":"RHSA-2024:2394","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2394"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-53152"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6d72-e9nq-6qa2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81898?format=json","vulnerability_id":"VCID-6es6-jdz7-3ugx","summary":"kernel: spi: fsl-qspi: use devm function instead of driver remove","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-37842.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-37842.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2365238","reference_id":"2365238","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2365238"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2025-37842"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6es6-jdz7-3ugx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/68299?format=json","vulnerability_id":"VCID-6esn-wjxv-7ycm","summary":"kernel: iomap: adjust read range correctly for non-block-aligned positions","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68794.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68794.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2429040","reference_id":"2429040","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2429040"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2025-68794"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6esn-wjxv-7ycm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59371?format=json","vulnerability_id":"VCID-6f8m-mtma-ybfg","summary":"kernel: btrfs: fix EEXIST abort due to non-consecutive gaps in chunk allocation","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45934.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45934.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2481949","reference_id":"2481949","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2481949"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2026-45934"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6f8m-mtma-ybfg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88466?format=json","vulnerability_id":"VCID-6hcw-v6n8-r3dn","summary":"In the Linux kernel, the following vulnerability has been resolved:  net: flow_dissector: use DEBUG_NET_WARN_ON_ONCE  The following splat is easy to reproduce upstream as well as in -stable kernels. Florian Westphal provided the following commit:    d1dab4f71d37 (\"net: add and use __skb_get_hash_symmetric_net\")  but this complementary fix has been also suggested by Willem de Bruijn and it can be easily backported to -stable kernel which consists in using DEBUG_NET_WARN_ON_ONCE instead to silence the following splat given __skb_get_hash() is used by the nftables tracing infrastructure to to identify packets in traces.  [69133.561393] ------------[ cut here ]------------ [69133.561404] WARNING: CPU: 0 PID: 43576 at net/core/flow_dissector.c:1104 __skb_flow_dissect+0x134f/ [...] [69133.561944] CPU: 0 PID: 43576 Comm: socat Not tainted 6.10.0-rc7+ #379 [69133.561959] RIP: 0010:__skb_flow_dissect+0x134f/0x2ad0 [69133.561970] Code: 83 f9 04 0f 84 b3 00 00 00 45 85 c9 0f 84 aa 00 00 00 41 83 f9 02 0f 84 81 fc ff ff 44 0f b7 b4 24 80 00 00 00 e9 8b f9 ff ff <0f> 0b e9 20 f3 ff ff 41 f6 c6 20 0f 84 e4 ef ff ff 48 8d 7b 12 e8 [69133.561979] RSP: 0018:ffffc90000006fc0 EFLAGS: 00010246 [69133.561988] RAX: 0000000000000000 RBX: ffffffff82f33e20 RCX: ffffffff81ab7e19 [69133.561994] RDX: dffffc0000000000 RSI: ffffc90000007388 RDI: ffff888103a1b418 [69133.562001] RBP: ffffc90000007310 R08: 0000000000000000 R09: 0000000000000000 [69133.562007] R10: ffffc90000007388 R11: ffffffff810cface R12: ffff888103a1b400 [69133.562013] R13: 0000000000000000 R14: ffffffff82f33e2a R15: ffffffff82f33e28 [69133.562020] FS:  00007f40f7131740(0000) GS:ffff888390800000(0000) knlGS:0000000000000000 [69133.562027] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [69133.562033] CR2: 00007f40f7346ee0 CR3: 000000015d200001 CR4: 00000000001706f0 [69133.562040] Call Trace: [69133.562044]  <IRQ> [69133.562049]  ? __warn+0x9f/0x1a0 [ 1211.841384]  ? __skb_flow_dissect+0x107e/0x2860 [...] [ 1211.841496]  ? bpf_flow_dissect+0x160/0x160 [ 1211.841753]  __skb_get_hash+0x97/0x280 [ 1211.841765]  ? __skb_get_hash_symmetric+0x230/0x230 [ 1211.841776]  ? mod_find+0xbf/0xe0 [ 1211.841786]  ? get_stack_info_noinstr+0x12/0xe0 [ 1211.841798]  ? bpf_ksym_find+0x56/0xe0 [ 1211.841807]  ? __rcu_read_unlock+0x2a/0x70 [ 1211.841819]  nft_trace_init+0x1b9/0x1c0 [nf_tables] [ 1211.841895]  ? nft_trace_notify+0x830/0x830 [nf_tables] [ 1211.841964]  ? get_stack_info+0x2b/0x80 [ 1211.841975]  ? nft_do_chain_arp+0x80/0x80 [nf_tables] [ 1211.842044]  nft_do_chain+0x79c/0x850 [nf_tables]","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-42321.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-42321.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/120f1c857a73e52132e473dee89b340440cb692b","reference_id":"120f1c857a73e52132e473dee89b340440cb692b","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:09:25Z/"}],"url":"https://git.kernel.org/stable/c/120f1c857a73e52132e473dee89b340440cb692b"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2305466","reference_id":"2305466","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2305466"},{"reference_url":"https://git.kernel.org/stable/c/4afbac11f2f629d1e62817c4e210bdfaa7521107","reference_id":"4afbac11f2f629d1e62817c4e210bdfaa7521107","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:09:25Z/"}],"url":"https://git.kernel.org/stable/c/4afbac11f2f629d1e62817c4e210bdfaa7521107"},{"reference_url":"https://git.kernel.org/stable/c/c5d21aabf1b31a79f228508af33aee83456bc1b0","reference_id":"c5d21aabf1b31a79f228508af33aee83456bc1b0","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:09:25Z/"}],"url":"https://git.kernel.org/stable/c/c5d21aabf1b31a79f228508af33aee83456bc1b0"},{"reference_url":"https://git.kernel.org/stable/c/eb03d9826aa646577342a952d658d4598381c035","reference_id":"eb03d9826aa646577342a952d658d4598381c035","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:09:25Z/"}],"url":"https://git.kernel.org/stable/c/eb03d9826aa646577342a952d658d4598381c035"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:6966","reference_id":"RHSA-2025:6966","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:6966"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-42321"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6hcw-v6n8-r3dn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62363?format=json","vulnerability_id":"VCID-6m59-3cy4-gucw","summary":"kernel: team: fix header_ops type confusion with non-Ethernet ports","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31502.json","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31502.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460684","reference_id":"2460684","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460684"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-31502"],"risk_score":2.9,"exploitability":"0.5","weighted_severity":"5.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6m59-3cy4-gucw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59244?format=json","vulnerability_id":"VCID-6m5s-a75h-9qgv","summary":"kernel: usb: ulpi: fix memory leak on ulpi_register() error paths","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46109.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46109.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482629","reference_id":"2482629","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482629"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-46109"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6m5s-a75h-9qgv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87552?format=json","vulnerability_id":"VCID-6mku-v4z6-n3e1","summary":"In the Linux kernel, the following vulnerability has been resolved:  ax25: Fix reference count leak issues of ax25_dev  The ax25_addr_ax25dev() and ax25_dev_device_down() exist a reference count leak issue of the object \"ax25_dev\".  Memory leak issue in ax25_addr_ax25dev():  The reference count of the object \"ax25_dev\" can be increased multiple times in ax25_addr_ax25dev(). This will cause a memory leak.  Memory leak issues in ax25_dev_device_down():  The reference count of ax25_dev is set to 1 in ax25_dev_device_up() and then increase the reference count when ax25_dev is added to ax25_dev_list. As a result, the reference count of ax25_dev is 2. But when the device is shutting down. The ax25_dev_device_down() drops the reference count once or twice depending on if we goto unlock_put or not, which will cause memory leak.  As for the issue of ax25_addr_ax25dev(), it is impossible for one pointer to be on a list twice. So add a break in ax25_addr_ax25dev(). As for the issue of ax25_dev_device_down(), increase the reference count of ax25_dev once in ax25_dev_device_up() and decrease the reference count of ax25_dev after it is removed from the ax25_dev_list.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38602.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38602.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/1ea02699c7557eeb35ccff2bd822de1b3e09d868","reference_id":"1ea02699c7557eeb35ccff2bd822de1b3e09d868","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:13:18Z/"}],"url":"https://git.kernel.org/stable/c/1ea02699c7557eeb35ccff2bd822de1b3e09d868"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2293363","reference_id":"2293363","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2293363"},{"reference_url":"https://git.kernel.org/stable/c/38eb01edfdaa1562fa00429be2e33f45383b1b3a","reference_id":"38eb01edfdaa1562fa00429be2e33f45383b1b3a","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:13:18Z/"}],"url":"https://git.kernel.org/stable/c/38eb01edfdaa1562fa00429be2e33f45383b1b3a"},{"reference_url":"https://git.kernel.org/stable/c/81d8240b0a243b3ddd8fa8aa172f1acc2f7cc8f3","reference_id":"81d8240b0a243b3ddd8fa8aa172f1acc2f7cc8f3","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:13:18Z/"}],"url":"https://git.kernel.org/stable/c/81d8240b0a243b3ddd8fa8aa172f1acc2f7cc8f3"},{"reference_url":"https://git.kernel.org/stable/c/ae467750a3765dd1092eb29f58247950a2f9b60c","reference_id":"ae467750a3765dd1092eb29f58247950a2f9b60c","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:13:18Z/"}],"url":"https://git.kernel.org/stable/c/ae467750a3765dd1092eb29f58247950a2f9b60c"},{"reference_url":"https://git.kernel.org/stable/c/b505e0319852b08a3a716b64620168eab21f4ced","reference_id":"b505e0319852b08a3a716b64620168eab21f4ced","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:13:18Z/"}],"url":"https://git.kernel.org/stable/c/b505e0319852b08a3a716b64620168eab21f4ced"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-38602"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6mku-v4z6-n3e1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88082?format=json","vulnerability_id":"VCID-6qk1-z2hs-mqfb","summary":"In the Linux kernel, the following vulnerability has been resolved:  RDMA/restrack: Fix potential invalid address access  struct rdma_restrack_entry's kern_name was set to KBUILD_MODNAME in ib_create_cq(), while if the module exited but forgot del this rdma_restrack_entry, it would cause a invalid address access in rdma_restrack_clean() when print the owner of this rdma_restrack_entry.  These code is used to help find one forgotten PD release in one of the ULPs. But it is not needed anymore, so delete them.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-42080.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-42080.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2300518","reference_id":"2300518","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2300518"},{"reference_url":"https://git.kernel.org/stable/c/782bdaf9d01658281bc813f3f873e6258aa1fd8d","reference_id":"782bdaf9d01658281bc813f3f873e6258aa1fd8d","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:19:13Z/"}],"url":"https://git.kernel.org/stable/c/782bdaf9d01658281bc813f3f873e6258aa1fd8d"},{"reference_url":"https://git.kernel.org/stable/c/8656ef8a9288d6c932654f8d3856dc4ab1cfc6b5","reference_id":"8656ef8a9288d6c932654f8d3856dc4ab1cfc6b5","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:19:13Z/"}],"url":"https://git.kernel.org/stable/c/8656ef8a9288d6c932654f8d3856dc4ab1cfc6b5"},{"reference_url":"https://git.kernel.org/stable/c/8ac281d42337f36cf7061cf1ea094181b84bc1a9","reference_id":"8ac281d42337f36cf7061cf1ea094181b84bc1a9","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:19:13Z/"}],"url":"https://git.kernel.org/stable/c/8ac281d42337f36cf7061cf1ea094181b84bc1a9"},{"reference_url":"https://git.kernel.org/stable/c/ca537a34775c103f7b14d7bbd976403f1d1525d8","reference_id":"ca537a34775c103f7b14d7bbd976403f1d1525d8","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:19:13Z/"}],"url":"https://git.kernel.org/stable/c/ca537a34775c103f7b14d7bbd976403f1d1525d8"},{"reference_url":"https://git.kernel.org/stable/c/f45b43d17240e9ca67ebf3cc82bb046b07cc1c61","reference_id":"f45b43d17240e9ca67ebf3cc82bb046b07cc1c61","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:19:13Z/"}],"url":"https://git.kernel.org/stable/c/f45b43d17240e9ca67ebf3cc82bb046b07cc1c61"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-42080"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6qk1-z2hs-mqfb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74333?format=json","vulnerability_id":"VCID-6qqq-fp5z-jqgz","summary":"kernel: ext4: improve error handling from ext4_dirhash()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53473.json","reference_id":"","reference_type":"","scores":[{"value":"6.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53473.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2400719","reference_id":"2400719","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2400719"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2394","reference_id":"RHSA-2024:2394","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2394"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-53473"],"risk_score":2.7,"exploitability":"0.5","weighted_severity":"5.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6qqq-fp5z-jqgz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87344?format=json","vulnerability_id":"VCID-6qwf-n163-8fa7","summary":"kernel: pinctrl: ocelot: fix system hang on level based interrupts","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-50196.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-50196.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/20728e86289ab463b99b7ab4425515bd26aba417","reference_id":"20728e86289ab463b99b7ab4425515bd26aba417","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T20:17:59Z/"}],"url":"https://git.kernel.org/stable/c/20728e86289ab463b99b7ab4425515bd26aba417"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2324563","reference_id":"2324563","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2324563"},{"reference_url":"https://git.kernel.org/stable/c/4a81800ef05bea5a9896f199677f7b7f5020776a","reference_id":"4a81800ef05bea5a9896f199677f7b7f5020776a","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T20:17:59Z/"}],"url":"https://git.kernel.org/stable/c/4a81800ef05bea5a9896f199677f7b7f5020776a"},{"reference_url":"https://git.kernel.org/stable/c/655f5d4662b958122b260be05aa6dfdf8768efe6","reference_id":"655f5d4662b958122b260be05aa6dfdf8768efe6","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T20:17:59Z/"}],"url":"https://git.kernel.org/stable/c/655f5d4662b958122b260be05aa6dfdf8768efe6"},{"reference_url":"https://git.kernel.org/stable/c/93b8ddc54507a227087c60a0013ed833b6ae7d3c","reference_id":"93b8ddc54507a227087c60a0013ed833b6ae7d3c","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T20:17:59Z/"}],"url":"https://git.kernel.org/stable/c/93b8ddc54507a227087c60a0013ed833b6ae7d3c"},{"reference_url":"https://git.kernel.org/stable/c/dcbe9954634807ec54e22bde278b5b269f921381","reference_id":"dcbe9954634807ec54e22bde278b5b269f921381","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T20:17:59Z/"}],"url":"https://git.kernel.org/stable/c/dcbe9954634807ec54e22bde278b5b269f921381"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-50196"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6qwf-n163-8fa7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86756?format=json","vulnerability_id":"VCID-6rjy-549b-h7hy","summary":"In the Linux kernel, the following vulnerability has been resolved:  md/dm-raid: don't call md_reap_sync_thread() directly  Currently md_reap_sync_thread() is called from raid_message() directly without holding 'reconfig_mutex', this is definitely unsafe because md_reap_sync_thread() can change many fields that is protected by 'reconfig_mutex'.  However, hold 'reconfig_mutex' here is still problematic because this will cause deadlock, for example, commit 130443d60b1b (\"md: refactor idle/frozen_sync_thread() to fix deadlock\").  Fix this problem by using stop_sync_thread() to unregister sync_thread, like md/raid did.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-35808.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-35808.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2281219","reference_id":"2281219","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2281219"},{"reference_url":"https://git.kernel.org/stable/c/347dcdc15a1706f61aa545ae498ededdf31aeebc","reference_id":"347dcdc15a1706f61aa545ae498ededdf31aeebc","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-24T14:17:42Z/"}],"url":"https://git.kernel.org/stable/c/347dcdc15a1706f61aa545ae498ededdf31aeebc"},{"reference_url":"https://git.kernel.org/stable/c/9e59b8d76ff511505eb0dd1478329f09e0f04669","reference_id":"9e59b8d76ff511505eb0dd1478329f09e0f04669","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-24T14:17:42Z/"}],"url":"https://git.kernel.org/stable/c/9e59b8d76ff511505eb0dd1478329f09e0f04669"},{"reference_url":"https://git.kernel.org/stable/c/cd32b27a66db8776d8b8e82ec7d7dde97a8693b0","reference_id":"cd32b27a66db8776d8b8e82ec7d7dde97a8693b0","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-24T14:17:42Z/"}],"url":"https://git.kernel.org/stable/c/cd32b27a66db8776d8b8e82ec7d7dde97a8693b0"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9315","reference_id":"RHSA-2024:9315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9315"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-35808"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6rjy-549b-h7hy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88046?format=json","vulnerability_id":"VCID-6s35-udau-9ybk","summary":"kernel: Bluetooth: L2CAP: Fix uaf in l2cap_connect","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-49950.json","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-49950.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2320459","reference_id":"2320459","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2320459"},{"reference_url":"https://git.kernel.org/stable/c/333b4fd11e89b29c84c269123f871883a30be586","reference_id":"333b4fd11e89b29c84c269123f871883a30be586","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:36:31Z/"}],"url":"https://git.kernel.org/stable/c/333b4fd11e89b29c84c269123f871883a30be586"},{"reference_url":"https://git.kernel.org/stable/c/686e05c9dbd68766c6bda5f31f7e077f36a7fb29","reference_id":"686e05c9dbd68766c6bda5f31f7e077f36a7fb29","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:36:31Z/"}],"url":"https://git.kernel.org/stable/c/686e05c9dbd68766c6bda5f31f7e077f36a7fb29"},{"reference_url":"https://git.kernel.org/stable/c/78d30ce16fdf9c301bcd8b83ce613cea079cea83","reference_id":"78d30ce16fdf9c301bcd8b83ce613cea079cea83","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:36:31Z/"}],"url":"https://git.kernel.org/stable/c/78d30ce16fdf9c301bcd8b83ce613cea079cea83"},{"reference_url":"https://git.kernel.org/stable/c/a1c6174e23df10b8e5770e82d63bc6e2118a3dc7","reference_id":"a1c6174e23df10b8e5770e82d63bc6e2118a3dc7","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:36:31Z/"}],"url":"https://git.kernel.org/stable/c/a1c6174e23df10b8e5770e82d63bc6e2118a3dc7"},{"reference_url":"https://git.kernel.org/stable/c/b22346eec479a30bfa4a02ad2c551b54809694d0","reference_id":"b22346eec479a30bfa4a02ad2c551b54809694d0","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:36:31Z/"}],"url":"https://git.kernel.org/stable/c/b22346eec479a30bfa4a02ad2c551b54809694d0"},{"reference_url":"https://git.kernel.org/stable/c/b90907696c30172b809aa3dd2f0caffae761e4c6","reference_id":"b90907696c30172b809aa3dd2f0caffae761e4c6","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:36:31Z/"}],"url":"https://git.kernel.org/stable/c/b90907696c30172b809aa3dd2f0caffae761e4c6"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:6966","reference_id":"RHSA-2025:6966","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:6966"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-49950"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6s35-udau-9ybk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82163?format=json","vulnerability_id":"VCID-6svt-61c9-sbgc","summary":"In the Linux kernel, the following vulnerability has been resolved:  btrfs: skip reserved bytes warning on unmount after log cleanup failure  After the recent changes made by commit c2e39305299f01 (\"btrfs: clear extent buffer uptodate when we fail to write it\") and its followup fix, commit 651740a5024117 (\"btrfs: check WRITE_ERR when trying to read an extent buffer\"), we can now end up not cleaning up space reservations of log tree extent buffers after a transaction abort happens, as well as not cleaning up still dirty extent buffers.  This happens because if writeback for a log tree extent buffer failed, then we have cleared the bit EXTENT_BUFFER_UPTODATE from the extent buffer and we have also set the bit EXTENT_BUFFER_WRITE_ERR on it. Later on, when trying to free the log tree with free_log_tree(), which iterates over the tree, we can end up getting an -EIO error when trying to read a node or a leaf, since read_extent_buffer_pages() returns -EIO if an extent buffer does not have EXTENT_BUFFER_UPTODATE set and has the EXTENT_BUFFER_WRITE_ERR bit set. Getting that -EIO means that we return immediately as we can not iterate over the entire tree.  In that case we never update the reserved space for an extent buffer in the respective block group and space_info object.  When this happens we get the following traces when unmounting the fs:  [174957.284509] BTRFS: error (device dm-0) in cleanup_transaction:1913: errno=-5 IO failure [174957.286497] BTRFS: error (device dm-0) in free_log_tree:3420: errno=-5 IO failure [174957.399379] ------------[ cut here ]------------ [174957.402497] WARNING: CPU: 2 PID: 3206883 at fs/btrfs/block-group.c:127 btrfs_put_block_group+0x77/0xb0 [btrfs] [174957.407523] Modules linked in: btrfs overlay dm_zero (...) [174957.424917] CPU: 2 PID: 3206883 Comm: umount Tainted: G        W         5.16.0-rc5-btrfs-next-109 #1 [174957.426689] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [174957.428716] RIP: 0010:btrfs_put_block_group+0x77/0xb0 [btrfs] [174957.429717] Code: 21 48 8b bd (...) [174957.432867] RSP: 0018:ffffb70d41cffdd0 EFLAGS: 00010206 [174957.433632] RAX: 0000000000000001 RBX: ffff8b09c3848000 RCX: ffff8b0758edd1c8 [174957.434689] RDX: 0000000000000001 RSI: ffffffffc0b467e7 RDI: ffff8b0758edd000 [174957.436068] RBP: ffff8b0758edd000 R08: 0000000000000000 R09: 0000000000000000 [174957.437114] R10: 0000000000000246 R11: 0000000000000000 R12: ffff8b09c3848148 [174957.438140] R13: ffff8b09c3848198 R14: ffff8b0758edd188 R15: dead000000000100 [174957.439317] FS:  00007f328fb82800(0000) GS:ffff8b0a2d200000(0000) knlGS:0000000000000000 [174957.440402] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [174957.441164] CR2: 00007fff13563e98 CR3: 0000000404f4e005 CR4: 0000000000370ee0 [174957.442117] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [174957.443076] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [174957.443948] Call Trace: [174957.444264]  <TASK> [174957.444538]  btrfs_free_block_groups+0x255/0x3c0 [btrfs] [174957.445238]  close_ctree+0x301/0x357 [btrfs] [174957.445803]  ? call_rcu+0x16c/0x290 [174957.446250]  generic_shutdown_super+0x74/0x120 [174957.446832]  kill_anon_super+0x14/0x30 [174957.447305]  btrfs_kill_super+0x12/0x20 [btrfs] [174957.447890]  deactivate_locked_super+0x31/0xa0 [174957.448440]  cleanup_mnt+0x147/0x1c0 [174957.448888]  task_work_run+0x5c/0xa0 [174957.449336]  exit_to_user_mode_prepare+0x1e5/0x1f0 [174957.449934]  syscall_exit_to_user_mode+0x16/0x40 [174957.450512]  do_syscall_64+0x48/0xc0 [174957.450980]  entry_SYSCALL_64_after_hwframe+0x44/0xae [174957.451605] RIP: 0033:0x7f328fdc4a97 [174957.452059] Code: 03 0c 00 f7 (...) [174957.454320] RSP: 002b:00007fff13564ec8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [174957.455262] RAX: 0000000000000000 RBX: 00007f328feea264 RCX: 00007f328fdc4a97 [174957.456131] RDX: 0000000000000000 RSI: 00000000000000 ---truncated---","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48833.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48833.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-48833","reference_id":"","reference_type":"","scores":[{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01651","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-48833"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2298174","reference_id":"2298174","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2298174"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-48833"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6svt-61c9-sbgc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86462?format=json","vulnerability_id":"VCID-6t7h-mr6a-3bcn","summary":"kernel: xsk: fix OOB map writes when deleting elements","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56614.json","reference_id":"","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56614.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2334573","reference_id":"2334573","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2334573"},{"reference_url":"https://git.kernel.org/stable/c/32cd3db7de97c0c7a018756ce66244342fd583f0","reference_id":"32cd3db7de97c0c7a018756ce66244342fd583f0","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-01T20:01:11Z/"}],"url":"https://git.kernel.org/stable/c/32cd3db7de97c0c7a018756ce66244342fd583f0"},{"reference_url":"https://git.kernel.org/stable/c/4d03f705e9d7aabebc6bfa5810f8aab6d176cbb7","reference_id":"4d03f705e9d7aabebc6bfa5810f8aab6d176cbb7","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-01T20:01:11Z/"}],"url":"https://git.kernel.org/stable/c/4d03f705e9d7aabebc6bfa5810f8aab6d176cbb7"},{"reference_url":"https://git.kernel.org/stable/c/d486b5741d987d3e0e6be4ac22cafdf94e6d1a47","reference_id":"d486b5741d987d3e0e6be4ac22cafdf94e6d1a47","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-01T20:01:11Z/"}],"url":"https://git.kernel.org/stable/c/d486b5741d987d3e0e6be4ac22cafdf94e6d1a47"},{"reference_url":"https://git.kernel.org/stable/c/ed08c93d5a9801cc8f224a046411fd603c538d07","reference_id":"ed08c93d5a9801cc8f224a046411fd603c538d07","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-01T20:01:11Z/"}],"url":"https://git.kernel.org/stable/c/ed08c93d5a9801cc8f224a046411fd603c538d07"},{"reference_url":"https://git.kernel.org/stable/c/f8abd03f83d5fe81e76eb93e2c4373eb9f75fd8a","reference_id":"f8abd03f83d5fe81e76eb93e2c4373eb9f75fd8a","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-01T20:01:11Z/"}],"url":"https://git.kernel.org/stable/c/f8abd03f83d5fe81e76eb93e2c4373eb9f75fd8a"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10536","reference_id":"RHSA-2025:10536","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10536"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10547","reference_id":"RHSA-2025:10547","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10547"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10701","reference_id":"RHSA-2025:10701","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10701"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:6966","reference_id":"RHSA-2025:6966","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:6966"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-56614"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6t7h-mr6a-3bcn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69526?format=json","vulnerability_id":"VCID-6vcg-2c3q-jfe6","summary":"kernel: Linux kernel: Denial of Service via use-after-free in IMM SCSI host adapter","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68324.json","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68324.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2423597","reference_id":"2423597","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2423597"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2025-68324"],"risk_score":3.2,"exploitability":"0.5","weighted_severity":"6.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6vcg-2c3q-jfe6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/68293?format=json","vulnerability_id":"VCID-6w31-zhk8-kqex","summary":"kernel: usb: phy: fsl-usb: Fix use-after-free in delayed work during device removal","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68781.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68781.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2429034","reference_id":"2429034","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2429034"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-68781"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6w31-zhk8-kqex"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7297?format=json","vulnerability_id":"VCID-6wt3-xsmf-63hf","summary":"information disclosure","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-32078.json","reference_id":"","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-32078.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-32078","reference_id":"","reference_type":"","scores":[{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24903","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-32078"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1973436","reference_id":"1973436","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1973436"},{"reference_url":"https://security.archlinux.org/AVG-2080","reference_id":"AVG-2080","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2080"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2021-32078"],"risk_score":3.8,"exploitability":"0.5","weighted_severity":"7.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6wt3-xsmf-63hf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63744?format=json","vulnerability_id":"VCID-6z49-a79y-m7d7","summary":"kernel: btrfs: log new dentries when logging parent dir of a conflicting inode","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23465.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23465.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2454846","reference_id":"2454846","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2454846"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-23465"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6z49-a79y-m7d7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86399?format=json","vulnerability_id":"VCID-6zxx-2e89-aqcw","summary":"In the Linux kernel, the following vulnerability has been resolved:  drm/amd/display: fix incorrect mpc_combine array size  [why] MAX_SURFACES is per stream, while MAX_PLANES is per asic. The mpc_combine is an array that records all the planes per asic. Therefore MAX_PLANES should be used as the array size. Using MAX_SURFACES causes array overflow when there are more than 3 planes.  [how] Use the MAX_PLANES for the mpc_combine array size.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26914.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26914.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/0bd8ef618a42d7e6ea3f701065264e15678025e3","reference_id":"0bd8ef618a42d7e6ea3f701065264e15678025e3","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:47:53Z/"}],"url":"https://git.kernel.org/stable/c/0bd8ef618a42d7e6ea3f701065264e15678025e3"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2275792","reference_id":"2275792","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2275792"},{"reference_url":"https://git.kernel.org/stable/c/39079fe8e660851abbafa90cd55cbf029210661f","reference_id":"39079fe8e660851abbafa90cd55cbf029210661f","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:47:53Z/"}],"url":"https://git.kernel.org/stable/c/39079fe8e660851abbafa90cd55cbf029210661f"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-26914"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6zxx-2e89-aqcw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59198?format=json","vulnerability_id":"VCID-745k-gvw3-q3g3","summary":"kernel: mptcp: pm: ADD_ADDR rtx: fix potential data-race","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46137.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46137.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482600","reference_id":"2482600","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482600"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2026-46137"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-745k-gvw3-q3g3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75152?format=json","vulnerability_id":"VCID-749j-73hj-u7bf","summary":"kernel: accel/habanalabs: fix mem leak in capture user mappings","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53367.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53367.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2396157","reference_id":"2396157","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2396157"},{"reference_url":"https://git.kernel.org/stable/c/314a7ffd7c196b27eedd50cb7553029e17789b55","reference_id":"314a7ffd7c196b27eedd50cb7553029e17789b55","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T18:45:52Z/"}],"url":"https://git.kernel.org/stable/c/314a7ffd7c196b27eedd50cb7553029e17789b55"},{"reference_url":"https://git.kernel.org/stable/c/973e0890e5264cb075ef668661cad06b67777121","reference_id":"973e0890e5264cb075ef668661cad06b67777121","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T18:45:52Z/"}],"url":"https://git.kernel.org/stable/c/973e0890e5264cb075ef668661cad06b67777121"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2023-53367"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-749j-73hj-u7bf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75774?format=json","vulnerability_id":"VCID-74qh-dhu5-fkgf","summary":"kernel: Linux kernel: Denial of Service in btrfs due to out-of-memory condition","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50293.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50293.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50293","reference_id":"","reference_type":"","scores":[{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03282","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50293"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2395347","reference_id":"2395347","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2395347"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-50293"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-74qh-dhu5-fkgf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59081?format=json","vulnerability_id":"VCID-75na-zt1j-c3ar","summary":"kernel: wifi: rsi: fix kthread lifetime race between self-exit and external-stop","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46187.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46187.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482521","reference_id":"2482521","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482521"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-46187"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-75na-zt1j-c3ar"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81014?format=json","vulnerability_id":"VCID-7bra-8epf-z7cs","summary":"In the Linux kernel, the following vulnerability has been resolved:  net/mlx5e: CT, Fix multiple allocations and memleak of mod acts  CT clear action offload adds additional mod hdr actions to the flow's original mod actions in order to clear the registers which hold ct_state. When such flow also includes encap action, a neigh update event can cause the driver to unoffload the flow and then reoffload it.  Each time this happens, the ct clear handling adds that same set of mod hdr actions to reset ct_state until the max of mod hdr actions is reached.  Also the driver never releases the allocated mod hdr actions and causing a memleak.  Fix above two issues by moving CT clear mod acts allocation into the parsing actions phase and only use it when offloading the rule. The release of mod acts will be done in the normal flow_put().   backtrace:     [<000000007316e2f3>] krealloc+0x83/0xd0     [<00000000ef157de1>] mlx5e_mod_hdr_alloc+0x147/0x300 [mlx5_core]     [<00000000970ce4ae>] mlx5e_tc_match_to_reg_set_and_get_id+0xd7/0x240 [mlx5_core]     [<0000000067c5fa17>] mlx5e_tc_match_to_reg_set+0xa/0x20 [mlx5_core]     [<00000000d032eb98>] mlx5_tc_ct_entry_set_registers.isra.0+0x36/0xc0 [mlx5_core]     [<00000000fd23b869>] mlx5_tc_ct_flow_offload+0x272/0x1f10 [mlx5_core]     [<000000004fc24acc>] mlx5e_tc_offload_fdb_rules.part.0+0x150/0x620 [mlx5_core]     [<00000000dc741c17>] mlx5e_tc_encap_flows_add+0x489/0x690 [mlx5_core]     [<00000000e92e49d7>] mlx5e_rep_update_flows+0x6e4/0x9b0 [mlx5_core]     [<00000000f60f5602>] mlx5e_rep_neigh_update+0x39a/0x5d0 [mlx5_core]","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47199.json","reference_id":"","reference_type":"","scores":[{"value":"6.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47199.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-47199","reference_id":"","reference_type":"","scores":[{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05401","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-47199"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2274610","reference_id":"2274610","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2274610"},{"reference_url":"https://git.kernel.org/stable/c/486e8de6e233ff2999493533c6259d1cb538653b","reference_id":"486e8de6e233ff2999493533c6259d1cb538653b","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:50:01Z/"}],"url":"https://git.kernel.org/stable/c/486e8de6e233ff2999493533c6259d1cb538653b"},{"reference_url":"https://git.kernel.org/stable/c/806401c20a0f9c51b6c8fd7035671e6ca841f6c2","reference_id":"806401c20a0f9c51b6c8fd7035671e6ca841f6c2","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:50:01Z/"}],"url":"https://git.kernel.org/stable/c/806401c20a0f9c51b6c8fd7035671e6ca841f6c2"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2021-47199"],"risk_score":2.7,"exploitability":"0.5","weighted_severity":"5.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7bra-8epf-z7cs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73957?format=json","vulnerability_id":"VCID-7c8k-3uvj-fycf","summary":"kernel: blk-mq: avoid double ->queue_rq() because of early timeout","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50554.json","reference_id":"","reference_type":"","scores":[{"value":"5.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50554.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50554","reference_id":"","reference_type":"","scores":[{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02323","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50554"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2402306","reference_id":"2402306","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2402306"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2458","reference_id":"RHSA-2023:2458","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2951","reference_id":"RHSA-2023:2951","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2951"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-50554"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7c8k-3uvj-fycf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75912?format=json","vulnerability_id":"VCID-7dfh-s33h-23df","summary":"kernel: erofs: Fix detection of atomic context","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53231.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53231.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/12d0a24afd9ea58e581ea64d64e066f2027b28d9","reference_id":"12d0a24afd9ea58e581ea64d64e066f2027b28d9","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T17:55:25Z/"}],"url":"https://git.kernel.org/stable/c/12d0a24afd9ea58e581ea64d64e066f2027b28d9"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2395432","reference_id":"2395432","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2395432"},{"reference_url":"https://git.kernel.org/stable/c/597fb60c75132719687e173b75cab8f6eb1ca657","reference_id":"597fb60c75132719687e173b75cab8f6eb1ca657","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T17:55:25Z/"}],"url":"https://git.kernel.org/stable/c/597fb60c75132719687e173b75cab8f6eb1ca657"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2023-53231"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7dfh-s33h-23df"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/68348?format=json","vulnerability_id":"VCID-7djh-s68v-wuhw","summary":"kernel: inet: frags: flush pending skbs in fqdir_pre_exit()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68768.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68768.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2429092","reference_id":"2429092","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2429092"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2025-68768"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7djh-s68v-wuhw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81975?format=json","vulnerability_id":"VCID-7dyt-c717-bbgy","summary":"In the Linux kernel, the following vulnerability has been resolved:  net/smc: Forward wakeup to smc socket waitqueue after fallback  When we replace TCP with SMC and a fallback occurs, there may be some socket waitqueue entries remaining in smc socket->wq, such as eppoll_entries inserted by userspace applications.  After the fallback, data flows over TCP/IP and only clcsocket->wq will be woken up. Applications can't be notified by the entries which were inserted in smc socket->wq before fallback. So we need a mechanism to wake up smc socket->wq at the same time if some entries remaining in it.  The current workaround is to transfer the entries from smc socket->wq to clcsock->wq during the fallback. But this may cause a crash like this:   general protection fault, probably for non-canonical address 0xdead000000000100: 0000 [#1] PREEMPT SMP PTI  CPU: 3 PID: 0 Comm: swapper/3 Kdump: loaded Tainted: G E     5.16.0+ #107  RIP: 0010:__wake_up_common+0x65/0x170  Call Trace:   <IRQ>   __wake_up_common_lock+0x7a/0xc0   sock_def_readable+0x3c/0x70   tcp_data_queue+0x4a7/0xc40   tcp_rcv_established+0x32f/0x660   ? sk_filter_trim_cap+0xcb/0x2e0   tcp_v4_do_rcv+0x10b/0x260   tcp_v4_rcv+0xd2a/0xde0   ip_protocol_deliver_rcu+0x3b/0x1d0   ip_local_deliver_finish+0x54/0x60   ip_local_deliver+0x6a/0x110   ? tcp_v4_early_demux+0xa2/0x140   ? tcp_v4_early_demux+0x10d/0x140   ip_sublist_rcv_finish+0x49/0x60   ip_sublist_rcv+0x19d/0x230   ip_list_rcv+0x13e/0x170   __netif_receive_skb_list_core+0x1c2/0x240   netif_receive_skb_list_internal+0x1e6/0x320   napi_complete_done+0x11d/0x190   mlx5e_napi_poll+0x163/0x6b0 [mlx5_core]   __napi_poll+0x3c/0x1b0   net_rx_action+0x27c/0x300   __do_softirq+0x114/0x2d2   irq_exit_rcu+0xb4/0xe0   common_interrupt+0xba/0xe0   </IRQ>   <TASK>  The crash is caused by privately transferring waitqueue entries from smc socket->wq to clcsock->wq. The owners of these entries, such as epoll, have no idea that the entries have been transferred to a different socket wait queue and still use original waitqueue spinlock (smc socket->wq.wait.lock) to make the entries operation exclusive, but it doesn't work. The operations to the entries, such as removing from the waitqueue (now is clcsock->wq after fallback), may cause a crash when clcsock waitqueue is being iterated over at the moment.  This patch tries to fix this by no longer transferring wait queue entries privately, but introducing own implementations of clcsock's callback functions in fallback situation. The callback functions will forward the wakeup to smc socket->wq if clcsock->wq is actually woken up and smc socket->wq has remaining entries.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48721.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48721.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-48721","reference_id":"","reference_type":"","scores":[{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09974","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-48721"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2293281","reference_id":"2293281","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2293281"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-48721"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7dyt-c717-bbgy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59388?format=json","vulnerability_id":"VCID-7fd1-c8xg-ffba","summary":"kernel: net: rds: fix MR cleanup on copy error","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46053.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46053.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2481966","reference_id":"2481966","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2481966"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-46053"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7fd1-c8xg-ffba"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83079?format=json","vulnerability_id":"VCID-7fpp-efkq-g3df","summary":"kernel: jfs: add check read-only before truncation in jfs_truncate_nolock()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-58094.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-58094.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2360196","reference_id":"2360196","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2360196"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2024-58094"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7fpp-efkq-g3df"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59357?format=json","vulnerability_id":"VCID-7gc9-aqme-jfgw","summary":"kernel: drm/nouveau: fix u32 overflow in pushbuf reloc bounds check","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46006.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46006.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2481939","reference_id":"2481939","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2481939"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-46006"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7gc9-aqme-jfgw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62038?format=json","vulnerability_id":"VCID-7gpv-2e5x-ykb2","summary":"kernel: usb: gadget: f_hid: don't call cdev_init while cdev in use","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31606.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31606.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461524","reference_id":"2461524","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461524"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-31606"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7gpv-2e5x-ykb2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87328?format=json","vulnerability_id":"VCID-7hth-pca3-kuby","summary":"In the Linux kernel, the following vulnerability has been resolved:  drm/amd/display: Fix division by zero in setup_dsc_config  When slice_height is 0, the division by slice_height in the calculation of the number of slices will cause a division by zero driver crash. This leaves the kernel in a state that requires a reboot. This patch adds a check to avoid the division by zero.  The stack trace below is for the 6.8.4 Kernel. I reproduced the issue on a Z16 Gen 2 Lenovo Thinkpad with a Apple Studio Display monitor connected via Thunderbolt. The amdgpu driver crashed with this exception when I rebooted the system with the monitor connected.  kernel: ? die (arch/x86/kernel/dumpstack.c:421 arch/x86/kernel/dumpstack.c:434 arch/x86/kernel/dumpstack.c:447) kernel: ? do_trap (arch/x86/kernel/traps.c:113 arch/x86/kernel/traps.c:154) kernel: ? setup_dsc_config (drivers/gpu/drm/amd/amdgpu/../display/dc/dsc/dc_dsc.c:1053) amdgpu kernel: ? do_error_trap (./arch/x86/include/asm/traps.h:58 arch/x86/kernel/traps.c:175) kernel: ? setup_dsc_config (drivers/gpu/drm/amd/amdgpu/../display/dc/dsc/dc_dsc.c:1053) amdgpu kernel: ? exc_divide_error (arch/x86/kernel/traps.c:194 (discriminator 2)) kernel: ? setup_dsc_config (drivers/gpu/drm/amd/amdgpu/../display/dc/dsc/dc_dsc.c:1053) amdgpu kernel: ? asm_exc_divide_error (./arch/x86/include/asm/idtentry.h:548) kernel: ? setup_dsc_config (drivers/gpu/drm/amd/amdgpu/../display/dc/dsc/dc_dsc.c:1053) amdgpu kernel: dc_dsc_compute_config (drivers/gpu/drm/amd/amdgpu/../display/dc/dsc/dc_dsc.c:1109) amdgpu  After applying this patch, the driver no longer crashes when the monitor is connected and the system is rebooted. I believe this is the same issue reported for 3113.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-36969.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-36969.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/130afc8a886183a94cf6eab7d24f300014ff87ba","reference_id":"130afc8a886183a94cf6eab7d24f300014ff87ba","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-10T18:44:38Z/"}],"url":"https://git.kernel.org/stable/c/130afc8a886183a94cf6eab7d24f300014ff87ba"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2292328","reference_id":"2292328","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2292328"},{"reference_url":"https://git.kernel.org/stable/c/308de6be0c9c7ba36915c0d398e771725c0ea911","reference_id":"308de6be0c9c7ba36915c0d398e771725c0ea911","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-10T18:44:38Z/"}],"url":"https://git.kernel.org/stable/c/308de6be0c9c7ba36915c0d398e771725c0ea911"},{"reference_url":"https://git.kernel.org/stable/c/7e4f50dfc98c49b3dc6875a35c3112522fb25639","reference_id":"7e4f50dfc98c49b3dc6875a35c3112522fb25639","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-10T18:44:38Z/"}],"url":"https://git.kernel.org/stable/c/7e4f50dfc98c49b3dc6875a35c3112522fb25639"},{"reference_url":"https://git.kernel.org/stable/c/91402e0e5de9124a3108db7a14163fcf9a6d322f","reference_id":"91402e0e5de9124a3108db7a14163fcf9a6d322f","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-10T18:44:38Z/"}],"url":"https://git.kernel.org/stable/c/91402e0e5de9124a3108db7a14163fcf9a6d322f"},{"reference_url":"https://git.kernel.org/stable/c/a32c8f951c8a456c1c251e1dcdf21787f8066445","reference_id":"a32c8f951c8a456c1c251e1dcdf21787f8066445","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-10T18:44:38Z/"}],"url":"https://git.kernel.org/stable/c/a32c8f951c8a456c1c251e1dcdf21787f8066445"},{"reference_url":"https://git.kernel.org/stable/c/f187fcbbb8f8bf10c6687f0beae22509369f7563","reference_id":"f187fcbbb8f8bf10c6687f0beae22509369f7563","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-10T18:44:38Z/"}],"url":"https://git.kernel.org/stable/c/f187fcbbb8f8bf10c6687f0beae22509369f7563"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-36969"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7hth-pca3-kuby"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87876?format=json","vulnerability_id":"VCID-7kn1-y5kn-4qap","summary":"In the Linux kernel, the following vulnerability has been resolved:  bluetooth/l2cap: sync sock recv cb and release  The problem occurs between the system call to close the sock and hci_rx_work, where the former releases the sock and the latter accesses it without lock protection.             CPU0                       CPU1            ----                       ----            sock_close                 hci_rx_work \t   l2cap_sock_release         hci_acldata_packet \t   l2cap_sock_kill            l2cap_recv_frame \t   sk_free                    l2cap_conless_channel \t                              l2cap_sock_recv_cb  If hci_rx_work processes the data that needs to be received before the sock is closed, then everything is normal; Otherwise, the work thread may access the released sock when receiving data.  Add a chan mutex in the rx callback of the sock to achieve synchronization between the sock release and recv cb.  Sock is dead, so set chan data to NULL, avoid others use invalid sock pointer.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-41062.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-41062.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2300437","reference_id":"2300437","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2300437"},{"reference_url":"https://git.kernel.org/stable/c/3b732449b78183d17178db40be3a4401cf3cd629","reference_id":"3b732449b78183d17178db40be3a4401cf3cd629","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:22:05Z/"}],"url":"https://git.kernel.org/stable/c/3b732449b78183d17178db40be3a4401cf3cd629"},{"reference_url":"https://git.kernel.org/stable/c/605572e64cd9cebb05ed609d96cff05b50d18cdf","reference_id":"605572e64cd9cebb05ed609d96cff05b50d18cdf","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:22:05Z/"}],"url":"https://git.kernel.org/stable/c/605572e64cd9cebb05ed609d96cff05b50d18cdf"},{"reference_url":"https://git.kernel.org/stable/c/89e856e124f9ae548572c56b1b70c2255705f8fe","reference_id":"89e856e124f9ae548572c56b1b70c2255705f8fe","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:22:05Z/"}],"url":"https://git.kernel.org/stable/c/89e856e124f9ae548572c56b1b70c2255705f8fe"},{"reference_url":"https://git.kernel.org/stable/c/b803f30ea23e0968b6c8285c42adf0d862ab2bf6","reference_id":"b803f30ea23e0968b6c8285c42adf0d862ab2bf6","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:22:05Z/"}],"url":"https://git.kernel.org/stable/c/b803f30ea23e0968b6c8285c42adf0d862ab2bf6"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:6966","reference_id":"RHSA-2025:6966","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:6966"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-41062"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7kn1-y5kn-4qap"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/76114?format=json","vulnerability_id":"VCID-7paq-ky6q-q7ew","summary":"kernel: wifi: ath11k: fix sleeping-in-atomic in ath11k_mac_op_set_bitrate_mask()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39732.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39732.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2393737","reference_id":"2393737","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2393737"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2025-39732"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7paq-ky6q-q7ew"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/76793?format=json","vulnerability_id":"VCID-7pj5-7ys7-rydg","summary":"kernel: net/mlx5: Check device memory pointer before usage","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38645.json","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38645.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2390374","reference_id":"2390374","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2390374"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-38645"],"risk_score":2.3,"exploitability":"0.5","weighted_severity":"4.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7pj5-7ys7-rydg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79790?format=json","vulnerability_id":"VCID-7qaq-xvjg-xqft","summary":"kernel: dma-buf/dma-resv: check if the new fence is really later","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49935.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49935.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49935","reference_id":"","reference_type":"","scores":[{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23213","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49935"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2373404","reference_id":"2373404","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2373404"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2458","reference_id":"RHSA-2023:2458","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2951","reference_id":"RHSA-2023:2951","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2951"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-49935"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7qaq-xvjg-xqft"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86395?format=json","vulnerability_id":"VCID-7scc-8ehc-p7fd","summary":"In the Linux kernel, the following vulnerability has been resolved:  drm/amd/display: Fix dcn35 8k30 Underflow/Corruption Issue  [why] odm calculation is missing for pipe split policy determination and cause Underflow/Corruption issue.  [how] Add the odm calculation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26913.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26913.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2275794","reference_id":"2275794","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2275794"},{"reference_url":"https://git.kernel.org/stable/c/cdbe0be8874c63bca85b8c38e5b1eecbdd18df31","reference_id":"cdbe0be8874c63bca85b8c38e5b1eecbdd18df31","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:47:56Z/"}],"url":"https://git.kernel.org/stable/c/cdbe0be8874c63bca85b8c38e5b1eecbdd18df31"},{"reference_url":"https://git.kernel.org/stable/c/faf51b201bc42adf500945732abb6220c707d6f3","reference_id":"faf51b201bc42adf500945732abb6220c707d6f3","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:47:56Z/"}],"url":"https://git.kernel.org/stable/c/faf51b201bc42adf500945732abb6220c707d6f3"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-26913"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7scc-8ehc-p7fd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82896?format=json","vulnerability_id":"VCID-7thb-2bfs-xba3","summary":"In the Linux kernel, the following vulnerability has been resolved:  powerpc/pseries: Fix use after free in remove_phb_dynamic()  In remove_phb_dynamic() we use &phb->io_resource, after we've called device_unregister(&host_bridge->dev). But the unregister may have freed phb, because pcibios_free_controller_deferred() is the release function for the host_bridge.  If there are no outstanding references when we call device_unregister() then phb will be freed out from under us.  This has gone mainly unnoticed, but with slub_debug and page_poison enabled it can lead to a crash:    PID: 7574   TASK: c0000000d492cb80  CPU: 13  COMMAND: \"drmgr\"    #0 [c0000000e4f075a0] crash_kexec at c00000000027d7dc    #1 [c0000000e4f075d0] oops_end at c000000000029608    #2 [c0000000e4f07650] __bad_page_fault at c0000000000904b4    #3 [c0000000e4f076c0] do_bad_slb_fault at c00000000009a5a8    #4 [c0000000e4f076f0] data_access_slb_common_virt at c000000000008b30    Data SLB Access [380] exception frame:    R0:  c000000000167250    R1:  c0000000e4f07a00    R2:  c000000002a46100    R3:  c000000002b39ce8    R4:  00000000000000c0    R5:  00000000000000a9    R6:  3894674d000000c0    R7:  0000000000000000    R8:  00000000000000ff    R9:  0000000000000100    R10: 6b6b6b6b6b6b6b6b    R11: 0000000000008000    R12: c00000000023da80    R13: c0000009ffd38b00    R14: 0000000000000000    R15: 000000011c87f0f0    R16: 0000000000000006    R17: 0000000000000003    R18: 0000000000000002    R19: 0000000000000004    R20: 0000000000000005    R21: 000000011c87ede8    R22: 000000011c87c5a8    R23: 000000011c87d3a0    R24: 0000000000000000    R25: 0000000000000001    R26: c0000000e4f07cc8    R27: c00000004d1cc400    R28: c0080000031d00e8    R29: c00000004d23d800    R30: c00000004d1d2400    R31: c00000004d1d2540    NIP: c000000000167258    MSR: 8000000000009033    OR3: c000000000e9f474    CTR: 0000000000000000    LR:  c000000000167250    XER: 0000000020040003    CCR: 0000000024088420    MQ:  0000000000000000    DAR: 6b6b6b6b6b6b6ba3    DSISR: c0000000e4f07920     Syscall Result: fffffffffffffff2    [NIP  : release_resource+56]    [LR   : release_resource+48]    #5 [c0000000e4f07a00] release_resource at c000000000167258  (unreliable)    #6 [c0000000e4f07a30] remove_phb_dynamic at c000000000105648    #7 [c0000000e4f07ab0] dlpar_remove_slot at c0080000031a09e8 [rpadlpar_io]    #8 [c0000000e4f07b50] remove_slot_store at c0080000031a0b9c [rpadlpar_io]    #9 [c0000000e4f07be0] kobj_attr_store at c000000000817d8c   #10 [c0000000e4f07c00] sysfs_kf_write at c00000000063e504   #11 [c0000000e4f07c20] kernfs_fop_write_iter at c00000000063d868   #12 [c0000000e4f07c70] new_sync_write at c00000000054339c   #13 [c0000000e4f07d10] vfs_write at c000000000546624   #14 [c0000000e4f07d60] ksys_write at c0000000005469f4   #15 [c0000000e4f07db0] system_call_exception at c000000000030840   #16 [c0000000e4f07e10] system_call_vectored_common at c00000000000c168  To avoid it, we can take a reference to the host_bridge->dev until we're done using phb. Then when we drop the reference the phb will be freed.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49196.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49196.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49196","reference_id":"","reference_type":"","scores":[{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.06045","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49196"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2348173","reference_id":"2348173","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2348173"},{"reference_url":"https://git.kernel.org/stable/c/33d39efb61a84e055ca2386157d39ebbdf6b7d31","reference_id":"33d39efb61a84e055ca2386157d39ebbdf6b7d31","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-04T18:03:23Z/"}],"url":"https://git.kernel.org/stable/c/33d39efb61a84e055ca2386157d39ebbdf6b7d31"},{"reference_url":"https://git.kernel.org/stable/c/403f9e0bc5535a0a5184d1352fa3a70e6ffacb6f","reference_id":"403f9e0bc5535a0a5184d1352fa3a70e6ffacb6f","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-04T18:03:23Z/"}],"url":"https://git.kernel.org/stable/c/403f9e0bc5535a0a5184d1352fa3a70e6ffacb6f"},{"reference_url":"https://git.kernel.org/stable/c/895ca4ae1f72e0a0160ab162723e59c9f265ec93","reference_id":"895ca4ae1f72e0a0160ab162723e59c9f265ec93","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-04T18:03:23Z/"}],"url":"https://git.kernel.org/stable/c/895ca4ae1f72e0a0160ab162723e59c9f265ec93"},{"reference_url":"https://git.kernel.org/stable/c/fe2640bd7a62f1f7c3f55fbda31084085075bc30","reference_id":"fe2640bd7a62f1f7c3f55fbda31084085075bc30","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-04T18:03:23Z/"}],"url":"https://git.kernel.org/stable/c/fe2640bd7a62f1f7c3f55fbda31084085075bc30"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-49196"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7thb-2bfs-xba3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62008?format=json","vulnerability_id":"VCID-7vaw-mv2d-4qbu","summary":"kernel: KVM: SEV: Protect *all* of sev_mem_enc_register_region() with kvm->lock","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31592.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31592.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461501","reference_id":"2461501","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461501"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2026-31592"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7vaw-mv2d-4qbu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75449?format=json","vulnerability_id":"VCID-7wtq-azwb-a7gk","summary":"kernel: Linux kernel: Denial of Service via resource leak in SMB2 compound operations","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39819.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39819.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2395806","reference_id":"2395806","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2395806"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19105","reference_id":"RHSA-2025:19105","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19105"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-39819"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7wtq-azwb-a7gk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75133?format=json","vulnerability_id":"VCID-7x4m-6vky-9yf2","summary":"kernel: staging: pi433: fix memory leak with using debugfs_lookup()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53355.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53355.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/04f3cda40e9f6653ae15ed3fcf26ef2860f4df66","reference_id":"04f3cda40e9f6653ae15ed3fcf26ef2860f4df66","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T18:42:35Z/"}],"url":"https://git.kernel.org/stable/c/04f3cda40e9f6653ae15ed3fcf26ef2860f4df66"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2396149","reference_id":"2396149","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2396149"},{"reference_url":"https://git.kernel.org/stable/c/2f36e789e540df6a9fbf471b3a2ba62a8b361586","reference_id":"2f36e789e540df6a9fbf471b3a2ba62a8b361586","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T18:42:35Z/"}],"url":"https://git.kernel.org/stable/c/2f36e789e540df6a9fbf471b3a2ba62a8b361586"},{"reference_url":"https://git.kernel.org/stable/c/bb16f3102607b69e1a0233f4b73c6e337f86ef8d","reference_id":"bb16f3102607b69e1a0233f4b73c6e337f86ef8d","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T18:42:35Z/"}],"url":"https://git.kernel.org/stable/c/bb16f3102607b69e1a0233f4b73c6e337f86ef8d"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-53355"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7x4m-6vky-9yf2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83896?format=json","vulnerability_id":"VCID-7x8k-fzmq-uqfk","summary":"kernel: drm/amd/display: Fix out-of-bound accesses","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21985.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21985.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2356658","reference_id":"2356658","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2356658"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2025-21985"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7x8k-fzmq-uqfk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60554?format=json","vulnerability_id":"VCID-81g1-bywe-yyb3","summary":"kernel: kprobes: avoid crash when rmmod/insmod after ftrace killed","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43409.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43409.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2468209","reference_id":"2468209","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2468209"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-43409"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-81g1-bywe-yyb3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79619?format=json","vulnerability_id":"VCID-82xy-72wt-nqfp","summary":"kernel: dmaengine: ti: k3-udma-glue: Drop skip_fdq argument from k3_udma_glue_reset_rx_chn","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38042.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38042.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2373324","reference_id":"2373324","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2373324"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2025-38042"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-82xy-72wt-nqfp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61922?format=json","vulnerability_id":"VCID-83ts-4hnr-jubv","summary":"kernel: i2c: s3c24xx: check the size of the SMBUS message before using it","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31627.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31627.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461439","reference_id":"2461439","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461439"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-31627"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-83ts-4hnr-jubv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85666?format=json","vulnerability_id":"VCID-8462-gzg8-nkcc","summary":"kernel: RDMA/siw: Remove direct link to net_device","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-57857.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-57857.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/16b87037b48889d21854c8e97aec8a1baf2642b3","reference_id":"16b87037b48889d21854c8e97aec8a1baf2642b3","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-13T13:56:36Z/"}],"url":"https://git.kernel.org/stable/c/16b87037b48889d21854c8e97aec8a1baf2642b3"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2338187","reference_id":"2338187","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2338187"},{"reference_url":"https://git.kernel.org/stable/c/4eafeb4f021c50d13f199239d913b37de3c83135","reference_id":"4eafeb4f021c50d13f199239d913b37de3c83135","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-13T13:56:36Z/"}],"url":"https://git.kernel.org/stable/c/4eafeb4f021c50d13f199239d913b37de3c83135"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-57857"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8462-gzg8-nkcc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69475?format=json","vulnerability_id":"VCID-84js-zejc-cfem","summary":"kernel: team: Move team device type change at the end of team_port_add","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68340.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68340.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2424608","reference_id":"2424608","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2424608"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-68340"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-84js-zejc-cfem"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69431?format=json","vulnerability_id":"VCID-84nv-nhd4-uyc4","summary":"kernel: erofs: validate the extent length for uncompressed pclusters","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50746.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50746.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50746","reference_id":"","reference_type":"","scores":[{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.08559","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50746"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2425197","reference_id":"2425197","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2425197"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-50746"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-84nv-nhd4-uyc4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63747?format=json","vulnerability_id":"VCID-84ta-rw6f-jqbs","summary":"kernel: drm/amdgpu: Limit BO list entry count to prevent resource exhaustion","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23468.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23468.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2454848","reference_id":"2454848","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2454848"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-23468"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-84ta-rw6f-jqbs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83574?format=json","vulnerability_id":"VCID-84xk-htf2-77db","summary":"In the Linux kernel, the following vulnerability has been resolved:  drm/i915/selftests: fix subtraction overflow bug  On some machines hole_end can be small enough to cause subtraction overflow. On the other side (addr + 2 * min_alignment) can overflow in case of mock tests. This patch should handle both cases.  (cherry picked from commit ab3edc679c552a466e4bf0b11af3666008bd65a2)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49635.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49635.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49635","reference_id":"","reference_type":"","scores":[{"value":"0.00124","scoring_system":"epss","scoring_elements":"0.31118","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49635"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2347656","reference_id":"2347656","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2347656"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-49635"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-84xk-htf2-77db"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74306?format=json","vulnerability_id":"VCID-84z8-rn7p-vudb","summary":"kernel: wifi: mt76: mt7915: fix memory leak in mt7915_mcu_exit","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53466.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53466.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2400700","reference_id":"2400700","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2400700"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6583","reference_id":"RHSA-2023:6583","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6583"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7077","reference_id":"RHSA-2023:7077","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7077"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-53466"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-84z8-rn7p-vudb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69509?format=json","vulnerability_id":"VCID-851t-s69d-xffx","summary":"kernel: comedi: pcl818: fix null-ptr-deref in pcl818_ai_cancel()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68335.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68335.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2424338","reference_id":"2424338","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2424338"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-68335"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-851t-s69d-xffx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59434?format=json","vulnerability_id":"VCID-86s3-pjkh-qkex","summary":"kernel: dm mirror: fix integer overflow in create_dirty_log()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46023.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46023.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482008","reference_id":"2482008","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482008"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-46023"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-86s3-pjkh-qkex"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64363?format=json","vulnerability_id":"VCID-88pr-sj3w-s3g5","summary":"kernel: wifi: mt76: Fix possible oob access in mt76_connac2_mac_write_txwi_80211()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23315.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23315.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451177","reference_id":"2451177","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451177"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2026-23315"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-88pr-sj3w-s3g5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87142?format=json","vulnerability_id":"VCID-88y1-v6w9-nfe5","summary":"Improper initialization of CPU cache memory could allow a privileged attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity.","references":[{"reference_url":"https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3014.html","reference_id":"AMD-SB-3014.html","reference_type":"","scores":[{"value":"3.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-08T14:50:05Z/"}],"url":"https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3014.html"},{"reference_url":"https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-5007.html","reference_id":"AMD-SB-5007.html","reference_type":"","scores":[{"value":"3.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-08T14:50:05Z/"}],"url":"https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-5007.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-36331"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-88y1-v6w9-nfe5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88915?format=json","vulnerability_id":"VCID-8cnk-728w-pqd7","summary":"In the Linux kernel, the following vulnerability has been resolved:  drm/amd/display: Check denominator pbn_div before used  [WHAT & HOW] A denominator cannot be 0, and is checked before used.  This fixes 1 DIVIDE_BY_ZERO issue reported by Coverity.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-46773.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-46773.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/116a678f3a9abc24f5c9d2525b7393d18d9eb58e","reference_id":"116a678f3a9abc24f5c9d2525b7393d18d9eb58e","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:40:08Z/"}],"url":"https://git.kernel.org/stable/c/116a678f3a9abc24f5c9d2525b7393d18d9eb58e"},{"reference_url":"https://git.kernel.org/stable/c/11f997143c67680d6e40a13363618380cd57a414","reference_id":"11f997143c67680d6e40a13363618380cd57a414","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:40:08Z/"}],"url":"https://git.kernel.org/stable/c/11f997143c67680d6e40a13363618380cd57a414"},{"reference_url":"https://git.kernel.org/stable/c/20e7164c52d9bfbb9d9862b833fa989624a61345","reference_id":"20e7164c52d9bfbb9d9862b833fa989624a61345","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:40:08Z/"}],"url":"https://git.kernel.org/stable/c/20e7164c52d9bfbb9d9862b833fa989624a61345"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2313121","reference_id":"2313121","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2313121"},{"reference_url":"https://git.kernel.org/stable/c/dfafee0a7b51c7c9612edd2d991401294964d02f","reference_id":"dfafee0a7b51c7c9612edd2d991401294964d02f","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:40:08Z/"}],"url":"https://git.kernel.org/stable/c/dfafee0a7b51c7c9612edd2d991401294964d02f"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-46773"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8cnk-728w-pqd7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83122?format=json","vulnerability_id":"VCID-8d8a-ntcv-nfb7","summary":"kernel: vhost-scsi: Fix handling of multiple calls to vhost_scsi_set_endpoint","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-22083.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-22083.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2360218","reference_id":"2360218","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2360218"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-22083"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8d8a-ntcv-nfb7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60718?format=json","vulnerability_id":"VCID-8dv7-mht7-pqaa","summary":"kernel: ocfs2: validate inline data i_size during inode read","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43076.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43076.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2466999","reference_id":"2466999","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2466999"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-43076"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8dv7-mht7-pqaa"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85591?format=json","vulnerability_id":"VCID-8e2n-p7q1-jbh7","summary":"kernel: net: hns3: don't auto enable misc vector","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21651.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21651.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2338826","reference_id":"2338826","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2338826"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2025-21651"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8e2n-p7q1-jbh7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69334?format=json","vulnerability_id":"VCID-8e86-98fn-5kb6","summary":"kernel: ipv6/sit: use DEV_STATS_INC() to avoid data-races","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50764.json","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50764.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50764","reference_id":"","reference_type":"","scores":[{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.08353","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50764"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2425127","reference_id":"2425127","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2425127"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-50764"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8e86-98fn-5kb6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79887?format=json","vulnerability_id":"VCID-8ew8-k5c9-buag","summary":"Overlayfs in the Linux kernel and shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, both replace vma->vm_file in their mmap handlers. On error the original value is not restored, and the reference is put for the file to which vm_file points. On upstream kernels this is not an issue, as no callers dereference vm_file following after call_mmap() returns an error. However, the aufs patchs change mmap_region() to replace the fput() using a local variable with vma_fput(), which will fput() vm_file, leading to a refcount underflow.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15794.json","reference_id":"","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15794.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-15794","reference_id":"","reference_type":"","scores":[{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.26064","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-15794"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1831055","reference_id":"1831055","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1831055"},{"reference_url":"https://bugs.chromium.org/p/project-zero/issues/detail?id=1958","reference_id":"CVE-2019-15794","reference_type":"exploit","scores":[],"url":"https://bugs.chromium.org/p/project-zero/issues/detail?id=1958"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/47692.txt","reference_id":"CVE-2019-15794","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/47692.txt"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4356","reference_id":"RHSA-2021:4356","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4356"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2019-15794"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"6.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8ew8-k5c9-buag"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82692?format=json","vulnerability_id":"VCID-8gph-qg72-fbbz","summary":"kernel: netlink: Bounds-check struct nlmsgerr creation","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49766.json","reference_id":"","reference_type":"","scores":[{"value":"2.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49766.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49766","reference_id":"","reference_type":"","scores":[{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19811","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49766"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2363478","reference_id":"2363478","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2363478"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-49766"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8gph-qg72-fbbz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59454?format=json","vulnerability_id":"VCID-8j5t-9xgb-ukc8","summary":"kernel: ALSA: ctxfi: Add fallback to default RSR for S/PDIF","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46049.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46049.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482023","reference_id":"2482023","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482023"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-46049"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8j5t-9xgb-ukc8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86853?format=json","vulnerability_id":"VCID-8kqx-n7w1-8ba6","summary":"In the Linux kernel, the following vulnerability has been resolved:  smb: client: fix potential UAF in is_valid_oplock_break()  Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-35863.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-35863.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/0a15ba88a32fa7a516aff7ffd27befed5334dff2","reference_id":"0a15ba88a32fa7a516aff7ffd27befed5334dff2","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:41:24Z/"}],"url":"https://git.kernel.org/stable/c/0a15ba88a32fa7a516aff7ffd27befed5334dff2"},{"reference_url":"https://git.kernel.org/stable/c/16d58c6a7db5050b9638669084b63fc05f951825","reference_id":"16d58c6a7db5050b9638669084b63fc05f951825","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:41:24Z/"}],"url":"https://git.kernel.org/stable/c/16d58c6a7db5050b9638669084b63fc05f951825"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2281773","reference_id":"2281773","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2281773"},{"reference_url":"https://git.kernel.org/stable/c/494c91e1e9413b407d12166a61b84200d4d54fac","reference_id":"494c91e1e9413b407d12166a61b84200d4d54fac","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:41:24Z/"}],"url":"https://git.kernel.org/stable/c/494c91e1e9413b407d12166a61b84200d4d54fac"},{"reference_url":"https://git.kernel.org/stable/c/69ccf040acddf33a3a85ec0f6b45ef84b0f7ec29","reference_id":"69ccf040acddf33a3a85ec0f6b45ef84b0f7ec29","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:41:24Z/"}],"url":"https://git.kernel.org/stable/c/69ccf040acddf33a3a85ec0f6b45ef84b0f7ec29"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9315","reference_id":"RHSA-2024:9315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9315"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-35863"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8kqx-n7w1-8ba6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83271?format=json","vulnerability_id":"VCID-8m6g-4wxe-7ygg","summary":"kernel: dlm: prevent NPD when writing a positive value to event_done","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-23131.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-23131.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2360285","reference_id":"2360285","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2360285"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2025-23131"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8m6g-4wxe-7ygg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87199?format=json","vulnerability_id":"VCID-8mzt-vy9v-w7df","summary":"In the Linux kernel, the following vulnerability has been resolved:  gpiolib: cdev: fix uninitialised kfifo  If a line is requested with debounce, and that results in debouncing in software, and the line is subsequently reconfigured to enable edge detection then the allocation of the kfifo to contain edge events is overlooked.  This results in events being written to and read from an uninitialised kfifo.  Read events are returned to userspace.  Initialise the kfifo in the case where the software debounce is already active.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-36898.json","reference_id":"","reference_type":"","scores":[{"value":"4.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-36898.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/1a51e24404d77bb3307c1e39eee0d8e86febb1a5","reference_id":"1a51e24404d77bb3307c1e39eee0d8e86febb1a5","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-10T18:49:07Z/"}],"url":"https://git.kernel.org/stable/c/1a51e24404d77bb3307c1e39eee0d8e86febb1a5"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2284551","reference_id":"2284551","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2284551"},{"reference_url":"https://git.kernel.org/stable/c/883e4bbf06eb5fb7482679e4edb201093e9f55a2","reference_id":"883e4bbf06eb5fb7482679e4edb201093e9f55a2","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-10T18:49:07Z/"}],"url":"https://git.kernel.org/stable/c/883e4bbf06eb5fb7482679e4edb201093e9f55a2"},{"reference_url":"https://git.kernel.org/stable/c/bd7139a70ee8d8ea872b223e043730cf6f5e2b0e","reference_id":"bd7139a70ee8d8ea872b223e043730cf6f5e2b0e","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-10T18:49:07Z/"}],"url":"https://git.kernel.org/stable/c/bd7139a70ee8d8ea872b223e043730cf6f5e2b0e"},{"reference_url":"https://git.kernel.org/stable/c/c87cc32bc48b187067e089b15ab7a6a7eed5767d","reference_id":"c87cc32bc48b187067e089b15ab7a6a7eed5767d","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-10T18:49:07Z/"}],"url":"https://git.kernel.org/stable/c/c87cc32bc48b187067e089b15ab7a6a7eed5767d"},{"reference_url":"https://git.kernel.org/stable/c/ee0166b637a5e376118e9659e5b4148080f1d27e","reference_id":"ee0166b637a5e376118e9659e5b4148080f1d27e","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-10T18:49:07Z/"}],"url":"https://git.kernel.org/stable/c/ee0166b637a5e376118e9659e5b4148080f1d27e"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-36898"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8mzt-vy9v-w7df"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59175?format=json","vulnerability_id":"VCID-8nnw-td3u-p3gy","summary":"kernel: media: saa7164: add ioremap return checks and cleanups","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46235.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46235.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482584","reference_id":"2482584","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482584"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-46235"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8nnw-td3u-p3gy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77923?format=json","vulnerability_id":"VCID-8qa4-2xqg-t3cz","summary":"kernel: net: lan743x: Modify the EEPROM and OTP size for PCI1xxxx devices","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38422.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38422.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2383465","reference_id":"2383465","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2383465"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-38422"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8qa4-2xqg-t3cz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87745?format=json","vulnerability_id":"VCID-8qjw-1gn8-r7gt","summary":"In the Linux kernel, the following vulnerability has been resolved:  i2c: lpi2c: Avoid calling clk_get_rate during transfer  Instead of repeatedly calling clk_get_rate for each transfer, lock the clock rate and cache the value. A deadlock has been observed while adding tlv320aic32x4 audio codec to the system. When this clock provider adds its clock, the clk mutex is locked already, it needs to access i2c, which in return needs the mutex for clk_get_rate as well.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-40965.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-40965.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2297549","reference_id":"2297549","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2297549"},{"reference_url":"https://git.kernel.org/stable/c/2b42e9587a7a9c7b824e0feb92958f258263963e","reference_id":"2b42e9587a7a9c7b824e0feb92958f258263963e","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:03:13Z/"}],"url":"https://git.kernel.org/stable/c/2b42e9587a7a9c7b824e0feb92958f258263963e"},{"reference_url":"https://git.kernel.org/stable/c/4268254a39484fc11ba991ae148bacbe75d9cc0a","reference_id":"4268254a39484fc11ba991ae148bacbe75d9cc0a","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:03:13Z/"}],"url":"https://git.kernel.org/stable/c/4268254a39484fc11ba991ae148bacbe75d9cc0a"},{"reference_url":"https://git.kernel.org/stable/c/d038693e08adf9c162c6377800495e4f5a2df045","reference_id":"d038693e08adf9c162c6377800495e4f5a2df045","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:03:13Z/"}],"url":"https://git.kernel.org/stable/c/d038693e08adf9c162c6377800495e4f5a2df045"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9315","reference_id":"RHSA-2024:9315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9315"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-40965"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8qjw-1gn8-r7gt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87802?format=json","vulnerability_id":"VCID-8r9x-zpje-ufdq","summary":"In the Linux kernel, the following vulnerability has been resolved:  net: ena: Add validation for completion descriptors consistency  Validate that `first` flag is set only for the first descriptor in multi-buffer packets. In case of an invalid descriptor, a reset will occur. A new reset reason for RX data corruption has been added.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-40999.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-40999.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2297583","reference_id":"2297583","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2297583"},{"reference_url":"https://git.kernel.org/stable/c/42146ee5286f16f1674a84f7c274dcca65c6ff2e","reference_id":"42146ee5286f16f1674a84f7c274dcca65c6ff2e","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:01:22Z/"}],"url":"https://git.kernel.org/stable/c/42146ee5286f16f1674a84f7c274dcca65c6ff2e"},{"reference_url":"https://git.kernel.org/stable/c/b37b98a3a0c1198bafe8c2d9ce0bc845b4e7a9a7","reference_id":"b37b98a3a0c1198bafe8c2d9ce0bc845b4e7a9a7","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:01:22Z/"}],"url":"https://git.kernel.org/stable/c/b37b98a3a0c1198bafe8c2d9ce0bc845b4e7a9a7"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-40999"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8r9x-zpje-ufdq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79697?format=json","vulnerability_id":"VCID-8tsp-s5xf-bba3","summary":"kernel: Linux kernel: Use-After-Free vulnerability in MSI translation via IOMMU domain change during VFIO operation","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38062.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38062.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2373358","reference_id":"2373358","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2373358"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-38062"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8tsp-s5xf-bba3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74761?format=json","vulnerability_id":"VCID-8vcs-yga5-w7bf","summary":"kernel: Linux kernel: Denial of Service due to GIC state corruption on NVIDIA T241 platforms","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53383.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53383.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2396396","reference_id":"2396396","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2396396"},{"reference_url":"https://git.kernel.org/stable/c/35727af2b15d98a2dd2811d631d3a3886111312e","reference_id":"35727af2b15d98a2dd2811d631d3a3886111312e","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T18:56:56Z/"}],"url":"https://git.kernel.org/stable/c/35727af2b15d98a2dd2811d631d3a3886111312e"},{"reference_url":"https://git.kernel.org/stable/c/867a4f6cf1a8f511c06e131477988b3b3e7a0633","reference_id":"867a4f6cf1a8f511c06e131477988b3b3e7a0633","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T18:56:56Z/"}],"url":"https://git.kernel.org/stable/c/867a4f6cf1a8f511c06e131477988b3b3e7a0633"},{"reference_url":"https://git.kernel.org/stable/c/86ba4f7b9f949e4c4bcb425f2a1ce490fea30df0","reference_id":"86ba4f7b9f949e4c4bcb425f2a1ce490fea30df0","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T18:56:56Z/"}],"url":"https://git.kernel.org/stable/c/86ba4f7b9f949e4c4bcb425f2a1ce490fea30df0"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5069","reference_id":"RHSA-2023:5069","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5069"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6583","reference_id":"RHSA-2023:6583","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6583"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-53383"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8vcs-yga5-w7bf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85846?format=json","vulnerability_id":"VCID-8vdd-mghd-d7e7","summary":"kernel: spi: mpc52xx: Add cancel_work_sync before module remove","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-50051.json","reference_id":"","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-50051.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2337126","reference_id":"2337126","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2337126"},{"reference_url":"https://git.kernel.org/stable/c/373d55a47dc662e5e30d12ad5d334312f757c1f1","reference_id":"373d55a47dc662e5e30d12ad5d334312f757c1f1","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-10T17:12:07Z/"}],"url":"https://git.kernel.org/stable/c/373d55a47dc662e5e30d12ad5d334312f757c1f1"},{"reference_url":"https://git.kernel.org/stable/c/90b72189de2cddacb26250579da0510b29a8b82b","reference_id":"90b72189de2cddacb26250579da0510b29a8b82b","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-10T17:12:07Z/"}],"url":"https://git.kernel.org/stable/c/90b72189de2cddacb26250579da0510b29a8b82b"},{"reference_url":"https://git.kernel.org/stable/c/984836621aad98802d92c4a3047114cf518074c8","reference_id":"984836621aad98802d92c4a3047114cf518074c8","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-10T17:12:07Z/"}],"url":"https://git.kernel.org/stable/c/984836621aad98802d92c4a3047114cf518074c8"},{"reference_url":"https://git.kernel.org/stable/c/cd5106c77d6d6828aa82449f01f4eb436d602a21","reference_id":"cd5106c77d6d6828aa82449f01f4eb436d602a21","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-10T17:12:07Z/"}],"url":"https://git.kernel.org/stable/c/cd5106c77d6d6828aa82449f01f4eb436d602a21"},{"reference_url":"https://git.kernel.org/stable/c/d0cde3911cf24e1bcdd4caa1d1b9ef57589db5a1","reference_id":"d0cde3911cf24e1bcdd4caa1d1b9ef57589db5a1","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-10T17:12:07Z/"}],"url":"https://git.kernel.org/stable/c/d0cde3911cf24e1bcdd4caa1d1b9ef57589db5a1"},{"reference_url":"https://git.kernel.org/stable/c/e0c6ce8424095c2da32a063d3fc027494c689817","reference_id":"e0c6ce8424095c2da32a063d3fc027494c689817","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-10T17:12:07Z/"}],"url":"https://git.kernel.org/stable/c/e0c6ce8424095c2da32a063d3fc027494c689817"},{"reference_url":"https://git.kernel.org/stable/c/f65d85bc1ffd8a2c194bb2cd65e35ed3648ddd59","reference_id":"f65d85bc1ffd8a2c194bb2cd65e35ed3648ddd59","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-10T17:12:07Z/"}],"url":"https://git.kernel.org/stable/c/f65d85bc1ffd8a2c194bb2cd65e35ed3648ddd59"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-50051"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8vdd-mghd-d7e7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59177?format=json","vulnerability_id":"VCID-8xhs-5sqt-dyh4","summary":"kernel: batman-adv: stop tp_meter sessions during mesh teardown","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46208.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46208.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482585","reference_id":"2482585","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482585"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-46208"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8xhs-5sqt-dyh4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73358?format=json","vulnerability_id":"VCID-8yj3-91nj-zfd2","summary":"kernel: drm/amdgpu: Fix integer overflow in amdgpu_cs_pass1","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53707.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53707.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2405766","reference_id":"2405766","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2405766"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-53707"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8yj3-91nj-zfd2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60706?format=json","vulnerability_id":"VCID-8zrv-ahdx-ykej","summary":"kernel: Bluetooth: hci_sync: annotate data-races around hdev->req_status","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43119.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43119.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2466991","reference_id":"2466991","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2466991"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-43119"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8zrv-ahdx-ykej"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86398?format=json","vulnerability_id":"VCID-91dq-3zbb-eqet","summary":"kernel: scsi: hisi_sas: Create all dump files during debugfs initialization","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56588.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56588.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2334522","reference_id":"2334522","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2334522"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-56588"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-91dq-3zbb-eqet"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85558?format=json","vulnerability_id":"VCID-91p2-a2h2-3fh9","summary":"A memory leak flaw was found in the UBI driver in drivers/mtd/ubi/attach.c in the Linux kernel through 6.7.4 for UBI_IOCATT, because kobj->name is not released.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-25740.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-25740.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2263881","reference_id":"2263881","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2263881"},{"reference_url":"https://lore.kernel.org/lkml/0171b6cc-95ee-3538-913b-65a391a446b3%40huawei.com/T/","reference_id":"T","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-02-12T16:42:50Z/"}],"url":"https://lore.kernel.org/lkml/0171b6cc-95ee-3538-913b-65a391a446b3%40huawei.com/T/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2024-25740"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-91p2-a2h2-3fh9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87123?format=json","vulnerability_id":"VCID-92sj-jube-3qbm","summary":"In the Linux kernel, the following vulnerability has been resolved:  net/sched: taprio: extend minimum interval restriction to entire cycle too  It is possible for syzbot to side-step the restriction imposed by the blamed commit in the Fixes: tag, because the taprio UAPI permits a cycle-time different from (and potentially shorter than) the sum of entry intervals.  We need one more restriction, which is that the cycle time itself must be larger than N * ETH_ZLEN bit times, where N is the number of schedule entries. This restriction needs to apply regardless of whether the cycle time came from the user or was the implicit, auto-calculated value, so we move the existing \"cycle == 0\" check outside the \"if \"(!new->cycle_time)\" branch. This way covers both conditions and scenarios.  Add a selftest which illustrates the issue triggered by syzbot.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-36244.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-36244.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2293654","reference_id":"2293654","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2293654"},{"reference_url":"https://git.kernel.org/stable/c/34d83c3e6e97867ae061d14eb52123404aab1cbc","reference_id":"34d83c3e6e97867ae061d14eb52123404aab1cbc","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:09:44Z/"}],"url":"https://git.kernel.org/stable/c/34d83c3e6e97867ae061d14eb52123404aab1cbc"},{"reference_url":"https://git.kernel.org/stable/c/91f249b01fe490fce11fbb4307952ca8cce78724","reference_id":"91f249b01fe490fce11fbb4307952ca8cce78724","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:09:44Z/"}],"url":"https://git.kernel.org/stable/c/91f249b01fe490fce11fbb4307952ca8cce78724"},{"reference_url":"https://git.kernel.org/stable/c/b939d1e04a90248b4cdf417b0969c270ceb992b2","reference_id":"b939d1e04a90248b4cdf417b0969c270ceb992b2","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:09:44Z/"}],"url":"https://git.kernel.org/stable/c/b939d1e04a90248b4cdf417b0969c270ceb992b2"},{"reference_url":"https://git.kernel.org/stable/c/fb66df20a7201e60f2b13d7f95d031b31a8831d3","reference_id":"fb66df20a7201e60f2b13d7f95d031b31a8831d3","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:09:44Z/"}],"url":"https://git.kernel.org/stable/c/fb66df20a7201e60f2b13d7f95d031b31a8831d3"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8157","reference_id":"RHSA-2024:8157","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8157"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8158","reference_id":"RHSA-2024:8158","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8158"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8617","reference_id":"RHSA-2024:8617","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8617"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-36244"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-92sj-jube-3qbm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84987?format=json","vulnerability_id":"VCID-93a6-e7e4-guge","summary":"In the Linux kernel, the following vulnerability has been resolved:  IORING_OP_READ did not correctly consume the provided buffer list when read i/o returned < 0 (except for -EAGAIN and -EIOCBQUEUED return). This can lead to a potential use-after-free when the completion via io_rw_done runs at separate context.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52926.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52926.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2347279","reference_id":"2347279","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2347279"},{"reference_url":"https://git.kernel.org/stable/c/6c27fc6a783c8a77c756dd5461b15e465020d075","reference_id":"6c27fc6a783c8a77c756dd5461b15e465020d075","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:27:48Z/"}],"url":"https://git.kernel.org/stable/c/6c27fc6a783c8a77c756dd5461b15e465020d075"},{"reference_url":"https://git.kernel.org/stable/c/72060434a14caea20925e492310d6e680e3f9007","reference_id":"72060434a14caea20925e492310d6e680e3f9007","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:27:48Z/"}],"url":"https://git.kernel.org/stable/c/72060434a14caea20925e492310d6e680e3f9007"},{"reference_url":"https://git.kernel.org/stable/c/a08d195b586a217d76b42062f88f375a3eedda4d","reference_id":"a08d195b586a217d76b42062f88f375a3eedda4d","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:27:48Z/"}],"url":"https://git.kernel.org/stable/c/a08d195b586a217d76b42062f88f375a3eedda4d"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-52926"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-93a6-e7e4-guge"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72208?format=json","vulnerability_id":"VCID-94as-r5ts-cbfa","summary":"kernel: smc: Use __sk_dst_get() and dst_dev_rcu() in smc_clc_prfx_match()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40168.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40168.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2414482","reference_id":"2414482","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2414482"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2720","reference_id":"RHSA-2026:2720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2821","reference_id":"RHSA-2026:2821","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2821"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3275","reference_id":"RHSA-2026:3275","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3275"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3488","reference_id":"RHSA-2026:3488","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3488"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4111","reference_id":"RHSA-2026:4111","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4111"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6954","reference_id":"RHSA-2026:6954","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6954"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9513","reference_id":"RHSA-2026:9513","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9513"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9514","reference_id":"RHSA-2026:9514","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9514"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9643","reference_id":"RHSA-2026:9643","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9643"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2025-40168"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-94as-r5ts-cbfa"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70212?format=json","vulnerability_id":"VCID-94hf-j8u1-vyah","summary":"kernel: platform/chrome: cros_ec_typec: zero out stale pointers","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50642.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50642.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50642","reference_id":"","reference_type":"","scores":[{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.08353","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50642"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2420291","reference_id":"2420291","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2420291"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2394","reference_id":"RHSA-2024:2394","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2394"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-50642"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-94hf-j8u1-vyah"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60544?format=json","vulnerability_id":"VCID-95fp-wpu1-nbad","summary":"kernel: smb: client: fix in-place encryption corruption in SMB2_write()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43362.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43362.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2468198","reference_id":"2468198","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2468198"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-43362"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-95fp-wpu1-nbad"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75454?format=json","vulnerability_id":"VCID-95rh-b457-2fh1","summary":"kernel: Linux kernel: Denial of Service due to improper resource deallocation in tracing functionality","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39829.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39829.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/000aa47a51233fd38a629b029478e0278e1e9fbe","reference_id":"000aa47a51233fd38a629b029478e0278e1e9fbe","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T18:17:20Z/"}],"url":"https://git.kernel.org/stable/c/000aa47a51233fd38a629b029478e0278e1e9fbe"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2395808","reference_id":"2395808","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2395808"},{"reference_url":"https://git.kernel.org/stable/c/2a2deb9f8df70480050351ac27041f19bb9e718b","reference_id":"2a2deb9f8df70480050351ac27041f19bb9e718b","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T18:17:20Z/"}],"url":"https://git.kernel.org/stable/c/2a2deb9f8df70480050351ac27041f19bb9e718b"},{"reference_url":"https://git.kernel.org/stable/c/edede7a6dcd7435395cf757d053974aaab6ab1c2","reference_id":"edede7a6dcd7435395cf757d053974aaab6ab1c2","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T18:17:20Z/"}],"url":"https://git.kernel.org/stable/c/edede7a6dcd7435395cf757d053974aaab6ab1c2"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2025-39829"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-95rh-b457-2fh1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83090?format=json","vulnerability_id":"VCID-95x5-khu5-uqab","summary":"kernel: net: dsa: sja1105: fix kasan out-of-bounds warning in sja1105_table_delete_entry()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-22107.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-22107.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2360200","reference_id":"2360200","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2360200"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-22107"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-95x5-khu5-uqab"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85145?format=json","vulnerability_id":"VCID-98k4-tbev-kqb4","summary":"kernel: ax25: rcu protect dev->ax25_ptr","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21812.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21812.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2348910","reference_id":"2348910","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2348910"},{"reference_url":"https://git.kernel.org/stable/c/2802ed4ced27ebd474828fc67ffd7d66f11e3605","reference_id":"2802ed4ced27ebd474828fc67ffd7d66f11e3605","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-04T18:00:00Z/"}],"url":"https://git.kernel.org/stable/c/2802ed4ced27ebd474828fc67ffd7d66f11e3605"},{"reference_url":"https://git.kernel.org/stable/c/7705d8a7f2c26c80973c81093db07c6022b2b30e","reference_id":"7705d8a7f2c26c80973c81093db07c6022b2b30e","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-04T18:00:00Z/"}],"url":"https://git.kernel.org/stable/c/7705d8a7f2c26c80973c81093db07c6022b2b30e"},{"reference_url":"https://git.kernel.org/stable/c/8937f5e38a218531dce2a89fae60e3adcc2311e1","reference_id":"8937f5e38a218531dce2a89fae60e3adcc2311e1","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-04T18:00:00Z/"}],"url":"https://git.kernel.org/stable/c/8937f5e38a218531dce2a89fae60e3adcc2311e1"},{"reference_url":"https://git.kernel.org/stable/c/95fc45d1dea8e1253f8ec58abc5befb71553d666","reference_id":"95fc45d1dea8e1253f8ec58abc5befb71553d666","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-04T18:00:00Z/"}],"url":"https://git.kernel.org/stable/c/95fc45d1dea8e1253f8ec58abc5befb71553d666"},{"reference_url":"https://git.kernel.org/stable/c/c2531db6de3c95551be58878f859c6a053b7eb2e","reference_id":"c2531db6de3c95551be58878f859c6a053b7eb2e","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-04T18:00:00Z/"}],"url":"https://git.kernel.org/stable/c/c2531db6de3c95551be58878f859c6a053b7eb2e"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-21812"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-98k4-tbev-kqb4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73894?format=json","vulnerability_id":"VCID-98t4-g5wa-8ke3","summary":"kernel: blk-mq: use quiesced elevator switch when reinitializing queues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50552.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50552.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50552","reference_id":"","reference_type":"","scores":[{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04443","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50552"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2402266","reference_id":"2402266","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2402266"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-50552"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-98t4-g5wa-8ke3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59560?format=json","vulnerability_id":"VCID-9afn-v73t-7ya5","summary":"kernel: gfs2: fix memory leaks in gfs2_fill_super error path","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45961.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45961.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482101","reference_id":"2482101","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482101"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2026-45961"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9afn-v73t-7ya5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77149?format=json","vulnerability_id":"VCID-9b44-qmse-rfas","summary":"kernel: rxrpc: Fix recv-recv race of completed call","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38524.json","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38524.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2388925","reference_id":"2388925","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2388925"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2025-38524"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9b44-qmse-rfas"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74158?format=json","vulnerability_id":"VCID-9bze-zvtu-nbgu","summary":"kernel: wifi: cfg80211: reject auth/assoc to AP with our address","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53540.json","reference_id":"","reference_type":"","scores":[{"value":"4.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53540.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2401535","reference_id":"2401535","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2401535"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-53540"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9bze-zvtu-nbgu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80373?format=json","vulnerability_id":"VCID-9d9j-mt26-pqfm","summary":"kernel: of: check previous kernel's ima-kexec-buffer against memory bounds","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50159.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50159.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50159","reference_id":"","reference_type":"","scores":[{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20287","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50159"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2373696","reference_id":"2373696","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2373696"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:6966","reference_id":"RHSA-2025:6966","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:6966"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-50159"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9d9j-mt26-pqfm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81622?format=json","vulnerability_id":"VCID-9eex-jsyt-9qh6","summary":"kernel: parisc: Fix double SIGFPE crash","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-37991.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-37991.json"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2367623","reference_id":"2367623","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2367623"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-37991"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9eex-jsyt-9qh6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59387?format=json","vulnerability_id":"VCID-9f3f-6g2b-bue1","summary":"kernel: iommu/vt-d: Clear Present bit before tearing down context entry","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45944.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45944.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2481965","reference_id":"2481965","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2481965"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2026-45944"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9f3f-6g2b-bue1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88215?format=json","vulnerability_id":"VCID-9gus-9fja-f7e3","summary":"In the Linux kernel, the following vulnerability has been resolved:  drm/amd/display: Do not return negative stream id for array  [WHY] resource_stream_to_stream_idx returns an array index and it return -1 when not found; however, -1 is not a valid array index number.  [HOW] When this happens, call ASSERT(), and return a zero instead.  This fixes an OVERRUN and an NEGATIVE_RETURNS issues reported by Coverity.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-42118.json","reference_id":"","reference_type":"","scores":[{"value":"5.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-42118.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2301483","reference_id":"2301483","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2301483"},{"reference_url":"https://git.kernel.org/stable/c/3ac31c9a707dd1c7c890b95333182f955e9dcb57","reference_id":"3ac31c9a707dd1c7c890b95333182f955e9dcb57","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:17:07Z/"}],"url":"https://git.kernel.org/stable/c/3ac31c9a707dd1c7c890b95333182f955e9dcb57"},{"reference_url":"https://git.kernel.org/stable/c/a76fa9c4f0fc0aa6f517da3fa7d7c23e8a32c7d0","reference_id":"a76fa9c4f0fc0aa6f517da3fa7d7c23e8a32c7d0","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:17:07Z/"}],"url":"https://git.kernel.org/stable/c/a76fa9c4f0fc0aa6f517da3fa7d7c23e8a32c7d0"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-42118"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9gus-9fja-f7e3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83452?format=json","vulnerability_id":"VCID-9h56-bvje-qkd5","summary":"In the Linux kernel, the following vulnerability has been resolved:  ath11k: Change max no of active probe SSID and BSSID to fw capability  The maximum number of SSIDs in a for active probe requests is currently reported as 16 (WLAN_SCAN_PARAMS_MAX_SSID) when registering the driver. The scan_req_params structure only has the capacity to hold 10 SSIDs. This leads to a buffer overflow which can be triggered from wpa_supplicant in userspace. When copying the SSIDs into the scan_req_params structure in the ath11k_mac_op_hw_scan route, it can overwrite the extraie pointer.  Firmware supports 16 ssid * 4 bssid, for each ssid 4 bssid combo probe request will be sent, so totally 64 probe requests supported. So set both max ssid and bssid to 16 and 4 respectively. Remove the redundant macros of ssid and bssid.  Tested-on: IPQ8074 hw2.0 AHB WLAN.HK.2.7.0.1-01300-QCAHKSWPL_SILICONZ-1","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49533.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49533.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49533","reference_id":"","reference_type":"","scores":[{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26686","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49533"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2347937","reference_id":"2347937","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2347937"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-49533"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9h56-bvje-qkd5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87228?format=json","vulnerability_id":"VCID-9hr2-pz1m-muh9","summary":"In the Linux kernel, the following vulnerability has been resolved:  wifi: iwlwifi: read txq->read_ptr under lock  If we read txq->read_ptr without lock, we can read the same value twice, then obtain the lock, and reclaim from there to two different places, but crucially reclaim the same entry twice, resulting in the WARN_ONCE() a little later. Fix that by reading txq->read_ptr under lock.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-36922.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-36922.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2284511","reference_id":"2284511","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2284511"},{"reference_url":"https://git.kernel.org/stable/c/43d07103df670484cdd26f9588eabef80f69db89","reference_id":"43d07103df670484cdd26f9588eabef80f69db89","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:16:00Z/"}],"url":"https://git.kernel.org/stable/c/43d07103df670484cdd26f9588eabef80f69db89"},{"reference_url":"https://git.kernel.org/stable/c/aab7b39fcac5f6165f6434bcbb56bb7865d4ad2b","reference_id":"aab7b39fcac5f6165f6434bcbb56bb7865d4ad2b","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:16:00Z/"}],"url":"https://git.kernel.org/stable/c/aab7b39fcac5f6165f6434bcbb56bb7865d4ad2b"},{"reference_url":"https://git.kernel.org/stable/c/b83db8e756dec68a950ed2f056248b1704b3deaa","reference_id":"b83db8e756dec68a950ed2f056248b1704b3deaa","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:16:00Z/"}],"url":"https://git.kernel.org/stable/c/b83db8e756dec68a950ed2f056248b1704b3deaa"},{"reference_url":"https://git.kernel.org/stable/c/c2ace6300600c634553657785dfe5ea0ed688ac2","reference_id":"c2ace6300600c634553657785dfe5ea0ed688ac2","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:16:00Z/"}],"url":"https://git.kernel.org/stable/c/c2ace6300600c634553657785dfe5ea0ed688ac2"},{"reference_url":"https://git.kernel.org/stable/c/f30e8af109818c9db08cbcc46eb9713fe4b530ba","reference_id":"f30e8af109818c9db08cbcc46eb9713fe4b530ba","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:16:00Z/"}],"url":"https://git.kernel.org/stable/c/f30e8af109818c9db08cbcc46eb9713fe4b530ba"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5363","reference_id":"RHSA-2024:5363","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5363"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5364","reference_id":"RHSA-2024:5364","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5364"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5365","reference_id":"RHSA-2024:5365","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5365"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7000","reference_id":"RHSA-2024:7000","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7000"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-36922"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9hr2-pz1m-muh9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60804?format=json","vulnerability_id":"VCID-9kxz-khdu-vqb1","summary":"kernel: scsi: ufs: core: Flush exception handling work when RPM level is zero","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43275.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43275.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467079","reference_id":"2467079","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467079"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2026-43275"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9kxz-khdu-vqb1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/76217?format=json","vulnerability_id":"VCID-9nmw-sbv9-v7f7","summary":"kernel: net/sched: Fix backlog accounting in qdisc_dequeue_internal","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39677.json","reference_id":"","reference_type":"","scores":[{"value":"4.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39677.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2393536","reference_id":"2393536","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2393536"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2025-39677"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9nmw-sbv9-v7f7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74752?format=json","vulnerability_id":"VCID-9qyw-he31-ybg3","summary":"kernel: drm/meson: reorder driver deinit sequence to fix use-after-free bug","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50378.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50378.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50378","reference_id":"","reference_type":"","scores":[{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06562","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50378"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2396391","reference_id":"2396391","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2396391"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-50378"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9qyw-he31-ybg3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74827?format=json","vulnerability_id":"VCID-9rfu-env8-4ybs","summary":"kernel: media: atomisp: prevent integer overflow in sh_css_set_black_frame()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50399.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50399.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50399","reference_id":"","reference_type":"","scores":[{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06338","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50399"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2396430","reference_id":"2396430","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2396430"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-50399"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9rfu-env8-4ybs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73148?format=json","vulnerability_id":"VCID-9rgc-stpa-tuf8","summary":"kernel: misc: fastrpc: fix possible map leak in fastrpc_put_args","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40036.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40036.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2406746","reference_id":"2406746","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2406746"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-40036"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9rgc-stpa-tuf8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61448?format=json","vulnerability_id":"VCID-9rmj-e3zy-kfhb","summary":"kernel: net: use skb_header_pointer() for TCPv4 GSO frag_off check","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43036.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43036.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2464395","reference_id":"2464395","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2464395"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-43036"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9rmj-e3zy-kfhb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69103?format=json","vulnerability_id":"VCID-9rp9-7xn9-kffn","summary":"kernel: interconnect: Fix locking for runpm vs reclaim","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-54013.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-54013.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2424943","reference_id":"2424943","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2424943"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2023-54013"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9rp9-7xn9-kffn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59260?format=json","vulnerability_id":"VCID-9sxe-jbj3-7fhr","summary":"kernel: mptcp: pm: ADD_ADDR rtx: always decrease sk refcount","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46158.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46158.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482639","reference_id":"2482639","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482639"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2026-46158"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9sxe-jbj3-7fhr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59124?format=json","vulnerability_id":"VCID-9t3n-39m3-s3a5","summary":"kernel: RDMA/rxe: Reject unknown opcodes before ICRC processing","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46133.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46133.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482550","reference_id":"2482550","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482550"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-46133"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9t3n-39m3-s3a5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87151?format=json","vulnerability_id":"VCID-9tqt-46fb-9ugy","summary":"kernel: drm/i915/hdcp: Add encoder check in intel_hdcp_get_capability","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-53051.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-53051.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2327365","reference_id":"2327365","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2327365"},{"reference_url":"https://git.kernel.org/stable/c/31b42af516afa1e184d1a9f9dd4096c54044269a","reference_id":"31b42af516afa1e184d1a9f9dd4096c54044269a","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T20:13:12Z/"}],"url":"https://git.kernel.org/stable/c/31b42af516afa1e184d1a9f9dd4096c54044269a"},{"reference_url":"https://git.kernel.org/stable/c/4912e8fb3c37fb2dedf48d9c18bbbecd70e720f8","reference_id":"4912e8fb3c37fb2dedf48d9c18bbbecd70e720f8","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T20:13:12Z/"}],"url":"https://git.kernel.org/stable/c/4912e8fb3c37fb2dedf48d9c18bbbecd70e720f8"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:6966","reference_id":"RHSA-2025:6966","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:6966"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-53051"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9tqt-46fb-9ugy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88703?format=json","vulnerability_id":"VCID-9ut4-jgnw-dkb2","summary":"In the Linux kernel, the following vulnerability has been resolved:  mptcp: pm: only decrement add_addr_accepted for MPJ req  Adding the following warning ...    WARN_ON_ONCE(msk->pm.add_addr_accepted == 0)  ... before decrementing the add_addr_accepted counter helped to find a bug when running the \"remove single subflow\" subtest from the mptcp_join.sh selftest.  Removing a 'subflow' endpoint will first trigger a RM_ADDR, then the subflow closure. Before this patch, and upon the reception of the RM_ADDR, the other peer will then try to decrement this add_addr_accepted. That's not correct because the attached subflows have not been created upon the reception of an ADD_ADDR.  A way to solve that is to decrement the counter only if the attached subflow was an MP_JOIN to a remote id that was not 0, and initiated by the host receiving the RM_ADDR.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45009.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45009.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/1c1f721375989579e46741f59523e39ec9b2a9bd","reference_id":"1c1f721375989579e46741f59523e39ec9b2a9bd","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T15:51:12Z/"}],"url":"https://git.kernel.org/stable/c/1c1f721375989579e46741f59523e39ec9b2a9bd"},{"reference_url":"https://git.kernel.org/stable/c/2060f1efab370b496c4903b840844ecaff324c3c","reference_id":"2060f1efab370b496c4903b840844ecaff324c3c","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T15:51:12Z/"}],"url":"https://git.kernel.org/stable/c/2060f1efab370b496c4903b840844ecaff324c3c"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2311706","reference_id":"2311706","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2311706"},{"reference_url":"https://git.kernel.org/stable/c/35b31f5549ede4070566b949781e83495906b43d","reference_id":"35b31f5549ede4070566b949781e83495906b43d","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T15:51:12Z/"}],"url":"https://git.kernel.org/stable/c/35b31f5549ede4070566b949781e83495906b43d"},{"reference_url":"https://git.kernel.org/stable/c/85b866e4c4e63a1d7afb58f1e24273caad03d0b7","reference_id":"85b866e4c4e63a1d7afb58f1e24273caad03d0b7","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T15:51:12Z/"}],"url":"https://git.kernel.org/stable/c/85b866e4c4e63a1d7afb58f1e24273caad03d0b7"},{"reference_url":"https://git.kernel.org/stable/c/d20bf2c96d7ffd171299b32f562f70e5bf5dc608","reference_id":"d20bf2c96d7ffd171299b32f562f70e5bf5dc608","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T15:51:12Z/"}],"url":"https://git.kernel.org/stable/c/d20bf2c96d7ffd171299b32f562f70e5bf5dc608"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:6966","reference_id":"RHSA-2025:6966","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:6966"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-45009"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9ut4-jgnw-dkb2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86063?format=json","vulnerability_id":"VCID-9vdw-6qw2-rkb5","summary":"kernel: net/smc: protect link down work from execute after lgr freed","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56718.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56718.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2334793","reference_id":"2334793","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2334793"},{"reference_url":"https://git.kernel.org/stable/c/2627c3e8646932dfc7b9722c88c2e1ffcf7a9fb2","reference_id":"2627c3e8646932dfc7b9722c88c2e1ffcf7a9fb2","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:58:28Z/"}],"url":"https://git.kernel.org/stable/c/2627c3e8646932dfc7b9722c88c2e1ffcf7a9fb2"},{"reference_url":"https://git.kernel.org/stable/c/2b33eb8f1b3e8c2f87cfdbc8cc117f6bdfabc6ec","reference_id":"2b33eb8f1b3e8c2f87cfdbc8cc117f6bdfabc6ec","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:58:28Z/"}],"url":"https://git.kernel.org/stable/c/2b33eb8f1b3e8c2f87cfdbc8cc117f6bdfabc6ec"},{"reference_url":"https://git.kernel.org/stable/c/841b1824750d3b8d1dc0a96b14db4418b952abbc","reference_id":"841b1824750d3b8d1dc0a96b14db4418b952abbc","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:58:28Z/"}],"url":"https://git.kernel.org/stable/c/841b1824750d3b8d1dc0a96b14db4418b952abbc"},{"reference_url":"https://git.kernel.org/stable/c/bec2f52866d511e94c1c37cd962e4382b1b1a299","reference_id":"bec2f52866d511e94c1c37cd962e4382b1b1a299","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:58:28Z/"}],"url":"https://git.kernel.org/stable/c/bec2f52866d511e94c1c37cd962e4382b1b1a299"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-56718"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9vdw-6qw2-rkb5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86983?format=json","vulnerability_id":"VCID-9veg-qznm-p7dd","summary":"In the Linux kernel, the following vulnerability has been resolved:  net: ks8851: Handle softirqs at the end of IRQ thread to fix hang  The ks8851_irq() thread may call ks8851_rx_pkts() in case there are any packets in the MAC FIFO, which calls netif_rx(). This netif_rx() implementation is guarded by local_bh_disable() and local_bh_enable(). The local_bh_enable() may call do_softirq() to run softirqs in case any are pending. One of the softirqs is net_rx_action, which ultimately reaches the driver .start_xmit callback. If that happens, the system hangs. The entire call chain is below:  ks8851_start_xmit_par from netdev_start_xmit netdev_start_xmit from dev_hard_start_xmit dev_hard_start_xmit from sch_direct_xmit sch_direct_xmit from __dev_queue_xmit __dev_queue_xmit from __neigh_update __neigh_update from neigh_update neigh_update from arp_process.constprop.0 arp_process.constprop.0 from __netif_receive_skb_one_core __netif_receive_skb_one_core from process_backlog process_backlog from __napi_poll.constprop.0 __napi_poll.constprop.0 from net_rx_action net_rx_action from __do_softirq __do_softirq from call_with_stack call_with_stack from do_softirq do_softirq from __local_bh_enable_ip __local_bh_enable_ip from netif_rx netif_rx from ks8851_irq ks8851_irq from irq_thread_fn irq_thread_fn from irq_thread irq_thread from kthread kthread from ret_from_fork  The hang happens because ks8851_irq() first locks a spinlock in ks8851_par.c ks8851_lock_par() spin_lock_irqsave(&ksp->lock, ...) and with that spinlock locked, calls netif_rx(). Once the execution reaches ks8851_start_xmit_par(), it calls ks8851_lock_par() again which attempts to claim the already locked spinlock again, and the hang happens.  Move the do_softirq() call outside of the spinlock protected section of ks8851_irq() by disabling BHs around the entire spinlock protected section of ks8851_irq() handler. Place local_bh_enable() outside of the spinlock protected section, so that it can trigger do_softirq() without the ks8851_par.c ks8851_lock_par() spinlock being held, and safely call ks8851_start_xmit_par() without attempting to lock the already locked spinlock.  Since ks8851_irq() is protected by local_bh_disable()/local_bh_enable() now, replace netif_rx() with __netif_rx() which is not duplicating the local_bh_disable()/local_bh_enable() calls.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-35971.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-35971.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2281895","reference_id":"2281895","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2281895"},{"reference_url":"https://git.kernel.org/stable/c/492337a4fbd1421b42df684ee9b34be2a2722540","reference_id":"492337a4fbd1421b42df684ee9b34be2a2722540","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-20T15:04:05Z/"}],"url":"https://git.kernel.org/stable/c/492337a4fbd1421b42df684ee9b34be2a2722540"},{"reference_url":"https://git.kernel.org/stable/c/49d5d70538b6b8f2a3f8f1ac30c1f921d4a0929b","reference_id":"49d5d70538b6b8f2a3f8f1ac30c1f921d4a0929b","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-20T15:04:05Z/"}],"url":"https://git.kernel.org/stable/c/49d5d70538b6b8f2a3f8f1ac30c1f921d4a0929b"},{"reference_url":"https://git.kernel.org/stable/c/be0384bf599cf1eb8d337517feeb732d71f75a6f","reference_id":"be0384bf599cf1eb8d337517feeb732d71f75a6f","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-20T15:04:05Z/"}],"url":"https://git.kernel.org/stable/c/be0384bf599cf1eb8d337517feeb732d71f75a6f"},{"reference_url":"https://git.kernel.org/stable/c/cba376eb036c2c20077b41d47b317d8218fe754f","reference_id":"cba376eb036c2c20077b41d47b317d8218fe754f","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-20T15:04:05Z/"}],"url":"https://git.kernel.org/stable/c/cba376eb036c2c20077b41d47b317d8218fe754f"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-35971"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9veg-qznm-p7dd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61947?format=json","vulnerability_id":"VCID-9wb8-qrzj-8qcf","summary":"kernel: KVM: x86: Use scratch field in MMIO fragment to hold small write values","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31588.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31588.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461458","reference_id":"2461458","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461458"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-31588"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9wb8-qrzj-8qcf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59315?format=json","vulnerability_id":"VCID-9wh1-8hg9-1bca","summary":"kernel: netfilter: nfnetlink_osf: fix divide-by-zero in OSF_WSS_MODULO","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45841.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45841.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2481867","reference_id":"2481867","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2481867"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2026-45841"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9wh1-8hg9-1bca"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85911?format=json","vulnerability_id":"VCID-9whm-wc4z-dbcv","summary":"In the Linux kernel, the following vulnerability has been resolved:  dm-crypt, dm-verity: disable tasklets  Tasklets have an inherent problem with memory corruption. The function tasklet_action_common calls tasklet_trylock, then it calls the tasklet callback and then it calls tasklet_unlock. If the tasklet callback frees the structure that contains the tasklet or if it calls some code that may free it, tasklet_unlock will write into free memory.  The commits 8e14f610159d and d9a02e016aaf try to fix it for dm-crypt, but it is not a sufficient fix and the data corruption can still happen [1]. There is no fix for dm-verity and dm-verity will write into free memory with every tasklet-processed bio.  There will be atomic workqueues implemented in the kernel 6.9 [2]. They will have better interface and they will not suffer from the memory corruption problem.  But we need something that stops the memory corruption now and that can be backported to the stable kernels. So, I'm proposing this commit that disables tasklets in both dm-crypt and dm-verity. This commit doesn't remove the tasklet support, because the tasklet code will be reused when atomic workqueues will be implemented.  [1] https://lore.kernel.org/all/d390d7ee-f142-44d3-822a-87949e14608b@suse.de/T/ [2] https://lore.kernel.org/lkml/20240130091300.2968534-1-tj@kernel.org/","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26718.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26718.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/0a9bab391e336489169b95cb0d4553d921302189","reference_id":"0a9bab391e336489169b95cb0d4553d921302189","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:52:23Z/"}],"url":"https://git.kernel.org/stable/c/0a9bab391e336489169b95cb0d4553d921302189"},{"reference_url":"https://git.kernel.org/stable/c/0c45a20cbe68bc4d681734f5c03891124a274257","reference_id":"0c45a20cbe68bc4d681734f5c03891124a274257","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:52:23Z/"}],"url":"https://git.kernel.org/stable/c/0c45a20cbe68bc4d681734f5c03891124a274257"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2273146","reference_id":"2273146","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2273146"},{"reference_url":"https://git.kernel.org/stable/c/30884a44e0cedc3dfda8c22432f3ba4078ec2d94","reference_id":"30884a44e0cedc3dfda8c22432f3ba4078ec2d94","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:52:23Z/"}],"url":"https://git.kernel.org/stable/c/30884a44e0cedc3dfda8c22432f3ba4078ec2d94"},{"reference_url":"https://git.kernel.org/stable/c/5735a2671ffb70ea29ca83969fe01316ee2ed6fc","reference_id":"5735a2671ffb70ea29ca83969fe01316ee2ed6fc","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:52:23Z/"}],"url":"https://git.kernel.org/stable/c/5735a2671ffb70ea29ca83969fe01316ee2ed6fc"},{"reference_url":"https://git.kernel.org/stable/c/b825e0f9d68c178072bffd32dd34c39e3d2d597a","reference_id":"b825e0f9d68c178072bffd32dd34c39e3d2d597a","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:52:23Z/"}],"url":"https://git.kernel.org/stable/c/b825e0f9d68c178072bffd32dd34c39e3d2d597a"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-26718"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9whm-wc4z-dbcv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69726?format=json","vulnerability_id":"VCID-9wre-s4bc-xkcc","summary":"kernel: staging: rtl8723bs: fix out-of-bounds read in OnBeacon ESR IE parsing","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68254.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68254.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2422767","reference_id":"2422767","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2422767"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-68254"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9wre-s4bc-xkcc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87828?format=json","vulnerability_id":"VCID-9xhz-53za-4ubq","summary":"In the Linux kernel, the following vulnerability has been resolved:  sched/deadline: Fix task_struct reference leak  During the execution of the following stress test with linux-rt:  stress-ng --cyclic 30 --timeout 30 --minimize --quiet  kmemleak frequently reported a memory leak concerning the task_struct:  unreferenced object 0xffff8881305b8000 (size 16136):   comm \"stress-ng\", pid 614, jiffies 4294883961 (age 286.412s)   object hex dump (first 32 bytes):     02 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00  .@..............     00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................   debug hex dump (first 16 bytes):     53 09 00 00 00 00 00 00 00 00 00 00 00 00 00 00  S...............   backtrace:     [<00000000046b6790>] dup_task_struct+0x30/0x540     [<00000000c5ca0f0b>] copy_process+0x3d9/0x50e0     [<00000000ced59777>] kernel_clone+0xb0/0x770     [<00000000a50befdc>] __do_sys_clone+0xb6/0xf0     [<000000001dbf2008>] do_syscall_64+0x5d/0xf0     [<00000000552900ff>] entry_SYSCALL_64_after_hwframe+0x6e/0x76  The issue occurs in start_dl_timer(), which increments the task_struct reference count and sets a timer. The timer callback, dl_task_timer, is supposed to decrement the reference count upon expiration. However, if enqueue_task_dl() is called before the timer expires and cancels it, the reference count is not decremented, leading to the leak.  This patch fixes the reference leak by ensuring the task_struct reference count is properly decremented when the timer is canceled.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-41023.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-41023.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2300381","reference_id":"2300381","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2300381"},{"reference_url":"https://git.kernel.org/stable/c/7a54d31face626f62de415ebe77b43f76c3ffaf4","reference_id":"7a54d31face626f62de415ebe77b43f76c3ffaf4","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:24:19Z/"}],"url":"https://git.kernel.org/stable/c/7a54d31face626f62de415ebe77b43f76c3ffaf4"},{"reference_url":"https://git.kernel.org/stable/c/b58652db66c910c2245f5bee7deca41c12d707b9","reference_id":"b58652db66c910c2245f5bee7deca41c12d707b9","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:24:19Z/"}],"url":"https://git.kernel.org/stable/c/b58652db66c910c2245f5bee7deca41c12d707b9"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10262","reference_id":"RHSA-2024:10262","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10262"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6744","reference_id":"RHSA-2024:6744","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6744"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6745","reference_id":"RHSA-2024:6745","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6745"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7000","reference_id":"RHSA-2024:7000","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7000"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9546","reference_id":"RHSA-2024:9546","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9546"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-41023"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9xhz-53za-4ubq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69170?format=json","vulnerability_id":"VCID-9ysg-qxvd-x3bz","summary":"kernel: wifi: ath10k: Delay the unmapping of the buffer","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50700.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50700.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50700","reference_id":"","reference_type":"","scores":[{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.08126","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50700"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2424994","reference_id":"2424994","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2424994"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6583","reference_id":"RHSA-2023:6583","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6583"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7077","reference_id":"RHSA-2023:7077","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7077"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-50700"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9ysg-qxvd-x3bz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84574?format=json","vulnerability_id":"VCID-9zdu-q2wu-gycd","summary":"In the Linux kernel, the following vulnerability has been resolved:  um: time-travel: fix time corruption  In 'basic' time-travel mode (without =inf-cpu or =ext), we still get timer interrupts. These can happen at arbitrary points in time, i.e. while in timer_read(), which pushes time forward just a little bit. Then, if we happen to get the interrupt after calculating the new time to push to, but before actually finishing that, the interrupt will set the time to a value that's incompatible with the forward, and we'll crash because time goes backwards when we do the forwarding.  Fix this by reading the time_travel_time, calculating the adjustment, and doing the adjustment all with interrupts disabled.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52633.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52633.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/0c7478a2da3f5fe106b4658338873d50c86ac7ab","reference_id":"0c7478a2da3f5fe106b4658338873d50c86ac7ab","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:53:36Z/"}],"url":"https://git.kernel.org/stable/c/0c7478a2da3f5fe106b4658338873d50c86ac7ab"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2272802","reference_id":"2272802","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2272802"},{"reference_url":"https://git.kernel.org/stable/c/4f7dad73df4cdb2b7042103d3922745d040ad025","reference_id":"4f7dad73df4cdb2b7042103d3922745d040ad025","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:53:36Z/"}],"url":"https://git.kernel.org/stable/c/4f7dad73df4cdb2b7042103d3922745d040ad025"},{"reference_url":"https://git.kernel.org/stable/c/abe4eaa8618bb36c2b33e9cdde0499296a23448c","reference_id":"abe4eaa8618bb36c2b33e9cdde0499296a23448c","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:53:36Z/"}],"url":"https://git.kernel.org/stable/c/abe4eaa8618bb36c2b33e9cdde0499296a23448c"},{"reference_url":"https://git.kernel.org/stable/c/b427f55e9d4185f6f17cc1e3296eb8d0c4425283","reference_id":"b427f55e9d4185f6f17cc1e3296eb8d0c4425283","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:53:36Z/"}],"url":"https://git.kernel.org/stable/c/b427f55e9d4185f6f17cc1e3296eb8d0c4425283"},{"reference_url":"https://git.kernel.org/stable/c/de3e9d8e8d1ae0a4d301109d1ec140796901306c","reference_id":"de3e9d8e8d1ae0a4d301109d1ec140796901306c","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:53:36Z/"}],"url":"https://git.kernel.org/stable/c/de3e9d8e8d1ae0a4d301109d1ec140796901306c"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-52633"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9zdu-q2wu-gycd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88624?format=json","vulnerability_id":"VCID-9zwa-j9s1-u7f7","summary":"In the Linux kernel, the following vulnerability has been resolved:  f2fs: fix to cover read extent cache access with lock  syzbot reports a f2fs bug as below:  BUG: KASAN: slab-use-after-free in sanity_check_extent_cache+0x370/0x410 fs/f2fs/extent_cache.c:46 Read of size 4 at addr ffff8880739ab220 by task syz-executor200/5097  CPU: 0 PID: 5097 Comm: syz-executor200 Not tainted 6.9.0-rc6-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 Call Trace:  <TASK>  __dump_stack lib/dump_stack.c:88 [inline]  dump_stack_lvl+0x241/0x360 lib/dump_stack.c:114  print_address_description mm/kasan/report.c:377 [inline]  print_report+0x169/0x550 mm/kasan/report.c:488  kasan_report+0x143/0x180 mm/kasan/report.c:601  sanity_check_extent_cache+0x370/0x410 fs/f2fs/extent_cache.c:46  do_read_inode fs/f2fs/inode.c:509 [inline]  f2fs_iget+0x33e1/0x46e0 fs/f2fs/inode.c:560  f2fs_nfs_get_inode+0x74/0x100 fs/f2fs/super.c:3237  generic_fh_to_dentry+0x9f/0xf0 fs/libfs.c:1413  exportfs_decode_fh_raw+0x152/0x5f0 fs/exportfs/expfs.c:444  exportfs_decode_fh+0x3c/0x80 fs/exportfs/expfs.c:584  do_handle_to_path fs/fhandle.c:155 [inline]  handle_to_path fs/fhandle.c:210 [inline]  do_handle_open+0x495/0x650 fs/fhandle.c:226  do_syscall_x64 arch/x86/entry/common.c:52 [inline]  do_syscall_64+0xf5/0x240 arch/x86/entry/common.c:83  entry_SYSCALL_64_after_hwframe+0x77/0x7f  We missed to cover sanity_check_extent_cache() w/ extent cache lock, so, below race case may happen, result in use after free issue.  - f2fs_iget  - do_read_inode   - f2fs_init_read_extent_tree   : add largest extent entry in to cache \t\t\t\t\t- shrink \t\t\t\t\t - f2fs_shrink_read_extent_tree \t\t\t\t\t  - __shrink_extent_tree \t\t\t\t\t   - __detach_extent_node \t\t\t\t\t   : drop largest extent entry   - sanity_check_extent_cache   : access et->largest w/o lock  let's refactor sanity_check_extent_cache() to avoid extent cache access and call it before f2fs_init_read_extent_tree() to fix this issue.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-44941.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-44941.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2307900","reference_id":"2307900","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2307900"},{"reference_url":"https://git.kernel.org/stable/c/263df78166d3a9609b97d28c34029bd01874cbb8","reference_id":"263df78166d3a9609b97d28c34029bd01874cbb8","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:27:29Z/"}],"url":"https://git.kernel.org/stable/c/263df78166d3a9609b97d28c34029bd01874cbb8"},{"reference_url":"https://git.kernel.org/stable/c/323ef20b5558b9d9fd10c1224327af6f11a8177d","reference_id":"323ef20b5558b9d9fd10c1224327af6f11a8177d","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:27:29Z/"}],"url":"https://git.kernel.org/stable/c/323ef20b5558b9d9fd10c1224327af6f11a8177d"},{"reference_url":"https://git.kernel.org/stable/c/d7409b05a64f212735f0d33f5f1602051a886eab","reference_id":"d7409b05a64f212735f0d33f5f1602051a886eab","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:27:29Z/"}],"url":"https://git.kernel.org/stable/c/d7409b05a64f212735f0d33f5f1602051a886eab"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-44941"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9zwa-j9s1-u7f7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81003?format=json","vulnerability_id":"VCID-9zyc-5bds-g7g2","summary":"In the Linux kernel, the following vulnerability has been resolved:  scsi: ufs: core: Improve SCSI abort handling  The following has been observed on a test setup:  WARNING: CPU: 4 PID: 250 at drivers/scsi/ufs/ufshcd.c:2737 ufshcd_queuecommand+0x468/0x65c Call trace:  ufshcd_queuecommand+0x468/0x65c  scsi_send_eh_cmnd+0x224/0x6a0  scsi_eh_test_devices+0x248/0x418  scsi_eh_ready_devs+0xc34/0xe58  scsi_error_handler+0x204/0x80c  kthread+0x150/0x1b4  ret_from_fork+0x10/0x30  That warning is triggered by the following statement:  \tWARN_ON(lrbp->cmd);  Fix this warning by clearing lrbp->cmd from the abort handler.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47188.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47188.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-47188","reference_id":"","reference_type":"","scores":[{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03413","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-47188"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2274621","reference_id":"2274621","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2274621"},{"reference_url":"https://git.kernel.org/stable/c/3ff1f6b6ba6f97f50862aa50e79959cc8ddc2566","reference_id":"3ff1f6b6ba6f97f50862aa50e79959cc8ddc2566","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:50:11Z/"}],"url":"https://git.kernel.org/stable/c/3ff1f6b6ba6f97f50862aa50e79959cc8ddc2566"},{"reference_url":"https://git.kernel.org/stable/c/9491bc16082d9a402c9099acbfffc89af6f9316f","reference_id":"9491bc16082d9a402c9099acbfffc89af6f9316f","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:50:11Z/"}],"url":"https://git.kernel.org/stable/c/9491bc16082d9a402c9099acbfffc89af6f9316f"},{"reference_url":"https://git.kernel.org/stable/c/c36baca06efa833adaefba61f45fefdc49b6d070","reference_id":"c36baca06efa833adaefba61f45fefdc49b6d070","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:50:11Z/"}],"url":"https://git.kernel.org/stable/c/c36baca06efa833adaefba61f45fefdc49b6d070"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2021-47188"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9zyc-5bds-g7g2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87952?format=json","vulnerability_id":"VCID-a1s8-xmrh-9bf3","summary":"In the Linux kernel, the following vulnerability has been resolved:  nvme-fabrics: use reserved tag for reg read/write command  In some scenarios, if too many commands are issued by nvme command in the same time by user tasks, this may exhaust all tags of admin_q. If a reset (nvme reset or IO timeout) occurs before these commands finish, reconnect routine may fail to update nvme regs due to insufficient tags, which will cause kernel hang forever. In order to workaround this issue, maybe we can let reg_read32()/reg_read64()/reg_write32() use reserved tags. This maybe safe for nvmf:  1. For the disable ctrl path,  we will not issue connect command 2. For the enable ctrl / fw activate path, since connect and reg_xx()    are called serially.  So the reserved tags may still be enough while reg_xx() use reserved tags.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-41082.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-41082.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/165da9c67a26f08c9b956c15d701da7690f45bcb","reference_id":"165da9c67a26f08c9b956c15d701da7690f45bcb","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:21:02Z/"}],"url":"https://git.kernel.org/stable/c/165da9c67a26f08c9b956c15d701da7690f45bcb"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2300459","reference_id":"2300459","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2300459"},{"reference_url":"https://git.kernel.org/stable/c/7dc3bfcb4c9cc58970fff6aaa48172cb224d85aa","reference_id":"7dc3bfcb4c9cc58970fff6aaa48172cb224d85aa","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:21:02Z/"}],"url":"https://git.kernel.org/stable/c/7dc3bfcb4c9cc58970fff6aaa48172cb224d85aa"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9315","reference_id":"RHSA-2024:9315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9315"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-41082"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a1s8-xmrh-9bf3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59545?format=json","vulnerability_id":"VCID-a2sv-jpsc-w7h8","summary":"kernel: ipmi:ssif: Clean up kthread on errors","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46044.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46044.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482091","reference_id":"2482091","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482091"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2026-46044"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a2sv-jpsc-w7h8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78821?format=json","vulnerability_id":"VCID-a531-becx-ukhd","summary":"kernel: ASoC: codecs: wcd9335: Fix missing free of regulator supplies","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38259.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38259.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2378993","reference_id":"2378993","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2378993"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-38259"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a531-becx-ukhd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61492?format=json","vulnerability_id":"VCID-a62x-2px1-tfa8","summary":"kernel: mpls: add seqcount to protect the platform_label{,s} pair","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43042.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43042.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2464429","reference_id":"2464429","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2464429"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2026-43042"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a62x-2px1-tfa8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85872?format=json","vulnerability_id":"VCID-a69z-seup-33a6","summary":"kernel: scsi: ufs: pltfrm: Dellocate HBA during ufshcd_pltfrm_remove()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-57872.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-57872.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2337147","reference_id":"2337147","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2337147"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-57872"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a69z-seup-33a6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63769?format=json","vulnerability_id":"VCID-a885-tmm1-wufd","summary":"kernel: net/sched: teql: Fix double-free in teql_master_xmit","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23449.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23449.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2454868","reference_id":"2454868","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2454868"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2026-23449"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a885-tmm1-wufd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/76070?format=json","vulnerability_id":"VCID-a91t-zyzf-kqdc","summary":"kernel: mm/smaps: fix race between smaps_hugetlb_range and migration","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39754.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39754.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2394641","reference_id":"2394641","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2394641"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2025-39754"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a91t-zyzf-kqdc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81724?format=json","vulnerability_id":"VCID-ae7n-xh4c-8ffd","summary":"An issue was discovered in the Linux kernel through 5.16-rc6. kfd_parse_subtype_iolink in drivers/gpu/drm/amd/amdkfd/kfd_crat.c lacks check of the return value of kmemdup().","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3108.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3108.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3108","reference_id":"","reference_type":"","scores":[{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03079","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3108"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2153052","reference_id":"2153052","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2153052"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1975","reference_id":"RHSA-2022:1975","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1975"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1988","reference_id":"RHSA-2022:1988","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1988"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7933","reference_id":"RHSA-2022:7933","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7933"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8267","reference_id":"RHSA-2022:8267","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8267"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-3108"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ae7n-xh4c-8ffd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/76610?format=json","vulnerability_id":"VCID-aef3-pt58-5qcn","summary":"kernel: hfs: fix general protection fault in hfs_find_init()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38716.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38716.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2393171","reference_id":"2393171","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2393171"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2025-38716"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-aef3-pt58-5qcn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88170?format=json","vulnerability_id":"VCID-af3g-bqzt-yygb","summary":"kernel: fs/inode: Prevent dump_mapping() accessing invalid dentry.d_name.name","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-49934.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-49934.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/1a4159138e718db6199f0abf376ad52f726dcc5c","reference_id":"1a4159138e718db6199f0abf376ad52f726dcc5c","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:38:39Z/"}],"url":"https://git.kernel.org/stable/c/1a4159138e718db6199f0abf376ad52f726dcc5c"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2320547","reference_id":"2320547","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2320547"},{"reference_url":"https://git.kernel.org/stable/c/7f7b850689ac06a62befe26e1fd1806799e7f152","reference_id":"7f7b850689ac06a62befe26e1fd1806799e7f152","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:38:39Z/"}],"url":"https://git.kernel.org/stable/c/7f7b850689ac06a62befe26e1fd1806799e7f152"},{"reference_url":"https://git.kernel.org/stable/c/e0f6ee75f50476607ca82fc7c3711c795ce09b52","reference_id":"e0f6ee75f50476607ca82fc7c3711c795ce09b52","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:38:39Z/"}],"url":"https://git.kernel.org/stable/c/e0f6ee75f50476607ca82fc7c3711c795ce09b52"},{"reference_url":"https://git.kernel.org/stable/c/ef921bc72328b577cb45772ff7921cba4773b74a","reference_id":"ef921bc72328b577cb45772ff7921cba4773b74a","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:38:39Z/"}],"url":"https://git.kernel.org/stable/c/ef921bc72328b577cb45772ff7921cba4773b74a"},{"reference_url":"https://git.kernel.org/stable/c/f92b8829c6e75632de4e2b9f70e7a7e6c5c2ba98","reference_id":"f92b8829c6e75632de4e2b9f70e7a7e6c5c2ba98","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:38:39Z/"}],"url":"https://git.kernel.org/stable/c/f92b8829c6e75632de4e2b9f70e7a7e6c5c2ba98"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:6966","reference_id":"RHSA-2025:6966","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:6966"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-49934"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-af3g-bqzt-yygb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78812?format=json","vulnerability_id":"VCID-afmr-maur-uuf1","summary":"kernel: tty: serial: uartlite: register uart driver in init","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38262.json","reference_id":"","reference_type":"","scores":[{"value":"4.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38262.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2378987","reference_id":"2378987","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2378987"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-38262"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-afmr-maur-uuf1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86245?format=json","vulnerability_id":"VCID-agz8-xv9n-7qfh","summary":"In the Linux kernel, the following vulnerability has been resolved:  f2fs: fix to truncate meta inode pages forcely  Below race case can cause data corruption:  Thread A\t\t\t\tGC thread \t\t\t\t\t- gc_data_segment \t\t\t\t\t - ra_data_block \t\t\t\t\t  - locked meta_inode page - f2fs_inplace_write_data  - invalidate_mapping_pages  : fail to invalidate meta_inode page    due to lock failure or dirty|writeback    status  - f2fs_submit_page_bio  : write last dirty data to old blkaddr \t\t\t\t\t - move_data_block \t\t\t\t\t  - load old data from meta_inode page \t\t\t\t\t  - f2fs_submit_page_write \t\t\t\t\t  : write old data to new blkaddr  Because invalidate_mapping_pages() will skip invalidating page which has unclear status including locked, dirty, writeback and so on, so we need to use truncate_inode_pages_range() instead of invalidate_mapping_pages() to make sure meta_inode page will be dropped.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26869.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26869.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/04226d8e3c4028dc451e9d8777356ec0f7919253","reference_id":"04226d8e3c4028dc451e9d8777356ec0f7919253","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-12T17:28:33Z/"}],"url":"https://git.kernel.org/stable/c/04226d8e3c4028dc451e9d8777356ec0f7919253"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2275713","reference_id":"2275713","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2275713"},{"reference_url":"https://git.kernel.org/stable/c/77bfdb89cc222fc7bfe198eda77bdc427d5ac189","reference_id":"77bfdb89cc222fc7bfe198eda77bdc427d5ac189","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-12T17:28:33Z/"}],"url":"https://git.kernel.org/stable/c/77bfdb89cc222fc7bfe198eda77bdc427d5ac189"},{"reference_url":"https://git.kernel.org/stable/c/9f0c4a46be1fe9b97dbe66d49204c1371e3ece65","reference_id":"9f0c4a46be1fe9b97dbe66d49204c1371e3ece65","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-12T17:28:33Z/"}],"url":"https://git.kernel.org/stable/c/9f0c4a46be1fe9b97dbe66d49204c1371e3ece65"},{"reference_url":"https://git.kernel.org/stable/c/c92f2927df860a60ba815d3ee610a944b92a8694","reference_id":"c92f2927df860a60ba815d3ee610a944b92a8694","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-12T17:28:33Z/"}],"url":"https://git.kernel.org/stable/c/c92f2927df860a60ba815d3ee610a944b92a8694"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-26869"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-agz8-xv9n-7qfh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/76088?format=json","vulnerability_id":"VCID-ah2n-tyvf-3fbe","summary":"kernel: ACPI: APEI: send SIGBUS to current task if synchronous memory error not recovered","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39763.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39763.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2394650","reference_id":"2394650","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2394650"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-39763"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ah2n-tyvf-3fbe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62332?format=json","vulnerability_id":"VCID-ajhg-jc8m-1fct","summary":"kernel: Bluetooth: btintel: serialize btintel_hw_error() with hci_req_sync_lock","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31500.json","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31500.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460662","reference_id":"2460662","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460662"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-31500"],"risk_score":2.9,"exploitability":"0.5","weighted_severity":"5.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ajhg-jc8m-1fct"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88121?format=json","vulnerability_id":"VCID-akf3-213a-ufbb","summary":"kernel: drm/amd/display: Check phantom_stream before it is used","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-49897.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-49897.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/1decf695ce08e23d9ded6ce83d121b2282ce9899","reference_id":"1decf695ce08e23d9ded6ce83d121b2282ce9899","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:43:25Z/"}],"url":"https://git.kernel.org/stable/c/1decf695ce08e23d9ded6ce83d121b2282ce9899"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2320512","reference_id":"2320512","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2320512"},{"reference_url":"https://git.kernel.org/stable/c/3718a619a8c0a53152e76bb6769b6c414e1e83f4","reference_id":"3718a619a8c0a53152e76bb6769b6c414e1e83f4","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:43:25Z/"}],"url":"https://git.kernel.org/stable/c/3718a619a8c0a53152e76bb6769b6c414e1e83f4"},{"reference_url":"https://git.kernel.org/stable/c/3ba1219e299ab5462b5cb374c2fa2a67af0ea190","reference_id":"3ba1219e299ab5462b5cb374c2fa2a67af0ea190","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:43:25Z/"}],"url":"https://git.kernel.org/stable/c/3ba1219e299ab5462b5cb374c2fa2a67af0ea190"},{"reference_url":"https://git.kernel.org/stable/c/d247af7c5dbf143ad6be8179bb1550e76d6af57e","reference_id":"d247af7c5dbf143ad6be8179bb1550e76d6af57e","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:43:25Z/"}],"url":"https://git.kernel.org/stable/c/d247af7c5dbf143ad6be8179bb1550e76d6af57e"},{"reference_url":"https://git.kernel.org/stable/c/db1d7e1794fed62ee16d6a72a85997bb069e2e27","reference_id":"db1d7e1794fed62ee16d6a72a85997bb069e2e27","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:43:25Z/"}],"url":"https://git.kernel.org/stable/c/db1d7e1794fed62ee16d6a72a85997bb069e2e27"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-49897"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-akf3-213a-ufbb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74000?format=json","vulnerability_id":"VCID-akzh-e3va-ffdt","summary":"kernel: Linux kernel: Denial of Service via integer overflow in dm-stripe","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39940.json","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39940.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2401420","reference_id":"2401420","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2401420"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2025-39940"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-akzh-e3va-ffdt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69419?format=json","vulnerability_id":"VCID-an9m-3cvf-3fae","summary":"kernel: f2fs: Fix system crash due to lack of free space in LFS","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-54151.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-54151.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2425189","reference_id":"2425189","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2425189"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-54151"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-an9m-3cvf-3fae"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84696?format=json","vulnerability_id":"VCID-angm-6qx1-dyec","summary":"In the Linux kernel, the following vulnerability has been resolved:  ceph: blocklist the kclient when receiving corrupted snap trace  When received corrupted snap trace we don't know what exactly has happened in MDS side. And we shouldn't continue IOs and metadatas access to MDS, which may corrupt or get incorrect contents.  This patch will just block all the further IO/MDS requests immediately and then evict the kclient itself.  The reason why we still need to evict the kclient just after blocking all the further IOs is that the MDS could revoke the caps faster.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52732.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52732.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2282621","reference_id":"2282621","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2282621"},{"reference_url":"https://git.kernel.org/stable/c/66ec619e4591f8350f99c5269a7ce160cccc7a7c","reference_id":"66ec619e4591f8350f99c5269a7ce160cccc7a7c","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-21T17:31:40Z/"}],"url":"https://git.kernel.org/stable/c/66ec619e4591f8350f99c5269a7ce160cccc7a7c"},{"reference_url":"https://git.kernel.org/stable/c/a68e564adcaa69b0930809fb64d9d5f7d9c32ba9","reference_id":"a68e564adcaa69b0930809fb64d9d5f7d9c32ba9","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-21T17:31:40Z/"}],"url":"https://git.kernel.org/stable/c/a68e564adcaa69b0930809fb64d9d5f7d9c32ba9"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-52732"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-angm-6qx1-dyec"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87028?format=json","vulnerability_id":"VCID-ant4-3udf-xyh3","summary":"In the Linux kernel, the following vulnerability has been resolved:  ACPI: CPPC: Use access_width over bit_width for system memory accesses  To align with ACPI 6.3+, since bit_width can be any 8-bit value, it cannot be depended on to be always on a clean 8b boundary. This was uncovered on the Cobalt 100 platform.  SError Interrupt on CPU26, code 0xbe000011 -- SError  CPU: 26 PID: 1510 Comm: systemd-udevd Not tainted 5.15.2.1-13 #1  Hardware name: MICROSOFT CORPORATION, BIOS MICROSOFT CORPORATION  pstate: 62400009 (nZCv daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--)  pc : cppc_get_perf_caps+0xec/0x410  lr : cppc_get_perf_caps+0xe8/0x410  sp : ffff8000155ab730  x29: ffff8000155ab730 x28: ffff0080139d0038 x27: ffff0080139d0078  x26: 0000000000000000 x25: ffff0080139d0058 x24: 00000000ffffffff  x23: ffff0080139d0298 x22: ffff0080139d0278 x21: 0000000000000000  x20: ffff00802b251910 x19: ffff0080139d0000 x18: ffffffffffffffff  x17: 0000000000000000 x16: ffffdc7e111bad04 x15: ffff00802b251008  x14: ffffffffffffffff x13: ffff013f1fd63300 x12: 0000000000000006  x11: ffffdc7e128f4420 x10: 0000000000000000 x9 : ffffdc7e111badec  x8 : ffff00802b251980 x7 : 0000000000000000 x6 : ffff0080139d0028  x5 : 0000000000000000 x4 : ffff0080139d0018 x3 : 00000000ffffffff  x2 : 0000000000000008 x1 : ffff8000155ab7a0 x0 : 0000000000000000  Kernel panic - not syncing: Asynchronous SError Interrupt  CPU: 26 PID: 1510 Comm: systemd-udevd Not tainted 5.15.2.1-13 #1  Hardware name: MICROSOFT CORPORATION, BIOS MICROSOFT CORPORATION  Call trace:   dump_backtrace+0x0/0x1e0   show_stack+0x24/0x30   dump_stack_lvl+0x8c/0xb8   dump_stack+0x18/0x34   panic+0x16c/0x384   add_taint+0x0/0xc0   arm64_serror_panic+0x7c/0x90   arm64_is_fatal_ras_serror+0x34/0xa4   do_serror+0x50/0x6c   el1h_64_error_handler+0x40/0x74   el1h_64_error+0x7c/0x80   cppc_get_perf_caps+0xec/0x410   cppc_cpufreq_cpu_init+0x74/0x400 [cppc_cpufreq]   cpufreq_online+0x2dc/0xa30   cpufreq_add_dev+0xc0/0xd4   subsys_interface_register+0x134/0x14c   cpufreq_register_driver+0x1b0/0x354   cppc_cpufreq_init+0x1a8/0x1000 [cppc_cpufreq]   do_one_initcall+0x50/0x250   do_init_module+0x60/0x27c   load_module+0x2300/0x2570   __do_sys_finit_module+0xa8/0x114   __arm64_sys_finit_module+0x2c/0x3c   invoke_syscall+0x78/0x100   el0_svc_common.constprop.0+0x180/0x1a0   do_el0_svc+0x84/0xa0   el0_svc+0x2c/0xc0   el0t_64_sync_handler+0xa4/0x12c   el0t_64_sync+0x1a4/0x1a8  Instead, use access_width to determine the size and use the offset and width to shift and mask the bits to read/write out. Make sure to add a check for system memory since pcc redefines the access_width to subspace id.  If access_width is not set, then fall back to using bit_width.  [ rjw: Subject and changelog edits, comment adjustments ]","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-35995.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-35995.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/01fc53be672acae37e611c80cc0b4f3939584de3","reference_id":"01fc53be672acae37e611c80cc0b4f3939584de3","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-21T15:11:28Z/"}],"url":"https://git.kernel.org/stable/c/01fc53be672acae37e611c80cc0b4f3939584de3"},{"reference_url":"https://git.kernel.org/stable/c/1b890ae474d19800a6be1696df7fb4d9a41676e4","reference_id":"1b890ae474d19800a6be1696df7fb4d9a41676e4","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-21T15:11:28Z/"}],"url":"https://git.kernel.org/stable/c/1b890ae474d19800a6be1696df7fb4d9a41676e4"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2282088","reference_id":"2282088","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2282088"},{"reference_url":"https://git.kernel.org/stable/c/2f4a4d63a193be6fd530d180bb13c3592052904c","reference_id":"2f4a4d63a193be6fd530d180bb13c3592052904c","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-21T15:11:28Z/"}],"url":"https://git.kernel.org/stable/c/2f4a4d63a193be6fd530d180bb13c3592052904c"},{"reference_url":"https://git.kernel.org/stable/c/6cb6b12b78dcd8867a3fdbb1b6d0ed1df2b208d1","reference_id":"6cb6b12b78dcd8867a3fdbb1b6d0ed1df2b208d1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-21T15:11:28Z/"}],"url":"https://git.kernel.org/stable/c/6cb6b12b78dcd8867a3fdbb1b6d0ed1df2b208d1"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9315","reference_id":"RHSA-2024:9315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9315"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-35995"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ant4-3udf-xyh3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74425?format=json","vulnerability_id":"VCID-aptj-z5bg-1bd8","summary":"kernel: Bluetooth: Fix hci_suspend_sync crash","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53520.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53520.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2400790","reference_id":"2400790","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2400790"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-53520"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-aptj-z5bg-1bd8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86580?format=json","vulnerability_id":"VCID-apzv-66pk-muh2","summary":"In the Linux kernel, the following vulnerability has been resolved:  netfilter: nf_tables: fix memleak in map from abort path  The delete set command does not rely on the transaction object for element removal, therefore, a combination of delete element + delete set from the abort path could result in restoring twice the refcount of the mapping.  Check for inactive element in the next generation for the delete element command in the abort path, skip restoring state if next generation bit has been already cleared. This is similar to the activate logic using the set walk iterator.  [ 6170.286929] ------------[ cut here ]------------ [ 6170.286939] WARNING: CPU: 6 PID: 790302 at net/netfilter/nf_tables_api.c:2086 nf_tables_chain_destroy+0x1f7/0x220 [nf_tables] [ 6170.287071] Modules linked in: [...] [ 6170.287633] CPU: 6 PID: 790302 Comm: kworker/6:2 Not tainted 6.9.0-rc3+ #365 [ 6170.287768] RIP: 0010:nf_tables_chain_destroy+0x1f7/0x220 [nf_tables] [ 6170.287886] Code: df 48 8d 7d 58 e8 69 2e 3b df 48 8b 7d 58 e8 80 1b 37 df 48 8d 7d 68 e8 57 2e 3b df 48 8b 7d 68 e8 6e 1b 37 df 48 89 ef eb c4 <0f> 0b 48 83 c4 08 5b 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc 0f [ 6170.287895] RSP: 0018:ffff888134b8fd08 EFLAGS: 00010202 [ 6170.287904] RAX: 0000000000000001 RBX: ffff888125bffb28 RCX: dffffc0000000000 [ 6170.287912] RDX: 0000000000000003 RSI: ffffffffa20298ab RDI: ffff88811ebe4750 [ 6170.287919] RBP: ffff88811ebe4700 R08: ffff88838e812650 R09: fffffbfff0623a55 [ 6170.287926] R10: ffffffff8311d2af R11: 0000000000000001 R12: ffff888125bffb10 [ 6170.287933] R13: ffff888125bffb10 R14: dead000000000122 R15: dead000000000100 [ 6170.287940] FS:  0000000000000000(0000) GS:ffff888390b00000(0000) knlGS:0000000000000000 [ 6170.287948] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 6170.287955] CR2: 00007fd31fc00710 CR3: 0000000133f60004 CR4: 00000000001706f0 [ 6170.287962] Call Trace: [ 6170.287967]  <TASK> [ 6170.287973]  ? __warn+0x9f/0x1a0 [ 6170.287986]  ? nf_tables_chain_destroy+0x1f7/0x220 [nf_tables] [ 6170.288092]  ? report_bug+0x1b1/0x1e0 [ 6170.287986]  ? nf_tables_chain_destroy+0x1f7/0x220 [nf_tables] [ 6170.288092]  ? report_bug+0x1b1/0x1e0 [ 6170.288104]  ? handle_bug+0x3c/0x70 [ 6170.288112]  ? exc_invalid_op+0x17/0x40 [ 6170.288120]  ? asm_exc_invalid_op+0x1a/0x20 [ 6170.288132]  ? nf_tables_chain_destroy+0x2b/0x220 [nf_tables] [ 6170.288243]  ? nf_tables_chain_destroy+0x1f7/0x220 [nf_tables] [ 6170.288366]  ? nf_tables_chain_destroy+0x2b/0x220 [nf_tables] [ 6170.288483]  nf_tables_trans_destroy_work+0x588/0x590 [nf_tables]","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27011.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27011.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2278277","reference_id":"2278277","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2278277"},{"reference_url":"https://git.kernel.org/stable/c/49d0e656d19dfb2d4d7c230e4a720d37b3decff6","reference_id":"49d0e656d19dfb2d4d7c230e4a720d37b3decff6","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-14T18:56:26Z/"}],"url":"https://git.kernel.org/stable/c/49d0e656d19dfb2d4d7c230e4a720d37b3decff6"},{"reference_url":"https://git.kernel.org/stable/c/86a1471d7cde792941109b93b558b5dc078b9ee9","reference_id":"86a1471d7cde792941109b93b558b5dc078b9ee9","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-14T18:56:26Z/"}],"url":"https://git.kernel.org/stable/c/86a1471d7cde792941109b93b558b5dc078b9ee9"},{"reference_url":"https://git.kernel.org/stable/c/a1bd2a38a1c6388fc8556816dc203c3e9dc52237","reference_id":"a1bd2a38a1c6388fc8556816dc203c3e9dc52237","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-14T18:56:26Z/"}],"url":"https://git.kernel.org/stable/c/a1bd2a38a1c6388fc8556816dc203c3e9dc52237"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5101","reference_id":"RHSA-2024:5101","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5101"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5102","reference_id":"RHSA-2024:5102","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5102"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9315","reference_id":"RHSA-2024:9315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9315"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1658","reference_id":"RHSA-2025:1658","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1658"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-27011"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-apzv-66pk-muh2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86821?format=json","vulnerability_id":"VCID-aqry-akte-ukga","summary":"In the Linux kernel, the following vulnerability has been resolved:  f2fs: compress: fix reserve_cblocks counting error when out of space  When a file only needs one direct_node, performing the following operations will cause the file to be unrepairable:  unisoc # ./f2fs_io compress test.apk unisoc #df -h | grep dm-48 /dev/block/dm-48 112G 112G 1.2M 100% /data  unisoc # ./f2fs_io release_cblocks test.apk 924 unisoc # df -h | grep dm-48 /dev/block/dm-48 112G 112G 4.8M 100% /data  unisoc # dd if=/dev/random of=file4 bs=1M count=3 3145728 bytes (3.0 M) copied, 0.025 s, 120 M/s unisoc # df -h | grep dm-48 /dev/block/dm-48 112G 112G 1.8M 100% /data  unisoc # ./f2fs_io reserve_cblocks test.apk F2FS_IOC_RESERVE_COMPRESS_BLOCKS failed: No space left on device  adb reboot unisoc # df -h  | grep dm-48 /dev/block/dm-48             112G 112G   11M 100% /data unisoc # ./f2fs_io reserve_cblocks test.apk 0  This is because the file has only one direct_node. After returning to -ENOSPC, reserved_blocks += ret will not be executed. As a result, the reserved_blocks at this time is still 0, which is not the real number of reserved blocks. Therefore, fsck cannot be set to repair the file.  After this patch, the fsck flag will be set to fix this problem.  unisoc # df -h | grep dm-48 /dev/block/dm-48             112G 112G  1.8M 100% /data unisoc # ./f2fs_io reserve_cblocks test.apk F2FS_IOC_RESERVE_COMPRESS_BLOCKS failed: No space left on device  adb reboot then fsck will be executed unisoc # df -h  | grep dm-48 /dev/block/dm-48             112G 112G   11M 100% /data unisoc # ./f2fs_io reserve_cblocks test.apk 924","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-35844.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-35844.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2281274","reference_id":"2281274","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2281274"},{"reference_url":"https://git.kernel.org/stable/c/2f6d721e14b69d6e1251f69fa238b48e8374e25f","reference_id":"2f6d721e14b69d6e1251f69fa238b48e8374e25f","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-17T16:58:26Z/"}],"url":"https://git.kernel.org/stable/c/2f6d721e14b69d6e1251f69fa238b48e8374e25f"},{"reference_url":"https://git.kernel.org/stable/c/569c198c9e2093fd29cc071856a4e548fda506bc","reference_id":"569c198c9e2093fd29cc071856a4e548fda506bc","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-17T16:58:26Z/"}],"url":"https://git.kernel.org/stable/c/569c198c9e2093fd29cc071856a4e548fda506bc"},{"reference_url":"https://git.kernel.org/stable/c/889846dfc8ee2cf31148a44bfd2faeb2faadc685","reference_id":"889846dfc8ee2cf31148a44bfd2faeb2faadc685","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-17T16:58:26Z/"}],"url":"https://git.kernel.org/stable/c/889846dfc8ee2cf31148a44bfd2faeb2faadc685"},{"reference_url":"https://git.kernel.org/stable/c/f0bf89e84c3afb79d7a3a9e4bc853ad6a3245c0a","reference_id":"f0bf89e84c3afb79d7a3a9e4bc853ad6a3245c0a","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-17T16:58:26Z/"}],"url":"https://git.kernel.org/stable/c/f0bf89e84c3afb79d7a3a9e4bc853ad6a3245c0a"},{"reference_url":"https://git.kernel.org/stable/c/fa3ac8b1a227d9b470b87972494293348b5839ee","reference_id":"fa3ac8b1a227d9b470b87972494293348b5839ee","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-17T16:58:26Z/"}],"url":"https://git.kernel.org/stable/c/fa3ac8b1a227d9b470b87972494293348b5839ee"},{"reference_url":"https://git.kernel.org/stable/c/fc0aed88afbf6f606205129a7466eebdf528e3f3","reference_id":"fc0aed88afbf6f606205129a7466eebdf528e3f3","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-17T16:58:26Z/"}],"url":"https://git.kernel.org/stable/c/fc0aed88afbf6f606205129a7466eebdf528e3f3"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-35844"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-aqry-akte-ukga"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86209?format=json","vulnerability_id":"VCID-arhh-pkyj-sfbh","summary":"kernel: sh: intc: Fix use-after-free bug in register_intc_controller()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-53165.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-53165.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2334390","reference_id":"2334390","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2334390"},{"reference_url":"https://git.kernel.org/stable/c/3c7c806b3eafd94ae0f77305a174d63b69ec187c","reference_id":"3c7c806b3eafd94ae0f77305a174d63b69ec187c","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-11T15:43:49Z/"}],"url":"https://git.kernel.org/stable/c/3c7c806b3eafd94ae0f77305a174d63b69ec187c"},{"reference_url":"https://git.kernel.org/stable/c/588bdec1ff8b81517dbae0ae51c9df52c0b952d3","reference_id":"588bdec1ff8b81517dbae0ae51c9df52c0b952d3","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-11T15:43:49Z/"}],"url":"https://git.kernel.org/stable/c/588bdec1ff8b81517dbae0ae51c9df52c0b952d3"},{"reference_url":"https://git.kernel.org/stable/c/63e72e551942642c48456a4134975136cdcb9b3c","reference_id":"63e72e551942642c48456a4134975136cdcb9b3c","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-11T15:43:49Z/"}],"url":"https://git.kernel.org/stable/c/63e72e551942642c48456a4134975136cdcb9b3c"},{"reference_url":"https://git.kernel.org/stable/c/6ba6e19912570b2ad68298be0be1dc779014a303","reference_id":"6ba6e19912570b2ad68298be0be1dc779014a303","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-11T15:43:49Z/"}],"url":"https://git.kernel.org/stable/c/6ba6e19912570b2ad68298be0be1dc779014a303"},{"reference_url":"https://git.kernel.org/stable/c/971b4893457788e0e123ea552f0bb126a5300e61","reference_id":"971b4893457788e0e123ea552f0bb126a5300e61","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-11T15:43:49Z/"}],"url":"https://git.kernel.org/stable/c/971b4893457788e0e123ea552f0bb126a5300e61"},{"reference_url":"https://git.kernel.org/stable/c/b8b84dcdf3ab1d414304819f824b10efba64132c","reference_id":"b8b84dcdf3ab1d414304819f824b10efba64132c","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-11T15:43:49Z/"}],"url":"https://git.kernel.org/stable/c/b8b84dcdf3ab1d414304819f824b10efba64132c"},{"reference_url":"https://git.kernel.org/stable/c/c3f4f4547fb291982f5ef56c048277c4d5ccc4e4","reference_id":"c3f4f4547fb291982f5ef56c048277c4d5ccc4e4","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-11T15:43:49Z/"}],"url":"https://git.kernel.org/stable/c/c3f4f4547fb291982f5ef56c048277c4d5ccc4e4"},{"reference_url":"https://git.kernel.org/stable/c/c43df7dae28fb9fce96ef088250c1e3c3a77c527","reference_id":"c43df7dae28fb9fce96ef088250c1e3c3a77c527","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-11T15:43:49Z/"}],"url":"https://git.kernel.org/stable/c/c43df7dae28fb9fce96ef088250c1e3c3a77c527"},{"reference_url":"https://git.kernel.org/stable/c/d8de818df12d86a1a26a8efd7b4b3b9c6dc3c5cc","reference_id":"d8de818df12d86a1a26a8efd7b4b3b9c6dc3c5cc","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-11T15:43:49Z/"}],"url":"https://git.kernel.org/stable/c/d8de818df12d86a1a26a8efd7b4b3b9c6dc3c5cc"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-53165"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-arhh-pkyj-sfbh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86953?format=json","vulnerability_id":"VCID-assx-fhys-jfe2","summary":"In the Linux kernel, the following vulnerability has been resolved:  net: phy: phy_device: Prevent nullptr exceptions on ISR  If phydev->irq is set unconditionally, check for valid interrupt handler or fall back to polling mode to prevent nullptr exceptions in interrupt service routine.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-35945.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-35945.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2281785","reference_id":"2281785","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2281785"},{"reference_url":"https://git.kernel.org/stable/c/3419ee39e3d3162ab2ec9942bb537613ed5b6311","reference_id":"3419ee39e3d3162ab2ec9942bb537613ed5b6311","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-20T17:11:47Z/"}],"url":"https://git.kernel.org/stable/c/3419ee39e3d3162ab2ec9942bb537613ed5b6311"},{"reference_url":"https://git.kernel.org/stable/c/61c81872815f46006982bb80460c0c80a949b35b","reference_id":"61c81872815f46006982bb80460c0c80a949b35b","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-20T17:11:47Z/"}],"url":"https://git.kernel.org/stable/c/61c81872815f46006982bb80460c0c80a949b35b"},{"reference_url":"https://git.kernel.org/stable/c/7a71f61ebf95cedd3f245db6da397822971d8db5","reference_id":"7a71f61ebf95cedd3f245db6da397822971d8db5","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-20T17:11:47Z/"}],"url":"https://git.kernel.org/stable/c/7a71f61ebf95cedd3f245db6da397822971d8db5"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-35945"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-assx-fhys-jfe2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59138?format=json","vulnerability_id":"VCID-au69-ssv8-wffy","summary":"kernel: sound: ua101: fix division by zero at probe","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46184.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46184.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482560","reference_id":"2482560","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482560"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-46184"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-au69-ssv8-wffy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83313?format=json","vulnerability_id":"VCID-awnb-656q-sycz","summary":"In the Linux kernel, the following vulnerability has been resolved:  powerpc/xive: Fix refcount leak in xive_spapr_init  of_find_compatible_node() returns a node pointer with refcount incremented, we should use of_node_put() on it when done. Add missing of_node_put() to avoid refcount leak.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49437.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49437.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49437","reference_id":"","reference_type":"","scores":[{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01628","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49437"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/1d1fb9618bdd5a5fbf9a9eb75133da301d33721c","reference_id":"1d1fb9618bdd5a5fbf9a9eb75133da301d33721c","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:41:05Z/"}],"url":"https://git.kernel.org/stable/c/1d1fb9618bdd5a5fbf9a9eb75133da301d33721c"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2347807","reference_id":"2347807","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2347807"},{"reference_url":"https://git.kernel.org/stable/c/65f11ccdd746e0e7f0b469cc989ba43d4f30ecfe","reference_id":"65f11ccdd746e0e7f0b469cc989ba43d4f30ecfe","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:41:05Z/"}],"url":"https://git.kernel.org/stable/c/65f11ccdd746e0e7f0b469cc989ba43d4f30ecfe"},{"reference_url":"https://git.kernel.org/stable/c/6e806485d851986a2445267608f27cb4ba2ed774","reference_id":"6e806485d851986a2445267608f27cb4ba2ed774","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:41:05Z/"}],"url":"https://git.kernel.org/stable/c/6e806485d851986a2445267608f27cb4ba2ed774"},{"reference_url":"https://git.kernel.org/stable/c/cc62dde2a5f4ba14016fd9caec76f08d388f4b9c","reference_id":"cc62dde2a5f4ba14016fd9caec76f08d388f4b9c","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:41:05Z/"}],"url":"https://git.kernel.org/stable/c/cc62dde2a5f4ba14016fd9caec76f08d388f4b9c"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:20518","reference_id":"RHSA-2025:20518","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:20518"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-49437"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-awnb-656q-sycz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79169?format=json","vulnerability_id":"VCID-awuy-pm3t-f7da","summary":"kernel: NFSD: fix race between nfsd registration and exports_proc","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38232.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38232.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2376410","reference_id":"2376410","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2376410"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-38232"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-awuy-pm3t-f7da"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88742?format=json","vulnerability_id":"VCID-awvv-ff4f-93g4","summary":"kernel: KVM: x86: Acquire kvm-&gt;srcu when handling KVM_SET_VCPU_EVENTS","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-46830.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-46830.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315182","reference_id":"2315182","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315182"},{"reference_url":"https://git.kernel.org/stable/c/4bcdd831d9d01e0fb64faea50732b59b2ee88da1","reference_id":"4bcdd831d9d01e0fb64faea50732b59b2ee88da1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:12:09Z/"}],"url":"https://git.kernel.org/stable/c/4bcdd831d9d01e0fb64faea50732b59b2ee88da1"},{"reference_url":"https://git.kernel.org/stable/c/5f35099fa3d59caf10bda88b033538e90086684e","reference_id":"5f35099fa3d59caf10bda88b033538e90086684e","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:12:09Z/"}],"url":"https://git.kernel.org/stable/c/5f35099fa3d59caf10bda88b033538e90086684e"},{"reference_url":"https://git.kernel.org/stable/c/939375737b5a0b1bf9b1e75129054e11bc9ca65e","reference_id":"939375737b5a0b1bf9b1e75129054e11bc9ca65e","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:12:09Z/"}],"url":"https://git.kernel.org/stable/c/939375737b5a0b1bf9b1e75129054e11bc9ca65e"},{"reference_url":"https://git.kernel.org/stable/c/ecdbe8ac86fb5538ccc623a41f88ec96c7168ab9","reference_id":"ecdbe8ac86fb5538ccc623a41f88ec96c7168ab9","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:12:09Z/"}],"url":"https://git.kernel.org/stable/c/ecdbe8ac86fb5538ccc623a41f88ec96c7168ab9"},{"reference_url":"https://git.kernel.org/stable/c/fa297c33faefe51e10244e8a378837fca4963228","reference_id":"fa297c33faefe51e10244e8a378837fca4963228","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:12:09Z/"}],"url":"https://git.kernel.org/stable/c/fa297c33faefe51e10244e8a378837fca4963228"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-46830"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-awvv-ff4f-93g4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61948?format=json","vulnerability_id":"VCID-az18-n6jc-zqba","summary":"kernel: NFC: digital: Bounds check NFC-A cascade depth in SDD response handler","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31622.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31622.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461459","reference_id":"2461459","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461459"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-31622"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-az18-n6jc-zqba"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86102?format=json","vulnerability_id":"VCID-az1k-2hun-u3gy","summary":"kernel: RDMA/hns: Fix cpu stuck caused by printings during reset","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56722.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56722.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2334828","reference_id":"2334828","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2334828"},{"reference_url":"https://git.kernel.org/stable/c/31c6fe9b79ed42440094f2367897aea0c0ce96ec","reference_id":"31c6fe9b79ed42440094f2367897aea0c0ce96ec","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:58:14Z/"}],"url":"https://git.kernel.org/stable/c/31c6fe9b79ed42440094f2367897aea0c0ce96ec"},{"reference_url":"https://git.kernel.org/stable/c/323275ac2ff15b2b7b3eac391ae5d8c5a3c3a999","reference_id":"323275ac2ff15b2b7b3eac391ae5d8c5a3c3a999","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:58:14Z/"}],"url":"https://git.kernel.org/stable/c/323275ac2ff15b2b7b3eac391ae5d8c5a3c3a999"},{"reference_url":"https://git.kernel.org/stable/c/a0e4c78770faa0d56d47391476fe1d827e72eded","reference_id":"a0e4c78770faa0d56d47391476fe1d827e72eded","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:58:14Z/"}],"url":"https://git.kernel.org/stable/c/a0e4c78770faa0d56d47391476fe1d827e72eded"},{"reference_url":"https://git.kernel.org/stable/c/b4ba31e5aaffbda9b22d9a35c40b16dc39e475a6","reference_id":"b4ba31e5aaffbda9b22d9a35c40b16dc39e475a6","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:58:14Z/"}],"url":"https://git.kernel.org/stable/c/b4ba31e5aaffbda9b22d9a35c40b16dc39e475a6"},{"reference_url":"https://git.kernel.org/stable/c/e2e64f9c42c717beb459ab209ec1c4baa73d3760","reference_id":"e2e64f9c42c717beb459ab209ec1c4baa73d3760","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:58:14Z/"}],"url":"https://git.kernel.org/stable/c/e2e64f9c42c717beb459ab209ec1c4baa73d3760"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-56722"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-az1k-2hun-u3gy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/68138?format=json","vulnerability_id":"VCID-az2t-uwxa-vkes","summary":"kernel: dm-verity: disable recursive forward error correction","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-71161.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-71161.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2432401","reference_id":"2432401","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2432401"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-71161"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-az2t-uwxa-vkes"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59272?format=json","vulnerability_id":"VCID-b1zm-r6nr-wfan","summary":"kernel: wifi: b43: enforce bounds check on firmware key index in b43_rx()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46122.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46122.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482648","reference_id":"2482648","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482648"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-46122"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b1zm-r6nr-wfan"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59286?format=json","vulnerability_id":"VCID-b2u3-w3y7-ufh4","summary":"kernel: ipmi:si: Return state to normal if message allocation fails","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46108.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46108.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482661","reference_id":"2482661","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482661"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-46108"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b2u3-w3y7-ufh4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85891?format=json","vulnerability_id":"VCID-b374-5mmh-2ud8","summary":"kernel: bpf: Prevent tailcall infinite loop caused by freplace","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47794.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47794.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2337344","reference_id":"2337344","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2337344"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-47794"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b374-5mmh-2ud8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61473?format=json","vulnerability_id":"VCID-b3rm-31tt-syed","summary":"kernel: crypto: ccp: Don't attempt to copy PDH cert to userspace if PSP command failed","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31698.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31698.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2464415","reference_id":"2464415","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2464415"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-31698"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b3rm-31tt-syed"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69782?format=json","vulnerability_id":"VCID-b4m3-ztj9-gbgh","summary":"kernel: platform/x86: intel: punit_ipc: fix memory corruption","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68303.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68303.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2422809","reference_id":"2422809","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2422809"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-68303"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b4m3-ztj9-gbgh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59191?format=json","vulnerability_id":"VCID-b63v-qyb3-a3hg","summary":"kernel: hfsplus: fix uninit-value by validating catalog record size","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46169.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46169.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482595","reference_id":"2482595","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482595"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-46169"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b63v-qyb3-a3hg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75701?format=json","vulnerability_id":"VCID-b65x-qfnt-tugf","summary":"kernel: coresight: Fix memory leak in acpi_buffer->pointer","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53261.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53261.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/1a9e02673e2550f5612099e64e8761f0c8fc0f50","reference_id":"1a9e02673e2550f5612099e64e8761f0c8fc0f50","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T18:02:51Z/"}],"url":"https://git.kernel.org/stable/c/1a9e02673e2550f5612099e64e8761f0c8fc0f50"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2395302","reference_id":"2395302","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2395302"},{"reference_url":"https://git.kernel.org/stable/c/d1b60e7c9fee34eaedf1fc4e0471f75b33f83a4a","reference_id":"d1b60e7c9fee34eaedf1fc4e0471f75b33f83a4a","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T18:02:51Z/"}],"url":"https://git.kernel.org/stable/c/d1b60e7c9fee34eaedf1fc4e0471f75b33f83a4a"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:6966","reference_id":"RHSA-2025:6966","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:6966"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2023-53261"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b65x-qfnt-tugf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85294?format=json","vulnerability_id":"VCID-b6g7-tq63-pydh","summary":"kernel: net: avoid race between device unregistration and ethnl ops","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21701.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21701.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/12e070eb6964b341b41677fd260af5a305316a1f","reference_id":"12e070eb6964b341b41677fd260af5a305316a1f","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-02T19:15:24Z/"}],"url":"https://git.kernel.org/stable/c/12e070eb6964b341b41677fd260af5a305316a1f"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2345692","reference_id":"2345692","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2345692"},{"reference_url":"https://git.kernel.org/stable/c/26bc6076798aa4dc83a07d0a386f9e57c94e8517","reference_id":"26bc6076798aa4dc83a07d0a386f9e57c94e8517","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-02T19:15:24Z/"}],"url":"https://git.kernel.org/stable/c/26bc6076798aa4dc83a07d0a386f9e57c94e8517"},{"reference_url":"https://git.kernel.org/stable/c/2f29127e94ae9fdc7497331003d6860e9551cdf3","reference_id":"2f29127e94ae9fdc7497331003d6860e9551cdf3","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-02T19:15:24Z/"}],"url":"https://git.kernel.org/stable/c/2f29127e94ae9fdc7497331003d6860e9551cdf3"},{"reference_url":"https://git.kernel.org/stable/c/4dc880245f9b529fa8f476b5553c799d2848b47b","reference_id":"4dc880245f9b529fa8f476b5553c799d2848b47b","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-02T19:15:24Z/"}],"url":"https://git.kernel.org/stable/c/4dc880245f9b529fa8f476b5553c799d2848b47b"},{"reference_url":"https://git.kernel.org/stable/c/b1cb37a31a482df3dd35a6ac166282dac47664f4","reference_id":"b1cb37a31a482df3dd35a6ac166282dac47664f4","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-02T19:15:24Z/"}],"url":"https://git.kernel.org/stable/c/b1cb37a31a482df3dd35a6ac166282dac47664f4"},{"reference_url":"https://git.kernel.org/stable/c/b382ab9b885cbb665e0e70a727f101c981b4edf3","reference_id":"b382ab9b885cbb665e0e70a727f101c981b4edf3","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-02T19:15:24Z/"}],"url":"https://git.kernel.org/stable/c/b382ab9b885cbb665e0e70a727f101c981b4edf3"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-21701"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b6g7-tq63-pydh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83445?format=json","vulnerability_id":"VCID-b6nd-4eb8-2qey","summary":"In the Linux kernel, the following vulnerability has been resolved:  media: i2c: dw9714: Disable the regulator when the driver fails to probe  When the driver fails to probe, we will get the following splat:  [   59.305988] ------------[ cut here ]------------ [   59.306417] WARNING: CPU: 2 PID: 395 at drivers/regulator/core.c:2257 _regulator_put+0x3ec/0x4e0 [   59.310345] RIP: 0010:_regulator_put+0x3ec/0x4e0 [   59.318362] Call Trace: [   59.318582]  <TASK> [   59.318765]  regulator_put+0x1f/0x30 [   59.319058]  devres_release_group+0x319/0x3d0 [   59.319420]  i2c_device_probe+0x766/0x940  Fix this by disabling the regulator in error handling.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49528.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49528.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49528","reference_id":"","reference_type":"","scores":[{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25694","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49528"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2347791","reference_id":"2347791","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2347791"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-49528"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b6nd-4eb8-2qey"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/68672?format=json","vulnerability_id":"VCID-b74r-gw8u-ubcc","summary":"kernel: wifi: ath11k: Fix qmi_msg_handler data structure initialization","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50871.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50871.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50871","reference_id":"","reference_type":"","scores":[{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06706","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50871"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2426101","reference_id":"2426101","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2426101"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-50871"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b74r-gw8u-ubcc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85913?format=json","vulnerability_id":"VCID-b7xg-dx5p-5yas","summary":"kernel: soc: imx8m: Probe the SoC driver as platform driver","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56787.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56787.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/2129f6faa5dfe8c6b87aad11720bf75edd77d3e4","reference_id":"2129f6faa5dfe8c6b87aad11720bf75edd77d3e4","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:56:05Z/"}],"url":"https://git.kernel.org/stable/c/2129f6faa5dfe8c6b87aad11720bf75edd77d3e4"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2336540","reference_id":"2336540","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2336540"},{"reference_url":"https://git.kernel.org/stable/c/997a3c04d7fa3d1d385c14691350d096fada648c","reference_id":"997a3c04d7fa3d1d385c14691350d096fada648c","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:56:05Z/"}],"url":"https://git.kernel.org/stable/c/997a3c04d7fa3d1d385c14691350d096fada648c"},{"reference_url":"https://git.kernel.org/stable/c/9cc832d37799dbea950c4c8a34721b02b8b5a8ff","reference_id":"9cc832d37799dbea950c4c8a34721b02b8b5a8ff","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:56:05Z/"}],"url":"https://git.kernel.org/stable/c/9cc832d37799dbea950c4c8a34721b02b8b5a8ff"},{"reference_url":"https://git.kernel.org/stable/c/e497edb8f31ec2c2b6f4ce930e175aa2da8be334","reference_id":"e497edb8f31ec2c2b6f4ce930e175aa2da8be334","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:56:05Z/"}],"url":"https://git.kernel.org/stable/c/e497edb8f31ec2c2b6f4ce930e175aa2da8be334"},{"reference_url":"https://git.kernel.org/stable/c/ea2ff66feb5f9b183f9e2f9d06c21340bd88de12","reference_id":"ea2ff66feb5f9b183f9e2f9d06c21340bd88de12","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:56:05Z/"}],"url":"https://git.kernel.org/stable/c/ea2ff66feb5f9b183f9e2f9d06c21340bd88de12"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-56787"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b7xg-dx5p-5yas"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85880?format=json","vulnerability_id":"VCID-b7yn-a1n3-5bg3","summary":"kernel: pinmux: Use sequential access to access desc->pinmux data","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47141.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47141.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2337328","reference_id":"2337328","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2337328"},{"reference_url":"https://git.kernel.org/stable/c/2da32aed4a97ca1d70fb8b77926f72f30ce5fb4b","reference_id":"2da32aed4a97ca1d70fb8b77926f72f30ce5fb4b","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:55:54Z/"}],"url":"https://git.kernel.org/stable/c/2da32aed4a97ca1d70fb8b77926f72f30ce5fb4b"},{"reference_url":"https://git.kernel.org/stable/c/5a3e85c3c397c781393ea5fb2f45b1f60f8a4e6e","reference_id":"5a3e85c3c397c781393ea5fb2f45b1f60f8a4e6e","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:55:54Z/"}],"url":"https://git.kernel.org/stable/c/5a3e85c3c397c781393ea5fb2f45b1f60f8a4e6e"},{"reference_url":"https://git.kernel.org/stable/c/c11e2ec9a780f54982a187ee10ffd1b810715c85","reference_id":"c11e2ec9a780f54982a187ee10ffd1b810715c85","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:55:54Z/"}],"url":"https://git.kernel.org/stable/c/c11e2ec9a780f54982a187ee10ffd1b810715c85"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:6966","reference_id":"RHSA-2025:6966","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:6966"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-47141"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b7yn-a1n3-5bg3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79730?format=json","vulnerability_id":"VCID-b8ax-m5r3-wffb","summary":"kernel: drm/amd/display: Increase block_sequence array size","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38080.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38080.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2373379","reference_id":"2373379","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2373379"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2025-38080"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b8ax-m5r3-wffb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81697?format=json","vulnerability_id":"VCID-bc7f-zjjg-jqf8","summary":"When SMT is enabled, certain AMD processors may speculatively execute instructions using a target from the sibling thread after an SMT mode switch potentially resulting in information disclosure.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27672.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27672.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-27672","reference_id":"","reference_type":"","scores":[{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.46009","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-27672"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031567","reference_id":"1031567","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031567"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2174765","reference_id":"2174765","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2174765"},{"reference_url":"https://security.gentoo.org/glsa/202402-07","reference_id":"GLSA-202402-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202402-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7370","reference_id":"RHSA-2023:7370","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7370"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7379","reference_id":"RHSA-2023:7379","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7379"},{"reference_url":"https://xenbits.xen.org/xsa/advisory-426.html","reference_id":"XSA-426","reference_type":"","scores":[],"url":"https://xenbits.xen.org/xsa/advisory-426.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-27672","XSA-426"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bc7f-zjjg-jqf8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59424?format=json","vulnerability_id":"VCID-bcqf-63bc-jfgr","summary":"kernel: crypto: authencesn - reject short ahash digests during instance creation","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46033.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46033.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482000","reference_id":"2482000","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482000"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-46033"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bcqf-63bc-jfgr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85828?format=json","vulnerability_id":"VCID-bd8e-uyqa-sbcz","summary":"In the Linux kernel, the following vulnerability has been resolved:  KVM: arm64: Fix circular locking dependency  The rule inside kvm enforces that the vcpu->mutex is taken *inside* kvm->lock. The rule is violated by the pkvm_create_hyp_vm() which acquires the kvm->lock while already holding the vcpu->mutex lock from kvm_vcpu_ioctl(). Avoid the circular locking dependency altogether by protecting the hyp vm handle with the config_lock, much like we already do for other forms of VM-scoped data.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26691.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26691.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/10c02aad111df02088d1a81792a709f6a7eca6cc","reference_id":"10c02aad111df02088d1a81792a709f6a7eca6cc","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-05T18:06:14Z/"}],"url":"https://git.kernel.org/stable/c/10c02aad111df02088d1a81792a709f6a7eca6cc"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2273098","reference_id":"2273098","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2273098"},{"reference_url":"https://git.kernel.org/stable/c/3ab1c40a1e915e350d9181a4603af393141970cc","reference_id":"3ab1c40a1e915e350d9181a4603af393141970cc","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-05T18:06:14Z/"}],"url":"https://git.kernel.org/stable/c/3ab1c40a1e915e350d9181a4603af393141970cc"},{"reference_url":"https://git.kernel.org/stable/c/3d16cebf01127f459dcfeb79ed77bd68b124c228","reference_id":"3d16cebf01127f459dcfeb79ed77bd68b124c228","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-05T18:06:14Z/"}],"url":"https://git.kernel.org/stable/c/3d16cebf01127f459dcfeb79ed77bd68b124c228"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9315","reference_id":"RHSA-2024:9315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9315"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-26691"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bd8e-uyqa-sbcz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86650?format=json","vulnerability_id":"VCID-bdzt-dx77-c7bp","summary":"In the Linux kernel, the following vulnerability has been resolved:  nouveau: lock the client object tree.  It appears the client object tree has no locking unless I've missed something else. Fix races around adding/removing client objects, mostly vram bar mappings.   4562.099306] general protection fault, probably for non-canonical address 0x6677ed422bceb80c: 0000 [#1] PREEMPT SMP PTI [ 4562.099314] CPU: 2 PID: 23171 Comm: deqp-vk Not tainted 6.8.0-rc6+ #27 [ 4562.099324] Hardware name: Gigabyte Technology Co., Ltd. Z390 I AORUS PRO WIFI/Z390 I AORUS PRO WIFI-CF, BIOS F8 11/05/2021 [ 4562.099330] RIP: 0010:nvkm_object_search+0x1d/0x70 [nouveau] [ 4562.099503] Code: 90 90 90 90 90 90 90 90 90 90 90 90 90 66 0f 1f 00 0f 1f 44 00 00 48 89 f8 48 85 f6 74 39 48 8b 87 a0 00 00 00 48 85 c0 74 12 <48> 8b 48 f8 48 39 ce 73 15 48 8b 40 10 48 85 c0 75 ee 48 c7 c0 fe [ 4562.099506] RSP: 0000:ffffa94cc420bbf8 EFLAGS: 00010206 [ 4562.099512] RAX: 6677ed422bceb814 RBX: ffff98108791f400 RCX: ffff9810f26b8f58 [ 4562.099517] RDX: 0000000000000000 RSI: ffff9810f26b9158 RDI: ffff98108791f400 [ 4562.099519] RBP: ffff9810f26b9158 R08: 0000000000000000 R09: 0000000000000000 [ 4562.099521] R10: ffffa94cc420bc48 R11: 0000000000000001 R12: ffff9810f02a7cc0 [ 4562.099526] R13: 0000000000000000 R14: 00000000000000ff R15: 0000000000000007 [ 4562.099528] FS:  00007f629c5017c0(0000) GS:ffff98142c700000(0000) knlGS:0000000000000000 [ 4562.099534] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 4562.099536] CR2: 00007f629a882000 CR3: 000000017019e004 CR4: 00000000003706f0 [ 4562.099541] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 4562.099542] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 4562.099544] Call Trace: [ 4562.099555]  <TASK> [ 4562.099573]  ? die_addr+0x36/0x90 [ 4562.099583]  ? exc_general_protection+0x246/0x4a0 [ 4562.099593]  ? asm_exc_general_protection+0x26/0x30 [ 4562.099600]  ? nvkm_object_search+0x1d/0x70 [nouveau] [ 4562.099730]  nvkm_ioctl+0xa1/0x250 [nouveau] [ 4562.099861]  nvif_object_map_handle+0xc8/0x180 [nouveau] [ 4562.099986]  nouveau_ttm_io_mem_reserve+0x122/0x270 [nouveau] [ 4562.100156]  ? dma_resv_test_signaled+0x26/0xb0 [ 4562.100163]  ttm_bo_vm_fault_reserved+0x97/0x3c0 [ttm] [ 4562.100182]  ? __mutex_unlock_slowpath+0x2a/0x270 [ 4562.100189]  nouveau_ttm_fault+0x69/0xb0 [nouveau] [ 4562.100356]  __do_fault+0x32/0x150 [ 4562.100362]  do_fault+0x7c/0x560 [ 4562.100369]  __handle_mm_fault+0x800/0xc10 [ 4562.100382]  handle_mm_fault+0x17c/0x3e0 [ 4562.100388]  do_user_addr_fault+0x208/0x860 [ 4562.100395]  exc_page_fault+0x7f/0x200 [ 4562.100402]  asm_exc_page_fault+0x26/0x30 [ 4562.100412] RIP: 0033:0x9b9870 [ 4562.100419] Code: 85 a8 f7 ff ff 8b 8d 80 f7 ff ff 89 08 e9 18 f2 ff ff 0f 1f 84 00 00 00 00 00 44 89 32 e9 90 fa ff ff 0f 1f 84 00 00 00 00 00 <44> 89 32 e9 f8 f1 ff ff 0f 1f 84 00 00 00 00 00 66 44 89 32 e9 e7 [ 4562.100422] RSP: 002b:00007fff9ba2dc70 EFLAGS: 00010246 [ 4562.100426] RAX: 0000000000000004 RBX: 000000000dd65e10 RCX: 000000fff0000000 [ 4562.100428] RDX: 00007f629a882000 RSI: 00007f629a882000 RDI: 0000000000000066 [ 4562.100432] RBP: 00007fff9ba2e570 R08: 0000000000000000 R09: 0000000123ddf000 [ 4562.100434] R10: 0000000000000001 R11: 0000000000000246 R12: 000000007fffffff [ 4562.100436] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 4562.100446]  </TASK> [ 4562.100448] Modules linked in: nf_conntrack_netbios_ns nf_conntrack_broadcast nft_fib_inet nft_fib_ipv4 nft_fib_ipv6 nft_fib nft_reject_inet nf_reject_ipv4 nf_reject_ipv6 nft_reject nft_ct nft_chain_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 ip_set nf_tables libcrc32c nfnetlink cmac bnep sunrpc iwlmvm intel_rapl_msr intel_rapl_common snd_sof_pci_intel_cnl x86_pkg_temp_thermal intel_powerclamp snd_sof_intel_hda_common mac80211 coretemp snd_soc_acpi_intel_match kvm_intel snd_soc_acpi snd_soc_hdac_hda snd_sof_pci snd_sof_xtensa_dsp snd_sof_intel_hda_mlink  ---truncated---","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27062.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27062.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2278387","reference_id":"2278387","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2278387"},{"reference_url":"https://git.kernel.org/stable/c/6887314f5356389fc219b8152e951ac084a10ef7","reference_id":"6887314f5356389fc219b8152e951ac084a10ef7","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-06T18:29:48Z/"}],"url":"https://git.kernel.org/stable/c/6887314f5356389fc219b8152e951ac084a10ef7"},{"reference_url":"https://git.kernel.org/stable/c/96c8751844171af4b3898fee3857ee180586f589","reference_id":"96c8751844171af4b3898fee3857ee180586f589","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-06T18:29:48Z/"}],"url":"https://git.kernel.org/stable/c/96c8751844171af4b3898fee3857ee180586f589"},{"reference_url":"https://git.kernel.org/stable/c/b7cc4ff787a572edf2c55caeffaa88cd801eb135","reference_id":"b7cc4ff787a572edf2c55caeffaa88cd801eb135","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-06T18:29:48Z/"}],"url":"https://git.kernel.org/stable/c/b7cc4ff787a572edf2c55caeffaa88cd801eb135"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10942","reference_id":"RHSA-2024:10942","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10942"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5066","reference_id":"RHSA-2024:5066","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5066"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5067","reference_id":"RHSA-2024:5067","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5067"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8856","reference_id":"RHSA-2024:8856","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8856"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8870","reference_id":"RHSA-2024:8870","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8870"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9315","reference_id":"RHSA-2024:9315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9315"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-27062"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bdzt-dx77-c7bp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82471?format=json","vulnerability_id":"VCID-bes8-6rc1-ckbh","summary":"In the Linux kernel, the following vulnerability has been resolved:  net: mdio: fix unbalanced fwnode reference count in mdio_device_release()  There is warning report about of_node refcount leak while probing mdio device:  OF: ERROR: memory leak, expected refcount 1 instead of 2, of_node_get()/of_node_put() unbalanced - destroy cset entry: attach overlay node /spi/soc@0/mdio@710700c0/ethernet@4  In of_mdiobus_register_device(), we increase fwnode refcount by fwnode_handle_get() before associating the of_node with mdio device, but it has never been decreased in normal path. Since that, in mdio_device_release(), it needs to call fwnode_handle_put() in addition instead of calling kfree() directly.  After above, just calling mdio_device_free() in the error handle path of of_mdiobus_register_device() is enough to keep the refcount balanced.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48961.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48961.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-48961","reference_id":"","reference_type":"","scores":[{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03793","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-48961"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2320700","reference_id":"2320700","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2320700"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-48961"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bes8-6rc1-ckbh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59084?format=json","vulnerability_id":"VCID-bf4d-ux9u-yybs","summary":"kernel: xfrm: defensively unhash xfrm_state lists in __xfrm_state_delete","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46116.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46116.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482523","reference_id":"2482523","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482523"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-46116"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bf4d-ux9u-yybs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87695?format=json","vulnerability_id":"VCID-bfjz-19vg-8yax","summary":"In the Linux kernel, the following vulnerability has been resolved:  xhci: Handle TD clearing for multiple streams case  When multiple streams are in use, multiple TDs might be in flight when an endpoint is stopped. We need to issue a Set TR Dequeue Pointer for each, to ensure everything is reset properly and the caches cleared. Change the logic so that any N>1 TDs found active for different streams are deferred until after the first one is processed, calling xhci_invalidate_cancelled_tds() again from xhci_handle_cmd_set_deq() to queue another command until we are done with all of them. Also change the error/\"should never happen\" paths to ensure we at least clear any affected TDs, even if we can't issue a command to clear the hardware cache, and complain loudly with an xhci_warn() if this ever happens.  This problem case dates back to commit e9df17eb1408 (\"USB: xhci: Correct assumptions about number of rings per endpoint.\") early on in the XHCI driver's life, when stream support was first added. It was then identified but not fixed nor made into a warning in commit 674f8438c121 (\"xhci: split handling halted endpoints into two steps\"), which added a FIXME comment for the problem case (without materially changing the behavior as far as I can tell, though the new logic made the problem more obvious).  Then later, in commit 94f339147fc3 (\"xhci: Fix failure to give back some cached cancelled URBs.\"), it was acknowledged again.  [Mathias: commit 94f339147fc3 (\"xhci: Fix failure to give back some cached cancelled URBs.\") was a targeted regression fix to the previously mentioned patch. Users reported issues with usb stuck after unmounting/disconnecting UAS devices. This rolled back the TD clearing of multiple streams to its original state.]  Apparently the commit author was aware of the problem (yet still chose to submit it): It was still mentioned as a FIXME, an xhci_dbg() was added to log the problem condition, and the remaining issue was mentioned in the commit description. The choice of making the log type xhci_dbg() for what is, at this point, a completely unhandled and known broken condition is puzzling and unfortunate, as it guarantees that no actual users would see the log in production, thereby making it nigh undebuggable (indeed, even if you turn on DEBUG, the message doesn't really hint at there being a problem at all).  It took me *months* of random xHC crashes to finally find a reliable repro and be able to do a deep dive debug session, which could all have been avoided had this unhandled, broken condition been actually reported with a warning, as it should have been as a bug intentionally left in unfixed (never mind that it shouldn't have been left in at all).  > Another fix to solve clearing the caches of all stream rings with > cancelled TDs is needed, but not as urgent.  3 years after that statement and 14 years after the original bug was introduced, I think it's finally time to fix it. And maybe next time let's not leave bugs unfixed (that are actually worse than the original bug), and let's actually get people to review kernel commits please.  Fixes xHC crashes and IOMMU faults with UAS devices when handling errors/faults. Easiest repro is to use `hdparm` to mark an early sector (e.g. 1024) on a disk as bad, then `cat /dev/sdX > /dev/null` in a loop. At least in the case of JMicron controllers, the read errors end up having to cancel two TDs (for two queued requests to different streams) and the one that didn't get cleared properly ends up faulting the xHC entirely when it tries to access DMA pages that have since been unmapped, referred to by the stale TDs. This normally happens quickly (after two or three loops). After this fix, I left the `cat` in a loop running overnight and experienced no xHC failures, with all read errors recovered properly. Repro'd and tested on an Apple M1 Mac Mini (dwc3 host).  On systems without an IOMMU, this bug would instead silently corrupt freed memory, making this a ---truncated---","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-40927.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-40927.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2297511","reference_id":"2297511","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2297511"},{"reference_url":"https://git.kernel.org/stable/c/26460c1afa311524f588e288a4941432f0de6228","reference_id":"26460c1afa311524f588e288a4941432f0de6228","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:05:11Z/"}],"url":"https://git.kernel.org/stable/c/26460c1afa311524f588e288a4941432f0de6228"},{"reference_url":"https://git.kernel.org/stable/c/5ceac4402f5d975e5a01c806438eb4e554771577","reference_id":"5ceac4402f5d975e5a01c806438eb4e554771577","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:05:11Z/"}],"url":"https://git.kernel.org/stable/c/5ceac4402f5d975e5a01c806438eb4e554771577"},{"reference_url":"https://git.kernel.org/stable/c/61593dc413c3655e4328a351555235bc3089486a","reference_id":"61593dc413c3655e4328a351555235bc3089486a","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:05:11Z/"}],"url":"https://git.kernel.org/stable/c/61593dc413c3655e4328a351555235bc3089486a"},{"reference_url":"https://git.kernel.org/stable/c/633f72cb6124ecda97b641fbc119340bd88d51a9","reference_id":"633f72cb6124ecda97b641fbc119340bd88d51a9","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:05:11Z/"}],"url":"https://git.kernel.org/stable/c/633f72cb6124ecda97b641fbc119340bd88d51a9"},{"reference_url":"https://git.kernel.org/stable/c/949be4ec5835e0ccb3e2a8ab0e46179cb5512518","reference_id":"949be4ec5835e0ccb3e2a8ab0e46179cb5512518","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:05:11Z/"}],"url":"https://git.kernel.org/stable/c/949be4ec5835e0ccb3e2a8ab0e46179cb5512518"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5101","reference_id":"RHSA-2024:5101","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5101"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5102","reference_id":"RHSA-2024:5102","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5102"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6567","reference_id":"RHSA-2024:6567","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6567"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-40927"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bfjz-19vg-8yax"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82450?format=json","vulnerability_id":"VCID-bgmm-kq79-jfee","summary":"kernel: jfs: Fix uninit-value access of imap allocated in the diMount() function","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-37742.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-37742.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2363323","reference_id":"2363323","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2363323"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-37742"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bgmm-kq79-jfee"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62000?format=json","vulnerability_id":"VCID-bgxd-5sn3-zqb9","summary":"kernel: wireguard: device: use exit_rtnl callback instead of manual rtnl_lock in pre_exit","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31579.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31579.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461496","reference_id":"2461496","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461496"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2026-31579"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bgxd-5sn3-zqb9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59927?format=json","vulnerability_id":"VCID-bhjm-r1e1-fbeh","summary":"kernel: net/rds: reset op_nents when zerocopy page pin fails","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43494.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43494.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2480434","reference_id":"2480434","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2480434"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-43494"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bhjm-r1e1-fbeh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60869?format=json","vulnerability_id":"VCID-bhw2-7e12-vbbs","summary":"kernel: net: cpsw_new: Fix potential unregister of netdev that has not been registered yet","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43219.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43219.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467125","reference_id":"2467125","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467125"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2026-43219"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bhw2-7e12-vbbs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87357?format=json","vulnerability_id":"VCID-bj6s-1ase-87f6","summary":"kernel: udf: refactor inode_bmap() to handle error","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-50211.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-50211.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2324597","reference_id":"2324597","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2324597"},{"reference_url":"https://git.kernel.org/stable/c/493447dd8336607fce426f7879e581095f6c606e","reference_id":"493447dd8336607fce426f7879e581095f6c606e","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T20:17:19Z/"}],"url":"https://git.kernel.org/stable/c/493447dd8336607fce426f7879e581095f6c606e"},{"reference_url":"https://git.kernel.org/stable/c/b22d9a5698abf04341f8fbc30141e0673863c3a6","reference_id":"b22d9a5698abf04341f8fbc30141e0673863c3a6","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T20:17:19Z/"}],"url":"https://git.kernel.org/stable/c/b22d9a5698abf04341f8fbc30141e0673863c3a6"},{"reference_url":"https://git.kernel.org/stable/c/c226964ec786f3797ed389a16392ce4357697d24","reference_id":"c226964ec786f3797ed389a16392ce4357697d24","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T20:17:19Z/"}],"url":"https://git.kernel.org/stable/c/c226964ec786f3797ed389a16392ce4357697d24"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-50211"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bj6s-1ase-87f6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83141?format=json","vulnerability_id":"VCID-bjvy-e693-3yg5","summary":"kernel: nfsd: don't ignore the return code of svc_proc_register()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-22026.json","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-22026.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2360224","reference_id":"2360224","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2360224"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13946","reference_id":"RHSA-2025:13946","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13946"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14003","reference_id":"RHSA-2025:14003","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14003"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14005","reference_id":"RHSA-2025:14005","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14005"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14744","reference_id":"RHSA-2025:14744","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14744"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14749","reference_id":"RHSA-2025:14749","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14749"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:16919","reference_id":"RHSA-2025:16919","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:16919"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:16920","reference_id":"RHSA-2025:16920","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:16920"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17396","reference_id":"RHSA-2025:17396","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17396"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18281","reference_id":"RHSA-2025:18281","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18281"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18932","reference_id":"RHSA-2025:18932","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18932"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19222","reference_id":"RHSA-2025:19222","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19222"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21063","reference_id":"RHSA-2025:21063","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21063"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21082","reference_id":"RHSA-2025:21082","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21082"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21667","reference_id":"RHSA-2025:21667","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21667"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22752","reference_id":"RHSA-2025:22752","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22752"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-22026"],"risk_score":3.2,"exploitability":"0.5","weighted_severity":"6.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bjvy-e693-3yg5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86930?format=json","vulnerability_id":"VCID-bk5m-3sd5-hqce","summary":"In the Linux kernel, the following vulnerability has been resolved:  usb: typec: ucsi: Limit read size on v1.2  Between UCSI 1.2 and UCSI 2.0, the size of the MESSAGE_IN region was increased from 16 to 256. In order to avoid overflowing reads for older systems, add a mechanism to use the read UCSI version to truncate read sizes on UCSI v1.2.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-35924.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-35924.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/0defcaa09d3b21e8387829ee3a652c43fa91e13f","reference_id":"0defcaa09d3b21e8387829ee3a652c43fa91e13f","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-20T15:11:13Z/"}],"url":"https://git.kernel.org/stable/c/0defcaa09d3b21e8387829ee3a652c43fa91e13f"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2281758","reference_id":"2281758","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2281758"},{"reference_url":"https://git.kernel.org/stable/c/266f403ec47573046dee4bcebda82777ce702c40","reference_id":"266f403ec47573046dee4bcebda82777ce702c40","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-20T15:11:13Z/"}],"url":"https://git.kernel.org/stable/c/266f403ec47573046dee4bcebda82777ce702c40"},{"reference_url":"https://git.kernel.org/stable/c/b3db266fb031fba88c423d4bb8983a73a3db6527","reference_id":"b3db266fb031fba88c423d4bb8983a73a3db6527","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-20T15:11:13Z/"}],"url":"https://git.kernel.org/stable/c/b3db266fb031fba88c423d4bb8983a73a3db6527"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5101","reference_id":"RHSA-2024:5101","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5101"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5102","reference_id":"RHSA-2024:5102","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5102"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9315","reference_id":"RHSA-2024:9315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9315"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10701","reference_id":"RHSA-2025:10701","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10701"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-35924"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bk5m-3sd5-hqce"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85902?format=json","vulnerability_id":"VCID-bkb2-dnpj-bbg8","summary":"In the Linux kernel, the following vulnerability has been resolved:  usb: dwc3: gadget: Fix NULL pointer dereference in dwc3_gadget_suspend  In current scenario if Plug-out and Plug-In performed continuously there could be a chance while checking for dwc->gadget_driver in dwc3_gadget_suspend, a NULL pointer dereference may occur.  Call Stack:  \tCPU1:                           CPU2: \tgadget_unbind_driver            dwc3_suspend_common \tdwc3_gadget_stop                dwc3_gadget_suspend                                         dwc3_disconnect_gadget  CPU1 basically clears the variable and CPU2 checks the variable. Consider CPU1 is running and right before gadget_driver is cleared and in parallel CPU2 executes dwc3_gadget_suspend where it finds dwc->gadget_driver which is not NULL and resumes execution and then CPU1 completes execution. CPU2 executes dwc3_disconnect_gadget where it checks dwc->gadget_driver is already NULL because of which the NULL pointer deference occur.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26715.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26715.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2273152","reference_id":"2273152","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2273152"},{"reference_url":"https://git.kernel.org/stable/c/36695d5eeeefe5a64b47d0336e7c8fc144e78182","reference_id":"36695d5eeeefe5a64b47d0336e7c8fc144e78182","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-03T17:49:51Z/"}],"url":"https://git.kernel.org/stable/c/36695d5eeeefe5a64b47d0336e7c8fc144e78182"},{"reference_url":"https://git.kernel.org/stable/c/57e2e42ccd3cd6183228269715ed032f44536751","reference_id":"57e2e42ccd3cd6183228269715ed032f44536751","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-03T17:49:51Z/"}],"url":"https://git.kernel.org/stable/c/57e2e42ccd3cd6183228269715ed032f44536751"},{"reference_url":"https://git.kernel.org/stable/c/61a348857e869432e6a920ad8ea9132e8d44c316","reference_id":"61a348857e869432e6a920ad8ea9132e8d44c316","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-03T17:49:51Z/"}],"url":"https://git.kernel.org/stable/c/61a348857e869432e6a920ad8ea9132e8d44c316"},{"reference_url":"https://git.kernel.org/stable/c/88936ceab6b426f1312327e9ef849c215c6007a7","reference_id":"88936ceab6b426f1312327e9ef849c215c6007a7","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-03T17:49:51Z/"}],"url":"https://git.kernel.org/stable/c/88936ceab6b426f1312327e9ef849c215c6007a7"},{"reference_url":"https://git.kernel.org/stable/c/c7ebd8149ee519d27232e6e4940e9c02071b568b","reference_id":"c7ebd8149ee519d27232e6e4940e9c02071b568b","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-03T17:49:51Z/"}],"url":"https://git.kernel.org/stable/c/c7ebd8149ee519d27232e6e4940e9c02071b568b"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-26715"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bkb2-dnpj-bbg8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83030?format=json","vulnerability_id":"VCID-bkks-z9hw-zbbu","summary":"In the Linux kernel, the following vulnerability has been resolved:  drm/amd/display: Check if modulo is 0 before dividing.  [How & Why] If a value of 0 is read, then this will cause a divide-by-0 panic.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49294.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49294.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49294","reference_id":"","reference_type":"","scores":[{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.27839","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49294"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/07efce8269a038c37814eb656b4de14aa3015fc6","reference_id":"07efce8269a038c37814eb656b4de14aa3015fc6","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:45:08Z/"}],"url":"https://git.kernel.org/stable/c/07efce8269a038c37814eb656b4de14aa3015fc6"},{"reference_url":"https://git.kernel.org/stable/c/10ef82d6e0af5536ec64770c07f6bbabfdd6977c","reference_id":"10ef82d6e0af5536ec64770c07f6bbabfdd6977c","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:45:08Z/"}],"url":"https://git.kernel.org/stable/c/10ef82d6e0af5536ec64770c07f6bbabfdd6977c"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2348003","reference_id":"2348003","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2348003"},{"reference_url":"https://git.kernel.org/stable/c/49947b906a6bd9668eaf4f9cf691973c25c26955","reference_id":"49947b906a6bd9668eaf4f9cf691973c25c26955","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:45:08Z/"}],"url":"https://git.kernel.org/stable/c/49947b906a6bd9668eaf4f9cf691973c25c26955"},{"reference_url":"https://git.kernel.org/stable/c/96725758eff7b3805e4e94d1443a100757412720","reference_id":"96725758eff7b3805e4e94d1443a100757412720","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:45:08Z/"}],"url":"https://git.kernel.org/stable/c/96725758eff7b3805e4e94d1443a100757412720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2458","reference_id":"RHSA-2023:2458","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2951","reference_id":"RHSA-2023:2951","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2951"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-49294"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bkks-z9hw-zbbu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82444?format=json","vulnerability_id":"VCID-bmt5-zv3s-2fga","summary":"In the Linux kernel, the following vulnerability has been resolved:  PCI: mt7621: Add sentinel to quirks table  Current driver is missing a sentinel in the struct soc_device_attribute array, which causes an oops when assessed by the soc_device_match(mt7621_pcie_quirks_match) call.  This was only exposed once the CONFIG_SOC_MT7621 mt7621 soc_dev_attr was fixed to register the SOC as a device, in:  commit 7c18b64bba3b (\"mips: ralink: mt7621: do not use kzalloc too early\")  Fix it by adding the required sentinel.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48952.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48952.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-48952","reference_id":"","reference_type":"","scores":[{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.0654","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-48952"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2320789","reference_id":"2320789","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2320789"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-48952"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bmt5-zv3s-2fga"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70483?format=json","vulnerability_id":"VCID-bnbg-ejt3-zud5","summary":"kernel: regulator: core: Use different devices for resource allocation and DT lookup","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50616.json","reference_id":"","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50616.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50616","reference_id":"","reference_type":"","scores":[{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.07005","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50616"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2419958","reference_id":"2419958","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2419958"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6583","reference_id":"RHSA-2023:6583","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6583"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-50616"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bnbg-ejt3-zud5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87819?format=json","vulnerability_id":"VCID-bnd6-ny6u-ffdq","summary":"In the Linux kernel, the following vulnerability has been resolved:  xfs: add bounds checking to xlog_recover_process_data  There is a lack of verification of the space occupied by fixed members of xlog_op_header in the xlog_recover_process_data.  We can create a crafted image to trigger an out of bounds read by following these steps:     1) Mount an image of xfs, and do some file operations to leave records     2) Before umounting, copy the image for subsequent steps to simulate        abnormal exit. Because umount will ensure that tail_blk and        head_blk are the same, which will result in the inability to enter        xlog_recover_process_data     3) Write a tool to parse and modify the copied image in step 2     4) Make the end of the xlog_op_header entries only 1 byte away from        xlog_rec_header->h_size     5) xlog_rec_header->h_num_logops++     6) Modify xlog_rec_header->h_crc  Fix: Add a check to make sure there is sufficient space to access fixed members of xlog_op_header.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-41014.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-41014.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2300297","reference_id":"2300297","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2300297"},{"reference_url":"https://git.kernel.org/stable/c/7cd9f0a33e738cd58876f1bc8d6c1aa5bc4fc8c1","reference_id":"7cd9f0a33e738cd58876f1bc8d6c1aa5bc4fc8c1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:24:49Z/"}],"url":"https://git.kernel.org/stable/c/7cd9f0a33e738cd58876f1bc8d6c1aa5bc4fc8c1"},{"reference_url":"https://git.kernel.org/stable/c/d1e3efe783365db59da88f08a2e0bfe1cc95b143","reference_id":"d1e3efe783365db59da88f08a2e0bfe1cc95b143","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:24:49Z/"}],"url":"https://git.kernel.org/stable/c/d1e3efe783365db59da88f08a2e0bfe1cc95b143"},{"reference_url":"https://git.kernel.org/stable/c/fb63435b7c7dc112b1ae1baea5486e0a6e27b196","reference_id":"fb63435b7c7dc112b1ae1baea5486e0a6e27b196","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:24:49Z/"}],"url":"https://git.kernel.org/stable/c/fb63435b7c7dc112b1ae1baea5486e0a6e27b196"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10262","reference_id":"RHSA-2024:10262","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10262"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10772","reference_id":"RHSA-2024:10772","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10772"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10773","reference_id":"RHSA-2024:10773","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10773"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6297","reference_id":"RHSA-2024:6297","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6297"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7000","reference_id":"RHSA-2024:7000","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7000"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7001","reference_id":"RHSA-2024:7001","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7001"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8617","reference_id":"RHSA-2024:8617","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8617"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-41014"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bnd6-ny6u-ffdq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81729?format=json","vulnerability_id":"VCID-bpjs-r7mg-tufj","summary":"An issue was discovered in the Linux kernel through 5.16-rc6. imx_register_uart_clocks in drivers/clk/imx/clk.c lacks check of the return value of kcalloc() and will cause the null pointer dereference.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3114.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3114.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3114","reference_id":"","reference_type":"","scores":[{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03897","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3114"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2153054","reference_id":"2153054","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2153054"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-3114"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bpjs-r7mg-tufj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85541?format=json","vulnerability_id":"VCID-bqz2-xrym-wkg8","summary":"kernel: hwmon: (drivetemp) Fix driver producing garbage data when SCSI errors occur","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21656.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21656.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2339139","reference_id":"2339139","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2339139"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2025-21656"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bqz2-xrym-wkg8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86260?format=json","vulnerability_id":"VCID-bqzs-pg7m-f3gp","summary":"kernel: erofs: handle NONHEAD !delta[1] lclusters gracefully","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-53234.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-53234.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2334418","reference_id":"2334418","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2334418"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-53234"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bqzs-pg7m-f3gp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88006?format=json","vulnerability_id":"VCID-br1a-9wm9-dudu","summary":"kernel: drm/amd/display: Add null check for &#39;afb&#39; in amdgpu_dm_update_cursor (v2)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-49908.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-49908.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/0fe20258b4989b9112b5e9470df33a0939403fd4","reference_id":"0fe20258b4989b9112b5e9470df33a0939403fd4","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:41:59Z/"}],"url":"https://git.kernel.org/stable/c/0fe20258b4989b9112b5e9470df33a0939403fd4"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2320428","reference_id":"2320428","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2320428"},{"reference_url":"https://git.kernel.org/stable/c/a742168b6a39ead257da53bcbe472384d6e14a1b","reference_id":"a742168b6a39ead257da53bcbe472384d6e14a1b","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:41:59Z/"}],"url":"https://git.kernel.org/stable/c/a742168b6a39ead257da53bcbe472384d6e14a1b"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-49908"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-br1a-9wm9-dudu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75783?format=json","vulnerability_id":"VCID-br55-wyag-w7gn","summary":"kernel: ext4: fix potential out of bound read in ext4_fc_replay_scan()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50306.json","reference_id":"","reference_type":"","scores":[{"value":"5.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50306.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50306","reference_id":"","reference_type":"","scores":[{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02845","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50306"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2395351","reference_id":"2395351","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2395351"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2458","reference_id":"RHSA-2023:2458","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2458"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-50306"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-br55-wyag-w7gn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85742?format=json","vulnerability_id":"VCID-bsbk-wef1-tyaq","summary":"In the Linux kernel, the following vulnerability has been resolved:  net/sched: flower: Fix chain template offload  When a qdisc is deleted from a net device the stack instructs the underlying driver to remove its flow offload callback from the associated filter block using the 'FLOW_BLOCK_UNBIND' command. The stack then continues to replay the removal of the filters in the block for this driver by iterating over the chains in the block and invoking the 'reoffload' operation of the classifier being used. In turn, the classifier in its 'reoffload' operation prepares and emits a 'FLOW_CLS_DESTROY' command for each filter.  However, the stack does not do the same for chain templates and the underlying driver never receives a 'FLOW_CLS_TMPLT_DESTROY' command when a qdisc is deleted. This results in a memory leak [1] which can be reproduced using [2].  Fix by introducing a 'tmplt_reoffload' operation and have the stack invoke it with the appropriate arguments as part of the replay. Implement the operation in the sole classifier that supports chain templates (flower) by emitting the 'FLOW_CLS_TMPLT_{CREATE,DESTROY}' command based on whether a flow offload callback is being bound to a filter block or being unbound from one.  As far as I can tell, the issue happens since cited commit which reordered tcf_block_offload_unbind() before tcf_block_flush_all_chains() in __tcf_block_put(). The order cannot be reversed as the filter block is expected to be freed after flushing all the chains.  [1] unreferenced object 0xffff888107e28800 (size 2048):   comm \"tc\", pid 1079, jiffies 4294958525 (age 3074.287s)   hex dump (first 32 bytes):     b1 a6 7c 11 81 88 ff ff e0 5b b3 10 81 88 ff ff  ..|......[......     01 00 00 00 00 00 00 00 e0 aa b0 84 ff ff ff ff  ................   backtrace:     [<ffffffff81c06a68>] __kmem_cache_alloc_node+0x1e8/0x320     [<ffffffff81ab374e>] __kmalloc+0x4e/0x90     [<ffffffff832aec6d>] mlxsw_sp_acl_ruleset_get+0x34d/0x7a0     [<ffffffff832bc195>] mlxsw_sp_flower_tmplt_create+0x145/0x180     [<ffffffff832b2e1a>] mlxsw_sp_flow_block_cb+0x1ea/0x280     [<ffffffff83a10613>] tc_setup_cb_call+0x183/0x340     [<ffffffff83a9f85a>] fl_tmplt_create+0x3da/0x4c0     [<ffffffff83a22435>] tc_ctl_chain+0xa15/0x1170     [<ffffffff838a863c>] rtnetlink_rcv_msg+0x3cc/0xed0     [<ffffffff83ac87f0>] netlink_rcv_skb+0x170/0x440     [<ffffffff83ac6270>] netlink_unicast+0x540/0x820     [<ffffffff83ac6e28>] netlink_sendmsg+0x8d8/0xda0     [<ffffffff83793def>] ____sys_sendmsg+0x30f/0xa80     [<ffffffff8379d29a>] ___sys_sendmsg+0x13a/0x1e0     [<ffffffff8379d50c>] __sys_sendmsg+0x11c/0x1f0     [<ffffffff843b9ce0>] do_syscall_64+0x40/0xe0 unreferenced object 0xffff88816d2c0400 (size 1024):   comm \"tc\", pid 1079, jiffies 4294958525 (age 3074.287s)   hex dump (first 32 bytes):     40 00 00 00 00 00 00 00 57 f6 38 be 00 00 00 00  @.......W.8.....     10 04 2c 6d 81 88 ff ff 10 04 2c 6d 81 88 ff ff  ..,m......,m....   backtrace:     [<ffffffff81c06a68>] __kmem_cache_alloc_node+0x1e8/0x320     [<ffffffff81ab36c1>] __kmalloc_node+0x51/0x90     [<ffffffff81a8ed96>] kvmalloc_node+0xa6/0x1f0     [<ffffffff82827d03>] bucket_table_alloc.isra.0+0x83/0x460     [<ffffffff82828d2b>] rhashtable_init+0x43b/0x7c0     [<ffffffff832aed48>] mlxsw_sp_acl_ruleset_get+0x428/0x7a0     [<ffffffff832bc195>] mlxsw_sp_flower_tmplt_create+0x145/0x180     [<ffffffff832b2e1a>] mlxsw_sp_flow_block_cb+0x1ea/0x280     [<ffffffff83a10613>] tc_setup_cb_call+0x183/0x340     [<ffffffff83a9f85a>] fl_tmplt_create+0x3da/0x4c0     [<ffffffff83a22435>] tc_ctl_chain+0xa15/0x1170     [<ffffffff838a863c>] rtnetlink_rcv_msg+0x3cc/0xed0     [<ffffffff83ac87f0>] netlink_rcv_skb+0x170/0x440     [<ffffffff83ac6270>] netlink_unicast+0x540/0x820     [<ffffffff83ac6e28>] netlink_sendmsg+0x8d8/0xda0     [<ffffffff83793def>] ____sys_sendmsg+0x30f/0xa80  [2]  # tc qdisc add dev swp1 clsact  # tc chain add dev swp1 ingress proto ip chain 1 flower dst_ip 0.0.0.0/32  # tc qdisc del dev ---truncated---","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26669.json","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26669.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2272795","reference_id":"2272795","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2272795"},{"reference_url":"https://git.kernel.org/stable/c/32f2a0afa95fae0d1ceec2ff06e0e816939964b8","reference_id":"32f2a0afa95fae0d1ceec2ff06e0e816939964b8","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-02T18:36:26Z/"}],"url":"https://git.kernel.org/stable/c/32f2a0afa95fae0d1ceec2ff06e0e816939964b8"},{"reference_url":"https://git.kernel.org/stable/c/9ed46144cff3598a5cf79955630e795ff9af5b97","reference_id":"9ed46144cff3598a5cf79955630e795ff9af5b97","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-02T18:36:26Z/"}],"url":"https://git.kernel.org/stable/c/9ed46144cff3598a5cf79955630e795ff9af5b97"},{"reference_url":"https://git.kernel.org/stable/c/c04709b2cc99ae31c346f79f0211752d7b74df01","reference_id":"c04709b2cc99ae31c346f79f0211752d7b74df01","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-02T18:36:26Z/"}],"url":"https://git.kernel.org/stable/c/c04709b2cc99ae31c346f79f0211752d7b74df01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5101","reference_id":"RHSA-2024:5101","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5101"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5102","reference_id":"RHSA-2024:5102","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5102"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9315","reference_id":"RHSA-2024:9315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9315"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9584","reference_id":"RHSA-2025:9584","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9584"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-26669"],"risk_score":3.2,"exploitability":"0.5","weighted_severity":"6.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bsbk-wef1-tyaq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85755?format=json","vulnerability_id":"VCID-bsta-vps8-wkgy","summary":"In the Linux kernel, the following vulnerability has been resolved:  drm/amdgpu: Fix variable 'mca_funcs' dereferenced before NULL check in 'amdgpu_mca_smu_get_mca_entry()'  Fixes the below:  drivers/gpu/drm/amd/amdgpu/amdgpu_mca.c:377 amdgpu_mca_smu_get_mca_entry() warn: variable dereferenced before check 'mca_funcs' (see line 368)  357 int amdgpu_mca_smu_get_mca_entry(struct amdgpu_device *adev, \t\t\t\t     enum amdgpu_mca_error_type type, 358                                  int idx, struct mca_bank_entry *entry) 359 { 360         const struct amdgpu_mca_smu_funcs *mca_funcs = \t\t\t\t\t\tadev->mca.mca_funcs; 361         int count; 362 363         switch (type) { 364         case AMDGPU_MCA_ERROR_TYPE_UE: 365                 count = mca_funcs->max_ue_count;  mca_funcs is dereferenced here.  366                 break; 367         case AMDGPU_MCA_ERROR_TYPE_CE: 368                 count = mca_funcs->max_ce_count;  mca_funcs is dereferenced here.  369                 break; 370         default: 371                 return -EINVAL; 372         } 373 374         if (idx >= count) 375                 return -EINVAL; 376 377         if (mca_funcs && mca_funcs->mca_get_mca_entry) \t        ^^^^^^^^^  Checked too late!","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26672.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26672.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2272814","reference_id":"2272814","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2272814"},{"reference_url":"https://git.kernel.org/stable/c/4f32504a2f85a7b40fe149436881381f48e9c0c0","reference_id":"4f32504a2f85a7b40fe149436881381f48e9c0c0","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-02T15:55:06Z/"}],"url":"https://git.kernel.org/stable/c/4f32504a2f85a7b40fe149436881381f48e9c0c0"},{"reference_url":"https://git.kernel.org/stable/c/7b5d58c07024516c0e81b95e98f37710cf402c53","reference_id":"7b5d58c07024516c0e81b95e98f37710cf402c53","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-02T15:55:06Z/"}],"url":"https://git.kernel.org/stable/c/7b5d58c07024516c0e81b95e98f37710cf402c53"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9315","reference_id":"RHSA-2024:9315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9315"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-26672"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bsta-vps8-wkgy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78671?format=json","vulnerability_id":"VCID-btud-g93c-uyge","summary":"kernel: net: dsa: b53: do not enable EEE on bcm63xx","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38272.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38272.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2379213","reference_id":"2379213","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2379213"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2025-38272"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-btud-g93c-uyge"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60999?format=json","vulnerability_id":"VCID-bup6-gpyt-ybf2","summary":"kernel: ALSA: usb-audio: Add sanity check for OOB writes at silencing","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43279.json","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43279.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467215","reference_id":"2467215","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467215"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2026-43279"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bup6-gpyt-ybf2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74922?format=json","vulnerability_id":"VCID-bxw3-krpq-23gu","summary":"kernel: x86/MCE: Always save CS register on AMD Zen IF Poison errors","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53438.json","reference_id":"","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53438.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2396519","reference_id":"2396519","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2396519"},{"reference_url":"https://git.kernel.org/stable/c/2e01bdf7203c383e9d8489d9f963c52d6c81e4db","reference_id":"2e01bdf7203c383e9d8489d9f963c52d6c81e4db","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T19:17:13Z/"}],"url":"https://git.kernel.org/stable/c/2e01bdf7203c383e9d8489d9f963c52d6c81e4db"},{"reference_url":"https://git.kernel.org/stable/c/4240e2ebe67941ce2c4f5c866c3af4b5ac7a0c67","reference_id":"4240e2ebe67941ce2c4f5c866c3af4b5ac7a0c67","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T19:17:13Z/"}],"url":"https://git.kernel.org/stable/c/4240e2ebe67941ce2c4f5c866c3af4b5ac7a0c67"},{"reference_url":"https://git.kernel.org/stable/c/6eac3965901489ae114a664a78cd2d1415d1af5c","reference_id":"6eac3965901489ae114a664a78cd2d1415d1af5c","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T19:17:13Z/"}],"url":"https://git.kernel.org/stable/c/6eac3965901489ae114a664a78cd2d1415d1af5c"},{"reference_url":"https://git.kernel.org/stable/c/e6e6a5f50f58fadec397b23064b7e4830292863d","reference_id":"e6e6a5f50f58fadec397b23064b7e4830292863d","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T19:17:13Z/"}],"url":"https://git.kernel.org/stable/c/e6e6a5f50f58fadec397b23064b7e4830292863d"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-53438"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bxw3-krpq-23gu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87804?format=json","vulnerability_id":"VCID-byk4-3dn6-dubk","summary":"In the Linux kernel, the following vulnerability has been resolved:  io_uring/sqpoll: work around a potential audit memory leak  kmemleak complains that there's a memory leak related to connect handling:  unreferenced object 0xffff0001093bdf00 (size 128): comm \"iou-sqp-455\", pid 457, jiffies 4294894164 hex dump (first 32 bytes): 02 00 fa ea 7f 00 00 01 00 00 00 00 00 00 00 00  ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................ backtrace (crc 2e481b1a): [<00000000c0a26af4>] kmemleak_alloc+0x30/0x38 [<000000009c30bb45>] kmalloc_trace+0x228/0x358 [<000000009da9d39f>] __audit_sockaddr+0xd0/0x138 [<0000000089a93e34>] move_addr_to_kernel+0x1a0/0x1f8 [<000000000b4e80e6>] io_connect_prep+0x1ec/0x2d4 [<00000000abfbcd99>] io_submit_sqes+0x588/0x1e48 [<00000000e7c25e07>] io_sq_thread+0x8a4/0x10e4 [<00000000d999b491>] ret_from_fork+0x10/0x20  which can can happen if:  1) The command type does something on the prep side that triggers an    audit call. 2) The thread hasn't done any operations before this that triggered    an audit call inside ->issue(), where we have audit_uring_entry()    and audit_uring_exit().  Work around this by issuing a blanket NOP operation before the SQPOLL does anything.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-41001.json","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-41001.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2297585","reference_id":"2297585","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2297585"},{"reference_url":"https://git.kernel.org/stable/c/55c22375cbaa24f77dd13f9ae0642915444a1227","reference_id":"55c22375cbaa24f77dd13f9ae0642915444a1227","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:01:15Z/"}],"url":"https://git.kernel.org/stable/c/55c22375cbaa24f77dd13f9ae0642915444a1227"},{"reference_url":"https://git.kernel.org/stable/c/9e810bd995823786ea30543e480e8a573e5e5667","reference_id":"9e810bd995823786ea30543e480e8a573e5e5667","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:01:15Z/"}],"url":"https://git.kernel.org/stable/c/9e810bd995823786ea30543e480e8a573e5e5667"},{"reference_url":"https://git.kernel.org/stable/c/a40e90d9304629002fb17200f7779823a81191d3","reference_id":"a40e90d9304629002fb17200f7779823a81191d3","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:01:15Z/"}],"url":"https://git.kernel.org/stable/c/a40e90d9304629002fb17200f7779823a81191d3"},{"reference_url":"https://git.kernel.org/stable/c/c4ce0ab27646f4206a9eb502d6fe45cb080e1cae","reference_id":"c4ce0ab27646f4206a9eb502d6fe45cb080e1cae","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:01:15Z/"}],"url":"https://git.kernel.org/stable/c/c4ce0ab27646f4206a9eb502d6fe45cb080e1cae"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9315","reference_id":"RHSA-2024:9315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9315"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-41001"],"risk_score":2.3,"exploitability":"0.5","weighted_severity":"4.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-byk4-3dn6-dubk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74047?format=json","vulnerability_id":"VCID-c14p-vq3e-hygx","summary":"kernel: cifs: fix mid leak during reconnection after timeout threshold","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53597.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53597.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2401466","reference_id":"2401466","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2401466"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5101","reference_id":"RHSA-2024:5101","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5101"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9315","reference_id":"RHSA-2024:9315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9315"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-53597"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c14p-vq3e-hygx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72240?format=json","vulnerability_id":"VCID-c25u-ce7c-v7eb","summary":"kernel: blk-mq: fix potential deadlock while nr_requests grown","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40146.json","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40146.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2414500","reference_id":"2414500","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2414500"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2025-40146"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c25u-ce7c-v7eb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82901?format=json","vulnerability_id":"VCID-c2r8-hn2m-g7h5","summary":"In the Linux kernel, the following vulnerability has been resolved:  ibmvnic: fix race between xmit and reset  There is a race between reset and the transmit paths that can lead to ibmvnic_xmit() accessing an scrq after it has been freed in the reset path. It can result in a crash like:  \tKernel attempted to read user page (0) - exploit attempt? (uid: 0) \tBUG: Kernel NULL pointer dereference on read at 0x00000000 \tFaulting instruction address: 0xc0080000016189f8 \tOops: Kernel access of bad area, sig: 11 [#1] \t... \tNIP [c0080000016189f8] ibmvnic_xmit+0x60/0xb60 [ibmvnic] \tLR [c000000000c0046c] dev_hard_start_xmit+0x11c/0x280 \tCall Trace: \t[c008000001618f08] ibmvnic_xmit+0x570/0xb60 [ibmvnic] (unreliable) \t[c000000000c0046c] dev_hard_start_xmit+0x11c/0x280 \t[c000000000c9cfcc] sch_direct_xmit+0xec/0x330 \t[c000000000bfe640] __dev_xmit_skb+0x3a0/0x9d0 \t[c000000000c00ad4] __dev_queue_xmit+0x394/0x730 \t[c008000002db813c] __bond_start_xmit+0x254/0x450 [bonding] \t[c008000002db8378] bond_start_xmit+0x40/0xc0 [bonding] \t[c000000000c0046c] dev_hard_start_xmit+0x11c/0x280 \t[c000000000c00ca4] __dev_queue_xmit+0x564/0x730 \t[c000000000cf97e0] neigh_hh_output+0xd0/0x180 \t[c000000000cfa69c] ip_finish_output2+0x31c/0x5c0 \t[c000000000cfd244] __ip_queue_xmit+0x194/0x4f0 \t[c000000000d2a3c4] __tcp_transmit_skb+0x434/0x9b0 \t[c000000000d2d1e0] __tcp_retransmit_skb+0x1d0/0x6a0 \t[c000000000d2d984] tcp_retransmit_skb+0x34/0x130 \t[c000000000d310e8] tcp_retransmit_timer+0x388/0x6d0 \t[c000000000d315ec] tcp_write_timer_handler+0x1bc/0x330 \t[c000000000d317bc] tcp_write_timer+0x5c/0x200 \t[c000000000243270] call_timer_fn+0x50/0x1c0 \t[c000000000243704] __run_timers.part.0+0x324/0x460 \t[c000000000243894] run_timer_softirq+0x54/0xa0 \t[c000000000ea713c] __do_softirq+0x15c/0x3e0 \t[c000000000166258] __irq_exit_rcu+0x158/0x190 \t[c000000000166420] irq_exit+0x20/0x40 \t[c00000000002853c] timer_interrupt+0x14c/0x2b0 \t[c000000000009a00] decrementer_common_virt+0x210/0x220 \t--- interrupt: 900 at plpar_hcall_norets_notrace+0x18/0x2c  The immediate cause of the crash is the access of tx_scrq in the following snippet during a reset, where the tx_scrq can be either NULL or an address that will soon be invalid:  \tibmvnic_xmit() \t{ \t\t... \t\ttx_scrq = adapter->tx_scrq[queue_num]; \t\ttxq = netdev_get_tx_queue(netdev, queue_num); \t\tind_bufp = &tx_scrq->ind_buf;  \t\tif (test_bit(0, &adapter->resetting)) { \t\t... \t}  But beyond that, the call to ibmvnic_xmit() itself is not safe during a reset and the reset path attempts to avoid this by stopping the queue in ibmvnic_cleanup(). However just after the queue was stopped, an in-flight ibmvnic_complete_tx() could have restarted the queue even as the reset is progressing.  Since the queue was restarted we could get a call to ibmvnic_xmit() which can then access the bad tx_scrq (or other fields).  We cannot however simply have ibmvnic_complete_tx() check the ->resetting bit and skip starting the queue. This can race at the \"back-end\" of a good reset which just restarted the queue but has not cleared the ->resetting bit yet. If we skip restarting the queue due to ->resetting being true, the queue would remain stopped indefinitely potentially leading to transmit timeouts.  IOW ->resetting is too broad for this purpose. Instead use a new flag that indicates whether or not the queues are active. Only the open/ reset paths control when the queues are active. ibmvnic_complete_tx() and others wake up the queue only if the queue is marked active.  So we will have: \tA. reset/open thread in ibmvnic_cleanup() and __ibmvnic_open()  \t\t->resetting = true \t\t->tx_queues_active = false \t\tdisable tx queues \t\t... \t\t->tx_queues_active = true \t\tstart tx queues  \tB. Tx interrupt in ibmvnic_complete_tx():  \t\tif (->tx_queues_active) \t\t\tnetif_wake_subqueue();  To ensure that ->tx_queues_active and state of the queues are consistent, we need a lock which:  \t- must also be taken in the interrupt path (ibmvnic_complete_tx()) \t- shared across the multiple ---truncated---","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49201.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49201.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49201","reference_id":"","reference_type":"","scores":[{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03629","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49201"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2348046","reference_id":"2348046","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2348046"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-49201"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c2r8-hn2m-g7h5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87806?format=json","vulnerability_id":"VCID-c3c9-vkgb-h7b9","summary":"In the Linux kernel, the following vulnerability has been resolved:  crypto: hisilicon/sec - Fix memory leak for sec resource release  The AIV is one of the SEC resources. When releasing resources, it need to release the AIV resources at the same time. Otherwise, memory leakage occurs.  The aiv resource release is added to the sec resource release function.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-41002.json","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-41002.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2297586","reference_id":"2297586","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2297586"},{"reference_url":"https://git.kernel.org/stable/c/36810d2db3496bb8b4db7ccda666674a5efc7b47","reference_id":"36810d2db3496bb8b4db7ccda666674a5efc7b47","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:01:11Z/"}],"url":"https://git.kernel.org/stable/c/36810d2db3496bb8b4db7ccda666674a5efc7b47"},{"reference_url":"https://git.kernel.org/stable/c/7c42ce556ff65995c8875c9ed64141c14238e7e6","reference_id":"7c42ce556ff65995c8875c9ed64141c14238e7e6","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:01:11Z/"}],"url":"https://git.kernel.org/stable/c/7c42ce556ff65995c8875c9ed64141c14238e7e6"},{"reference_url":"https://git.kernel.org/stable/c/9f21886370db451b0fdc651f6e41550a1da70601","reference_id":"9f21886370db451b0fdc651f6e41550a1da70601","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:01:11Z/"}],"url":"https://git.kernel.org/stable/c/9f21886370db451b0fdc651f6e41550a1da70601"},{"reference_url":"https://git.kernel.org/stable/c/a886bcb0f67d1e3d6b2da25b3519de59098200c2","reference_id":"a886bcb0f67d1e3d6b2da25b3519de59098200c2","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:01:11Z/"}],"url":"https://git.kernel.org/stable/c/a886bcb0f67d1e3d6b2da25b3519de59098200c2"},{"reference_url":"https://git.kernel.org/stable/c/bba4250757b4ae1680fea435a358d8093f254094","reference_id":"bba4250757b4ae1680fea435a358d8093f254094","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:01:11Z/"}],"url":"https://git.kernel.org/stable/c/bba4250757b4ae1680fea435a358d8093f254094"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-41002"],"risk_score":2.3,"exploitability":"0.5","weighted_severity":"4.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c3c9-vkgb-h7b9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82033?format=json","vulnerability_id":"VCID-c3y9-6zz4-fyey","summary":"kernel: mm/vmscan: don't try to reclaim hwpoison folio","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-37834.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-37834.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2365018","reference_id":"2365018","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2365018"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2025-37834"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c3y9-6zz4-fyey"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83319?format=json","vulnerability_id":"VCID-c449-62ea-fkau","summary":"In the Linux kernel, the following vulnerability has been resolved:  list: fix a data-race around ep->rdllist  ep_poll() first calls ep_events_available() with no lock held and checks if ep->rdllist is empty by list_empty_careful(), which reads rdllist->prev.  Thus all accesses to it need some protection to avoid store/load-tearing.  Note INIT_LIST_HEAD_RCU() already has the annotation for both prev and next.  Commit bf3b9f6372c4 (\"epoll: Add busy poll support to epoll with socket fds.\") added the first lockless ep_events_available(), and commit c5a282e9635e (\"fs/epoll: reduce the scope of wq lock in epoll_wait()\") made some ep_events_available() calls lockless and added single call under a lock, finally commit e59d3c64cba6 (\"epoll: eliminate unnecessary lock for zero timeout\") made the last ep_events_available() lockless.  BUG: KCSAN: data-race in do_epoll_wait / do_epoll_wait  write to 0xffff88810480c7d8 of 8 bytes by task 1802 on cpu 0:  INIT_LIST_HEAD include/linux/list.h:38 [inline]  list_splice_init include/linux/list.h:492 [inline]  ep_start_scan fs/eventpoll.c:622 [inline]  ep_send_events fs/eventpoll.c:1656 [inline]  ep_poll fs/eventpoll.c:1806 [inline]  do_epoll_wait+0x4eb/0xf40 fs/eventpoll.c:2234  do_epoll_pwait fs/eventpoll.c:2268 [inline]  __do_sys_epoll_pwait fs/eventpoll.c:2281 [inline]  __se_sys_epoll_pwait+0x12b/0x240 fs/eventpoll.c:2275  __x64_sys_epoll_pwait+0x74/0x80 fs/eventpoll.c:2275  do_syscall_x64 arch/x86/entry/common.c:50 [inline]  do_syscall_64+0x44/0xd0 arch/x86/entry/common.c:80  entry_SYSCALL_64_after_hwframe+0x44/0xae  read to 0xffff88810480c7d8 of 8 bytes by task 1799 on cpu 1:  list_empty_careful include/linux/list.h:329 [inline]  ep_events_available fs/eventpoll.c:381 [inline]  ep_poll fs/eventpoll.c:1797 [inline]  do_epoll_wait+0x279/0xf40 fs/eventpoll.c:2234  do_epoll_pwait fs/eventpoll.c:2268 [inline]  __do_sys_epoll_pwait fs/eventpoll.c:2281 [inline]  __se_sys_epoll_pwait+0x12b/0x240 fs/eventpoll.c:2275  __x64_sys_epoll_pwait+0x74/0x80 fs/eventpoll.c:2275  do_syscall_x64 arch/x86/entry/common.c:50 [inline]  do_syscall_64+0x44/0xd0 arch/x86/entry/common.c:80  entry_SYSCALL_64_after_hwframe+0x44/0xae  value changed: 0xffff88810480c7d0 -> 0xffff888103c15098  Reported by Kernel Concurrency Sanitizer on: CPU: 1 PID: 1799 Comm: syz-fuzzer Tainted: G        W         5.17.0-rc7-syzkaller-dirty #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49443.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49443.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49443","reference_id":"","reference_type":"","scores":[{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00812","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49443"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2348240","reference_id":"2348240","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2348240"},{"reference_url":"https://git.kernel.org/stable/c/5d5d993f16be15d124be7b8ec71b28ef7b7dc3af","reference_id":"5d5d993f16be15d124be7b8ec71b28ef7b7dc3af","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:40:52Z/"}],"url":"https://git.kernel.org/stable/c/5d5d993f16be15d124be7b8ec71b28ef7b7dc3af"},{"reference_url":"https://git.kernel.org/stable/c/cb3e48f7a35033deb9455abe3932e63cb500b9eb","reference_id":"cb3e48f7a35033deb9455abe3932e63cb500b9eb","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:40:52Z/"}],"url":"https://git.kernel.org/stable/c/cb3e48f7a35033deb9455abe3932e63cb500b9eb"},{"reference_url":"https://git.kernel.org/stable/c/d679ae94fdd5d3ab00c35078f5af5f37e068b03d","reference_id":"d679ae94fdd5d3ab00c35078f5af5f37e068b03d","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:40:52Z/"}],"url":"https://git.kernel.org/stable/c/d679ae94fdd5d3ab00c35078f5af5f37e068b03d"},{"reference_url":"https://git.kernel.org/stable/c/e039c0b5985999b150594126225e1ee51df7b4c9","reference_id":"e039c0b5985999b150594126225e1ee51df7b4c9","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:40:52Z/"}],"url":"https://git.kernel.org/stable/c/e039c0b5985999b150594126225e1ee51df7b4c9"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:20518","reference_id":"RHSA-2025:20518","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:20518"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-49443"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c449-62ea-fkau"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86256?format=json","vulnerability_id":"VCID-c44q-jcs3-qfhj","summary":"In the Linux kernel, the following vulnerability has been resolved:  drm/bridge: adv7511: fix crash on irq during probe  Moved IRQ registration down to end of adv7511_probe().  If an IRQ already is pending during adv7511_probe (before adv7511_cec_init) then cec_received_msg_ts could crash using uninitialized data:      Unable to handle kernel read from unreadable memory at virtual address 00000000000003d5     Internal error: Oops: 96000004 [#1] PREEMPT_RT SMP     Call trace:      cec_received_msg_ts+0x48/0x990 [cec]      adv7511_cec_irq_process+0x1cc/0x308 [adv7511]      adv7511_irq_process+0xd8/0x120 [adv7511]      adv7511_irq_handler+0x1c/0x30 [adv7511]      irq_thread_fn+0x30/0xa0      irq_thread+0x14c/0x238      kthread+0x190/0x1a8","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26876.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26876.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2275699","reference_id":"2275699","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2275699"},{"reference_url":"https://git.kernel.org/stable/c/28a94271bd50e4cf498df0381f776f8ea40a289e","reference_id":"28a94271bd50e4cf498df0381f776f8ea40a289e","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-09T18:40:11Z/"}],"url":"https://git.kernel.org/stable/c/28a94271bd50e4cf498df0381f776f8ea40a289e"},{"reference_url":"https://git.kernel.org/stable/c/50f4b57e9a9db4ede9294f39b9e75b5f26bae9b7","reference_id":"50f4b57e9a9db4ede9294f39b9e75b5f26bae9b7","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-09T18:40:11Z/"}],"url":"https://git.kernel.org/stable/c/50f4b57e9a9db4ede9294f39b9e75b5f26bae9b7"},{"reference_url":"https://git.kernel.org/stable/c/955c1252930677762e0db2b6b9e36938c887445c","reference_id":"955c1252930677762e0db2b6b9e36938c887445c","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-09T18:40:11Z/"}],"url":"https://git.kernel.org/stable/c/955c1252930677762e0db2b6b9e36938c887445c"},{"reference_url":"https://git.kernel.org/stable/c/aeedaee5ef5468caf59e2bb1265c2116e0c9a924","reference_id":"aeedaee5ef5468caf59e2bb1265c2116e0c9a924","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-09T18:40:11Z/"}],"url":"https://git.kernel.org/stable/c/aeedaee5ef5468caf59e2bb1265c2116e0c9a924"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-26876"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c44q-jcs3-qfhj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74770?format=json","vulnerability_id":"VCID-c4tp-quup-euc8","summary":"kernel: drm/amdgpu: SDMA update use unlocked iterator","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50393.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50393.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50393","reference_id":"","reference_type":"","scores":[{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04097","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50393"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2396403","reference_id":"2396403","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2396403"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6583","reference_id":"RHSA-2023:6583","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6583"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7077","reference_id":"RHSA-2023:7077","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7077"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-50393"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c4tp-quup-euc8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61486?format=json","vulnerability_id":"VCID-c6bx-mgaq-tya5","summary":"kernel: usb: gadget: f_subset: Fix net_device lifecycle with device_move","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31723.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31723.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2464425","reference_id":"2464425","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2464425"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-31723"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c6bx-mgaq-tya5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63757?format=json","vulnerability_id":"VCID-c6zk-te2v-t7a2","summary":"kernel: net: usb: cdc_ncm: add ndpoffset to NDP16 nframes bounds check","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23448.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23448.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2454858","reference_id":"2454858","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2454858"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-23448"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c6zk-te2v-t7a2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62864?format=json","vulnerability_id":"VCID-cat3-t7vf-qqd3","summary":"kernel: bridge: mrp: reject zero test interval to avoid OOM panic","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31420.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31420.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2457838","reference_id":"2457838","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2457838"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2026-31420"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cat3-t7vf-qqd3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72187?format=json","vulnerability_id":"VCID-cb4p-1ysu-cuck","summary":"kernel: tls: Use __sk_dst_get() and dst_dev_rcu() in get_netdev_for_sock()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40149.json","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40149.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2414466","reference_id":"2414466","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2414466"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-40149"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cb4p-1ysu-cuck"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84822?format=json","vulnerability_id":"VCID-cdm4-zs5q-t3ay","summary":"In the Linux kernel, the following vulnerability has been resolved:  scsi: hisi_sas: Set debugfs_dir pointer to NULL after removing debugfs  If init debugfs failed during device registration due to memory allocation failure, debugfs_remove_recursive() is called, after which debugfs_dir is not set to NULL. debugfs_remove_recursive() will be called again during device removal. As a result, illegal pointer is accessed.  [ 1665.467244] hisi_sas_v3_hw 0000:b4:02.0: failed to init debugfs! ... [ 1669.836708] Unable to handle kernel NULL pointer dereference at virtual address 00000000000000a0 [ 1669.872669] pc : down_write+0x24/0x70 [ 1669.876315] lr : down_write+0x1c/0x70 [ 1669.879961] sp : ffff000036f53a30 [ 1669.883260] x29: ffff000036f53a30 x28: ffffa027c31549f8 [ 1669.888547] x27: ffffa027c3140000 x26: 0000000000000000 [ 1669.893834] x25: ffffa027bf37c270 x24: ffffa027bf37c270 [ 1669.899122] x23: ffff0000095406b8 x22: ffff0000095406a8 [ 1669.904408] x21: 0000000000000000 x20: ffffa027bf37c310 [ 1669.909695] x19: 00000000000000a0 x18: ffff8027dcd86f10 [ 1669.914982] x17: 0000000000000000 x16: 0000000000000000 [ 1669.920268] x15: 0000000000000000 x14: ffffa0274014f870 [ 1669.925555] x13: 0000000000000040 x12: 0000000000000228 [ 1669.930842] x11: 0000000000000020 x10: 0000000000000bb0 [ 1669.936129] x9 : ffff000036f537f0 x8 : ffff80273088ca10 [ 1669.941416] x7 : 000000000000001d x6 : 00000000ffffffff [ 1669.946702] x5 : ffff000008a36310 x4 : ffff80273088be00 [ 1669.951989] x3 : ffff000009513e90 x2 : 0000000000000000 [ 1669.957276] x1 : 00000000000000a0 x0 : ffffffff00000001 [ 1669.962563] Call trace: [ 1669.965000]  down_write+0x24/0x70 [ 1669.968301]  debugfs_remove_recursive+0x5c/0x1b0 [ 1669.972905]  hisi_sas_debugfs_exit+0x24/0x30 [hisi_sas_main] [ 1669.978541]  hisi_sas_v3_remove+0x130/0x150 [hisi_sas_v3_hw] [ 1669.984175]  pci_device_remove+0x48/0xd8 [ 1669.988082]  device_release_driver_internal+0x1b4/0x250 [ 1669.993282]  device_release_driver+0x28/0x38 [ 1669.997534]  pci_stop_bus_device+0x84/0xb8 [ 1670.001611]  pci_stop_and_remove_bus_device_locked+0x24/0x40 [ 1670.007244]  remove_store+0xfc/0x140 [ 1670.010802]  dev_attr_store+0x44/0x60 [ 1670.014448]  sysfs_kf_write+0x58/0x80 [ 1670.018095]  kernfs_fop_write+0xe8/0x1f0 [ 1670.022000]  __vfs_write+0x60/0x190 [ 1670.025472]  vfs_write+0xac/0x1c0 [ 1670.028771]  ksys_write+0x6c/0xd8 [ 1670.032071]  __arm64_sys_write+0x24/0x30 [ 1670.035977]  el0_svc_common+0x78/0x130 [ 1670.039710]  el0_svc_handler+0x38/0x78 [ 1670.043442]  el0_svc+0x8/0xc  To fix this, set debugfs_dir to NULL after debugfs_remove_recursive().","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52808.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52808.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2282665","reference_id":"2282665","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2282665"},{"reference_url":"https://git.kernel.org/stable/c/33331b265aac9441ac0c1a5442e3f05d038240ec","reference_id":"33331b265aac9441ac0c1a5442e3f05d038240ec","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-22T19:30:55Z/"}],"url":"https://git.kernel.org/stable/c/33331b265aac9441ac0c1a5442e3f05d038240ec"},{"reference_url":"https://git.kernel.org/stable/c/6de426f9276c448e2db7238911c97fb157cb23be","reference_id":"6de426f9276c448e2db7238911c97fb157cb23be","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-22T19:30:55Z/"}],"url":"https://git.kernel.org/stable/c/6de426f9276c448e2db7238911c97fb157cb23be"},{"reference_url":"https://git.kernel.org/stable/c/75a2656260fe8c7eeabda6ff4600b29e183f48db","reference_id":"75a2656260fe8c7eeabda6ff4600b29e183f48db","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-22T19:30:55Z/"}],"url":"https://git.kernel.org/stable/c/75a2656260fe8c7eeabda6ff4600b29e183f48db"},{"reference_url":"https://git.kernel.org/stable/c/b4465009e7d60c6111946db4c8f1e50d401ed7be","reference_id":"b4465009e7d60c6111946db4c8f1e50d401ed7be","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-22T19:30:55Z/"}],"url":"https://git.kernel.org/stable/c/b4465009e7d60c6111946db4c8f1e50d401ed7be"},{"reference_url":"https://git.kernel.org/stable/c/f0bfc8a5561fb0b2c48183dcbfe00bdd6d973bd3","reference_id":"f0bfc8a5561fb0b2c48183dcbfe00bdd6d973bd3","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-22T19:30:55Z/"}],"url":"https://git.kernel.org/stable/c/f0bfc8a5561fb0b2c48183dcbfe00bdd6d973bd3"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-52808"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cdm4-zs5q-t3ay"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/76160?format=json","vulnerability_id":"VCID-cdmn-b13u-4kbs","summary":"kernel: comedi: Fix use of uninitialized memory in do_insn_ioctl() and do_insnlist_ioctl()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39684.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39684.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2393502","reference_id":"2393502","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2393502"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-39684"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cdmn-b13u-4kbs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83297?format=json","vulnerability_id":"VCID-ceke-dy3x-2bh4","summary":"kernel: ax25: Remove broken autobind","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-22109.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-22109.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2360302","reference_id":"2360302","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2360302"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2025-22109"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ceke-dy3x-2bh4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73868?format=json","vulnerability_id":"VCID-ch6v-9ant-3qhx","summary":"kernel: drm/amdgpu: Fix size validation for non-exclusive domains (v4)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50527.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50527.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50527","reference_id":"","reference_type":"","scores":[{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02323","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50527"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2402249","reference_id":"2402249","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2402249"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6583","reference_id":"RHSA-2023:6583","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6583"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7077","reference_id":"RHSA-2023:7077","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7077"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-50527"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ch6v-9ant-3qhx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60502?format=json","vulnerability_id":"VCID-chcz-zty3-hbba","summary":"kernel: btrfs: fix transaction abort on set received ioctl due to item overflow","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43359.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43359.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2468167","reference_id":"2468167","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2468167"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2026-43359"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-chcz-zty3-hbba"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85029?format=json","vulnerability_id":"VCID-chxq-kw7x-nqbu","summary":"kernel: drm/amdgpu: avoid buffer overflow attach in smu_sys_set_pp_table()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21780.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21780.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/1abb2648698bf10783d2236a6b4a7ca5e8021699","reference_id":"1abb2648698bf10783d2236a6b4a7ca5e8021699","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-01T19:30:25Z/"}],"url":"https://git.kernel.org/stable/c/1abb2648698bf10783d2236a6b4a7ca5e8021699"},{"reference_url":"https://git.kernel.org/stable/c/231075c5a8ea54f34b7c4794687baa980814e6de","reference_id":"231075c5a8ea54f34b7c4794687baa980814e6de","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-01T19:30:25Z/"}],"url":"https://git.kernel.org/stable/c/231075c5a8ea54f34b7c4794687baa980814e6de"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2348580","reference_id":"2348580","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2348580"},{"reference_url":"https://git.kernel.org/stable/c/2498d2db1d35e88a2060ea191ae75dce853dd084","reference_id":"2498d2db1d35e88a2060ea191ae75dce853dd084","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-01T19:30:25Z/"}],"url":"https://git.kernel.org/stable/c/2498d2db1d35e88a2060ea191ae75dce853dd084"},{"reference_url":"https://git.kernel.org/stable/c/3484ea33157bc7334f57e64826ec5a4bf992151a","reference_id":"3484ea33157bc7334f57e64826ec5a4bf992151a","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-01T19:30:25Z/"}],"url":"https://git.kernel.org/stable/c/3484ea33157bc7334f57e64826ec5a4bf992151a"},{"reference_url":"https://git.kernel.org/stable/c/e43a8b9c4d700ffec819c5043a48769b3e7d9cab","reference_id":"e43a8b9c4d700ffec819c5043a48769b3e7d9cab","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-01T19:30:25Z/"}],"url":"https://git.kernel.org/stable/c/e43a8b9c4d700ffec819c5043a48769b3e7d9cab"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-21780"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-chxq-kw7x-nqbu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87026?format=json","vulnerability_id":"VCID-cjrz-aqf5-5qaj","summary":"kernel: smb: client: Fix use-after-free of network namespace.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-53095.json","reference_id":"","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-53095.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2327888","reference_id":"2327888","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2327888"},{"reference_url":"https://git.kernel.org/stable/c/c7f9282fc27fc36dbaffc8527c723de264a132f8","reference_id":"c7f9282fc27fc36dbaffc8527c723de264a132f8","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-12-11T14:28:13Z/"}],"url":"https://git.kernel.org/stable/c/c7f9282fc27fc36dbaffc8527c723de264a132f8"},{"reference_url":"https://git.kernel.org/stable/c/e8c71494181153a134c96da28766a57bd1eac8cb","reference_id":"e8c71494181153a134c96da28766a57bd1eac8cb","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-12-11T14:28:13Z/"}],"url":"https://git.kernel.org/stable/c/e8c71494181153a134c96da28766a57bd1eac8cb"},{"reference_url":"https://git.kernel.org/stable/c/ef7134c7fc48e1441b398e55a862232868a6f0a7","reference_id":"ef7134c7fc48e1441b398e55a862232868a6f0a7","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-12-11T14:28:13Z/"}],"url":"https://git.kernel.org/stable/c/ef7134c7fc48e1441b398e55a862232868a6f0a7"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:6966","reference_id":"RHSA-2025:6966","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:6966"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-53095"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cjrz-aqf5-5qaj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87660?format=json","vulnerability_id":"VCID-ck6v-aa7m-23cp","summary":"In the Linux kernel, the following vulnerability has been resolved:  net: hns3: fix kernel crash problem in concurrent scenario  When link status change, the nic driver need to notify the roce driver to handle this event, but at this time, the roce driver may uninit, then cause kernel crash.  To fix the problem, when link status change, need to check whether the roce registered, and when uninit, need to wait link update finish.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-39507.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-39507.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/12cda920212a49fa22d9e8b9492ac4ea013310a4","reference_id":"12cda920212a49fa22d9e8b9492ac4ea013310a4","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:06:51Z/"}],"url":"https://git.kernel.org/stable/c/12cda920212a49fa22d9e8b9492ac4ea013310a4"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2297702","reference_id":"2297702","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2297702"},{"reference_url":"https://git.kernel.org/stable/c/62b5dfb67bfa8bd0301bf3442004563495f9ee48","reference_id":"62b5dfb67bfa8bd0301bf3442004563495f9ee48","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:06:51Z/"}],"url":"https://git.kernel.org/stable/c/62b5dfb67bfa8bd0301bf3442004563495f9ee48"},{"reference_url":"https://git.kernel.org/stable/c/689de7c3bfc7d47e0eacc641c4ce4a0f579aeefa","reference_id":"689de7c3bfc7d47e0eacc641c4ce4a0f579aeefa","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:06:51Z/"}],"url":"https://git.kernel.org/stable/c/689de7c3bfc7d47e0eacc641c4ce4a0f579aeefa"},{"reference_url":"https://git.kernel.org/stable/c/6d0007f7b69d684879a0f598a042e40244d3cf63","reference_id":"6d0007f7b69d684879a0f598a042e40244d3cf63","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:06:51Z/"}],"url":"https://git.kernel.org/stable/c/6d0007f7b69d684879a0f598a042e40244d3cf63"},{"reference_url":"https://git.kernel.org/stable/c/b2c5024b771cd1dd8175d5f6949accfadbab7edd","reference_id":"b2c5024b771cd1dd8175d5f6949accfadbab7edd","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:06:51Z/"}],"url":"https://git.kernel.org/stable/c/b2c5024b771cd1dd8175d5f6949accfadbab7edd"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10771","reference_id":"RHSA-2024:10771","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10771"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9315","reference_id":"RHSA-2024:9315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9315"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-39507"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ck6v-aa7m-23cp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87110?format=json","vulnerability_id":"VCID-ckwp-ynmn-yuht","summary":"kernel: i40e: fix race condition by adding filter's intermediate sync state","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-53088.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-53088.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2327328","reference_id":"2327328","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2327328"},{"reference_url":"https://git.kernel.org/stable/c/262dc6ea5f1eb18c4d08ad83d51222d0dd0dd42a","reference_id":"262dc6ea5f1eb18c4d08ad83d51222d0dd0dd42a","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T20:11:41Z/"}],"url":"https://git.kernel.org/stable/c/262dc6ea5f1eb18c4d08ad83d51222d0dd0dd42a"},{"reference_url":"https://git.kernel.org/stable/c/6e046f4937474bc1b9fa980c1ad8f3253fc638f6","reference_id":"6e046f4937474bc1b9fa980c1ad8f3253fc638f6","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T20:11:41Z/"}],"url":"https://git.kernel.org/stable/c/6e046f4937474bc1b9fa980c1ad8f3253fc638f6"},{"reference_url":"https://git.kernel.org/stable/c/7ad3fb3bfd43feb4e15c81dffd23ac4e55742791","reference_id":"7ad3fb3bfd43feb4e15c81dffd23ac4e55742791","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T20:11:41Z/"}],"url":"https://git.kernel.org/stable/c/7ad3fb3bfd43feb4e15c81dffd23ac4e55742791"},{"reference_url":"https://git.kernel.org/stable/c/bf5f837d9fd27d32fb76df0a108babcaf4446ff1","reference_id":"bf5f837d9fd27d32fb76df0a108babcaf4446ff1","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T20:11:41Z/"}],"url":"https://git.kernel.org/stable/c/bf5f837d9fd27d32fb76df0a108babcaf4446ff1"},{"reference_url":"https://git.kernel.org/stable/c/f30490e9695ef7da3d0899c6a0293cc7cd373567","reference_id":"f30490e9695ef7da3d0899c6a0293cc7cd373567","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T20:11:41Z/"}],"url":"https://git.kernel.org/stable/c/f30490e9695ef7da3d0899c6a0293cc7cd373567"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0057","reference_id":"RHSA-2025:0057","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0057"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0065","reference_id":"RHSA-2025:0065","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0065"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0066","reference_id":"RHSA-2025:0066","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0066"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0578","reference_id":"RHSA-2025:0578","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0578"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-53088"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ckwp-ynmn-yuht"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85695?format=json","vulnerability_id":"VCID-ckx7-t8ac-yud5","summary":"kernel: ALSA: seq: oss: Fix races at processing SysEx messages","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-57893.json","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-57893.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2338210","reference_id":"2338210","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2338210"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-57893"],"risk_score":2.9,"exploitability":"0.5","weighted_severity":"5.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ckx7-t8ac-yud5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88316?format=json","vulnerability_id":"VCID-cmba-76wf-qbh7","summary":"In the Linux kernel, the following vulnerability has been resolved:  powerpc/pseries: Fix scv instruction crash with kexec  kexec on pseries disables AIL (reloc_on_exc), required for scv instruction support, before other CPUs have been shut down. This means they can execute scv instructions after AIL is disabled, which causes an interrupt at an unexpected entry location that crashes the kernel.  Change the kexec sequence to disable AIL after other CPUs have been brought down.  As a refresher, the real-mode scv interrupt vector is 0x17000, and the fixed-location head code probably couldn't easily deal with implementing such high addresses so it was just decided not to support that interrupt at all.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-42230.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-42230.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/21a741eb75f80397e5f7d3739e24d7d75e619011","reference_id":"21a741eb75f80397e5f7d3739e24d7d75e619011","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:14:24Z/"}],"url":"https://git.kernel.org/stable/c/21a741eb75f80397e5f7d3739e24d7d75e619011"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2301547","reference_id":"2301547","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2301547"},{"reference_url":"https://git.kernel.org/stable/c/8c6506616386ce37e59b2745fc481c6713fae4f3","reference_id":"8c6506616386ce37e59b2745fc481c6713fae4f3","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:14:24Z/"}],"url":"https://git.kernel.org/stable/c/8c6506616386ce37e59b2745fc481c6713fae4f3"},{"reference_url":"https://git.kernel.org/stable/c/c550679d604798d9fed8a5b2bb5693448a25407c","reference_id":"c550679d604798d9fed8a5b2bb5693448a25407c","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:14:24Z/"}],"url":"https://git.kernel.org/stable/c/c550679d604798d9fed8a5b2bb5693448a25407c"},{"reference_url":"https://git.kernel.org/stable/c/d10e3c39001e9194b9a1bfd6979bd3fa19dccdc5","reference_id":"d10e3c39001e9194b9a1bfd6979bd3fa19dccdc5","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:14:24Z/"}],"url":"https://git.kernel.org/stable/c/d10e3c39001e9194b9a1bfd6979bd3fa19dccdc5"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-42230"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cmba-76wf-qbh7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88508?format=json","vulnerability_id":"VCID-cnek-jxkn-yfgk","summary":"In the Linux kernel, the following vulnerability has been resolved:  media: mediatek: vcodec: Handle invalid decoder vsi  Handle an invalid decoder vsi in vpu_dec_init to ensure the decoder vsi is valid for future use.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-43831.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-43831.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/1c109f23b271a02b9bb195c173fab41e3285a8db","reference_id":"1c109f23b271a02b9bb195c173fab41e3285a8db","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:08:27Z/"}],"url":"https://git.kernel.org/stable/c/1c109f23b271a02b9bb195c173fab41e3285a8db"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2305489","reference_id":"2305489","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2305489"},{"reference_url":"https://git.kernel.org/stable/c/59d438f8e02ca641c58d77e1feffa000ff809e9f","reference_id":"59d438f8e02ca641c58d77e1feffa000ff809e9f","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:08:27Z/"}],"url":"https://git.kernel.org/stable/c/59d438f8e02ca641c58d77e1feffa000ff809e9f"},{"reference_url":"https://git.kernel.org/stable/c/cdf05ae76198c513836bde4eb55f099c44773280","reference_id":"cdf05ae76198c513836bde4eb55f099c44773280","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:08:27Z/"}],"url":"https://git.kernel.org/stable/c/cdf05ae76198c513836bde4eb55f099c44773280"},{"reference_url":"https://git.kernel.org/stable/c/dbd3e4adb98e50ede74f00b3fa956fa29ef95e6c","reference_id":"dbd3e4adb98e50ede74f00b3fa956fa29ef95e6c","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:08:27Z/"}],"url":"https://git.kernel.org/stable/c/dbd3e4adb98e50ede74f00b3fa956fa29ef95e6c"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-43831"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cnek-jxkn-yfgk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69364?format=json","vulnerability_id":"VCID-cnse-2rsg-d7cf","summary":"kernel: ext4: turn quotas off if mount failed after enabling quotas","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-54153.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-54153.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2425153","reference_id":"2425153","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2425153"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8617","reference_id":"RHSA-2024:8617","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8617"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9315","reference_id":"RHSA-2024:9315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9315"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-54153"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cnse-2rsg-d7cf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74014?format=json","vulnerability_id":"VCID-cpmb-dn6n-4fc1","summary":"kernel: wifi: wilc1000: avoid buffer overflow in WID string configuration","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39952.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39952.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2401429","reference_id":"2401429","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2401429"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2025-39952"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cpmb-dn6n-4fc1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77805?format=json","vulnerability_id":"VCID-cryk-yf4g-4bau","summary":"kernel: drm/msm: Fix a fence leak in submit error path","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38410.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38410.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2383394","reference_id":"2383394","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2383394"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-38410"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cryk-yf4g-4bau"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87984?format=json","vulnerability_id":"VCID-ctk6-edz1-tfbh","summary":"kernel: bpf: Zero former ARG_PTR_TO_{LONG,INT} args in case of error","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47728.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47728.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2320265","reference_id":"2320265","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2320265"},{"reference_url":"https://git.kernel.org/stable/c/4b3786a6c5397dc220b1483d8e2f4867743e966f","reference_id":"4b3786a6c5397dc220b1483d8e2f4867743e966f","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T13:00:53Z/"}],"url":"https://git.kernel.org/stable/c/4b3786a6c5397dc220b1483d8e2f4867743e966f"},{"reference_url":"https://git.kernel.org/stable/c/594a9f5a8d2de2573a856e506f77ba7dd2cefc6a","reference_id":"594a9f5a8d2de2573a856e506f77ba7dd2cefc6a","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T13:00:53Z/"}],"url":"https://git.kernel.org/stable/c/594a9f5a8d2de2573a856e506f77ba7dd2cefc6a"},{"reference_url":"https://git.kernel.org/stable/c/599d15b6d03356a97bff7a76155c5604c42a2962","reference_id":"599d15b6d03356a97bff7a76155c5604c42a2962","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T13:00:53Z/"}],"url":"https://git.kernel.org/stable/c/599d15b6d03356a97bff7a76155c5604c42a2962"},{"reference_url":"https://git.kernel.org/stable/c/8397bf78988f3ae9dbebb0200189a62a57264980","reference_id":"8397bf78988f3ae9dbebb0200189a62a57264980","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T13:00:53Z/"}],"url":"https://git.kernel.org/stable/c/8397bf78988f3ae9dbebb0200189a62a57264980"},{"reference_url":"https://git.kernel.org/stable/c/a634fa8e480ac2423f86311a602f6295df2c8ed0","reference_id":"a634fa8e480ac2423f86311a602f6295df2c8ed0","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T13:00:53Z/"}],"url":"https://git.kernel.org/stable/c/a634fa8e480ac2423f86311a602f6295df2c8ed0"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-47728"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ctk6-edz1-tfbh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87761?format=json","vulnerability_id":"VCID-cu6r-wqtq-rqgk","summary":"In the Linux kernel, the following vulnerability has been resolved:  f2fs: don't set RO when shutting down f2fs  Shutdown does not check the error of thaw_super due to readonly, which causes a deadlock like below.  f2fs_ioc_shutdown(F2FS_GOING_DOWN_FULLSYNC)        issue_discard_thread  - bdev_freeze   - freeze_super  - f2fs_stop_checkpoint()   - f2fs_handle_critical_error                     - sb_start_write     - set RO                                         - waiting  - bdev_thaw   - thaw_super_locked     - return -EINVAL, if sb_rdonly()  - f2fs_stop_discard_thread   -> wait for kthread_stop(discard_thread);","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-40969.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-40969.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/1036d3ea7a32cb7cee00885c73a1f2ba7fbc499a","reference_id":"1036d3ea7a32cb7cee00885c73a1f2ba7fbc499a","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:03:00Z/"}],"url":"https://git.kernel.org/stable/c/1036d3ea7a32cb7cee00885c73a1f2ba7fbc499a"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2297553","reference_id":"2297553","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2297553"},{"reference_url":"https://git.kernel.org/stable/c/3bdb7f161697e2d5123b89fe1778ef17a44858e7","reference_id":"3bdb7f161697e2d5123b89fe1778ef17a44858e7","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:03:00Z/"}],"url":"https://git.kernel.org/stable/c/3bdb7f161697e2d5123b89fe1778ef17a44858e7"},{"reference_url":"https://git.kernel.org/stable/c/f47ed3b284b38f235355e281f57dfa8fffcc6563","reference_id":"f47ed3b284b38f235355e281f57dfa8fffcc6563","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:03:00Z/"}],"url":"https://git.kernel.org/stable/c/f47ed3b284b38f235355e281f57dfa8fffcc6563"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-40969"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cu6r-wqtq-rqgk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85925?format=json","vulnerability_id":"VCID-cutc-q283-nkfk","summary":"kernel: drm/sti: avoid potential dereference of error pointers in sti_hqvdp_atomic_check","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56778.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56778.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2336551","reference_id":"2336551","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2336551"},{"reference_url":"https://git.kernel.org/stable/c/31c857e7496d34e5a32a6f75bc024d0b06fd646a","reference_id":"31c857e7496d34e5a32a6f75bc024d0b06fd646a","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:56:31Z/"}],"url":"https://git.kernel.org/stable/c/31c857e7496d34e5a32a6f75bc024d0b06fd646a"},{"reference_url":"https://git.kernel.org/stable/c/6b0d0d6e9d3c26697230bf7dc9e6b52bdb24086f","reference_id":"6b0d0d6e9d3c26697230bf7dc9e6b52bdb24086f","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:56:31Z/"}],"url":"https://git.kernel.org/stable/c/6b0d0d6e9d3c26697230bf7dc9e6b52bdb24086f"},{"reference_url":"https://git.kernel.org/stable/c/82a5312f874fb18f045d9658e9bd290e3b0621c0","reference_id":"82a5312f874fb18f045d9658e9bd290e3b0621c0","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:56:31Z/"}],"url":"https://git.kernel.org/stable/c/82a5312f874fb18f045d9658e9bd290e3b0621c0"},{"reference_url":"https://git.kernel.org/stable/c/837eb99ad3340c7a9febf454f41c8e3edb68ac1e","reference_id":"837eb99ad3340c7a9febf454f41c8e3edb68ac1e","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:56:31Z/"}],"url":"https://git.kernel.org/stable/c/837eb99ad3340c7a9febf454f41c8e3edb68ac1e"},{"reference_url":"https://git.kernel.org/stable/c/c1ab40a1fdfee732c7e6ff2fb8253760293e47e8","reference_id":"c1ab40a1fdfee732c7e6ff2fb8253760293e47e8","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:56:31Z/"}],"url":"https://git.kernel.org/stable/c/c1ab40a1fdfee732c7e6ff2fb8253760293e47e8"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-56778"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cutc-q283-nkfk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64787?format=json","vulnerability_id":"VCID-cve4-w99k-tycg","summary":"kernel: netfilter: nf_tables: always walk all pending catchall elements","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23278.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23278.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2449570","reference_id":"2449570","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2449570"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-23278"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cve4-w99k-tycg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87781?format=json","vulnerability_id":"VCID-cvxx-ddda-kbc5","summary":"kernel: uprobe: avoid out-of-bounds memory access of fetching args","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-50067.json","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-50067.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/0dc3ad9ad2188da7f090b3dbe4d2fcd9ae8ae64f","reference_id":"0dc3ad9ad2188da7f090b3dbe4d2fcd9ae8ae64f","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-12-11T14:49:09Z/"}],"url":"https://git.kernel.org/stable/c/0dc3ad9ad2188da7f090b3dbe4d2fcd9ae8ae64f"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322072","reference_id":"2322072","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322072"},{"reference_url":"https://git.kernel.org/stable/c/373b9338c9722a368925d83bc622c596896b328e","reference_id":"373b9338c9722a368925d83bc622c596896b328e","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-12-11T14:49:09Z/"}],"url":"https://git.kernel.org/stable/c/373b9338c9722a368925d83bc622c596896b328e"},{"reference_url":"https://git.kernel.org/stable/c/537ad4a431f6dddbf15d40d19f24bb9ee12b55cb","reference_id":"537ad4a431f6dddbf15d40d19f24bb9ee12b55cb","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-12-11T14:49:09Z/"}],"url":"https://git.kernel.org/stable/c/537ad4a431f6dddbf15d40d19f24bb9ee12b55cb"},{"reference_url":"https://git.kernel.org/stable/c/9e5f93788c9dd4309e75a56860a1ac44a8e117b9","reference_id":"9e5f93788c9dd4309e75a56860a1ac44a8e117b9","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-12-11T14:49:09Z/"}],"url":"https://git.kernel.org/stable/c/9e5f93788c9dd4309e75a56860a1ac44a8e117b9"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:6966","reference_id":"RHSA-2025:6966","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:6966"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-50067"],"risk_score":3.3,"exploitability":"0.5","weighted_severity":"6.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cvxx-ddda-kbc5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59267?format=json","vulnerability_id":"VCID-cwhw-j942-ukcu","summary":"kernel: ipv6: xfrm6: release dst on error in xfrm6_rcv_encap()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46172.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46172.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482644","reference_id":"2482644","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482644"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-46172"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cwhw-j942-ukcu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60750?format=json","vulnerability_id":"VCID-cyee-gj74-1khy","summary":"kernel: netfilter: nfnetlink_log: initialize nfgenmsg in NLMSG_DONE terminator","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43085.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43085.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467020","reference_id":"2467020","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467020"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-43085"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cyee-gj74-1khy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88793?format=json","vulnerability_id":"VCID-cz1z-nknc-syb5","summary":"kernel: wifi: mt76: mt7921: fix NULL pointer access in mt7921_ipv6_addr_change","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-46860.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-46860.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315212","reference_id":"2315212","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315212"},{"reference_url":"https://git.kernel.org/stable/c/479ffee68d59c599f8aed8fa2dcc8e13e7bd13c3","reference_id":"479ffee68d59c599f8aed8fa2dcc8e13e7bd13c3","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T13:54:01Z/"}],"url":"https://git.kernel.org/stable/c/479ffee68d59c599f8aed8fa2dcc8e13e7bd13c3"},{"reference_url":"https://git.kernel.org/stable/c/4bfee9346d8c17d928ef6da2b8bffab88fa2a553","reference_id":"4bfee9346d8c17d928ef6da2b8bffab88fa2a553","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T13:54:01Z/"}],"url":"https://git.kernel.org/stable/c/4bfee9346d8c17d928ef6da2b8bffab88fa2a553"},{"reference_url":"https://git.kernel.org/stable/c/8d92bafd4c67efb692f722d73a07412b5f88c6d6","reference_id":"8d92bafd4c67efb692f722d73a07412b5f88c6d6","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T13:54:01Z/"}],"url":"https://git.kernel.org/stable/c/8d92bafd4c67efb692f722d73a07412b5f88c6d6"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-46860"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cz1z-nknc-syb5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87662?format=json","vulnerability_id":"VCID-d3yu-1y9x-1bgf","summary":"In the Linux kernel, the following vulnerability has been resolved:  io_uring/io-wq: Use set_bit() and test_bit() at worker->flags  Utilize set_bit() and test_bit() on worker->flags within io_uring/io-wq to address potential data races.  The structure io_worker->flags may be accessed through various data paths, leading to concurrency issues. When KCSAN is enabled, it reveals data races occurring in io_worker_handle_work and io_wq_activate_free_worker functions.  \t BUG: KCSAN: data-race in io_worker_handle_work / io_wq_activate_free_worker \t write to 0xffff8885c4246404 of 4 bytes by task 49071 on cpu 28: \t io_worker_handle_work (io_uring/io-wq.c:434 io_uring/io-wq.c:569) \t io_wq_worker (io_uring/io-wq.c:?) <snip>  \t read to 0xffff8885c4246404 of 4 bytes by task 49024 on cpu 5: \t io_wq_activate_free_worker (io_uring/io-wq.c:? io_uring/io-wq.c:285) \t io_wq_enqueue (io_uring/io-wq.c:947) \t io_queue_iowq (io_uring/io_uring.c:524) \t io_req_task_submit (io_uring/io_uring.c:1511) \t io_handle_tw_list (io_uring/io_uring.c:1198) <snip>  Line numbers against commit 18daea77cca6 (\"Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm\").  These races involve writes and reads to the same memory location by different tasks running on different CPUs. To mitigate this, refactor the code to use atomic operations such as set_bit(), test_bit(), and clear_bit() instead of basic \"and\" and \"or\" operations. This ensures thread-safe manipulation of worker flags.  Also, move `create_index` to avoid holes in the structure.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-39508.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-39508.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/1cbb0affb15470a9621267fe0a8568007553a4bf","reference_id":"1cbb0affb15470a9621267fe0a8568007553a4bf","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:06:48Z/"}],"url":"https://git.kernel.org/stable/c/1cbb0affb15470a9621267fe0a8568007553a4bf"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2297480","reference_id":"2297480","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2297480"},{"reference_url":"https://git.kernel.org/stable/c/8a565304927fbd28c9f028c492b5c1714002cbab","reference_id":"8a565304927fbd28c9f028c492b5c1714002cbab","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:06:48Z/"}],"url":"https://git.kernel.org/stable/c/8a565304927fbd28c9f028c492b5c1714002cbab"},{"reference_url":"https://git.kernel.org/stable/c/ab702c3483db9046bab9f40306f1a28b22dbbdc0","reference_id":"ab702c3483db9046bab9f40306f1a28b22dbbdc0","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:06:48Z/"}],"url":"https://git.kernel.org/stable/c/ab702c3483db9046bab9f40306f1a28b22dbbdc0"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9315","reference_id":"RHSA-2024:9315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9315"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-39508"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d3yu-1y9x-1bgf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70135?format=json","vulnerability_id":"VCID-d8pa-9k5z-8kba","summary":"kernel: drm/amd/display: populate subvp cmd info only for the top pipe","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53806.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53806.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2420232","reference_id":"2420232","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2420232"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2394","reference_id":"RHSA-2024:2394","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2394"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-53806"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d8pa-9k5z-8kba"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79612?format=json","vulnerability_id":"VCID-dak7-j4ff-kqb7","summary":"kernel: virtio: break and reset virtio devices on device_shutdown()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38064.json","reference_id":"","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38064.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2373319","reference_id":"2373319","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2373319"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2025-38064"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dak7-j4ff-kqb7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88494?format=json","vulnerability_id":"VCID-datf-bast-yufk","summary":"kernel: PCI: keystone: Add workaround for Errata #i2037 (AM65x SR 1.0)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47667.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47667.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/135843c351c08df72bdd4b4ebea53c8052a76881","reference_id":"135843c351c08df72bdd4b4ebea53c8052a76881","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:21:25Z/"}],"url":"https://git.kernel.org/stable/c/135843c351c08df72bdd4b4ebea53c8052a76881"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2317603","reference_id":"2317603","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2317603"},{"reference_url":"https://git.kernel.org/stable/c/576d0fb6f8d4bd4695e70eee173a1b9c7bae9572","reference_id":"576d0fb6f8d4bd4695e70eee173a1b9c7bae9572","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:21:25Z/"}],"url":"https://git.kernel.org/stable/c/576d0fb6f8d4bd4695e70eee173a1b9c7bae9572"},{"reference_url":"https://git.kernel.org/stable/c/86f271f22bbb6391410a07e08d6ca3757fda01fa","reference_id":"86f271f22bbb6391410a07e08d6ca3757fda01fa","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:21:25Z/"}],"url":"https://git.kernel.org/stable/c/86f271f22bbb6391410a07e08d6ca3757fda01fa"},{"reference_url":"https://git.kernel.org/stable/c/af218c803fe298ddf00abef331aa526b20d7ea61","reference_id":"af218c803fe298ddf00abef331aa526b20d7ea61","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:21:25Z/"}],"url":"https://git.kernel.org/stable/c/af218c803fe298ddf00abef331aa526b20d7ea61"},{"reference_url":"https://git.kernel.org/stable/c/cfb006e185f64edbbdf7869eac352442bc76b8f6","reference_id":"cfb006e185f64edbbdf7869eac352442bc76b8f6","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:21:25Z/"}],"url":"https://git.kernel.org/stable/c/cfb006e185f64edbbdf7869eac352442bc76b8f6"},{"reference_url":"https://git.kernel.org/stable/c/dd47051c76c8acd8cb983f01b4d1265da29cb66a","reference_id":"dd47051c76c8acd8cb983f01b4d1265da29cb66a","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:21:25Z/"}],"url":"https://git.kernel.org/stable/c/dd47051c76c8acd8cb983f01b4d1265da29cb66a"},{"reference_url":"https://git.kernel.org/stable/c/ebbdbbc580c1695dec283d0ba6448729dc993246","reference_id":"ebbdbbc580c1695dec283d0ba6448729dc993246","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:21:25Z/"}],"url":"https://git.kernel.org/stable/c/ebbdbbc580c1695dec283d0ba6448729dc993246"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-47667"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-datf-bast-yufk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75995?format=json","vulnerability_id":"VCID-db4d-37dr-33g1","summary":"kernel: bus: mhi: host: Detect events pointing to unexpected TREs","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39790.json","reference_id":"","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39790.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2394598","reference_id":"2394598","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2394598"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-39790"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-db4d-37dr-33g1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61438?format=json","vulnerability_id":"VCID-ded4-9rjt-g7cf","summary":"kernel: ALSA: ctxfi: Check the error for index mapping","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31777.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31777.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2464388","reference_id":"2464388","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2464388"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2026-31777"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ded4-9rjt-g7cf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87470?format=json","vulnerability_id":"VCID-depb-y37w-s7hz","summary":"kernel: nvme-pci: fix race condition between reset and nvme_dev_disable()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-50135.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-50135.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2323910","reference_id":"2323910","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2323910"},{"reference_url":"https://git.kernel.org/stable/c/26bc0a81f64ce00fc4342c38eeb2eddaad084dd2","reference_id":"26bc0a81f64ce00fc4342c38eeb2eddaad084dd2","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T20:21:20Z/"}],"url":"https://git.kernel.org/stable/c/26bc0a81f64ce00fc4342c38eeb2eddaad084dd2"},{"reference_url":"https://git.kernel.org/stable/c/4ed32cc0939b64e3d7b48c8c0d63ea038775f304","reference_id":"4ed32cc0939b64e3d7b48c8c0d63ea038775f304","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T20:21:20Z/"}],"url":"https://git.kernel.org/stable/c/4ed32cc0939b64e3d7b48c8c0d63ea038775f304"},{"reference_url":"https://git.kernel.org/stable/c/b33e49a5f254474b33ce98fd45dd0ffdc247a0be","reference_id":"b33e49a5f254474b33ce98fd45dd0ffdc247a0be","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T20:21:20Z/"}],"url":"https://git.kernel.org/stable/c/b33e49a5f254474b33ce98fd45dd0ffdc247a0be"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-50135"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-depb-y37w-s7hz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61972?format=json","vulnerability_id":"VCID-dfvt-3g8h-c7gs","summary":"kernel: HID: core: clamp report_size in s32ton() to avoid undefined shift","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31624.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31624.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461477","reference_id":"2461477","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461477"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-31624"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dfvt-3g8h-c7gs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/76622?format=json","vulnerability_id":"VCID-dhwc-kc1z-aqaw","summary":"kernel: smb3: fix for slab out of bounds on mount to ksmbd","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38728.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38728.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2393173","reference_id":"2393173","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2393173"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-38728"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dhwc-kc1z-aqaw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86085?format=json","vulnerability_id":"VCID-dks7-nav4-qkcw","summary":"kernel: fbdev: sh7760fb: Fix a possible memory leak in sh7760fb_alloc_mem()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56746.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56746.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/0d3fb3b3e9d66f7b6346e3b90bc0ff48683539ce","reference_id":"0d3fb3b3e9d66f7b6346e3b90bc0ff48683539ce","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-17T20:10:09Z/"}],"url":"https://git.kernel.org/stable/c/0d3fb3b3e9d66f7b6346e3b90bc0ff48683539ce"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2334815","reference_id":"2334815","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2334815"},{"reference_url":"https://git.kernel.org/stable/c/29216bb390e36daeebef66abaa02d9751330252b","reference_id":"29216bb390e36daeebef66abaa02d9751330252b","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-17T20:10:09Z/"}],"url":"https://git.kernel.org/stable/c/29216bb390e36daeebef66abaa02d9751330252b"},{"reference_url":"https://git.kernel.org/stable/c/3dd9df8e5f34c6fc4217a7498c1fb3c352d4afc2","reference_id":"3dd9df8e5f34c6fc4217a7498c1fb3c352d4afc2","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-17T20:10:09Z/"}],"url":"https://git.kernel.org/stable/c/3dd9df8e5f34c6fc4217a7498c1fb3c352d4afc2"},{"reference_url":"https://git.kernel.org/stable/c/40f4326ed05a3b3537556ff2a844958b9e779a98","reference_id":"40f4326ed05a3b3537556ff2a844958b9e779a98","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-17T20:10:09Z/"}],"url":"https://git.kernel.org/stable/c/40f4326ed05a3b3537556ff2a844958b9e779a98"},{"reference_url":"https://git.kernel.org/stable/c/bad37309c8b8bf1cfc893750df0951a804009ca0","reference_id":"bad37309c8b8bf1cfc893750df0951a804009ca0","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-17T20:10:09Z/"}],"url":"https://git.kernel.org/stable/c/bad37309c8b8bf1cfc893750df0951a804009ca0"},{"reference_url":"https://git.kernel.org/stable/c/d10cd53e5a7fb3b7c6f83d4d9a5ea1d97a3ed9a5","reference_id":"d10cd53e5a7fb3b7c6f83d4d9a5ea1d97a3ed9a5","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-17T20:10:09Z/"}],"url":"https://git.kernel.org/stable/c/d10cd53e5a7fb3b7c6f83d4d9a5ea1d97a3ed9a5"},{"reference_url":"https://git.kernel.org/stable/c/d48cbfa90dce506030151915fa3346d67f964af4","reference_id":"d48cbfa90dce506030151915fa3346d67f964af4","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-17T20:10:09Z/"}],"url":"https://git.kernel.org/stable/c/d48cbfa90dce506030151915fa3346d67f964af4"},{"reference_url":"https://git.kernel.org/stable/c/f4fbd70e15fafe36a7583954ce189aaf5536aeec","reference_id":"f4fbd70e15fafe36a7583954ce189aaf5536aeec","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-17T20:10:09Z/"}],"url":"https://git.kernel.org/stable/c/f4fbd70e15fafe36a7583954ce189aaf5536aeec"},{"reference_url":"https://git.kernel.org/stable/c/f89d17ae2ac42931be2a0153fecbf8533280c927","reference_id":"f89d17ae2ac42931be2a0153fecbf8533280c927","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-17T20:10:09Z/"}],"url":"https://git.kernel.org/stable/c/f89d17ae2ac42931be2a0153fecbf8533280c927"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-56746"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dks7-nav4-qkcw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85126?format=json","vulnerability_id":"VCID-dmuj-xgyz-13ey","summary":"kernel: net: ravb: Fix missing rtnl lock in suspend/resume path","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21801.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21801.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2348892","reference_id":"2348892","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2348892"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2025-21801"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dmuj-xgyz-13ey"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88070?format=json","vulnerability_id":"VCID-dn7j-n97s-bqgf","summary":"kernel: x86/mm/ident_map: Use gbpages only where full GB page should be mapped.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-50017.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-50017.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2320477","reference_id":"2320477","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2320477"},{"reference_url":"https://git.kernel.org/stable/c/a23823098ab2c277c14fc110b97d8d5c83597195","reference_id":"a23823098ab2c277c14fc110b97d8d5c83597195","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:27:53Z/"}],"url":"https://git.kernel.org/stable/c/a23823098ab2c277c14fc110b97d8d5c83597195"},{"reference_url":"https://git.kernel.org/stable/c/cc31744a294584a36bf764a0ffa3255a8e69f036","reference_id":"cc31744a294584a36bf764a0ffa3255a8e69f036","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:27:53Z/"}],"url":"https://git.kernel.org/stable/c/cc31744a294584a36bf764a0ffa3255a8e69f036"},{"reference_url":"https://git.kernel.org/stable/c/d113f9723f2bfd9c6feeb899b8ddbee6b8a6e01f","reference_id":"d113f9723f2bfd9c6feeb899b8ddbee6b8a6e01f","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:27:53Z/"}],"url":"https://git.kernel.org/stable/c/d113f9723f2bfd9c6feeb899b8ddbee6b8a6e01f"},{"reference_url":"https://git.kernel.org/stable/c/d80a99892f7a992d103138fa4636b2c33abd6740","reference_id":"d80a99892f7a992d103138fa4636b2c33abd6740","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:27:53Z/"}],"url":"https://git.kernel.org/stable/c/d80a99892f7a992d103138fa4636b2c33abd6740"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-50017"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dn7j-n97s-bqgf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85827?format=json","vulnerability_id":"VCID-dnkk-egv9-23gy","summary":"kernel: drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-57798.json","reference_id":"","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-57798.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2337113","reference_id":"2337113","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2337113"},{"reference_url":"https://git.kernel.org/stable/c/9735d40f5fde9970aa46e828ecc85c32571d58a2","reference_id":"9735d40f5fde9970aa46e828ecc85c32571d58a2","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-01T20:08:59Z/"}],"url":"https://git.kernel.org/stable/c/9735d40f5fde9970aa46e828ecc85c32571d58a2"},{"reference_url":"https://git.kernel.org/stable/c/ce55818b2d3a999f886af91679589e4644ff1dc8","reference_id":"ce55818b2d3a999f886af91679589e4644ff1dc8","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-01T20:08:59Z/"}],"url":"https://git.kernel.org/stable/c/ce55818b2d3a999f886af91679589e4644ff1dc8"},{"reference_url":"https://git.kernel.org/stable/c/e54b00086f7473dbda1a7d6fc47720ced157c6a8","reference_id":"e54b00086f7473dbda1a7d6fc47720ced157c6a8","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-01T20:08:59Z/"}],"url":"https://git.kernel.org/stable/c/e54b00086f7473dbda1a7d6fc47720ced157c6a8"},{"reference_url":"https://git.kernel.org/stable/c/f61b2e5e7821f868d6afc22382a66a30ee780ba0","reference_id":"f61b2e5e7821f868d6afc22382a66a30ee780ba0","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-01T20:08:59Z/"}],"url":"https://git.kernel.org/stable/c/f61b2e5e7821f868d6afc22382a66a30ee780ba0"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:6966","reference_id":"RHSA-2025:6966","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:6966"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-57798"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dnkk-egv9-23gy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88147?format=json","vulnerability_id":"VCID-dpuv-bpb1-y3hy","summary":"In the Linux kernel, the following vulnerability has been resolved:  crypto: ecdh - explicitly zeroize private_key  private_key is overwritten with the key parameter passed in by the caller (if present), or alternatively a newly generated private key. However, it is possible that the caller provides a key (or the newly generated key) which is shorter than the previous key. In that scenario, some key material from the previous key would not be overwritten. The easiest solution is to explicitly zeroize the entire private_key array first.  Note that this patch slightly changes the behavior of this function: previously, if the ecc_gen_privkey failed, the old private_key would remain. Now, the private_key is always zeroized. This behavior is consistent with the case where params.key is set and ecc_is_key_valid fails.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-42098.json","reference_id":"","reference_type":"","scores":[{"value":"4.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-42098.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2300717","reference_id":"2300717","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2300717"},{"reference_url":"https://git.kernel.org/stable/c/39173b04abda87872b43c331468a4a14f8f05ce8","reference_id":"39173b04abda87872b43c331468a4a14f8f05ce8","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:18:15Z/"}],"url":"https://git.kernel.org/stable/c/39173b04abda87872b43c331468a4a14f8f05ce8"},{"reference_url":"https://git.kernel.org/stable/c/73e5984e540a76a2ee1868b91590c922da8c24c9","reference_id":"73e5984e540a76a2ee1868b91590c922da8c24c9","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:18:15Z/"}],"url":"https://git.kernel.org/stable/c/73e5984e540a76a2ee1868b91590c922da8c24c9"},{"reference_url":"https://git.kernel.org/stable/c/80575b252ab0358b7e93895b2a510beb3cb3f975","reference_id":"80575b252ab0358b7e93895b2a510beb3cb3f975","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:18:15Z/"}],"url":"https://git.kernel.org/stable/c/80575b252ab0358b7e93895b2a510beb3cb3f975"},{"reference_url":"https://git.kernel.org/stable/c/d96187eb8e59b572a8e6a68b6a9837a867ea29df","reference_id":"d96187eb8e59b572a8e6a68b6a9837a867ea29df","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:18:15Z/"}],"url":"https://git.kernel.org/stable/c/d96187eb8e59b572a8e6a68b6a9837a867ea29df"},{"reference_url":"https://git.kernel.org/stable/c/fd7ef325911eba1b7191b83cb580463242f2090d","reference_id":"fd7ef325911eba1b7191b83cb580463242f2090d","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:18:15Z/"}],"url":"https://git.kernel.org/stable/c/fd7ef325911eba1b7191b83cb580463242f2090d"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-42098"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dpuv-bpb1-y3hy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70827?format=json","vulnerability_id":"VCID-dr6k-wngb-gyf3","summary":"kernel: gfs2: Fix unlikely race in gdlm_put_lock","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40242.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40242.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2418819","reference_id":"2418819","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2418819"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-40242"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dr6k-wngb-gyf3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74923?format=json","vulnerability_id":"VCID-ds2e-2q6w-u3hq","summary":"kernel: wifi: ath11k: mhi: fix potential memory leak in ath11k_mhi_register()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50418.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50418.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50418","reference_id":"","reference_type":"","scores":[{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04097","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50418"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2396520","reference_id":"2396520","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2396520"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2458","reference_id":"RHSA-2023:2458","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2951","reference_id":"RHSA-2023:2951","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2951"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-50418"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ds2e-2q6w-u3hq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72714?format=json","vulnerability_id":"VCID-du51-qgzm-t7bb","summary":"kernel: can: hi311x: fix null pointer dereference when resuming from sleep before interface was enabled","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40107.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40107.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2411971","reference_id":"2411971","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2411971"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-40107"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-du51-qgzm-t7bb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87301?format=json","vulnerability_id":"VCID-duaf-rgdb-wybk","summary":"kernel: net: fix crash when config small gso_max_size/gso_ipv4_max_size","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-50258.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-50258.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2324879","reference_id":"2324879","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2324879"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-50258"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-duaf-rgdb-wybk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87438?format=json","vulnerability_id":"VCID-dv6t-6faw-tqan","summary":"In the Linux kernel, the following vulnerability has been resolved:  ax25: Fix reference count leak issue of net_device  There is a reference count leak issue of the object \"net_device\" in ax25_dev_device_down(). When the ax25 device is shutting down, the ax25_dev_device_down() drops the reference count of net_device one or zero times depending on if we goto unlock_put or not, which will cause memory leak.  In order to solve the above issue, decrease the reference count of net_device after dev->ax25_ptr is set to null.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38554.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38554.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2293445","reference_id":"2293445","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2293445"},{"reference_url":"https://git.kernel.org/stable/c/36e56b1b002bb26440403053f19f9e1a8bc075b2","reference_id":"36e56b1b002bb26440403053f19f9e1a8bc075b2","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:14:44Z/"}],"url":"https://git.kernel.org/stable/c/36e56b1b002bb26440403053f19f9e1a8bc075b2"},{"reference_url":"https://git.kernel.org/stable/c/3ec437f9bbae68e9b38115c4c91de995f73f6bad","reference_id":"3ec437f9bbae68e9b38115c4c91de995f73f6bad","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:14:44Z/"}],"url":"https://git.kernel.org/stable/c/3ec437f9bbae68e9b38115c4c91de995f73f6bad"},{"reference_url":"https://git.kernel.org/stable/c/8bad3a20a27be8d935f2aae08d3c6e743754944a","reference_id":"8bad3a20a27be8d935f2aae08d3c6e743754944a","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:14:44Z/"}],"url":"https://git.kernel.org/stable/c/8bad3a20a27be8d935f2aae08d3c6e743754944a"},{"reference_url":"https://git.kernel.org/stable/c/965d940fb7414b310a22666503d2af69459c981b","reference_id":"965d940fb7414b310a22666503d2af69459c981b","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:14:44Z/"}],"url":"https://git.kernel.org/stable/c/965d940fb7414b310a22666503d2af69459c981b"},{"reference_url":"https://git.kernel.org/stable/c/eef95df9b752699bddecefa851f64858247246e9","reference_id":"eef95df9b752699bddecefa851f64858247246e9","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:14:44Z/"}],"url":"https://git.kernel.org/stable/c/eef95df9b752699bddecefa851f64858247246e9"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-38554"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dv6t-6faw-tqan"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81829?format=json","vulnerability_id":"VCID-dxeb-ytcr-ukgu","summary":"In the Linux kernel, the following vulnerability has been resolved:  moxart: fix potential use-after-free on remove path  It was reported that the mmc host structure could be accessed after it was freed in moxart_remove(), so fix this by saving the base register of the device and using it instead of the pointer dereference.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48626.json","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48626.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-48626","reference_id":"","reference_type":"","scores":[{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03444","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-48626"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2266029","reference_id":"2266029","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2266029"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-48626"],"risk_score":2.9,"exploitability":"0.5","weighted_severity":"5.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dxeb-ytcr-ukgu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86639?format=json","vulnerability_id":"VCID-dybn-gdm4-97cj","summary":"In the Linux kernel, the following vulnerability has been resolved:  s390/dasd: fix double module refcount decrement  Once the discipline is associated with the device, deleting the device takes care of decrementing the module's refcount.  Doing it manually on this error path causes refcount to artificially decrease on each error while it should just stay the same.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27054.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27054.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2278413","reference_id":"2278413","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2278413"},{"reference_url":"https://git.kernel.org/stable/c/9fe0562179d8fa960afca0eaed6d4ba4122a3cc6","reference_id":"9fe0562179d8fa960afca0eaed6d4ba4122a3cc6","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-06T18:30:31Z/"}],"url":"https://git.kernel.org/stable/c/9fe0562179d8fa960afca0eaed6d4ba4122a3cc6"},{"reference_url":"https://git.kernel.org/stable/c/ad999aa18103fa038787b6a8a55020abcf34df1a","reference_id":"ad999aa18103fa038787b6a8a55020abcf34df1a","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-06T18:30:31Z/"}],"url":"https://git.kernel.org/stable/c/ad999aa18103fa038787b6a8a55020abcf34df1a"},{"reference_url":"https://git.kernel.org/stable/c/c3116e62ddeff79cae342147753ce596f01fcf06","reference_id":"c3116e62ddeff79cae342147753ce596f01fcf06","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-06T18:30:31Z/"}],"url":"https://git.kernel.org/stable/c/c3116e62ddeff79cae342147753ce596f01fcf06"},{"reference_url":"https://git.kernel.org/stable/c/ebc5a3bd79e54f98c885c26f0862a27a02c487c5","reference_id":"ebc5a3bd79e54f98c885c26f0862a27a02c487c5","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-06T18:30:31Z/"}],"url":"https://git.kernel.org/stable/c/ebc5a3bd79e54f98c885c26f0862a27a02c487c5"},{"reference_url":"https://git.kernel.org/stable/c/ec09bcab32fc4765e0cc97e1b72cdd067135f37e","reference_id":"ec09bcab32fc4765e0cc97e1b72cdd067135f37e","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-06T18:30:31Z/"}],"url":"https://git.kernel.org/stable/c/ec09bcab32fc4765e0cc97e1b72cdd067135f37e"},{"reference_url":"https://git.kernel.org/stable/c/edbdb0d94143db46edd373cc93e433832d29fe19","reference_id":"edbdb0d94143db46edd373cc93e433832d29fe19","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-06T18:30:31Z/"}],"url":"https://git.kernel.org/stable/c/edbdb0d94143db46edd373cc93e433832d29fe19"},{"reference_url":"https://git.kernel.org/stable/c/fa18aa507ea71d8914b6acb2c94db311c757c650","reference_id":"fa18aa507ea71d8914b6acb2c94db311c757c650","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-06T18:30:31Z/"}],"url":"https://git.kernel.org/stable/c/fa18aa507ea71d8914b6acb2c94db311c757c650"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-27054"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dybn-gdm4-97cj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74106?format=json","vulnerability_id":"VCID-dyeg-atry-5bdk","summary":"kernel: drivers: base: Free devm resources when unregistering a device","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53596.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53596.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2401501","reference_id":"2401501","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2401501"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9315","reference_id":"RHSA-2024:9315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9315"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-53596"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dyeg-atry-5bdk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88355?format=json","vulnerability_id":"VCID-dyxw-y7s8-6kek","summary":"In the Linux kernel, the following vulnerability has been resolved:  gpio: pca953x: fix pca953x_irq_bus_sync_unlock race  Ensure that `i2c_lock' is held when setting interrupt latch and mask in pca953x_irq_bus_sync_unlock() in order to avoid races.  The other (non-probe) call site pca953x_gpio_set_multiple() ensures the lock is held before calling pca953x_write_regs().  The problem occurred when a request raced against irq_bus_sync_unlock() approximately once per thousand reboots on an i.MX8MP based system.   * Normal case     0-0022: write register AI|3a {03,02,00,00,01} Input latch P0    0-0022: write register AI|49 {fc,fd,ff,ff,fe} Interrupt mask P0    0-0022: write register AI|08 {ff,00,00,00,00} Output P3    0-0022: write register AI|12 {fc,00,00,00,00} Config P3   * Race case     0-0022: write register AI|08 {ff,00,00,00,00} Output P3    0-0022: write register AI|08 {03,02,00,00,01} *** Wrong register ***    0-0022: write register AI|12 {fc,00,00,00,00} Config P3    0-0022: write register AI|49 {fc,fd,ff,ff,fe} Interrupt mask P0","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-42253.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-42253.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2303634","reference_id":"2303634","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2303634"},{"reference_url":"https://git.kernel.org/stable/c/58a5c93bd1a6e949267400080f07e57ffe05ec34","reference_id":"58a5c93bd1a6e949267400080f07e57ffe05ec34","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:13:09Z/"}],"url":"https://git.kernel.org/stable/c/58a5c93bd1a6e949267400080f07e57ffe05ec34"},{"reference_url":"https://git.kernel.org/stable/c/bfc6444b57dc7186b6acc964705d7516cbaf3904","reference_id":"bfc6444b57dc7186b6acc964705d7516cbaf3904","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:13:09Z/"}],"url":"https://git.kernel.org/stable/c/bfc6444b57dc7186b6acc964705d7516cbaf3904"},{"reference_url":"https://git.kernel.org/stable/c/de7cffa53149c7b48bd1bb29b02390c9f05b7f41","reference_id":"de7cffa53149c7b48bd1bb29b02390c9f05b7f41","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:13:09Z/"}],"url":"https://git.kernel.org/stable/c/de7cffa53149c7b48bd1bb29b02390c9f05b7f41"},{"reference_url":"https://git.kernel.org/stable/c/e2ecdddca80dd845df42376e4b0197fe97018ba2","reference_id":"e2ecdddca80dd845df42376e4b0197fe97018ba2","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:13:09Z/"}],"url":"https://git.kernel.org/stable/c/e2ecdddca80dd845df42376e4b0197fe97018ba2"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:6966","reference_id":"RHSA-2025:6966","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:6966"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-42253"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dyxw-y7s8-6kek"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81504?format=json","vulnerability_id":"VCID-dz15-23aa-jud2","summary":"A flaw was found in the filelock_init in fs/locks.c function in the Linux kernel. This issue can lead to host memory exhaustion due to memcg not limiting the number of Portable Operating System Interface (POSIX) file locks.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0480.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0480.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0480","reference_id":"","reference_type":"","scores":[{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06295","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0480"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2049700","reference_id":"2049700","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2049700"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1250","reference_id":"RHSA-2024:1250","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1250"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1303","reference_id":"RHSA-2024:1303","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1303"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1304","reference_id":"RHSA-2024:1304","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1304"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1306","reference_id":"RHSA-2024:1306","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1306"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2394","reference_id":"RHSA-2024:2394","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2394"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-0480"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dz15-23aa-jud2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60964?format=json","vulnerability_id":"VCID-dzxk-k3kb-fkf6","summary":"kernel: iommu/amd: move wait_on_sem() out of spinlock","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43253.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43253.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467189","reference_id":"2467189","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467189"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-43253"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dzxk-k3kb-fkf6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88869?format=json","vulnerability_id":"VCID-e26d-4naj-yub1","summary":"In the Linux kernel, the following vulnerability has been resolved:  drm/amd/display: Assign linear_pitch_alignment even for VM  [Description] Assign linear_pitch_alignment so we don't cause a divide by 0 error in VM environments","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-46732.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-46732.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2313063","reference_id":"2313063","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2313063"},{"reference_url":"https://git.kernel.org/stable/c/4bd7710f2fecfc5fb2dda1ca2adc69db8a66b8b6","reference_id":"4bd7710f2fecfc5fb2dda1ca2adc69db8a66b8b6","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:53:52Z/"}],"url":"https://git.kernel.org/stable/c/4bd7710f2fecfc5fb2dda1ca2adc69db8a66b8b6"},{"reference_url":"https://git.kernel.org/stable/c/984debc133efa05e62f5aa1a7a1dd8ca0ef041f4","reference_id":"984debc133efa05e62f5aa1a7a1dd8ca0ef041f4","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:53:52Z/"}],"url":"https://git.kernel.org/stable/c/984debc133efa05e62f5aa1a7a1dd8ca0ef041f4"},{"reference_url":"https://git.kernel.org/stable/c/c44b568931d23aed9d37ecbb31fb5fbdd198bf7b","reference_id":"c44b568931d23aed9d37ecbb31fb5fbdd198bf7b","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:53:52Z/"}],"url":"https://git.kernel.org/stable/c/c44b568931d23aed9d37ecbb31fb5fbdd198bf7b"},{"reference_url":"https://git.kernel.org/stable/c/d219f902b16d42f0cb8c499ea8f31cf3c0f36349","reference_id":"d219f902b16d42f0cb8c499ea8f31cf3c0f36349","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:53:52Z/"}],"url":"https://git.kernel.org/stable/c/d219f902b16d42f0cb8c499ea8f31cf3c0f36349"},{"reference_url":"https://git.kernel.org/stable/c/d2fe7ac613a1ea8c346c9f5c89dc6ecc27232997","reference_id":"d2fe7ac613a1ea8c346c9f5c89dc6ecc27232997","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:53:52Z/"}],"url":"https://git.kernel.org/stable/c/d2fe7ac613a1ea8c346c9f5c89dc6ecc27232997"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-46732"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e26d-4naj-yub1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59249?format=json","vulnerability_id":"VCID-e2n5-kap2-k7aw","summary":"kernel: batman-adv: bla: prevent use-after-free when deleting claims","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46212.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46212.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482632","reference_id":"2482632","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482632"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-46212"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e2n5-kap2-k7aw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80205?format=json","vulnerability_id":"VCID-e2w6-qu22-b7dk","summary":"kernel: block: don't allow the same type rq_qos add more than once","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50086.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50086.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50086","reference_id":"","reference_type":"","scores":[{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16566","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50086"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2373611","reference_id":"2373611","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2373611"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2458","reference_id":"RHSA-2023:2458","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2458"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-50086"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e2w6-qu22-b7dk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69707?format=json","vulnerability_id":"VCID-e3g9-hen2-13gx","summary":"kernel: Linux kernel: Denial of Service during UFS power down","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68236.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68236.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2422752","reference_id":"2422752","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2422752"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2025-68236"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e3g9-hen2-13gx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62859?format=json","vulnerability_id":"VCID-e3us-va2q-xqg8","summary":"kernel: Linux kernel (netfilter): Denial of Service via unsafe connection tracking helper operations","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31414.json","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31414.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2457830","reference_id":"2457830","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2457830"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2026-31414"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e3us-va2q-xqg8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77927?format=json","vulnerability_id":"VCID-e44h-53xp-3qgu","summary":"kernel: drm/scheduler: signal scheduled fence when kill job","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38436.json","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38436.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2383470","reference_id":"2383470","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2383470"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-38436"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e44h-53xp-3qgu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87771?format=json","vulnerability_id":"VCID-e7x5-cq8q-sybf","summary":"In the Linux kernel, the following vulnerability has been resolved:  wifi: mt76: mt7921s: fix potential hung tasks during chip recovery  During chip recovery (e.g. chip reset), there is a possible situation that kernel worker reset_work is holding the lock and waiting for kernel thread stat_worker to be parked, while stat_worker is waiting for the release of the same lock. It causes a deadlock resulting in the dumping of hung tasks messages and possible rebooting of the device.  This patch prevents the execution of stat_worker during the chip recovery.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-40977.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-40977.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/0b81faa05b0b9feb3ae2d69be1d21f0d126ecb08","reference_id":"0b81faa05b0b9feb3ae2d69be1d21f0d126ecb08","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:02:34Z/"}],"url":"https://git.kernel.org/stable/c/0b81faa05b0b9feb3ae2d69be1d21f0d126ecb08"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2297561","reference_id":"2297561","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2297561"},{"reference_url":"https://git.kernel.org/stable/c/85edd783f4539a994d66c4c014d5858f490b7a02","reference_id":"85edd783f4539a994d66c4c014d5858f490b7a02","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:02:34Z/"}],"url":"https://git.kernel.org/stable/c/85edd783f4539a994d66c4c014d5858f490b7a02"},{"reference_url":"https://git.kernel.org/stable/c/e974dd4c22a23ec3ce579fb6d31a674ac0435da9","reference_id":"e974dd4c22a23ec3ce579fb6d31a674ac0435da9","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:02:34Z/"}],"url":"https://git.kernel.org/stable/c/e974dd4c22a23ec3ce579fb6d31a674ac0435da9"},{"reference_url":"https://git.kernel.org/stable/c/ecf0b2b8a37c8464186620bef37812a117ff6366","reference_id":"ecf0b2b8a37c8464186620bef37812a117ff6366","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:02:34Z/"}],"url":"https://git.kernel.org/stable/c/ecf0b2b8a37c8464186620bef37812a117ff6366"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7000","reference_id":"RHSA-2024:7000","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7000"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7001","reference_id":"RHSA-2024:7001","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7001"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8617","reference_id":"RHSA-2024:8617","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8617"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-40977"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e7x5-cq8q-sybf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69031?format=json","vulnerability_id":"VCID-e8c6-dv1f-9fbw","summary":"kernel: btrfs: fix racy bitfield write in btrfs_clear_space_info_full()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68358.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68358.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2424875","reference_id":"2424875","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2424875"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-68358"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e8c6-dv1f-9fbw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74565?format=json","vulnerability_id":"VCID-e8js-1wyx-7kdc","summary":"kernel: can: xilinx_can: xcan_write_frame(): fix use-after-free of transmitted SKB","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39873.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39873.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2397568","reference_id":"2397568","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2397568"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-39873"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e8js-1wyx-7kdc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70435?format=json","vulnerability_id":"VCID-e8q7-t9bf-mqda","summary":"kernel: media: mediatek: vcodec: Fix potential array out-of-bounds in decoder queue_setup","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53748.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53748.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2419910","reference_id":"2419910","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2419910"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-53748"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e8q7-t9bf-mqda"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/76785?format=json","vulnerability_id":"VCID-e9ta-5b61-kbhb","summary":"kernel: wifi: mac80211: reject TDLS operations when station is not associated","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38644.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38644.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2390367","reference_id":"2390367","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2390367"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-38644"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e9ta-5b61-kbhb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83487?format=json","vulnerability_id":"VCID-e9w8-gjs3-zfd3","summary":"In the Linux kernel, the following vulnerability has been resolved:  crypto: qat - add param check for RSA  Reject requests with a source buffer that is bigger than the size of the key. This is to prevent a possible integer underflow that might happen when copying the source scatterlist into a linear buffer.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49563.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49563.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49563","reference_id":"","reference_type":"","scores":[{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.01022","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49563"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2348204","reference_id":"2348204","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2348204"},{"reference_url":"https://git.kernel.org/stable/c/4d6d2adce08788b7667a6e58002682ea1bbf6a79","reference_id":"4d6d2adce08788b7667a6e58002682ea1bbf6a79","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:37:10Z/"}],"url":"https://git.kernel.org/stable/c/4d6d2adce08788b7667a6e58002682ea1bbf6a79"},{"reference_url":"https://git.kernel.org/stable/c/9714061423b8b24b8afb31b8eb4df977c63f19c4","reference_id":"9714061423b8b24b8afb31b8eb4df977c63f19c4","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:37:10Z/"}],"url":"https://git.kernel.org/stable/c/9714061423b8b24b8afb31b8eb4df977c63f19c4"},{"reference_url":"https://git.kernel.org/stable/c/f993321e50ba7a8ba4f5b19939e1772a921a1c42","reference_id":"f993321e50ba7a8ba4f5b19939e1772a921a1c42","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:37:10Z/"}],"url":"https://git.kernel.org/stable/c/f993321e50ba7a8ba4f5b19939e1772a921a1c42"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-49563"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e9w8-gjs3-zfd3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86146?format=json","vulnerability_id":"VCID-e9wa-pymx-vucj","summary":"kernel: f2fs: fix to do sanity check on node blkaddr in truncate_node()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56692.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56692.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/0a5c8b3fbf6200f1c66062d307c9a52084917788","reference_id":"0a5c8b3fbf6200f1c66062d307c9a52084917788","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:59:11Z/"}],"url":"https://git.kernel.org/stable/c/0a5c8b3fbf6200f1c66062d307c9a52084917788"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2334690","reference_id":"2334690","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2334690"},{"reference_url":"https://git.kernel.org/stable/c/27d6e7eff07f8cce8e83b162d8f21a07458c860d","reference_id":"27d6e7eff07f8cce8e83b162d8f21a07458c860d","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:59:11Z/"}],"url":"https://git.kernel.org/stable/c/27d6e7eff07f8cce8e83b162d8f21a07458c860d"},{"reference_url":"https://git.kernel.org/stable/c/6babe00ccd34fc65b78ef8b99754e32b4385f23d","reference_id":"6babe00ccd34fc65b78ef8b99754e32b4385f23d","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:59:11Z/"}],"url":"https://git.kernel.org/stable/c/6babe00ccd34fc65b78ef8b99754e32b4385f23d"},{"reference_url":"https://git.kernel.org/stable/c/c1077078ce4589b5e5387f6b0aaa0d4534b9eb57","reference_id":"c1077078ce4589b5e5387f6b0aaa0d4534b9eb57","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:59:11Z/"}],"url":"https://git.kernel.org/stable/c/c1077078ce4589b5e5387f6b0aaa0d4534b9eb57"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-56692"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e9wa-pymx-vucj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69187?format=json","vulnerability_id":"VCID-easc-nw6v-5ubv","summary":"kernel: Linux kernel: Denial of Service in RDMA/bnxt_re driver due to race condition during QP destruction","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-54048.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-54048.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2425013","reference_id":"2425013","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2425013"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2394","reference_id":"RHSA-2024:2394","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2394"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-54048"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-easc-nw6v-5ubv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/65144?format=json","vulnerability_id":"VCID-eauv-c843-x3gx","summary":"kernel: Linux kernel: Denial of service due to a race condition in the TLS subsystem","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23240.json","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23240.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2446139","reference_id":"2446139","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2446139"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-23240"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eauv-c843-x3gx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/68759?format=json","vulnerability_id":"VCID-ebj8-ujvj-4bbr","summary":"kernel: btrfs: remove BUG_ON()'s in add_new_free_space()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-54185.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-54185.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2426159","reference_id":"2426159","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2426159"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-54185"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ebj8-ujvj-4bbr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88907?format=json","vulnerability_id":"VCID-ebn5-8dr8-jye1","summary":"In the Linux kernel, the following vulnerability has been resolved:  ice: protect XDP configuration with a mutex  The main threat to data consistency in ice_xdp() is a possible asynchronous PF reset. It can be triggered by a user or by TX timeout handler.  XDP setup and PF reset code access the same resources in the following sections: * ice_vsi_close() in ice_prepare_for_reset() - already rtnl-locked * ice_vsi_rebuild() for the PF VSI - not protected * ice_vsi_open() - already rtnl-locked  With an unfortunate timing, such accesses can result in a crash such as the one below:  [ +1.999878] ice 0000:b1:00.0: Registered XDP mem model MEM_TYPE_XSK_BUFF_POOL on Rx ring 14 [ +2.002992] ice 0000:b1:00.0: Registered XDP mem model MEM_TYPE_XSK_BUFF_POOL on Rx ring 18 [Mar15 18:17] ice 0000:b1:00.0 ens801f0np0: NETDEV WATCHDOG: CPU: 38: transmit queue 14 timed out 80692736 ms [ +0.000093] ice 0000:b1:00.0 ens801f0np0: tx_timeout: VSI_num: 6, Q 14, NTC: 0x0, HW_HEAD: 0x0, NTU: 0x0, INT: 0x4000001 [ +0.000012] ice 0000:b1:00.0 ens801f0np0: tx_timeout recovery level 1, txqueue 14 [ +0.394718] ice 0000:b1:00.0: PTP reset successful [ +0.006184] BUG: kernel NULL pointer dereference, address: 0000000000000098 [ +0.000045] #PF: supervisor read access in kernel mode [ +0.000023] #PF: error_code(0x0000) - not-present page [ +0.000023] PGD 0 P4D 0 [ +0.000018] Oops: 0000 [#1] PREEMPT SMP NOPTI [ +0.000023] CPU: 38 PID: 7540 Comm: kworker/38:1 Not tainted 6.8.0-rc7 #1 [ +0.000031] Hardware name: Intel Corporation S2600WFT/S2600WFT, BIOS SE5C620.86B.02.01.0014.082620210524 08/26/2021 [ +0.000036] Workqueue: ice ice_service_task [ice] [ +0.000183] RIP: 0010:ice_clean_tx_ring+0xa/0xd0 [ice] [...] [ +0.000013] Call Trace: [ +0.000016] <TASK> [ +0.000014] ? __die+0x1f/0x70 [ +0.000029] ? page_fault_oops+0x171/0x4f0 [ +0.000029] ? schedule+0x3b/0xd0 [ +0.000027] ? exc_page_fault+0x7b/0x180 [ +0.000022] ? asm_exc_page_fault+0x22/0x30 [ +0.000031] ? ice_clean_tx_ring+0xa/0xd0 [ice] [ +0.000194] ice_free_tx_ring+0xe/0x60 [ice] [ +0.000186] ice_destroy_xdp_rings+0x157/0x310 [ice] [ +0.000151] ice_vsi_decfg+0x53/0xe0 [ice] [ +0.000180] ice_vsi_rebuild+0x239/0x540 [ice] [ +0.000186] ice_vsi_rebuild_by_type+0x76/0x180 [ice] [ +0.000145] ice_rebuild+0x18c/0x840 [ice] [ +0.000145] ? delay_tsc+0x4a/0xc0 [ +0.000022] ? delay_tsc+0x92/0xc0 [ +0.000020] ice_do_reset+0x140/0x180 [ice] [ +0.000886] ice_service_task+0x404/0x1030 [ice] [ +0.000824] process_one_work+0x171/0x340 [ +0.000685] worker_thread+0x277/0x3a0 [ +0.000675] ? preempt_count_add+0x6a/0xa0 [ +0.000677] ? _raw_spin_lock_irqsave+0x23/0x50 [ +0.000679] ? __pfx_worker_thread+0x10/0x10 [ +0.000653] kthread+0xf0/0x120 [ +0.000635] ? __pfx_kthread+0x10/0x10 [ +0.000616] ret_from_fork+0x2d/0x50 [ +0.000612] ? __pfx_kthread+0x10/0x10 [ +0.000604] ret_from_fork_asm+0x1b/0x30 [ +0.000604] </TASK>  The previous way of handling this through returning -EBUSY is not viable, particularly when destroying AF_XDP socket, because the kernel proceeds with removal anyway.  There is plenty of code between those calls and there is no need to create a large critical section that covers all of them, same as there is no need to protect ice_vsi_rebuild() with rtnl_lock().  Add xdp_state_lock mutex to protect ice_vsi_rebuild() and ice_xdp().  Leaving unprotected sections in between would result in two states that have to be considered: 1. when the VSI is closed, but not yet rebuild 2. when VSI is already rebuild, but not yet open  The latter case is actually already handled through !netif_running() case, we just need to adjust flag checking a little. The former one is not as trivial, because between ice_vsi_close() and ice_vsi_rebuild(), a lot of hardware interaction happens, this can make adding/deleting rings exit with an error. Luckily, VSI rebuild is pending and can apply new configuration for us in a managed fashion.  Therefore, add an additional VSI state flag ICE_VSI_REBUILD_PENDING to indicate that ice_x ---truncated---","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-46765.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-46765.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2313113","reference_id":"2313113","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2313113"},{"reference_url":"https://git.kernel.org/stable/c/2504b8405768a57a71e660dbfd5abd59f679a03f","reference_id":"2504b8405768a57a71e660dbfd5abd59f679a03f","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:42:47Z/"}],"url":"https://git.kernel.org/stable/c/2504b8405768a57a71e660dbfd5abd59f679a03f"},{"reference_url":"https://git.kernel.org/stable/c/2f057db2fb29bc209c103050647562e60554d3d3","reference_id":"2f057db2fb29bc209c103050647562e60554d3d3","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:42:47Z/"}],"url":"https://git.kernel.org/stable/c/2f057db2fb29bc209c103050647562e60554d3d3"},{"reference_url":"https://git.kernel.org/stable/c/391f7dae3d836891fc6cfbde38add2d0e10c6b7f","reference_id":"391f7dae3d836891fc6cfbde38add2d0e10c6b7f","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:42:47Z/"}],"url":"https://git.kernel.org/stable/c/391f7dae3d836891fc6cfbde38add2d0e10c6b7f"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-46765"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ebn5-8dr8-jye1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86751?format=json","vulnerability_id":"VCID-ebz8-kbbc-rufv","summary":"In the Linux kernel, the following vulnerability has been resolved:  x86/efistub: Call mixed mode boot services on the firmware's stack  Normally, the EFI stub calls into the EFI boot services using the stack that was live when the stub was entered. According to the UEFI spec, this stack needs to be at least 128k in size - this might seem large but all asynchronous processing and event handling in EFI runs from the same stack and so quite a lot of space may be used in practice.  In mixed mode, the situation is a bit different: the bootloader calls the 32-bit EFI stub entry point, which calls the decompressor's 32-bit entry point, where the boot stack is set up, using a fixed allocation of 16k. This stack is still in use when the EFI stub is started in 64-bit mode, and so all calls back into the EFI firmware will be using the decompressor's limited boot stack.  Due to the placement of the boot stack right after the boot heap, any stack overruns have gone unnoticed. However, commit    5c4feadb0011983b (\"x86/decompressor: Move global symbol references to C code\")  moved the definition of the boot heap into C code, and now the boot stack is placed right at the base of BSS, where any overruns will corrupt the end of the .data section.  While it would be possible to work around this by increasing the size of the boot stack, doing so would affect all x86 systems, and mixed mode systems are a tiny (and shrinking) fraction of the x86 installed base.  So instead, record the firmware stack pointer value when entering from the 32-bit firmware, and switch to this stack every time a EFI boot service call is made.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-35803.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-35803.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/2149f8a56e2ed345c7a4d022a79f6b8fc53ae926","reference_id":"2149f8a56e2ed345c7a4d022a79f6b8fc53ae926","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-28T15:53:37Z/"}],"url":"https://git.kernel.org/stable/c/2149f8a56e2ed345c7a4d022a79f6b8fc53ae926"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2281229","reference_id":"2281229","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2281229"},{"reference_url":"https://git.kernel.org/stable/c/725351c036452b7db5771a7bed783564bc4b99cc","reference_id":"725351c036452b7db5771a7bed783564bc4b99cc","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-28T15:53:37Z/"}],"url":"https://git.kernel.org/stable/c/725351c036452b7db5771a7bed783564bc4b99cc"},{"reference_url":"https://git.kernel.org/stable/c/930775060ca348b8665f60eef14b204172d14f31","reference_id":"930775060ca348b8665f60eef14b204172d14f31","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-28T15:53:37Z/"}],"url":"https://git.kernel.org/stable/c/930775060ca348b8665f60eef14b204172d14f31"},{"reference_url":"https://git.kernel.org/stable/c/cefcd4fe2e3aaf792c14c9e56dab89e3d7a65d02","reference_id":"cefcd4fe2e3aaf792c14c9e56dab89e3d7a65d02","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-28T15:53:37Z/"}],"url":"https://git.kernel.org/stable/c/cefcd4fe2e3aaf792c14c9e56dab89e3d7a65d02"},{"reference_url":"https://git.kernel.org/stable/c/fba7ee7187581b5bc222003e73e2592b398bb06d","reference_id":"fba7ee7187581b5bc222003e73e2592b398bb06d","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-28T15:53:37Z/"}],"url":"https://git.kernel.org/stable/c/fba7ee7187581b5bc222003e73e2592b398bb06d"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-35803"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ebz8-kbbc-rufv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84432?format=json","vulnerability_id":"VCID-ecjn-grdn-6uap","summary":"In the Linux kernel, the following vulnerability has been resolved:  bus: mhi: host: Add alignment check for event ring read pointer  Though we do check the event ring read pointer by \"is_valid_ring_ptr\" to make sure it is in the buffer range, but there is another risk the pointer may be not aligned.  Since we are expecting event ring elements are 128 bits(struct mhi_ring_element) aligned, an unaligned read pointer could lead to multiple issues like DoS or ring buffer memory corruption.  So add a alignment check for event ring read pointer.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52494.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52494.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2269179","reference_id":"2269179","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2269179"},{"reference_url":"https://git.kernel.org/stable/c/2df39ac8f813860f79782807c3f7acff40b3c551","reference_id":"2df39ac8f813860f79782807c3f7acff40b3c551","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-12T14:58:15Z/"}],"url":"https://git.kernel.org/stable/c/2df39ac8f813860f79782807c3f7acff40b3c551"},{"reference_url":"https://git.kernel.org/stable/c/94991728c84f8df54fd9eec9b85855ef9057ea08","reference_id":"94991728c84f8df54fd9eec9b85855ef9057ea08","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-12T14:58:15Z/"}],"url":"https://git.kernel.org/stable/c/94991728c84f8df54fd9eec9b85855ef9057ea08"},{"reference_url":"https://git.kernel.org/stable/c/a9ebfc405fe1be145f414eafadcbf09506082010","reference_id":"a9ebfc405fe1be145f414eafadcbf09506082010","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-12T14:58:15Z/"}],"url":"https://git.kernel.org/stable/c/a9ebfc405fe1be145f414eafadcbf09506082010"},{"reference_url":"https://git.kernel.org/stable/c/ecf8320111822a1ae5d5fc512953eab46d543d0b","reference_id":"ecf8320111822a1ae5d5fc512953eab46d543d0b","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-12T14:58:15Z/"}],"url":"https://git.kernel.org/stable/c/ecf8320111822a1ae5d5fc512953eab46d543d0b"},{"reference_url":"https://git.kernel.org/stable/c/eff9704f5332a13b08fbdbe0f84059c9e7051d5f","reference_id":"eff9704f5332a13b08fbdbe0f84059c9e7051d5f","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-12T14:58:15Z/"}],"url":"https://git.kernel.org/stable/c/eff9704f5332a13b08fbdbe0f84059c9e7051d5f"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-52494"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ecjn-grdn-6uap"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/76816?format=json","vulnerability_id":"VCID-ecrv-5c14-tqgx","summary":"kernel: f2fs: fix to trigger foreground gc during f2fs_map_blocks() in lfs mode","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38626.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38626.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2390406","reference_id":"2390406","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2390406"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-38626"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ecrv-5c14-tqgx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88113?format=json","vulnerability_id":"VCID-ecuy-sdy8-hfdy","summary":"kernel: drm/amd/display: Fix system hang while resume with TBT monitor","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-50003.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-50003.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2320507","reference_id":"2320507","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2320507"},{"reference_url":"https://git.kernel.org/stable/c/52d4e3fb3d340447dcdac0e14ff21a764f326907","reference_id":"52d4e3fb3d340447dcdac0e14ff21a764f326907","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:29:41Z/"}],"url":"https://git.kernel.org/stable/c/52d4e3fb3d340447dcdac0e14ff21a764f326907"},{"reference_url":"https://git.kernel.org/stable/c/68d603f467a75618eeae5bfe8af32cda47097010","reference_id":"68d603f467a75618eeae5bfe8af32cda47097010","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:29:41Z/"}],"url":"https://git.kernel.org/stable/c/68d603f467a75618eeae5bfe8af32cda47097010"},{"reference_url":"https://git.kernel.org/stable/c/722d2d8fc423108597b97efbf165187d16d9aa1e","reference_id":"722d2d8fc423108597b97efbf165187d16d9aa1e","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:29:41Z/"}],"url":"https://git.kernel.org/stable/c/722d2d8fc423108597b97efbf165187d16d9aa1e"},{"reference_url":"https://git.kernel.org/stable/c/73e441be033d3ed0bdff09b575da3e7d4606ffc9","reference_id":"73e441be033d3ed0bdff09b575da3e7d4606ffc9","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:29:41Z/"}],"url":"https://git.kernel.org/stable/c/73e441be033d3ed0bdff09b575da3e7d4606ffc9"},{"reference_url":"https://git.kernel.org/stable/c/c2356296f546326f9f06c109e201d42201e1e783","reference_id":"c2356296f546326f9f06c109e201d42201e1e783","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:29:41Z/"}],"url":"https://git.kernel.org/stable/c/c2356296f546326f9f06c109e201d42201e1e783"},{"reference_url":"https://git.kernel.org/stable/c/eb9329cd882aa274e92bdb1003bc088433fdee86","reference_id":"eb9329cd882aa274e92bdb1003bc088433fdee86","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:29:41Z/"}],"url":"https://git.kernel.org/stable/c/eb9329cd882aa274e92bdb1003bc088433fdee86"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-50003"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ecuy-sdy8-hfdy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62359?format=json","vulnerability_id":"VCID-edfe-4amw-ayaw","summary":"kernel: driver core: platform: use generic driver_override infrastructure","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31527.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31527.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460682","reference_id":"2460682","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460682"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-31527"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-edfe-4amw-ayaw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88912?format=json","vulnerability_id":"VCID-efna-97nx-tqdm","summary":"In the Linux kernel, the following vulnerability has been resolved:  ice: Add netif_device_attach/detach into PF reset flow  Ethtool callbacks can be executed while reset is in progress and try to access deleted resources, e.g. getting coalesce settings can result in a NULL pointer dereference seen below.  Reproduction steps: Once the driver is fully initialized, trigger reset: \t# echo 1 > /sys/class/net/<interface>/device/reset when reset is in progress try to get coalesce settings using ethtool: \t# ethtool -c <interface>  BUG: kernel NULL pointer dereference, address: 0000000000000020 PGD 0 P4D 0 Oops: Oops: 0000 [#1] PREEMPT SMP PTI CPU: 11 PID: 19713 Comm: ethtool Tainted: G S                 6.10.0-rc7+ #7 RIP: 0010:ice_get_q_coalesce+0x2e/0xa0 [ice] RSP: 0018:ffffbab1e9bcf6a8 EFLAGS: 00010206 RAX: 000000000000000c RBX: ffff94512305b028 RCX: 0000000000000000 RDX: 0000000000000000 RSI: ffff9451c3f2e588 RDI: ffff9451c3f2e588 RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 R10: ffff9451c3f2e580 R11: 000000000000001f R12: ffff945121fa9000 R13: ffffbab1e9bcf760 R14: 0000000000000013 R15: ffffffff9e65dd40 FS:  00007faee5fbe740(0000) GS:ffff94546fd80000(0000) knlGS:0000000000000000 CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000020 CR3: 0000000106c2e005 CR4: 00000000001706f0 Call Trace: <TASK> ice_get_coalesce+0x17/0x30 [ice] coalesce_prepare_data+0x61/0x80 ethnl_default_doit+0xde/0x340 genl_family_rcv_msg_doit+0xf2/0x150 genl_rcv_msg+0x1b3/0x2c0 netlink_rcv_skb+0x5b/0x110 genl_rcv+0x28/0x40 netlink_unicast+0x19c/0x290 netlink_sendmsg+0x222/0x490 __sys_sendto+0x1df/0x1f0 __x64_sys_sendto+0x24/0x30 do_syscall_64+0x82/0x160 entry_SYSCALL_64_after_hwframe+0x76/0x7e RIP: 0033:0x7faee60d8e27  Calling netif_device_detach() before reset makes the net core not call the driver when ethtool command is issued, the attempt to execute an ethtool command during reset will result in the following message:      netlink error: No such device  instead of NULL pointer dereference. Once reset is done and ice_rebuild() is executing, the netif_device_attach() is called to allow for ethtool operations to occur again in a safe manner.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-46770.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-46770.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2313118","reference_id":"2313118","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2313118"},{"reference_url":"https://git.kernel.org/stable/c/36486c9e8e01b84faaee47203eac0b7e9cc7fa4a","reference_id":"36486c9e8e01b84faaee47203eac0b7e9cc7fa4a","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:40:57Z/"}],"url":"https://git.kernel.org/stable/c/36486c9e8e01b84faaee47203eac0b7e9cc7fa4a"},{"reference_url":"https://git.kernel.org/stable/c/721f27f489a47ed0d8690b73fc1f070c2eb180cf","reference_id":"721f27f489a47ed0d8690b73fc1f070c2eb180cf","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:40:57Z/"}],"url":"https://git.kernel.org/stable/c/721f27f489a47ed0d8690b73fc1f070c2eb180cf"},{"reference_url":"https://git.kernel.org/stable/c/9e3ffb839249eca113062587659224f856fe14e5","reference_id":"9e3ffb839249eca113062587659224f856fe14e5","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:40:57Z/"}],"url":"https://git.kernel.org/stable/c/9e3ffb839249eca113062587659224f856fe14e5"},{"reference_url":"https://git.kernel.org/stable/c/d11a67634227f9f9da51938af085fb41a733848f","reference_id":"d11a67634227f9f9da51938af085fb41a733848f","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:40:57Z/"}],"url":"https://git.kernel.org/stable/c/d11a67634227f9f9da51938af085fb41a733848f"},{"reference_url":"https://git.kernel.org/stable/c/efe8effe138044a4747d1112ebb8c454d1663723","reference_id":"efe8effe138044a4747d1112ebb8c454d1663723","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:40:57Z/"}],"url":"https://git.kernel.org/stable/c/efe8effe138044a4747d1112ebb8c454d1663723"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-46770"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-efna-97nx-tqdm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88673?format=json","vulnerability_id":"VCID-eg1x-j9s8-gfeb","summary":"In the Linux kernel, the following vulnerability has been resolved:  ipv6: fix possible UAF in ip6_finish_output2()  If skb_expand_head() returns NULL, skb has been freed and associated dst/idev could also have been freed.  We need to hold rcu_read_lock() to make sure the dst and associated idev are alive.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-44986.json","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-44986.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2309849","reference_id":"2309849","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2309849"},{"reference_url":"https://git.kernel.org/stable/c/3574d28caf9a09756ae87ad1ea096c6f47b6101e","reference_id":"3574d28caf9a09756ae87ad1ea096c6f47b6101e","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-04T20:20:05Z/"}],"url":"https://git.kernel.org/stable/c/3574d28caf9a09756ae87ad1ea096c6f47b6101e"},{"reference_url":"https://git.kernel.org/stable/c/56efc253196751ece1fc535a5b582be127b0578a","reference_id":"56efc253196751ece1fc535a5b582be127b0578a","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-04T20:20:05Z/"}],"url":"https://git.kernel.org/stable/c/56efc253196751ece1fc535a5b582be127b0578a"},{"reference_url":"https://git.kernel.org/stable/c/6ab6bf731354a6fdbaa617d1ec194960db61cf3b","reference_id":"6ab6bf731354a6fdbaa617d1ec194960db61cf3b","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-04T20:20:05Z/"}],"url":"https://git.kernel.org/stable/c/6ab6bf731354a6fdbaa617d1ec194960db61cf3b"},{"reference_url":"https://git.kernel.org/stable/c/da273b377ae0d9bd255281ed3c2adb228321687b","reference_id":"da273b377ae0d9bd255281ed3c2adb228321687b","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-04T20:20:05Z/"}],"url":"https://git.kernel.org/stable/c/da273b377ae0d9bd255281ed3c2adb228321687b"},{"reference_url":"https://git.kernel.org/stable/c/e891b36de161fcd96f12ff83667473e5067b9037","reference_id":"e891b36de161fcd96f12ff83667473e5067b9037","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-04T20:20:05Z/"}],"url":"https://git.kernel.org/stable/c/e891b36de161fcd96f12ff83667473e5067b9037"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-44986"],"risk_score":3.3,"exploitability":"0.5","weighted_severity":"6.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eg1x-j9s8-gfeb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81902?format=json","vulnerability_id":"VCID-egf3-q7e7-23b5","summary":"kernel: 9p/net: fix improper handling of bogus negative read/write replies","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-37879.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-37879.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2365241","reference_id":"2365241","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2365241"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-37879"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-egf3-q7e7-23b5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84473?format=json","vulnerability_id":"VCID-eh9q-gqe8-fygj","summary":"In the Linux kernel, the following vulnerability has been resolved:  wifi: iwlwifi: mvm: Fix a memory corruption issue  A few lines above, space is kzalloc()'ed for: \tsizeof(struct iwl_nvm_data) + \tsizeof(struct ieee80211_channel) + \tsizeof(struct ieee80211_rate)  'mvm->nvm_data' is a 'struct iwl_nvm_data', so it is fine.  At the end of this structure, there is the 'channels' flex array. Each element is of type 'struct ieee80211_channel'. So only 1 element is allocated in this array.  When doing:   mvm->nvm_data->bands[0].channels = mvm->nvm_data->channels; We point at the first element of the 'channels' flex array. So this is fine.  However, when doing:   mvm->nvm_data->bands[0].bitrates = \t\t\t(void *)((u8 *)mvm->nvm_data->channels + 1); because of the \"(u8 *)\" cast, we add only 1 to the address of the beginning of the flex array.  It is likely that we want point at the 'struct ieee80211_rate' allocated just after.  Remove the spurious casting so that the pointer arithmetic works as expected.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52531.json","reference_id":"","reference_type":"","scores":[{"value":"6.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52531.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2267786","reference_id":"2267786","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2267786"},{"reference_url":"https://git.kernel.org/stable/c/6b3223449c959a8be94a1f042288059e40fcccb0","reference_id":"6b3223449c959a8be94a1f042288059e40fcccb0","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-04T19:38:20Z/"}],"url":"https://git.kernel.org/stable/c/6b3223449c959a8be94a1f042288059e40fcccb0"},{"reference_url":"https://git.kernel.org/stable/c/7c8faa31080342aec4903c9acb20caf82fcca1ef","reference_id":"7c8faa31080342aec4903c9acb20caf82fcca1ef","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-04T19:38:20Z/"}],"url":"https://git.kernel.org/stable/c/7c8faa31080342aec4903c9acb20caf82fcca1ef"},{"reference_url":"https://git.kernel.org/stable/c/8ba438ef3cacc4808a63ed0ce24d4f0942cfe55d","reference_id":"8ba438ef3cacc4808a63ed0ce24d4f0942cfe55d","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-04T19:38:20Z/"}],"url":"https://git.kernel.org/stable/c/8ba438ef3cacc4808a63ed0ce24d4f0942cfe55d"},{"reference_url":"https://git.kernel.org/stable/c/f06cdd8d4ba5252986f51f80cc30263636397128","reference_id":"f06cdd8d4ba5252986f51f80cc30263636397128","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-04T19:38:20Z/"}],"url":"https://git.kernel.org/stable/c/f06cdd8d4ba5252986f51f80cc30263636397128"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-52531"],"risk_score":2.7,"exploitability":"0.5","weighted_severity":"5.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eh9q-gqe8-fygj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/67761?format=json","vulnerability_id":"VCID-ehah-7sbs-yfhn","summary":"kernel: phy: qcom-qusb2: Fix NULL pointer dereference on early suspend","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-71193.json","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-71193.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2436761","reference_id":"2436761","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2436761"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2025-71193"],"risk_score":2.3,"exploitability":"0.5","weighted_severity":"4.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ehah-7sbs-yfhn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85790?format=json","vulnerability_id":"VCID-eje4-f95k-dydc","summary":"In the Linux kernel, the following vulnerability has been resolved:  net: atlantic: Fix DMA mapping for PTP hwts ring  Function aq_ring_hwts_rx_alloc() maps extra AQ_CFG_RXDS_DEF bytes for PTP HWTS ring but then generic aq_ring_free() does not take this into account. Create and use a specific function to free HWTS ring to fix this issue.  Trace: [  215.351607] ------------[ cut here ]------------ [  215.351612] DMA-API: atlantic 0000:4b:00.0: device driver frees DMA memory with different size [device address=0x00000000fbdd0000] [map size=34816 bytes] [unmap size=32768 bytes] [  215.351635] WARNING: CPU: 33 PID: 10759 at kernel/dma/debug.c:988 check_unmap+0xa6f/0x2360 ... [  215.581176] Call Trace: [  215.583632]  <TASK> [  215.585745]  ? show_trace_log_lvl+0x1c4/0x2df [  215.590114]  ? show_trace_log_lvl+0x1c4/0x2df [  215.594497]  ? debug_dma_free_coherent+0x196/0x210 [  215.599305]  ? check_unmap+0xa6f/0x2360 [  215.603147]  ? __warn+0xca/0x1d0 [  215.606391]  ? check_unmap+0xa6f/0x2360 [  215.610237]  ? report_bug+0x1ef/0x370 [  215.613921]  ? handle_bug+0x3c/0x70 [  215.617423]  ? exc_invalid_op+0x14/0x50 [  215.621269]  ? asm_exc_invalid_op+0x16/0x20 [  215.625480]  ? check_unmap+0xa6f/0x2360 [  215.629331]  ? mark_lock.part.0+0xca/0xa40 [  215.633445]  debug_dma_free_coherent+0x196/0x210 [  215.638079]  ? __pfx_debug_dma_free_coherent+0x10/0x10 [  215.643242]  ? slab_free_freelist_hook+0x11d/0x1d0 [  215.648060]  dma_free_attrs+0x6d/0x130 [  215.651834]  aq_ring_free+0x193/0x290 [atlantic] [  215.656487]  aq_ptp_ring_free+0x67/0x110 [atlantic] ... [  216.127540] ---[ end trace 6467e5964dd2640b ]--- [  216.132160] DMA-API: Mapped at: [  216.132162]  debug_dma_alloc_coherent+0x66/0x2f0 [  216.132165]  dma_alloc_attrs+0xf5/0x1b0 [  216.132168]  aq_ring_hwts_rx_alloc+0x150/0x1f0 [atlantic] [  216.132193]  aq_ptp_ring_alloc+0x1bb/0x540 [atlantic] [  216.132213]  aq_nic_init+0x4a1/0x760 [atlantic]","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26680.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26680.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/004fe5b7f59286a926a45e0cafc7870e9cdddd56","reference_id":"004fe5b7f59286a926a45e0cafc7870e9cdddd56","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-17T19:30:39Z/"}],"url":"https://git.kernel.org/stable/c/004fe5b7f59286a926a45e0cafc7870e9cdddd56"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2272842","reference_id":"2272842","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2272842"},{"reference_url":"https://git.kernel.org/stable/c/2e7d3b67630dfd8f178c41fa2217aa00e79a5887","reference_id":"2e7d3b67630dfd8f178c41fa2217aa00e79a5887","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-17T19:30:39Z/"}],"url":"https://git.kernel.org/stable/c/2e7d3b67630dfd8f178c41fa2217aa00e79a5887"},{"reference_url":"https://git.kernel.org/stable/c/466ceebe48cbba3f4506f165fca7111f9eb8bb12","reference_id":"466ceebe48cbba3f4506f165fca7111f9eb8bb12","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-17T19:30:39Z/"}],"url":"https://git.kernel.org/stable/c/466ceebe48cbba3f4506f165fca7111f9eb8bb12"},{"reference_url":"https://git.kernel.org/stable/c/e42e334c645575be5432adee224975d4f536fdb1","reference_id":"e42e334c645575be5432adee224975d4f536fdb1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-17T19:30:39Z/"}],"url":"https://git.kernel.org/stable/c/e42e334c645575be5432adee224975d4f536fdb1"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9315","reference_id":"RHSA-2024:9315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9315"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-26680"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eje4-f95k-dydc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/76161?format=json","vulnerability_id":"VCID-ejnf-txm4-4ub9","summary":"kernel: comedi: pcl726: Prevent invalid irq number","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39685.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39685.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2393504","reference_id":"2393504","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2393504"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-39685"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ejnf-txm4-4ub9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83607?format=json","vulnerability_id":"VCID-ekur-32hu-2fe1","summary":"In the Linux kernel, the following vulnerability has been resolved:  powerpc/memhotplug: Add add_pages override for PPC  With commit ffa0b64e3be5 (\"powerpc: Fix virt_addr_valid() for 64-bit Book3E & 32-bit\") the kernel now validate the addr against high_memory value. This results in the below BUG_ON with dax pfns.  [  635.798741][T26531] kernel BUG at mm/page_alloc.c:5521! 1:mon> e cpu 0x1: Vector: 700 (Program Check) at [c000000007287630]     pc: c00000000055ed48: free_pages.part.0+0x48/0x110     lr: c00000000053ca70: tlb_finish_mmu+0x80/0xd0     sp: c0000000072878d0    msr: 800000000282b033   current = 0xc00000000afabe00   paca    = 0xc00000037ffff300   irqmask: 0x03   irq_happened: 0x05     pid   = 26531, comm = 50-landscape-sy kernel BUG at :5521! Linux version 5.19.0-rc3-14659-g4ec05be7c2e1 (kvaneesh@ltc-boston8) (gcc (Ubuntu 9.4.0-1ubuntu1~20.04.1) 9.4.0, GNU ld (GNU Binutils for Ubuntu) 2.34) #625 SMP Thu Jun 23 00:35:43 CDT 2022 1:mon> t [link register   ] c00000000053ca70 tlb_finish_mmu+0x80/0xd0 [c0000000072878d0] c00000000053ca54 tlb_finish_mmu+0x64/0xd0 (unreliable) [c000000007287900] c000000000539424 exit_mmap+0xe4/0x2a0 [c0000000072879e0] c00000000019fc1c mmput+0xcc/0x210 [c000000007287a20] c000000000629230 begin_new_exec+0x5e0/0xf40 [c000000007287ae0] c00000000070b3cc load_elf_binary+0x3ac/0x1e00 [c000000007287c10] c000000000627af0 bprm_execve+0x3b0/0xaf0 [c000000007287cd0] c000000000628414 do_execveat_common.isra.0+0x1e4/0x310 [c000000007287d80] c00000000062858c sys_execve+0x4c/0x60 [c000000007287db0] c00000000002c1b0 system_call_exception+0x160/0x2c0 [c000000007287e10] c00000000000c53c system_call_common+0xec/0x250  The fix is to make sure we update high_memory on memory hotplug. This is similar to what x86 does in commit 3072e413e305 (\"mm/memory_hotplug: introduce add_pages\")","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49666.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49666.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49666","reference_id":"","reference_type":"","scores":[{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.34295","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49666"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2348303","reference_id":"2348303","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2348303"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2458","reference_id":"RHSA-2023:2458","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2458"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-49666"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ekur-32hu-2fe1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59003?format=json","vulnerability_id":"VCID-eqqc-ptyk-pfd4","summary":"kernel: RDMA/hns: Fix WQ_MEM_RECLAIM warning","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46265.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46265.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2484481","reference_id":"2484481","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2484481"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2026-46265"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eqqc-ptyk-pfd4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70200?format=json","vulnerability_id":"VCID-eqre-etzf-kyen","summary":"kernel: drm/amdkfd: fix potential kgd_mem UAFs","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53816.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53816.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2420281","reference_id":"2420281","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2420281"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6583","reference_id":"RHSA-2023:6583","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6583"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7077","reference_id":"RHSA-2023:7077","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7077"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-53816"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eqre-etzf-kyen"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59220?format=json","vulnerability_id":"VCID-eqsv-6wku-q7ds","summary":"kernel: ip6_gre: Use cached t->net in ip6erspan_changelink()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46120.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46120.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482614","reference_id":"2482614","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482614"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-46120"],"risk_score":3.2,"exploitability":"0.5","weighted_severity":"6.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eqsv-6wku-q7ds"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86170?format=json","vulnerability_id":"VCID-er3a-psks-hfca","summary":"kernel: s390/iucv: MSG_PEEK causes memory leak in iucv_sock_destruct()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-53210.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-53210.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2334361","reference_id":"2334361","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2334361"},{"reference_url":"https://git.kernel.org/stable/c/42251c2d1ef1cb0822638bebb87ad9120c759673","reference_id":"42251c2d1ef1cb0822638bebb87ad9120c759673","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T20:03:40Z/"}],"url":"https://git.kernel.org/stable/c/42251c2d1ef1cb0822638bebb87ad9120c759673"},{"reference_url":"https://git.kernel.org/stable/c/783c2c6e61c5a04eb8baea598753d5fa174dbe85","reference_id":"783c2c6e61c5a04eb8baea598753d5fa174dbe85","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T20:03:40Z/"}],"url":"https://git.kernel.org/stable/c/783c2c6e61c5a04eb8baea598753d5fa174dbe85"},{"reference_url":"https://git.kernel.org/stable/c/934326aef7ac4652f81c69d18bf44eebaefc39c3","reference_id":"934326aef7ac4652f81c69d18bf44eebaefc39c3","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T20:03:40Z/"}],"url":"https://git.kernel.org/stable/c/934326aef7ac4652f81c69d18bf44eebaefc39c3"},{"reference_url":"https://git.kernel.org/stable/c/9f603e66e1c59c1d25e60eb0636cb307d190782e","reference_id":"9f603e66e1c59c1d25e60eb0636cb307d190782e","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T20:03:40Z/"}],"url":"https://git.kernel.org/stable/c/9f603e66e1c59c1d25e60eb0636cb307d190782e"},{"reference_url":"https://git.kernel.org/stable/c/ebaf81317e42aa990ad20b113cfe3a7b20d4e937","reference_id":"ebaf81317e42aa990ad20b113cfe3a7b20d4e937","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T20:03:40Z/"}],"url":"https://git.kernel.org/stable/c/ebaf81317e42aa990ad20b113cfe3a7b20d4e937"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-53210"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-er3a-psks-hfca"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80641?format=json","vulnerability_id":"VCID-es1p-v1xf-r3bv","summary":"In several functions of binder.c, there is a possible way to represent the wrong domain to SELinux due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-200688826References: Upstream kernel","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-39686.json","reference_id":"","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-39686.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-39686","reference_id":"","reference_type":"","scores":[{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05979","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-39686"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2063219","reference_id":"2063219","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2063219"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2021-39686"],"risk_score":3.8,"exploitability":"0.5","weighted_severity":"7.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-es1p-v1xf-r3bv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86690?format=json","vulnerability_id":"VCID-es2s-eqdr-nygq","summary":"In the Linux kernel, the following vulnerability has been resolved:  netfilter: nft_flow_offload: reset dst in route object after setting up flow  dst is transferred to the flow object, route object does not own it anymore.  Reset dst in route object, otherwise if flow_offload_add() fails, error path releases dst twice, leading to a refcount underflow.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27403.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27403.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/012df10717da02367aaf92c65f9c89db206c15f4","reference_id":"012df10717da02367aaf92c65f9c89db206c15f4","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-17T17:17:07Z/"}],"url":"https://git.kernel.org/stable/c/012df10717da02367aaf92c65f9c89db206c15f4"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2281127","reference_id":"2281127","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2281127"},{"reference_url":"https://git.kernel.org/stable/c/4c167af9f6b5ae4a5dbc243d5983c295ccc2e43c","reference_id":"4c167af9f6b5ae4a5dbc243d5983c295ccc2e43c","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-17T17:17:07Z/"}],"url":"https://git.kernel.org/stable/c/4c167af9f6b5ae4a5dbc243d5983c295ccc2e43c"},{"reference_url":"https://git.kernel.org/stable/c/558b00a30e05753a62ecc7e05e939ca8f0241148","reference_id":"558b00a30e05753a62ecc7e05e939ca8f0241148","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-17T17:17:07Z/"}],"url":"https://git.kernel.org/stable/c/558b00a30e05753a62ecc7e05e939ca8f0241148"},{"reference_url":"https://git.kernel.org/stable/c/670548c8db44d76e40e1dfc06812bca36a61e9ae","reference_id":"670548c8db44d76e40e1dfc06812bca36a61e9ae","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-17T17:17:07Z/"}],"url":"https://git.kernel.org/stable/c/670548c8db44d76e40e1dfc06812bca36a61e9ae"},{"reference_url":"https://git.kernel.org/stable/c/9e0f0430389be7696396c62f037be4bf72cf93e3","reference_id":"9e0f0430389be7696396c62f037be4bf72cf93e3","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-17T17:17:07Z/"}],"url":"https://git.kernel.org/stable/c/9e0f0430389be7696396c62f037be4bf72cf93e3"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4106","reference_id":"RHSA-2024:4106","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4106"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4108","reference_id":"RHSA-2024:4108","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4108"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5256","reference_id":"RHSA-2024:5256","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5256"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5257","reference_id":"RHSA-2024:5257","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5257"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8162","reference_id":"RHSA-2024:8162","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8162"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-27403"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-es2s-eqdr-nygq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87220?format=json","vulnerability_id":"VCID-est5-xft8-n3fd","summary":"In the Linux kernel, the following vulnerability has been resolved:  drm/amd/display: Skip on writeback when it's not applicable  [WHY] dynamic memory safety error detector (KASAN) catches and generates error messages \"BUG: KASAN: slab-out-of-bounds\" as writeback connector does not support certain features which are not initialized.  [HOW] Skip them when connector type is DRM_MODE_CONNECTOR_WRITEBACK.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-36914.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-36914.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2284525","reference_id":"2284525","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2284525"},{"reference_url":"https://git.kernel.org/stable/c/87de0a741ef6d93fcb99983138a0d89a546a043c","reference_id":"87de0a741ef6d93fcb99983138a0d89a546a043c","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-30T18:45:36Z/"}],"url":"https://git.kernel.org/stable/c/87de0a741ef6d93fcb99983138a0d89a546a043c"},{"reference_url":"https://git.kernel.org/stable/c/951a498fa993c5501994ec2df97c9297b02488c7","reference_id":"951a498fa993c5501994ec2df97c9297b02488c7","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-30T18:45:36Z/"}],"url":"https://git.kernel.org/stable/c/951a498fa993c5501994ec2df97c9297b02488c7"},{"reference_url":"https://git.kernel.org/stable/c/e9baa7110e9f3756bd5a812af376c288d9be894d","reference_id":"e9baa7110e9f3756bd5a812af376c288d9be894d","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-30T18:45:36Z/"}],"url":"https://git.kernel.org/stable/c/e9baa7110e9f3756bd5a812af376c288d9be894d"},{"reference_url":"https://git.kernel.org/stable/c/ecedd99a9369fb5cde601ae9abd58bca2739f1ae","reference_id":"ecedd99a9369fb5cde601ae9abd58bca2739f1ae","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-30T18:45:36Z/"}],"url":"https://git.kernel.org/stable/c/ecedd99a9369fb5cde601ae9abd58bca2739f1ae"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-36914"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-est5-xft8-n3fd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73862?format=json","vulnerability_id":"VCID-etq9-bmh2-8ffb","summary":"kernel: bnxt: avoid overflow in bnxt_get_nvram_directory()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53661.json","reference_id":"","reference_type":"","scores":[{"value":"6.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53661.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2402245","reference_id":"2402245","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2402245"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2394","reference_id":"RHSA-2024:2394","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2394"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3138","reference_id":"RHSA-2024:3138","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3138"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-53661"],"risk_score":2.7,"exploitability":"0.5","weighted_severity":"5.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-etq9-bmh2-8ffb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87056?format=json","vulnerability_id":"VCID-etv1-h6u6-eqgb","summary":"In the Linux kernel, the following vulnerability has been resolved:  Bluetooth: L2CAP: Fix slab-use-after-free in l2cap_connect()  Extend a critical section to prevent chan from early freeing. Also make the l2cap_connect() return type void. Nothing is using the returned value but it is ugly to return a potentially freed pointer. Making it void will help with backports because earlier kernels did use the return value. Now the compile will break for kernels where this patch is not a complete fix.  Call stack summary:  [use] l2cap_bredr_sig_cmd   l2cap_connect   ┌ mutex_lock(&conn->chan_lock);   │ chan = pchan->ops->new_connection(pchan); <- alloc chan   │ __l2cap_chan_add(conn, chan);   │   l2cap_chan_hold(chan);   │   list_add(&chan->list, &conn->chan_l);   ... (1)   └ mutex_unlock(&conn->chan_lock);     chan->conf_state              ... (4) <- use after free  [free] l2cap_conn_del ┌ mutex_lock(&conn->chan_lock); │ foreach chan in conn->chan_l:            ... (2) │   l2cap_chan_put(chan); │     l2cap_chan_destroy │       kfree(chan)               ... (3) <- chan freed └ mutex_unlock(&conn->chan_lock);  ================================================================== BUG: KASAN: slab-use-after-free in instrument_atomic_read include/linux/instrumented.h:68 [inline] BUG: KASAN: slab-use-after-free in _test_bit include/asm-generic/bitops/instrumented-non-atomic.h:141 [inline] BUG: KASAN: slab-use-after-free in l2cap_connect+0xa67/0x11a0 net/bluetooth/l2cap_core.c:4260 Read of size 8 at addr ffff88810bf040a0 by task kworker/u3:1/311","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-36013.json","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-36013.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2282952","reference_id":"2282952","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2282952"},{"reference_url":"https://git.kernel.org/stable/c/4d7b41c0e43995b0e992b9f8903109275744b658","reference_id":"4d7b41c0e43995b0e992b9f8903109275744b658","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-23T16:10:59Z/"}],"url":"https://git.kernel.org/stable/c/4d7b41c0e43995b0e992b9f8903109275744b658"},{"reference_url":"https://git.kernel.org/stable/c/826af9d2f69567c646ff46d10393d47e30ad23c6","reference_id":"826af9d2f69567c646ff46d10393d47e30ad23c6","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-23T16:10:59Z/"}],"url":"https://git.kernel.org/stable/c/826af9d2f69567c646ff46d10393d47e30ad23c6"},{"reference_url":"https://git.kernel.org/stable/c/cfe560c7050bfb37b0d2491bbe7cd8b59e77fdc5","reference_id":"cfe560c7050bfb37b0d2491bbe7cd8b59e77fdc5","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-23T16:10:59Z/"}],"url":"https://git.kernel.org/stable/c/cfe560c7050bfb37b0d2491bbe7cd8b59e77fdc5"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:6966","reference_id":"RHSA-2025:6966","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:6966"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-36013"],"risk_score":3.2,"exploitability":"0.5","weighted_severity":"6.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-etv1-h6u6-eqgb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82134?format=json","vulnerability_id":"VCID-etvx-jsnh-pkfh","summary":"In the Linux kernel, the following vulnerability has been resolved:  SUNRPC: lock against ->sock changing during sysfs read  ->sock can be set to NULL asynchronously unless ->recv_mutex is held. So it is important to hold that mutex.  Otherwise a sysfs read can trigger an oops. Commit 17f09d3f619a (\"SUNRPC: Check if the xprt is connected before handling sysfs reads\") appears to attempt to fix this problem, but it only narrows the race window.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48816.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48816.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-48816","reference_id":"","reference_type":"","scores":[{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04968","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-48816"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2298155","reference_id":"2298155","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2298155"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6990","reference_id":"RHSA-2024:6990","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6990"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6991","reference_id":"RHSA-2024:6991","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6991"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-48816"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-etvx-jsnh-pkfh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88865?format=json","vulnerability_id":"VCID-euzq-gcd7-b7ae","summary":"In the Linux kernel, the following vulnerability has been resolved:  drm/amd/display: Fix incorrect size calculation for loop  [WHY] fe_clk_en has size of 5 but sizeof(fe_clk_en) has byte size 20 which is lager than the array size.  [HOW] Divide byte size 20 by its element size.  This fixes 2 OVERRUN issues reported by Coverity.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-46729.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-46729.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2313060","reference_id":"2313060","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2313060"},{"reference_url":"https://git.kernel.org/stable/c/3941a3aa4b653b69876d894d08f3fff1cc965267","reference_id":"3941a3aa4b653b69876d894d08f3fff1cc965267","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:54:41Z/"}],"url":"https://git.kernel.org/stable/c/3941a3aa4b653b69876d894d08f3fff1cc965267"},{"reference_url":"https://git.kernel.org/stable/c/712be65b3b372a82bff0865b9c090147764bf1c4","reference_id":"712be65b3b372a82bff0865b9c090147764bf1c4","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:54:41Z/"}],"url":"https://git.kernel.org/stable/c/712be65b3b372a82bff0865b9c090147764bf1c4"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-46729"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-euzq-gcd7-b7ae"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/67796?format=json","vulnerability_id":"VCID-ev75-pfpv-dyek","summary":"kernel: iio: imu: st_lsm6dsx: fix iio_chan_spec for sensors without event detection","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-71198.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-71198.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2436787","reference_id":"2436787","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2436787"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2025-71198"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ev75-pfpv-dyek"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84624?format=json","vulnerability_id":"VCID-ev77-9v8z-bfcm","summary":"kernel: io_uring: prevent opcode speculation","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21863.json","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21863.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/18eae8420081ef8e043ad455937bfb470ef08607","reference_id":"18eae8420081ef8e043ad455937bfb470ef08607","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-01T19:25:38Z/"}],"url":"https://git.kernel.org/stable/c/18eae8420081ef8e043ad455937bfb470ef08607"},{"reference_url":"https://git.kernel.org/stable/c/1e988c3fe1264708f4f92109203ac5b1d65de50b","reference_id":"1e988c3fe1264708f4f92109203ac5b1d65de50b","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-01T19:25:38Z/"}],"url":"https://git.kernel.org/stable/c/1e988c3fe1264708f4f92109203ac5b1d65de50b"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2351629","reference_id":"2351629","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2351629"},{"reference_url":"https://git.kernel.org/stable/c/506b9b5e8c2d2a411ea8fe361333f5081c56d23a","reference_id":"506b9b5e8c2d2a411ea8fe361333f5081c56d23a","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-01T19:25:38Z/"}],"url":"https://git.kernel.org/stable/c/506b9b5e8c2d2a411ea8fe361333f5081c56d23a"},{"reference_url":"https://git.kernel.org/stable/c/b9826e3b26ec031e9063f64a7c735449c43955e4","reference_id":"b9826e3b26ec031e9063f64a7c735449c43955e4","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-01T19:25:38Z/"}],"url":"https://git.kernel.org/stable/c/b9826e3b26ec031e9063f64a7c735449c43955e4"},{"reference_url":"https://git.kernel.org/stable/c/d261ead565a080e3411b0dd04e6d58a52471cac8","reference_id":"d261ead565a080e3411b0dd04e6d58a52471cac8","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-01T19:25:38Z/"}],"url":"https://git.kernel.org/stable/c/d261ead565a080e3411b0dd04e6d58a52471cac8"},{"reference_url":"https://git.kernel.org/stable/c/fdbfd52bd8b85ed6783365ff54c82ab7067bd61b","reference_id":"fdbfd52bd8b85ed6783365ff54c82ab7067bd61b","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-01T19:25:38Z/"}],"url":"https://git.kernel.org/stable/c/fdbfd52bd8b85ed6783365ff54c82ab7067bd61b"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:20095","reference_id":"RHSA-2025:20095","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:20095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:20518","reference_id":"RHSA-2025:20518","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:20518"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1703","reference_id":"RHSA-2026:1703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1703"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2025-21863"],"risk_score":3.2,"exploitability":"0.5","weighted_severity":"6.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ev77-9v8z-bfcm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84673?format=json","vulnerability_id":"VCID-evwx-hfmh-q3e1","summary":"In the Linux kernel, the following vulnerability has been resolved:  tipc: fix kernel warning when sending SYN message  When sending a SYN message, this kernel stack trace is observed:  ... [   13.396352] RIP: 0010:_copy_from_iter+0xb4/0x550 ... [   13.398494] Call Trace: [   13.398630]  <TASK> [   13.398630]  ? __alloc_skb+0xed/0x1a0 [   13.398630]  tipc_msg_build+0x12c/0x670 [tipc] [   13.398630]  ? shmem_add_to_page_cache.isra.71+0x151/0x290 [   13.398630]  __tipc_sendmsg+0x2d1/0x710 [tipc] [   13.398630]  ? tipc_connect+0x1d9/0x230 [tipc] [   13.398630]  ? __local_bh_enable_ip+0x37/0x80 [   13.398630]  tipc_connect+0x1d9/0x230 [tipc] [   13.398630]  ? __sys_connect+0x9f/0xd0 [   13.398630]  __sys_connect+0x9f/0xd0 [   13.398630]  ? preempt_count_add+0x4d/0xa0 [   13.398630]  ? fpregs_assert_state_consistent+0x22/0x50 [   13.398630]  __x64_sys_connect+0x16/0x20 [   13.398630]  do_syscall_64+0x42/0x90 [   13.398630]  entry_SYSCALL_64_after_hwframe+0x63/0xcd  It is because commit a41dad905e5a (\"iov_iter: saner checks for attempt to copy to/from iterator\") has introduced sanity check for copying from/to iov iterator. Lacking of copy direction from the iterator viewpoint would lead to kernel stack trace like above.  This commit fixes this issue by initializing the iov iterator with the correct copy direction when sending SYN or ACK without data.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52700.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52700.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/11a4d6f67cf55883dc78e31c247d1903ed7feccc","reference_id":"11a4d6f67cf55883dc78e31c247d1903ed7feccc","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-18T14:38:23Z/"}],"url":"https://git.kernel.org/stable/c/11a4d6f67cf55883dc78e31c247d1903ed7feccc"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2282609","reference_id":"2282609","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2282609"},{"reference_url":"https://git.kernel.org/stable/c/54b6082aec178f16ad6d193b4ecdc9c4823d9a32","reference_id":"54b6082aec178f16ad6d193b4ecdc9c4823d9a32","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-18T14:38:23Z/"}],"url":"https://git.kernel.org/stable/c/54b6082aec178f16ad6d193b4ecdc9c4823d9a32"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4211","reference_id":"RHSA-2024:4211","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4211"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4352","reference_id":"RHSA-2024:4352","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4352"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-52700"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-evwx-hfmh-q3e1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74017?format=json","vulnerability_id":"VCID-exmf-hgh4-ukb3","summary":"kernel: smb: client: let recv_done verify data_offset, data_length and remaining_data_length","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39933.json","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39933.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2401432","reference_id":"2401432","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2401432"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0759","reference_id":"RHSA-2026:0759","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0759"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0760","reference_id":"RHSA-2026:0760","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0760"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0793","reference_id":"RHSA-2026:0793","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0793"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1727","reference_id":"RHSA-2026:1727","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1727"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2282","reference_id":"RHSA-2026:2282","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2282"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2759","reference_id":"RHSA-2026:2759","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2759"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2766","reference_id":"RHSA-2026:2766","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2766"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3267","reference_id":"RHSA-2026:3267","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3267"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3268","reference_id":"RHSA-2026:3268","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3268"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3277","reference_id":"RHSA-2026:3277","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3277"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3293","reference_id":"RHSA-2026:3293","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3293"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3358","reference_id":"RHSA-2026:3358","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3358"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3360","reference_id":"RHSA-2026:3360","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3360"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3375","reference_id":"RHSA-2026:3375","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3375"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2025-39933"],"risk_score":3.2,"exploitability":"0.5","weighted_severity":"6.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-exmf-hgh4-ukb3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/68260?format=json","vulnerability_id":"VCID-exxx-kjcb-tqcf","summary":"kernel: MIPS: ftrace: Fix memory corruption when kernel is located beyond 32 bits","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-71109.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-71109.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2429598","reference_id":"2429598","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2429598"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2025-71109"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-exxx-kjcb-tqcf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87597?format=json","vulnerability_id":"VCID-ez5a-1pyt-y7cs","summary":"In the Linux kernel, the following vulnerability has been resolved:  riscv: prevent pt_regs corruption for secondary idle threads  Top of the kernel thread stack should be reserved for pt_regs. However this is not the case for the idle threads of the secondary boot harts. Their stacks overlap with their pt_regs, so both may get corrupted.  Similar issue has been fixed for the primary hart, see c7cdd96eca28 (\"riscv: prevent stack corruption by reserving task_pt_regs(p) early\"). However that fix was not propagated to the secondary harts. The problem has been noticed in some CPU hotplug tests with V enabled. The function smp_callin stored several registers on stack, corrupting top of pt_regs structure including status field. As a result, kernel attempted to save or restore inexistent V context.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38667.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38667.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/0c1f28c32a194303da630fca89481334b9547b80","reference_id":"0c1f28c32a194303da630fca89481334b9547b80","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:08:46Z/"}],"url":"https://git.kernel.org/stable/c/0c1f28c32a194303da630fca89481334b9547b80"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2294219","reference_id":"2294219","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2294219"},{"reference_url":"https://git.kernel.org/stable/c/3090c06d50eaa91317f84bf3eac4c265e6cb8d44","reference_id":"3090c06d50eaa91317f84bf3eac4c265e6cb8d44","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:08:46Z/"}],"url":"https://git.kernel.org/stable/c/3090c06d50eaa91317f84bf3eac4c265e6cb8d44"},{"reference_url":"https://git.kernel.org/stable/c/a638b0461b58aa3205cd9d5f14d6f703d795b4af","reference_id":"a638b0461b58aa3205cd9d5f14d6f703d795b4af","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:08:46Z/"}],"url":"https://git.kernel.org/stable/c/a638b0461b58aa3205cd9d5f14d6f703d795b4af"},{"reference_url":"https://git.kernel.org/stable/c/ea22d4195cca13d5fdbc4d6555a2dfb8a7867a9e","reference_id":"ea22d4195cca13d5fdbc4d6555a2dfb8a7867a9e","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:08:46Z/"}],"url":"https://git.kernel.org/stable/c/ea22d4195cca13d5fdbc4d6555a2dfb8a7867a9e"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-38667"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ez5a-1pyt-y7cs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87085?format=json","vulnerability_id":"VCID-f1v8-5fwe-13d9","summary":"kernel: drm/amdgpu: add missing size check in amdgpu_debugfs_gprwave_read()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-50282.json","reference_id":"","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-50282.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2327190","reference_id":"2327190","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2327190"},{"reference_url":"https://git.kernel.org/stable/c/2faaee36e6e30f9efc7fa6bcb0bdcbe05c23f51f","reference_id":"2faaee36e6e30f9efc7fa6bcb0bdcbe05c23f51f","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-18T16:07:41Z/"}],"url":"https://git.kernel.org/stable/c/2faaee36e6e30f9efc7fa6bcb0bdcbe05c23f51f"},{"reference_url":"https://git.kernel.org/stable/c/4d75b9468021c73108b4439794d69e892b1d24e3","reference_id":"4d75b9468021c73108b4439794d69e892b1d24e3","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-18T16:07:41Z/"}],"url":"https://git.kernel.org/stable/c/4d75b9468021c73108b4439794d69e892b1d24e3"},{"reference_url":"https://git.kernel.org/stable/c/673bdb4200c092692f83b5f7ba3df57021d52d29","reference_id":"673bdb4200c092692f83b5f7ba3df57021d52d29","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-18T16:07:41Z/"}],"url":"https://git.kernel.org/stable/c/673bdb4200c092692f83b5f7ba3df57021d52d29"},{"reference_url":"https://git.kernel.org/stable/c/8906728f2fbd6504cb488f4afdd66af28f330a7a","reference_id":"8906728f2fbd6504cb488f4afdd66af28f330a7a","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-18T16:07:41Z/"}],"url":"https://git.kernel.org/stable/c/8906728f2fbd6504cb488f4afdd66af28f330a7a"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:6966","reference_id":"RHSA-2025:6966","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:6966"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-50282"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-f1v8-5fwe-13d9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82582?format=json","vulnerability_id":"VCID-f51a-6jyt-h7cw","summary":"In the Linux kernel, the following vulnerability has been resolved:  riscv: Sync efi page table's kernel mappings before switching  The EFI page table is initially created as a copy of the kernel page table. With VMAP_STACK enabled, kernel stacks are allocated in the vmalloc area: if the stack is allocated in a new PGD (one that was not present at the moment of the efi page table creation or not synced in a previous vmalloc fault), the kernel will take a trap when switching to the efi page table when the vmalloc kernel stack is accessed, resulting in a kernel panic.  Fix that by updating the efi kernel mappings before switching to the efi page table.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49004.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49004.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49004","reference_id":"","reference_type":"","scores":[{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29316","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49004"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2320794","reference_id":"2320794","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2320794"},{"reference_url":"https://git.kernel.org/stable/c/3f105a742725a1b78766a55169f1d827732e62b8","reference_id":"3f105a742725a1b78766a55169f1d827732e62b8","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:14:45Z/"}],"url":"https://git.kernel.org/stable/c/3f105a742725a1b78766a55169f1d827732e62b8"},{"reference_url":"https://git.kernel.org/stable/c/96f479383d92944406d4b3f2bc03c2f640def9f1","reference_id":"96f479383d92944406d4b3f2bc03c2f640def9f1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:14:45Z/"}],"url":"https://git.kernel.org/stable/c/96f479383d92944406d4b3f2bc03c2f640def9f1"},{"reference_url":"https://git.kernel.org/stable/c/fa7a7d185ef380546b4b1fed6f84f31dbae8cec7","reference_id":"fa7a7d185ef380546b4b1fed6f84f31dbae8cec7","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:14:45Z/"}],"url":"https://git.kernel.org/stable/c/fa7a7d185ef380546b4b1fed6f84f31dbae8cec7"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-49004"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-f51a-6jyt-h7cw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85563?format=json","vulnerability_id":"VCID-f53r-e69n-83bt","summary":"In the Linux kernel through 6.9, an untrusted hypervisor can inject virtual interrupts 0 and 14 at any point in time and can trigger the SIGFPE signal handler in userspace applications. This affects AMD SEV-SNP and AMD SEV-ES.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-25743.json","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-25743.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2270836","reference_id":"2270836","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-23T19:06:44Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2270836"},{"reference_url":"https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3008.html","reference_id":"amd-sb-3008.html","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-23T19:06:44Z/"}],"url":"https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3008.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2627","reference_id":"RHSA-2024:2627","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2627"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2628","reference_id":"RHSA-2024:2628","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2628"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2758","reference_id":"RHSA-2024:2758","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2758"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2950","reference_id":"RHSA-2024:2950","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2950"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3138","reference_id":"RHSA-2024:3138","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3138"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3421","reference_id":"RHSA-2024:3421","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3421"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3810","reference_id":"RHSA-2024:3810","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3810"},{"reference_url":"https://bugzilla.suse.com/show_bug.cgi?id=1223307","reference_id":"show_bug.cgi?id=1223307","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-23T19:06:44Z/"}],"url":"https://bugzilla.suse.com/show_bug.cgi?id=1223307"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-25743"],"risk_score":3.2,"exploitability":"0.5","weighted_severity":"6.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-f53r-e69n-83bt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59240?format=json","vulnerability_id":"VCID-f84z-phb8-8kax","summary":"kernel: batman-adv: fix integer overflow on buff_pos","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46198.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46198.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482626","reference_id":"2482626","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482626"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-46198"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-f84z-phb8-8kax"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60720?format=json","vulnerability_id":"VCID-f9f8-g4dh-37bf","summary":"kernel: srcu: Use irq_work to start GP in tiny SRCU","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43115.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43115.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467000","reference_id":"2467000","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467000"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2026-43115"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-f9f8-g4dh-37bf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82276?format=json","vulnerability_id":"VCID-fauw-8qyx-jbdj","summary":"kernel: ext4: update s_journal_inum if it changes after journal replay","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53091.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53091.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2363753","reference_id":"2363753","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2363753"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-53091"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fauw-8qyx-jbdj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59452?format=json","vulnerability_id":"VCID-fb3f-de71-r3c5","summary":"kernel: ipvs: skip ipv6 extension headers for csum checks","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45850.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45850.json"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482022","reference_id":"2482022","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482022"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2026-45850"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fb3f-de71-r3c5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74413?format=json","vulnerability_id":"VCID-fh89-6z3c-4bfp","summary":"kernel: virtio_net: Fix error unwinding of XDP initialization","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53499.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53499.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2400779","reference_id":"2400779","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2400779"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6583","reference_id":"RHSA-2023:6583","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6583"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-53499"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fh89-6z3c-4bfp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85114?format=json","vulnerability_id":"VCID-fnnr-tm5p-xfh6","summary":"kernel: wifi: brcmfmac: Check the return value of of_property_read_string_index()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21750.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21750.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2348656","reference_id":"2348656","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2348656"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:20095","reference_id":"RHSA-2025:20095","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:20095"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-21750"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fnnr-tm5p-xfh6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62387?format=json","vulnerability_id":"VCID-fptm-c493-gfcz","summary":"kernel: netfilter: nf_conntrack_expect: skip expectations in other netns via proc","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31496.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31496.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460701","reference_id":"2460701","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460701"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2026-31496"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fptm-c493-gfcz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85016?format=json","vulnerability_id":"VCID-fqhm-26fy-63fn","summary":"kernel: misc: fastrpc: Fix copy buffer page size","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21734.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21734.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2348569","reference_id":"2348569","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2348569"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-21734"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fqhm-26fy-63fn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88098?format=json","vulnerability_id":"VCID-fr94-wq8t-ybfs","summary":"kernel: wifi: iwlwifi: mvm: avoid NULL pointer dereference","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-49929.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-49929.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2320497","reference_id":"2320497","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2320497"},{"reference_url":"https://git.kernel.org/stable/c/557a6cd847645e667f3b362560bd7e7c09aac284","reference_id":"557a6cd847645e667f3b362560bd7e7c09aac284","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:39:18Z/"}],"url":"https://git.kernel.org/stable/c/557a6cd847645e667f3b362560bd7e7c09aac284"},{"reference_url":"https://git.kernel.org/stable/c/6dcadb2ed3b76623ab96e3e7fbeda1a374d01c28","reference_id":"6dcadb2ed3b76623ab96e3e7fbeda1a374d01c28","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:39:18Z/"}],"url":"https://git.kernel.org/stable/c/6dcadb2ed3b76623ab96e3e7fbeda1a374d01c28"},{"reference_url":"https://git.kernel.org/stable/c/c0b4f5d94934c290479180868a32c15ba36a6d9e","reference_id":"c0b4f5d94934c290479180868a32c15ba36a6d9e","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:39:18Z/"}],"url":"https://git.kernel.org/stable/c/c0b4f5d94934c290479180868a32c15ba36a6d9e"},{"reference_url":"https://git.kernel.org/stable/c/cbc6fc9cfcde151ff5eadaefdc6155f99579384f","reference_id":"cbc6fc9cfcde151ff5eadaefdc6155f99579384f","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:39:18Z/"}],"url":"https://git.kernel.org/stable/c/cbc6fc9cfcde151ff5eadaefdc6155f99579384f"},{"reference_url":"https://git.kernel.org/stable/c/cdbf51bfa4b0411820806777da36d93d49bc49a1","reference_id":"cdbf51bfa4b0411820806777da36d93d49bc49a1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:39:18Z/"}],"url":"https://git.kernel.org/stable/c/cdbf51bfa4b0411820806777da36d93d49bc49a1"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:6966","reference_id":"RHSA-2025:6966","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:6966"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-49929"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fr94-wq8t-ybfs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72298?format=json","vulnerability_id":"VCID-frmd-ez2d-7yea","summary":"kernel: netfilter: nft_objref: validate objref and objrefmap expressions","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40206.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40206.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2414712","reference_id":"2414712","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2414712"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2025-40206"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-frmd-ez2d-7yea"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87903?format=json","vulnerability_id":"VCID-frpx-4t3w-p3ej","summary":"In the Linux kernel, the following vulnerability has been resolved:  ASoC: topology: Fix references to freed memory  Most users after parsing a topology file, release memory used by it, so having pointer references directly into topology file contents is wrong. Use devm_kmemdup(), to allocate memory as needed.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-41069.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-41069.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2300446","reference_id":"2300446","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2300446"},{"reference_url":"https://git.kernel.org/stable/c/97ab304ecd95c0b1703ff8c8c3956dc6e2afe8e1","reference_id":"97ab304ecd95c0b1703ff8c8c3956dc6e2afe8e1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:21:43Z/"}],"url":"https://git.kernel.org/stable/c/97ab304ecd95c0b1703ff8c8c3956dc6e2afe8e1"},{"reference_url":"https://git.kernel.org/stable/c/ab5a6208b4d6872b1c6ecea1867940fc668cc76d","reference_id":"ab5a6208b4d6872b1c6ecea1867940fc668cc76d","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:21:43Z/"}],"url":"https://git.kernel.org/stable/c/ab5a6208b4d6872b1c6ecea1867940fc668cc76d"},{"reference_url":"https://git.kernel.org/stable/c/b188d7f3dfab10e332e3c1066e18857964a520d2","reference_id":"b188d7f3dfab10e332e3c1066e18857964a520d2","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:21:43Z/"}],"url":"https://git.kernel.org/stable/c/b188d7f3dfab10e332e3c1066e18857964a520d2"},{"reference_url":"https://git.kernel.org/stable/c/ccae5c6a1fab9494c86b7856faf05e296c617702","reference_id":"ccae5c6a1fab9494c86b7856faf05e296c617702","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:21:43Z/"}],"url":"https://git.kernel.org/stable/c/ccae5c6a1fab9494c86b7856faf05e296c617702"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-41069"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-frpx-4t3w-p3ej"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86233?format=json","vulnerability_id":"VCID-frz7-aqed-m7d3","summary":"kernel: wifi: rtlwifi: Drastically reduce the attempts to read efuse in case of failures","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-53190.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-53190.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2334408","reference_id":"2334408","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2334408"},{"reference_url":"https://git.kernel.org/stable/c/5c1b544563005a00591a3aa86ecff62ed4d11be3","reference_id":"5c1b544563005a00591a3aa86ecff62ed4d11be3","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T20:04:10Z/"}],"url":"https://git.kernel.org/stable/c/5c1b544563005a00591a3aa86ecff62ed4d11be3"},{"reference_url":"https://git.kernel.org/stable/c/8f3551f67991652c83469c7dd51d7b9b187b265f","reference_id":"8f3551f67991652c83469c7dd51d7b9b187b265f","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T20:04:10Z/"}],"url":"https://git.kernel.org/stable/c/8f3551f67991652c83469c7dd51d7b9b187b265f"},{"reference_url":"https://git.kernel.org/stable/c/ac064c656f105b9122bc43991a170f95f72b7a43","reference_id":"ac064c656f105b9122bc43991a170f95f72b7a43","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T20:04:10Z/"}],"url":"https://git.kernel.org/stable/c/ac064c656f105b9122bc43991a170f95f72b7a43"},{"reference_url":"https://git.kernel.org/stable/c/c386fb76f01794f1023d01a6ec5f5c93d00acd3b","reference_id":"c386fb76f01794f1023d01a6ec5f5c93d00acd3b","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T20:04:10Z/"}],"url":"https://git.kernel.org/stable/c/c386fb76f01794f1023d01a6ec5f5c93d00acd3b"},{"reference_url":"https://git.kernel.org/stable/c/eeb0b9b9e66b0b54cdad8e1c1cf0f55e8ba4211c","reference_id":"eeb0b9b9e66b0b54cdad8e1c1cf0f55e8ba4211c","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T20:04:10Z/"}],"url":"https://git.kernel.org/stable/c/eeb0b9b9e66b0b54cdad8e1c1cf0f55e8ba4211c"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:6966","reference_id":"RHSA-2025:6966","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:6966"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-53190"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-frz7-aqed-m7d3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79970?format=json","vulnerability_id":"VCID-fs8p-w5zy-j7ge","summary":"kernel: KVM: x86/mmu: Treat NX as a valid SPTE bit for NPT","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50224.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50224.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50224","reference_id":"","reference_type":"","scores":[{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22384","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50224"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2373498","reference_id":"2373498","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2373498"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2458","reference_id":"RHSA-2023:2458","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2458"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-50224"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fs8p-w5zy-j7ge"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88643?format=json","vulnerability_id":"VCID-fsg8-3wuq-77g8","summary":"In the Linux kernel, the following vulnerability has been resolved:  sched/smt: Fix unbalance sched_smt_present dec/inc  I got the following warn report while doing stress test:  jump label: negative count! WARNING: CPU: 3 PID: 38 at kernel/jump_label.c:263 static_key_slow_try_dec+0x9d/0xb0 Call Trace:  <TASK>  __static_key_slow_dec_cpuslocked+0x16/0x70  sched_cpu_deactivate+0x26e/0x2a0  cpuhp_invoke_callback+0x3ad/0x10d0  cpuhp_thread_fun+0x3f5/0x680  smpboot_thread_fn+0x56d/0x8d0  kthread+0x309/0x400  ret_from_fork+0x41/0x70  ret_from_fork_asm+0x1b/0x30  </TASK>  Because when cpuset_cpu_inactive() fails in sched_cpu_deactivate(), the cpu offline failed, but sched_smt_present is decremented before calling sched_cpu_deactivate(), it leads to unbalanced dec/inc, so fix it by incrementing sched_smt_present in the error path.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-44958.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-44958.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2309789","reference_id":"2309789","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2309789"},{"reference_url":"https://git.kernel.org/stable/c/2a3548c7ef2e135aee40e7e5e44e7d11b893e7c4","reference_id":"2a3548c7ef2e135aee40e7e5e44e7d11b893e7c4","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:39:57Z/"}],"url":"https://git.kernel.org/stable/c/2a3548c7ef2e135aee40e7e5e44e7d11b893e7c4"},{"reference_url":"https://git.kernel.org/stable/c/2cf7665efe451e48d27953e6b5bc627d518c902b","reference_id":"2cf7665efe451e48d27953e6b5bc627d518c902b","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:39:57Z/"}],"url":"https://git.kernel.org/stable/c/2cf7665efe451e48d27953e6b5bc627d518c902b"},{"reference_url":"https://git.kernel.org/stable/c/65727331b60197b742089855ac09464c22b96f66","reference_id":"65727331b60197b742089855ac09464c22b96f66","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:39:57Z/"}],"url":"https://git.kernel.org/stable/c/65727331b60197b742089855ac09464c22b96f66"},{"reference_url":"https://git.kernel.org/stable/c/d0c87a3c6be10a57aa3463c32c3fc6b2a47c3dab","reference_id":"d0c87a3c6be10a57aa3463c32c3fc6b2a47c3dab","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:39:57Z/"}],"url":"https://git.kernel.org/stable/c/d0c87a3c6be10a57aa3463c32c3fc6b2a47c3dab"},{"reference_url":"https://git.kernel.org/stable/c/e22f910a26cc2a3ac9c66b8e935ef2a7dd881117","reference_id":"e22f910a26cc2a3ac9c66b8e935ef2a7dd881117","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:39:57Z/"}],"url":"https://git.kernel.org/stable/c/e22f910a26cc2a3ac9c66b8e935ef2a7dd881117"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:6966","reference_id":"RHSA-2025:6966","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:6966"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-44958"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fsg8-3wuq-77g8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87625?format=json","vulnerability_id":"VCID-fu29-vk8g-77ge","summary":"In the Linux kernel, the following vulnerability has been resolved:  xfs: fix log recovery buffer allocation for the legacy h_size fixup  Commit a70f9fe52daa (\"xfs: detect and handle invalid iclog size set by mkfs\") added a fixup for incorrect h_size values used for the initial umount record in old xfsprogs versions.  Later commit 0c771b99d6c9 (\"xfs: clean up calculation of LR header blocks\") cleaned up the log reover buffer calculation, but stoped using the fixed up h_size value to size the log recovery buffer, which can lead to an out of bounds access when the incorrect h_size does not come from the old mkfs tool, but a fuzzer.  Fix this by open coding xlog_logrec_hblks and taking the fixed h_size into account for this calculation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-39472.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-39472.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2296067","reference_id":"2296067","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2296067"},{"reference_url":"https://git.kernel.org/stable/c/45cf976008ddef4a9c9a30310c9b4fb2a9a6602a","reference_id":"45cf976008ddef4a9c9a30310c9b4fb2a9a6602a","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:07:45Z/"}],"url":"https://git.kernel.org/stable/c/45cf976008ddef4a9c9a30310c9b4fb2a9a6602a"},{"reference_url":"https://git.kernel.org/stable/c/57835c0e7152e36b03875dd6c56dfeed685c1b1f","reference_id":"57835c0e7152e36b03875dd6c56dfeed685c1b1f","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:07:45Z/"}],"url":"https://git.kernel.org/stable/c/57835c0e7152e36b03875dd6c56dfeed685c1b1f"},{"reference_url":"https://git.kernel.org/stable/c/c2389c074973aa94e34992e7f66dac0de37595b5","reference_id":"c2389c074973aa94e34992e7f66dac0de37595b5","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:07:45Z/"}],"url":"https://git.kernel.org/stable/c/c2389c074973aa94e34992e7f66dac0de37595b5"},{"reference_url":"https://git.kernel.org/stable/c/f754591b17d0ee91c2b45fe9509d0cdc420527cb","reference_id":"f754591b17d0ee91c2b45fe9509d0cdc420527cb","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:07:45Z/"}],"url":"https://git.kernel.org/stable/c/f754591b17d0ee91c2b45fe9509d0cdc420527cb"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5101","reference_id":"RHSA-2024:5101","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5101"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5102","reference_id":"RHSA-2024:5102","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5102"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8157","reference_id":"RHSA-2024:8157","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8157"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8158","reference_id":"RHSA-2024:8158","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8158"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8617","reference_id":"RHSA-2024:8617","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8617"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-39472"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fu29-vk8g-77ge"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85538?format=json","vulnerability_id":"VCID-fwx3-j7jx-bfg3","summary":"kernel: riscv: Fix sleeping in invalid context in die()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-57939.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-57939.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/10c24df2e303f517fab0359392c11b6b1d553f2b","reference_id":"10c24df2e303f517fab0359392c11b6b1d553f2b","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:52:46Z/"}],"url":"https://git.kernel.org/stable/c/10c24df2e303f517fab0359392c11b6b1d553f2b"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2339137","reference_id":"2339137","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2339137"},{"reference_url":"https://git.kernel.org/stable/c/6a97f4118ac07cfdc316433f385dbdc12af5025e","reference_id":"6a97f4118ac07cfdc316433f385dbdc12af5025e","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:52:46Z/"}],"url":"https://git.kernel.org/stable/c/6a97f4118ac07cfdc316433f385dbdc12af5025e"},{"reference_url":"https://git.kernel.org/stable/c/76ab0afcdbe8c9685b589016ee1c0e25fe596707","reference_id":"76ab0afcdbe8c9685b589016ee1c0e25fe596707","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:52:46Z/"}],"url":"https://git.kernel.org/stable/c/76ab0afcdbe8c9685b589016ee1c0e25fe596707"},{"reference_url":"https://git.kernel.org/stable/c/8c38baa03ac8e18140faf36a3b955d30cad48e74","reference_id":"8c38baa03ac8e18140faf36a3b955d30cad48e74","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:52:46Z/"}],"url":"https://git.kernel.org/stable/c/8c38baa03ac8e18140faf36a3b955d30cad48e74"},{"reference_url":"https://git.kernel.org/stable/c/c21df31fc2a4afc02a6e56511364e9e793ea92ec","reference_id":"c21df31fc2a4afc02a6e56511364e9e793ea92ec","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:52:46Z/"}],"url":"https://git.kernel.org/stable/c/c21df31fc2a4afc02a6e56511364e9e793ea92ec"},{"reference_url":"https://git.kernel.org/stable/c/f48f060a4b36b5e96628f6c3fb1540f1e8dedb69","reference_id":"f48f060a4b36b5e96628f6c3fb1540f1e8dedb69","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:52:46Z/"}],"url":"https://git.kernel.org/stable/c/f48f060a4b36b5e96628f6c3fb1540f1e8dedb69"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-57939"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fwx3-j7jx-bfg3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80031?format=json","vulnerability_id":"VCID-fxrm-kyzh-ducy","summary":"kernel: bpf: Do mark_chain_precision for ARG_CONST_ALLOC_SIZE_OR_ZERO","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49961.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49961.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49961","reference_id":"","reference_type":"","scores":[{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21887","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49961"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2373530","reference_id":"2373530","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2373530"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2458","reference_id":"RHSA-2023:2458","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2458"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-49961"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fxrm-kyzh-ducy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77040?format=json","vulnerability_id":"VCID-fxxf-aqcu-mqbk","summary":"kernel: powerpc/eeh: Make EEH driver device hotplug safe","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38576.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38576.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2389460","reference_id":"2389460","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2389460"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-38576"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fxxf-aqcu-mqbk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/76637?format=json","vulnerability_id":"VCID-fxz3-jr4m-byg2","summary":"kernel: fbdev: Fix vmalloc out-of-bounds write in fast_imageblit","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38685.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38685.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2393186","reference_id":"2393186","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2393186"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-38685"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fxz3-jr4m-byg2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59318?format=json","vulnerability_id":"VCID-fy33-gfnq-bbc5","summary":"kernel: slip: bound decode() reads against the compressed packet length","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45843.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45843.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2481869","reference_id":"2481869","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2481869"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2026-45843"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fy33-gfnq-bbc5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88617?format=json","vulnerability_id":"VCID-fye4-pj97-ybc2","summary":"In the Linux kernel, the following vulnerability has been resolved:  net: bridge: mcast: wait for previous gc cycles when removing port  syzbot hit a use-after-free[1] which is caused because the bridge doesn't make sure that all previous garbage has been collected when removing a port. What happens is:       CPU 1                   CPU 2  start gc cycle           remove port                          acquire gc lock first  wait for lock                          call br_multicasg_gc() directly  acquire lock now but    free port  the port can be freed  while grp timers still  running  Make sure all previous gc cycles have finished by using flush_work before freeing the port.  [1]   BUG: KASAN: slab-use-after-free in br_multicast_port_group_expired+0x4c0/0x550 net/bridge/br_multicast.c:861   Read of size 8 at addr ffff888071d6d000 by task syz.5.1232/9699    CPU: 1 PID: 9699 Comm: syz.5.1232 Not tainted 6.10.0-rc5-syzkaller-00021-g24ca36a562d6 #0   Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024   Call Trace:    <IRQ>    __dump_stack lib/dump_stack.c:88 [inline]    dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:114    print_address_description mm/kasan/report.c:377 [inline]    print_report+0xc3/0x620 mm/kasan/report.c:488    kasan_report+0xd9/0x110 mm/kasan/report.c:601    br_multicast_port_group_expired+0x4c0/0x550 net/bridge/br_multicast.c:861    call_timer_fn+0x1a3/0x610 kernel/time/timer.c:1792    expire_timers kernel/time/timer.c:1843 [inline]    __run_timers+0x74b/0xaf0 kernel/time/timer.c:2417    __run_timer_base kernel/time/timer.c:2428 [inline]    __run_timer_base kernel/time/timer.c:2421 [inline]    run_timer_base+0x111/0x190 kernel/time/timer.c:2437","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-44934.json","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-44934.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/0d8b26e10e680c01522d7cc14abe04c3265a928f","reference_id":"0d8b26e10e680c01522d7cc14abe04c3265a928f","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:27:51Z/"}],"url":"https://git.kernel.org/stable/c/0d8b26e10e680c01522d7cc14abe04c3265a928f"},{"reference_url":"https://git.kernel.org/stable/c/1e16828020c674b3be85f52685e8b80f9008f50f","reference_id":"1e16828020c674b3be85f52685e8b80f9008f50f","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:27:51Z/"}],"url":"https://git.kernel.org/stable/c/1e16828020c674b3be85f52685e8b80f9008f50f"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2307891","reference_id":"2307891","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2307891"},{"reference_url":"https://git.kernel.org/stable/c/92c4ee25208d0f35dafc3213cdf355fbe449e078","reference_id":"92c4ee25208d0f35dafc3213cdf355fbe449e078","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:27:51Z/"}],"url":"https://git.kernel.org/stable/c/92c4ee25208d0f35dafc3213cdf355fbe449e078"},{"reference_url":"https://git.kernel.org/stable/c/b2f794b168cf560682ff976b255aa6d29d14a658","reference_id":"b2f794b168cf560682ff976b255aa6d29d14a658","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:27:51Z/"}],"url":"https://git.kernel.org/stable/c/b2f794b168cf560682ff976b255aa6d29d14a658"},{"reference_url":"https://git.kernel.org/stable/c/e3145ca904fa8dbfd1a5bf0187905bc117b0efce","reference_id":"e3145ca904fa8dbfd1a5bf0187905bc117b0efce","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:27:51Z/"}],"url":"https://git.kernel.org/stable/c/e3145ca904fa8dbfd1a5bf0187905bc117b0efce"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:6966","reference_id":"RHSA-2025:6966","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:6966"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-44934"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fye4-pj97-ybc2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/67830?format=json","vulnerability_id":"VCID-fz15-zw8j-dubq","summary":"kernel: Linux kernel: Denial of Service via unsafe requeue in rxrpc_recvmsg","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23066.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23066.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2436805","reference_id":"2436805","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2436805"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10108","reference_id":"RHSA-2026:10108","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10108"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9095","reference_id":"RHSA-2026:9095","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9112","reference_id":"RHSA-2026:9112","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9112"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9512","reference_id":"RHSA-2026:9512","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9512"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9644","reference_id":"RHSA-2026:9644","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9644"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-23066"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fz15-zw8j-dubq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73164?format=json","vulnerability_id":"VCID-g19m-1pvd-wqhh","summary":"kernel: net: nfc: nci: Add parameter validation for packet data","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40043.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40043.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2406754","reference_id":"2406754","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2406754"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-40043"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g19m-1pvd-wqhh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59147?format=json","vulnerability_id":"VCID-g3md-db23-abgk","summary":"kernel: scsi: target: configfs: Bound snprintf() return in tg_pt_gp_members_show()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46149.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46149.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482566","reference_id":"2482566","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482566"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-46149"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g3md-db23-abgk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61427?format=json","vulnerability_id":"VCID-g5ag-7be1-6khu","summary":"kernel: ALSA: caiaq: take a reference on the USB device in create_card()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31701.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31701.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2464380","reference_id":"2464380","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2464380"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-31701"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g5ag-7be1-6khu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81279?format=json","vulnerability_id":"VCID-g5f2-9wpx-rkdw","summary":"In the Linux kernel, the following vulnerability has been resolved:  netfilter: nf_tables: skip netdev events generated on netns removal  syzbot reported following (harmless) WARN:   WARNING: CPU: 1 PID: 2648 at net/netfilter/core.c:468   nft_netdev_unregister_hooks net/netfilter/nf_tables_api.c:230 [inline]   nf_tables_unregister_hook include/net/netfilter/nf_tables.h:1090 [inline]   __nft_release_basechain+0x138/0x640 net/netfilter/nf_tables_api.c:9524   nft_netdev_event net/netfilter/nft_chain_filter.c:351 [inline]   nf_tables_netdev_event+0x521/0x8a0 net/netfilter/nft_chain_filter.c:382  reproducer: unshare -n bash -c 'ip link add br0 type bridge; nft add table netdev t ; \\  nft add chain netdev t ingress \\{ type filter hook ingress device \"br0\" \\  priority 0\\; policy drop\\; \\}'  Problem is that when netns device exit hooks create the UNREGISTER event, the .pre_exit hook for nf_tables core has already removed the base hook.  Notifier attempts to do this again.  The need to do base hook unregister unconditionally was needed in the past, because notifier was last stage where reg->dev dereference was safe.  Now that nf_tables does the hook removal in .pre_exit, this isn't needed anymore.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47452.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47452.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-47452","reference_id":"","reference_type":"","scores":[{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02888","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-47452"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2282906","reference_id":"2282906","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2282906"},{"reference_url":"https://git.kernel.org/stable/c/68a3765c659f809dcaac20030853a054646eb739","reference_id":"68a3765c659f809dcaac20030853a054646eb739","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-10T18:55:58Z/"}],"url":"https://git.kernel.org/stable/c/68a3765c659f809dcaac20030853a054646eb739"},{"reference_url":"https://git.kernel.org/stable/c/90c7c58aa2bd02c65a4c63b7dfe0b16eab12cf9f","reference_id":"90c7c58aa2bd02c65a4c63b7dfe0b16eab12cf9f","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-10T18:55:58Z/"}],"url":"https://git.kernel.org/stable/c/90c7c58aa2bd02c65a4c63b7dfe0b16eab12cf9f"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2021-47452"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g5f2-9wpx-rkdw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66968?format=json","vulnerability_id":"VCID-g5n6-x3hv-9fh2","summary":"kernel: net/sched: cls_u32: use skb_header_pointer_careful()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23204.json","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23204.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2439931","reference_id":"2439931","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2439931"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10108","reference_id":"RHSA-2026:10108","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10108"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10756","reference_id":"RHSA-2026:10756","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10756"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19568","reference_id":"RHSA-2026:19568","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19568"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6036","reference_id":"RHSA-2026:6036","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6036"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6037","reference_id":"RHSA-2026:6037","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6037"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6153","reference_id":"RHSA-2026:6153","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6153"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6632","reference_id":"RHSA-2026:6632","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6632"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8342","reference_id":"RHSA-2026:8342","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8342"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9112","reference_id":"RHSA-2026:9112","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9112"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9512","reference_id":"RHSA-2026:9512","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9512"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9513","reference_id":"RHSA-2026:9513","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9513"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9514","reference_id":"RHSA-2026:9514","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9514"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9515","reference_id":"RHSA-2026:9515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9643","reference_id":"RHSA-2026:9643","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9643"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9644","reference_id":"RHSA-2026:9644","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9644"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9835","reference_id":"RHSA-2026:9835","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9835"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9836","reference_id":"RHSA-2026:9836","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9836"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9870","reference_id":"RHSA-2026:9870","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9870"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2026-23204"],"risk_score":3.3,"exploitability":"0.5","weighted_severity":"6.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g5n6-x3hv-9fh2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86340?format=json","vulnerability_id":"VCID-g6ja-ky46-e3bq","summary":"kernel: drm/amdgpu: fix usage slab after free","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56551.json","reference_id":"","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56551.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/05b1b33936b71e5f189a813a517f72e8a27fcb2f","reference_id":"05b1b33936b71e5f189a813a517f72e8a27fcb2f","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T16:07:43Z/"}],"url":"https://git.kernel.org/stable/c/05b1b33936b71e5f189a813a517f72e8a27fcb2f"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2334479","reference_id":"2334479","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2334479"},{"reference_url":"https://git.kernel.org/stable/c/3990ef742c064e22189b954522930db04fc6b1a7","reference_id":"3990ef742c064e22189b954522930db04fc6b1a7","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T16:07:43Z/"}],"url":"https://git.kernel.org/stable/c/3990ef742c064e22189b954522930db04fc6b1a7"},{"reference_url":"https://git.kernel.org/stable/c/3cc1116de10953f0265a05d9f351b02a9ec3b497","reference_id":"3cc1116de10953f0265a05d9f351b02a9ec3b497","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T16:07:43Z/"}],"url":"https://git.kernel.org/stable/c/3cc1116de10953f0265a05d9f351b02a9ec3b497"},{"reference_url":"https://git.kernel.org/stable/c/6383199ada42d30562b4249c393592a2a9c38165","reference_id":"6383199ada42d30562b4249c393592a2a9c38165","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T16:07:43Z/"}],"url":"https://git.kernel.org/stable/c/6383199ada42d30562b4249c393592a2a9c38165"},{"reference_url":"https://git.kernel.org/stable/c/b61badd20b443eabe132314669bb51a263982e5c","reference_id":"b61badd20b443eabe132314669bb51a263982e5c","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T16:07:43Z/"}],"url":"https://git.kernel.org/stable/c/b61badd20b443eabe132314669bb51a263982e5c"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:6966","reference_id":"RHSA-2025:6966","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:6966"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-56551"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g6ja-ky46-e3bq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88792?format=json","vulnerability_id":"VCID-g7re-rt9s-nbae","summary":"kernel: platform/x86: panasonic-laptop: Fix SINF array out of bounds accesses","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-46859.json","reference_id":"","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-46859.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315211","reference_id":"2315211","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315211"},{"reference_url":"https://git.kernel.org/stable/c/6821a82616f60aa72c5909b3e252ad97fb9f7e2a","reference_id":"6821a82616f60aa72c5909b3e252ad97fb9f7e2a","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T13:57:08Z/"}],"url":"https://git.kernel.org/stable/c/6821a82616f60aa72c5909b3e252ad97fb9f7e2a"},{"reference_url":"https://git.kernel.org/stable/c/9291fadbd2720a869b1d2fcf82305648e2e62a16","reference_id":"9291fadbd2720a869b1d2fcf82305648e2e62a16","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T13:57:08Z/"}],"url":"https://git.kernel.org/stable/c/9291fadbd2720a869b1d2fcf82305648e2e62a16"},{"reference_url":"https://git.kernel.org/stable/c/b38c19783286a71693c2194ed1b36665168c09c4","reference_id":"b38c19783286a71693c2194ed1b36665168c09c4","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T13:57:08Z/"}],"url":"https://git.kernel.org/stable/c/b38c19783286a71693c2194ed1b36665168c09c4"},{"reference_url":"https://git.kernel.org/stable/c/b7c2f692307fe704be87ea80d7328782b33c3cef","reference_id":"b7c2f692307fe704be87ea80d7328782b33c3cef","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T13:57:08Z/"}],"url":"https://git.kernel.org/stable/c/b7c2f692307fe704be87ea80d7328782b33c3cef"},{"reference_url":"https://git.kernel.org/stable/c/f52e98d16e9bd7dd2b3aef8e38db5cbc9899d6a4","reference_id":"f52e98d16e9bd7dd2b3aef8e38db5cbc9899d6a4","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T13:57:08Z/"}],"url":"https://git.kernel.org/stable/c/f52e98d16e9bd7dd2b3aef8e38db5cbc9899d6a4"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-46859"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g7re-rt9s-nbae"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82916?format=json","vulnerability_id":"VCID-g8az-rptz-rked","summary":"In the Linux kernel, the following vulnerability has been resolved:  xsk: Fix race at socket teardown  Fix a race in the xsk socket teardown code that can lead to a NULL pointer dereference splat. The current xsk unbind code in xsk_unbind_dev() starts by setting xs->state to XSK_UNBOUND, sets xs->dev to NULL and then waits for any NAPI processing to terminate using synchronize_net(). After that, the release code starts to tear down the socket state and free allocated memory.    BUG: kernel NULL pointer dereference, address: 00000000000000c0   PGD 8000000932469067 P4D 8000000932469067 PUD 0   Oops: 0000 [#1] PREEMPT SMP PTI   CPU: 25 PID: 69132 Comm: grpcpp_sync_ser Tainted: G          I       5.16.0+ #2   Hardware name: Dell Inc. PowerEdge R730/0599V5, BIOS 1.2.10 03/09/2015   RIP: 0010:__xsk_sendmsg+0x2c/0x690   [...]   RSP: 0018:ffffa2348bd13d50 EFLAGS: 00010246   RAX: 0000000000000000 RBX: 0000000000000040 RCX: ffff8d5fc632d258   RDX: 0000000000400000 RSI: ffffa2348bd13e10 RDI: ffff8d5fc5489800   RBP: ffffa2348bd13db0 R08: 0000000000000000 R09: 00007ffffffff000   R10: 0000000000000000 R11: 0000000000000000 R12: ffff8d5fc5489800   R13: ffff8d5fcb0f5140 R14: ffff8d5fcb0f5140 R15: 0000000000000000   FS:  00007f991cff9400(0000) GS:ffff8d6f1f700000(0000) knlGS:0000000000000000   CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033   CR2: 00000000000000c0 CR3: 0000000114888005 CR4: 00000000001706e0   Call Trace:   <TASK>   ? aa_sk_perm+0x43/0x1b0   xsk_sendmsg+0xf0/0x110   sock_sendmsg+0x65/0x70   __sys_sendto+0x113/0x190   ? debug_smp_processor_id+0x17/0x20   ? fpregs_assert_state_consistent+0x23/0x50   ? exit_to_user_mode_prepare+0xa5/0x1d0   __x64_sys_sendto+0x29/0x30   do_syscall_64+0x3b/0xc0   entry_SYSCALL_64_after_hwframe+0x44/0xae  There are two problems with the current code. First, setting xs->dev to NULL before waiting for all users to stop using the socket is not correct. The entry to the data plane functions xsk_poll(), xsk_sendmsg(), and xsk_recvmsg() are all guarded by a test that xs->state is in the state XSK_BOUND and if not, it returns right away. But one process might have passed this test but still have not gotten to the point in which it uses xs->dev in the code. In this interim, a second process executing xsk_unbind_dev() might have set xs->dev to NULL which will lead to a crash for the first process. The solution here is just to get rid of this NULL assignment since it is not used anymore. Before commit 42fddcc7c64b (\"xsk: use state member for socket synchronization\"), xs->dev was the gatekeeper to admit processes into the data plane functions, but it was replaced with the state variable xs->state in the aforementioned commit.  The second problem is that synchronize_net() does not wait for any process in xsk_poll(), xsk_sendmsg(), or xsk_recvmsg() to complete, which means that the state they rely on might be cleaned up prematurely. This can happen when the notifier gets called (at driver unload for example) as it uses xsk_unbind_dev(). Solve this by extending the RCU critical region from just the ndo_xsk_wakeup to the whole functions mentioned above, so that both the test of xs->state == XSK_BOUND and the last use of any member of xs is covered by the RCU critical section. This will guarantee that when synchronize_net() completes, there will be no processes left executing xsk_poll(), xsk_sendmsg(), or xsk_recvmsg() and state can be cleaned up safely. Note that we need to drop the RCU lock for the skb xmit path as it uses functions that might sleep. Due to this, we have to retest the xs->state after we grab the mutex that protects the skb xmit code from, among a number of things, an xsk_unbind_dev() being executed from the notifier at the same time.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49215.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49215.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49215","reference_id":"","reference_type":"","scores":[{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01373","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49215"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/18b1ab7aa76bde181bdb1ab19a87fa9523c32f21","reference_id":"18b1ab7aa76bde181bdb1ab19a87fa9523c32f21","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:46:39Z/"}],"url":"https://git.kernel.org/stable/c/18b1ab7aa76bde181bdb1ab19a87fa9523c32f21"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2347654","reference_id":"2347654","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2347654"},{"reference_url":"https://git.kernel.org/stable/c/8a2dea162b92c322f3e42eae0c4a74b8d20aa7a9","reference_id":"8a2dea162b92c322f3e42eae0c4a74b8d20aa7a9","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:46:39Z/"}],"url":"https://git.kernel.org/stable/c/8a2dea162b92c322f3e42eae0c4a74b8d20aa7a9"},{"reference_url":"https://git.kernel.org/stable/c/ad7219cd8751bd258b9d1e69ae0654ec00f71875","reference_id":"ad7219cd8751bd258b9d1e69ae0654ec00f71875","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:46:39Z/"}],"url":"https://git.kernel.org/stable/c/ad7219cd8751bd258b9d1e69ae0654ec00f71875"},{"reference_url":"https://git.kernel.org/stable/c/d1579253ffce39986e7a6ab757ac93b2680a665f","reference_id":"d1579253ffce39986e7a6ab757ac93b2680a665f","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:46:39Z/"}],"url":"https://git.kernel.org/stable/c/d1579253ffce39986e7a6ab757ac93b2680a665f"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8267","reference_id":"RHSA-2022:8267","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8267"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-49215"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g8az-rptz-rked"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84644?format=json","vulnerability_id":"VCID-g8rh-9k9y-1ka5","summary":"In the Linux kernel, the following vulnerability has been resolved:  riscv: Check if the code to patch lies in the exit section  Otherwise we fall through to vmalloc_to_page() which panics since the address does not lie in the vmalloc region.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52677.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52677.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/1d7a03052846f34d624d0ab41a879adf5e85c85f","reference_id":"1d7a03052846f34d624d0ab41a879adf5e85c85f","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-28T19:44:25Z/"}],"url":"https://git.kernel.org/stable/c/1d7a03052846f34d624d0ab41a879adf5e85c85f"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2281330","reference_id":"2281330","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2281330"},{"reference_url":"https://git.kernel.org/stable/c/420370f3ae3d3b883813fd3051a38805160b2b9f","reference_id":"420370f3ae3d3b883813fd3051a38805160b2b9f","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-28T19:44:25Z/"}],"url":"https://git.kernel.org/stable/c/420370f3ae3d3b883813fd3051a38805160b2b9f"},{"reference_url":"https://git.kernel.org/stable/c/890cfe5337e0aaf03ece1429db04d23c88da72e7","reference_id":"890cfe5337e0aaf03ece1429db04d23c88da72e7","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-28T19:44:25Z/"}],"url":"https://git.kernel.org/stable/c/890cfe5337e0aaf03ece1429db04d23c88da72e7"},{"reference_url":"https://git.kernel.org/stable/c/8db56df4a954b774bdc68917046a685a9fa2e4bc","reference_id":"8db56df4a954b774bdc68917046a685a9fa2e4bc","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-28T19:44:25Z/"}],"url":"https://git.kernel.org/stable/c/8db56df4a954b774bdc68917046a685a9fa2e4bc"},{"reference_url":"https://git.kernel.org/stable/c/938f70d14618ec72e10d6fcf8a546134136d7c13","reference_id":"938f70d14618ec72e10d6fcf8a546134136d7c13","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-28T19:44:25Z/"}],"url":"https://git.kernel.org/stable/c/938f70d14618ec72e10d6fcf8a546134136d7c13"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-52677"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g8rh-9k9y-1ka5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61587?format=json","vulnerability_id":"VCID-g9h7-bb5y-8fab","summary":"kernel: fuse: reject oversized dirents in page cache","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31694.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31694.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2464503","reference_id":"2464503","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2464503"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-31694"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g9h7-bb5y-8fab"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59083?format=json","vulnerability_id":"VCID-gajs-fj4s-tkgm","summary":"kernel: ALSA: pcm: oss: Fix data race at accessing runtime.oss.trigger","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46157.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46157.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482522","reference_id":"2482522","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482522"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-46157"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gajs-fj4s-tkgm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70259?format=json","vulnerability_id":"VCID-gaw6-ycj2-8bfz","summary":"kernel: s390/idle: mark arch_cpu_idle() noinstr","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53859.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53859.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2420340","reference_id":"2420340","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2420340"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:6966","reference_id":"RHSA-2025:6966","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:6966"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-53859"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gaw6-ycj2-8bfz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74388?format=json","vulnerability_id":"VCID-gcgd-8h5r-8ygq","summary":"kernel: ionic: catch failure from devlink_alloc","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53470.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53470.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2400755","reference_id":"2400755","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2400755"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9315","reference_id":"RHSA-2024:9315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9315"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-53470"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gcgd-8h5r-8ygq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83490?format=json","vulnerability_id":"VCID-gcjc-y4y7-ryee","summary":"In the Linux kernel, the following vulnerability has been resolved:  crypto: qat - fix memory leak in RSA  When an RSA key represented in form 2 (as defined in PKCS #1 V2.1) is used, some components of the private key persist even after the TFM is released. Replace the explicit calls to free the buffers in qat_rsa_exit_tfm() with a call to qat_rsa_clear_ctx() which frees all buffers referenced in the TFM context.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49566.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49566.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49566","reference_id":"","reference_type":"","scores":[{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02592","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49566"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/0f967fdc09955221a1951a279481b0bf4d359941","reference_id":"0f967fdc09955221a1951a279481b0bf4d359941","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:37:03Z/"}],"url":"https://git.kernel.org/stable/c/0f967fdc09955221a1951a279481b0bf4d359941"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2347943","reference_id":"2347943","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2347943"},{"reference_url":"https://git.kernel.org/stable/c/80a52e1ee7757b742f96bfb0d58f0c14eb6583d0","reference_id":"80a52e1ee7757b742f96bfb0d58f0c14eb6583d0","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:37:03Z/"}],"url":"https://git.kernel.org/stable/c/80a52e1ee7757b742f96bfb0d58f0c14eb6583d0"},{"reference_url":"https://git.kernel.org/stable/c/a843925e0287eebb4aa808666bf22c664dfe4c53","reference_id":"a843925e0287eebb4aa808666bf22c664dfe4c53","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:37:03Z/"}],"url":"https://git.kernel.org/stable/c/a843925e0287eebb4aa808666bf22c664dfe4c53"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-49566"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gcjc-y4y7-ryee"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79960?format=json","vulnerability_id":"VCID-gcxz-cnk5-mugf","summary":"kernel: net: tap: NULL pointer derefence in dev_parse_header_protocol when skb->dev is null","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50073.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50073.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50073","reference_id":"","reference_type":"","scores":[{"value":"0.00088","scoring_system":"epss","scoring_elements":"0.25119","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50073"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2373494","reference_id":"2373494","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2373494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4356","reference_id":"RHSA-2021:4356","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4356"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9315","reference_id":"RHSA-2024:9315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9315"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-50073"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gcxz-cnk5-mugf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83032?format=json","vulnerability_id":"VCID-gd3d-45us-m7ht","summary":"In the Linux kernel, the following vulnerability has been resolved:  ceph: fix possible deadlock when holding Fwb to get inline_data  1, mount with wsync. 2, create a file with O_RDWR, and the request was sent to mds.0:     ceph_atomic_open()-->      ceph_mdsc_do_request(openc)      finish_open(file, dentry, ceph_open)-->        ceph_open()-->          ceph_init_file()-->            ceph_init_file_info()-->              ceph_uninline_data()-->              {                ...                if (inline_version == 1 || /* initial version, no data */                    inline_version == CEPH_INLINE_NONE)                      goto out_unlock;                ...              }  The inline_version will be 1, which is the initial version for the new create file. And here the ci->i_inline_version will keep with 1, it's buggy.  3, buffer write to the file immediately:     ceph_write_iter()-->      ceph_get_caps(file, need=Fw, want=Fb, ...);      generic_perform_write()-->        a_ops->write_begin()-->          ceph_write_begin()-->            netfs_write_begin()-->              netfs_begin_read()-->                netfs_rreq_submit_slice()-->                  netfs_read_from_server()-->                    rreq->netfs_ops->issue_read()-->                      ceph_netfs_issue_read()-->                      {                        ...                        if (ci->i_inline_version != CEPH_INLINE_NONE &&                            ceph_netfs_issue_op_inline(subreq))                          return;                        ...                      }      ceph_put_cap_refs(ci, Fwb);  The ceph_netfs_issue_op_inline() will send a getattr(Fsr) request to mds.1.  4, then the mds.1 will request the rd lock for CInode::filelock from the auth mds.0, the mds.0 will do the CInode::filelock state transation from excl --> sync, but it need to revoke the Fxwb caps back from the clients.  While the kernel client has aleady held the Fwb caps and waiting for the getattr(Fsr).  It's deadlock!  URL: https://tracker.ceph.com/issues/55377","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49296.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49296.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49296","reference_id":"","reference_type":"","scores":[{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01082","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49296"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2347701","reference_id":"2347701","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2347701"},{"reference_url":"https://git.kernel.org/stable/c/292b7a7275ce535a1abfa4dd0b2e586162aaae1e","reference_id":"292b7a7275ce535a1abfa4dd0b2e586162aaae1e","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:44:59Z/"}],"url":"https://git.kernel.org/stable/c/292b7a7275ce535a1abfa4dd0b2e586162aaae1e"},{"reference_url":"https://git.kernel.org/stable/c/825978fd6a0defc3c29d8a38b6cea76a0938d21e","reference_id":"825978fd6a0defc3c29d8a38b6cea76a0938d21e","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:44:59Z/"}],"url":"https://git.kernel.org/stable/c/825978fd6a0defc3c29d8a38b6cea76a0938d21e"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-49296"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gd3d-45us-m7ht"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84764?format=json","vulnerability_id":"VCID-gdb7-gfp2-qqha","summary":"In the Linux kernel, the following vulnerability has been resolved:  i3c: master: mipi-i3c-hci: Fix a kernel panic for accessing DAT_data.  The `i3c_master_bus_init` function may attach the I2C devices before the I3C bus initialization. In this flow, the DAT `alloc_entry`` will be used before the DAT `init`. Additionally, if the `i3c_master_bus_init` fails, the DAT `cleanup` will execute before the device is detached, which will execue DAT `free_entry` function. The above scenario can cause the driver to use DAT_data when it is NULL.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52763.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52763.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2282710","reference_id":"2282710","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2282710"},{"reference_url":"https://git.kernel.org/stable/c/39c71357e68e2f03766f9321b9f4882e49ff1442","reference_id":"39c71357e68e2f03766f9321b9f4882e49ff1442","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-22T19:40:16Z/"}],"url":"https://git.kernel.org/stable/c/39c71357e68e2f03766f9321b9f4882e49ff1442"},{"reference_url":"https://git.kernel.org/stable/c/3cb79a365e7cce8f121bba91312e2ddd206b9781","reference_id":"3cb79a365e7cce8f121bba91312e2ddd206b9781","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-22T19:40:16Z/"}],"url":"https://git.kernel.org/stable/c/3cb79a365e7cce8f121bba91312e2ddd206b9781"},{"reference_url":"https://git.kernel.org/stable/c/b53e9758a31c683fc8615df930262192ed5f034b","reference_id":"b53e9758a31c683fc8615df930262192ed5f034b","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-22T19:40:16Z/"}],"url":"https://git.kernel.org/stable/c/b53e9758a31c683fc8615df930262192ed5f034b"},{"reference_url":"https://git.kernel.org/stable/c/e64d23dc65810be4e3395d72df0c398f60c991f9","reference_id":"e64d23dc65810be4e3395d72df0c398f60c991f9","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-22T19:40:16Z/"}],"url":"https://git.kernel.org/stable/c/e64d23dc65810be4e3395d72df0c398f60c991f9"},{"reference_url":"https://git.kernel.org/stable/c/eed74230435c61eeb58abaa275b1820e6a4b7f02","reference_id":"eed74230435c61eeb58abaa275b1820e6a4b7f02","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-22T19:40:16Z/"}],"url":"https://git.kernel.org/stable/c/eed74230435c61eeb58abaa275b1820e6a4b7f02"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-52763"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gdb7-gfp2-qqha"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59313?format=json","vulnerability_id":"VCID-gdun-83ce-yyb7","summary":"kernel: bpf: reject negative CO-RE accessor indices in bpf_core_parse_spec()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45839.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45839.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2481865","reference_id":"2481865","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2481865"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2026-45839"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gdun-83ce-yyb7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88863?format=json","vulnerability_id":"VCID-gdun-8zvv-mkbh","summary":"In the Linux kernel, the following vulnerability has been resolved:  drm/amd/display: Add otg_master NULL check within resource_log_pipe_topology_update  [Why] Coverity reports NULL_RETURN warning.  [How] Add otg_master NULL check.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-46727.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-46727.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2313058","reference_id":"2313058","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2313058"},{"reference_url":"https://git.kernel.org/stable/c/871cd9d881fa791d3f82885000713de07041c0ae","reference_id":"871cd9d881fa791d3f82885000713de07041c0ae","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:55:13Z/"}],"url":"https://git.kernel.org/stable/c/871cd9d881fa791d3f82885000713de07041c0ae"},{"reference_url":"https://git.kernel.org/stable/c/aad4d3d3d3b6a362bf5db11e1f28c4a60620900d","reference_id":"aad4d3d3d3b6a362bf5db11e1f28c4a60620900d","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:55:13Z/"}],"url":"https://git.kernel.org/stable/c/aad4d3d3d3b6a362bf5db11e1f28c4a60620900d"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-46727"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gdun-8zvv-mkbh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82504?format=json","vulnerability_id":"VCID-gfqj-dm4k-dkaq","summary":"kernel: bpf: Prevent bpf program recursion for raw tracepoint probes","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49764.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49764.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49764","reference_id":"","reference_type":"","scores":[{"value":"0.00066","scoring_system":"epss","scoring_elements":"0.20655","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49764"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2363365","reference_id":"2363365","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2363365"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-49764"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gfqj-dm4k-dkaq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74198?format=json","vulnerability_id":"VCID-gg96-p99d-5qf4","summary":"kernel: drm/msm: fix use-after-free on probe deferral","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50492.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50492.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50492","reference_id":"","reference_type":"","scores":[{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05985","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50492"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2401556","reference_id":"2401556","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2401556"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-50492"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gg96-p99d-5qf4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81800?format=json","vulnerability_id":"VCID-gng1-yxmy-4yd5","summary":"An issue was discovered in the Linux kernel through 6.0.6. drivers/char/pcmcia/scr24x_cs.c has a race condition and resultant use-after-free if a physically proximate attacker removes a PCMCIA device while calling open(), aka a race condition between scr24x_open() and scr24x_remove().","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-44034.json","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-44034.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-44034","reference_id":"","reference_type":"","scores":[{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08974","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-44034"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2162104","reference_id":"2162104","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2162104"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2022-44034"],"risk_score":2.9,"exploitability":"0.5","weighted_severity":"5.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gng1-yxmy-4yd5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87506?format=json","vulnerability_id":"VCID-gqdk-g1ws-aka3","summary":"kernel: Bluetooth: SCO: Fix UAF on sco_sock_timeout","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-50125.json","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-50125.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/1bf4470a3939c678fb822073e9ea77a0560bc6bb","reference_id":"1bf4470a3939c678fb822073e9ea77a0560bc6bb","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-12-11T14:25:55Z/"}],"url":"https://git.kernel.org/stable/c/1bf4470a3939c678fb822073e9ea77a0560bc6bb"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2323937","reference_id":"2323937","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2323937"},{"reference_url":"https://git.kernel.org/stable/c/74a466a15731a754bcd8b5a83c126b5122e15a45","reference_id":"74a466a15731a754bcd8b5a83c126b5122e15a45","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-12-11T14:25:55Z/"}],"url":"https://git.kernel.org/stable/c/74a466a15731a754bcd8b5a83c126b5122e15a45"},{"reference_url":"https://git.kernel.org/stable/c/80b05fbfa998480fb3d5299d93eab946f51e9c36","reference_id":"80b05fbfa998480fb3d5299d93eab946f51e9c36","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-12-11T14:25:55Z/"}],"url":"https://git.kernel.org/stable/c/80b05fbfa998480fb3d5299d93eab946f51e9c36"},{"reference_url":"https://git.kernel.org/stable/c/9ddda5d967e84796e7df1b54a55f36b4b9f21079","reference_id":"9ddda5d967e84796e7df1b54a55f36b4b9f21079","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-12-11T14:25:55Z/"}],"url":"https://git.kernel.org/stable/c/9ddda5d967e84796e7df1b54a55f36b4b9f21079"},{"reference_url":"https://git.kernel.org/stable/c/d30803f6a972b5b9e26d1d43b583c7ec151de04b","reference_id":"d30803f6a972b5b9e26d1d43b583c7ec151de04b","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-12-11T14:25:55Z/"}],"url":"https://git.kernel.org/stable/c/d30803f6a972b5b9e26d1d43b583c7ec151de04b"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:11486","reference_id":"RHSA-2024:11486","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:11486"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-50125"],"risk_score":3.2,"exploitability":"0.5","weighted_severity":"6.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gqdk-g1ws-aka3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87400?format=json","vulnerability_id":"VCID-gqpn-14qq-m3hs","summary":"In the Linux kernel, the following vulnerability has been resolved:  lib/test_hmm.c: handle src_pfns and dst_pfns allocation failure  The kcalloc() in dmirror_device_evict_chunk() will return null if the physical memory has run out.  As a result, if src_pfns or dst_pfns is dereferenced, the null pointer dereference bug will happen.  Moreover, the device is going away.  If the kcalloc() fails, the pages mapping a chunk could not be evicted.  So add a __GFP_NOFAIL flag in kcalloc().  Finally, as there is no need to have physically contiguous memory, Switch kcalloc() to kvcalloc() in order to avoid failing allocations.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38543.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38543.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/1a21fdeea502658e315bd939409b755974f4fb64","reference_id":"1a21fdeea502658e315bd939409b755974f4fb64","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:15:10Z/"}],"url":"https://git.kernel.org/stable/c/1a21fdeea502658e315bd939409b755974f4fb64"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2293456","reference_id":"2293456","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2293456"},{"reference_url":"https://git.kernel.org/stable/c/3b20d18f475bd17309db640dbe7d7c7ebb5bc2bc","reference_id":"3b20d18f475bd17309db640dbe7d7c7ebb5bc2bc","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:15:10Z/"}],"url":"https://git.kernel.org/stable/c/3b20d18f475bd17309db640dbe7d7c7ebb5bc2bc"},{"reference_url":"https://git.kernel.org/stable/c/65e528a69cb3ed4a286c45b4afba57461c8b5b33","reference_id":"65e528a69cb3ed4a286c45b4afba57461c8b5b33","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:15:10Z/"}],"url":"https://git.kernel.org/stable/c/65e528a69cb3ed4a286c45b4afba57461c8b5b33"},{"reference_url":"https://git.kernel.org/stable/c/c2af060d1c18beaec56351cf9c9bcbbc5af341a3","reference_id":"c2af060d1c18beaec56351cf9c9bcbbc5af341a3","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:15:10Z/"}],"url":"https://git.kernel.org/stable/c/c2af060d1c18beaec56351cf9c9bcbbc5af341a3"},{"reference_url":"https://git.kernel.org/stable/c/ce47e8ead9a72834cc68431d53f8092ce69bebb7","reference_id":"ce47e8ead9a72834cc68431d53f8092ce69bebb7","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:15:10Z/"}],"url":"https://git.kernel.org/stable/c/ce47e8ead9a72834cc68431d53f8092ce69bebb7"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4583","reference_id":"RHSA-2024:4583","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4583"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-38543"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gqpn-14qq-m3hs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86566?format=json","vulnerability_id":"VCID-gr4y-77be-fyfe","summary":"In the Linux kernel, the following vulnerability has been resolved:  clk: mediatek: Do a runtime PM get on controllers during probe  mt8183-mfgcfg has a mutual dependency with genpd during the probing stage, which leads to a deadlock in the following call stack:  CPU0:  genpd_lock --> clk_prepare_lock genpd_power_off_work_fn()  genpd_lock()  generic_pm_domain::power_off()     clk_unprepare()       clk_prepare_lock()  CPU1: clk_prepare_lock --> genpd_lock clk_register()   __clk_core_init()     clk_prepare_lock()     clk_pm_runtime_get()       genpd_lock()  Do a runtime PM get at the probe function to make sure clk_register() won't acquire the genpd lock. Instead of only modifying mt8183-mfgcfg, do this on all mediatek clock controller probings because we don't believe this would cause any regression.  Verified on MT8183 and MT8192 Chromebooks.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27002.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27002.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/165d226472575b213dd90dfda19d1605dd7c19a8","reference_id":"165d226472575b213dd90dfda19d1605dd7c19a8","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:44:46Z/"}],"url":"https://git.kernel.org/stable/c/165d226472575b213dd90dfda19d1605dd7c19a8"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2278295","reference_id":"2278295","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2278295"},{"reference_url":"https://git.kernel.org/stable/c/2f7b1d8b5505efb0057cd1ab85fca206063ea4c3","reference_id":"2f7b1d8b5505efb0057cd1ab85fca206063ea4c3","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:44:46Z/"}],"url":"https://git.kernel.org/stable/c/2f7b1d8b5505efb0057cd1ab85fca206063ea4c3"},{"reference_url":"https://git.kernel.org/stable/c/b62ed25feb342eab052822eff0c554873799a4f5","reference_id":"b62ed25feb342eab052822eff0c554873799a4f5","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:44:46Z/"}],"url":"https://git.kernel.org/stable/c/b62ed25feb342eab052822eff0c554873799a4f5"},{"reference_url":"https://git.kernel.org/stable/c/c0dcd5c072e2a3fff886f673e6a5d9bf8090c4cc","reference_id":"c0dcd5c072e2a3fff886f673e6a5d9bf8090c4cc","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:44:46Z/"}],"url":"https://git.kernel.org/stable/c/c0dcd5c072e2a3fff886f673e6a5d9bf8090c4cc"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-27002"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gr4y-77be-fyfe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87371?format=json","vulnerability_id":"VCID-gsfa-7qkb-rqa5","summary":"In the Linux kernel, the following vulnerability has been resolved:  btrfs: fix crash on racing fsync and size-extending write into prealloc  We have been seeing crashes on duplicate keys in btrfs_set_item_key_safe():    BTRFS critical (device vdb): slot 4 key (450 108 8192) new key (450 108 8192)   ------------[ cut here ]------------   kernel BUG at fs/btrfs/ctree.c:2620!   invalid opcode: 0000 [#1] PREEMPT SMP PTI   CPU: 0 PID: 3139 Comm: xfs_io Kdump: loaded Not tainted 6.9.0 #6   Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-2.fc40 04/01/2014   RIP: 0010:btrfs_set_item_key_safe+0x11f/0x290 [btrfs]  With the following stack trace:    #0  btrfs_set_item_key_safe (fs/btrfs/ctree.c:2620:4)   #1  btrfs_drop_extents (fs/btrfs/file.c:411:4)   #2  log_one_extent (fs/btrfs/tree-log.c:4732:9)   #3  btrfs_log_changed_extents (fs/btrfs/tree-log.c:4955:9)   #4  btrfs_log_inode (fs/btrfs/tree-log.c:6626:9)   #5  btrfs_log_inode_parent (fs/btrfs/tree-log.c:7070:8)   #6  btrfs_log_dentry_safe (fs/btrfs/tree-log.c:7171:8)   #7  btrfs_sync_file (fs/btrfs/file.c:1933:8)   #8  vfs_fsync_range (fs/sync.c:188:9)   #9  vfs_fsync (fs/sync.c:202:9)   #10 do_fsync (fs/sync.c:212:9)   #11 __do_sys_fdatasync (fs/sync.c:225:9)   #12 __se_sys_fdatasync (fs/sync.c:223:1)   #13 __x64_sys_fdatasync (fs/sync.c:223:1)   #14 do_syscall_x64 (arch/x86/entry/common.c:52:14)   #15 do_syscall_64 (arch/x86/entry/common.c:83:7)   #16 entry_SYSCALL_64+0xaf/0x14c (arch/x86/entry/entry_64.S:121)  So we're logging a changed extent from fsync, which is splitting an extent in the log tree. But this split part already exists in the tree, triggering the BUG().  This is the state of the log tree at the time of the crash, dumped with drgn (https://github.com/osandov/drgn/blob/main/contrib/btrfs_tree.py) to get more details than btrfs_print_leaf() gives us:    >>> print_extent_buffer(prog.crashed_thread().stack_trace()[0][\"eb\"])   leaf 33439744 level 0 items 72 generation 9 owner 18446744073709551610   leaf 33439744 flags 0x100000000000000   fs uuid e5bd3946-400c-4223-8923-190ef1f18677   chunk uuid d58cb17e-6d02-494a-829a-18b7d8a399da           item 0 key (450 INODE_ITEM 0) itemoff 16123 itemsize 160                   generation 7 transid 9 size 8192 nbytes 8473563889606862198                   block group 0 mode 100600 links 1 uid 0 gid 0 rdev 0                   sequence 204 flags 0x10(PREALLOC)                   atime 1716417703.220000000 (2024-05-22 15:41:43)                   ctime 1716417704.983333333 (2024-05-22 15:41:44)                   mtime 1716417704.983333333 (2024-05-22 15:41:44)                   otime 17592186044416.000000000 (559444-03-08 01:40:16)           item 1 key (450 INODE_REF 256) itemoff 16110 itemsize 13                   index 195 namelen 3 name: 193           item 2 key (450 XATTR_ITEM 1640047104) itemoff 16073 itemsize 37                   location key (0 UNKNOWN.0 0) type XATTR                   transid 7 data_len 1 name_len 6                   name: user.a                   data a           item 3 key (450 EXTENT_DATA 0) itemoff 16020 itemsize 53                   generation 9 type 1 (regular)                   extent data disk byte 303144960 nr 12288                   extent data offset 0 nr 4096 ram 12288                   extent compression 0 (none)           item 4 key (450 EXTENT_DATA 4096) itemoff 15967 itemsize 53                   generation 9 type 2 (prealloc)                   prealloc data disk byte 303144960 nr 12288                   prealloc data offset 4096 nr 8192           item 5 key (450 EXTENT_DATA 8192) itemoff 15914 itemsize 53                   generation 9 type 2 (prealloc)                   prealloc data disk byte 303144960 nr 12288                   prealloc data offset 8192 nr 4096   ...  So the real problem happened earlier: notice that items 4 (4k-12k) and 5 (8k-12k) overlap. Both are prealloc extents. Item 4 straddles i_size and item 5 starts at i_size.  Here is the state of  ---truncated---","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-37354.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-37354.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/1ff2bd566fbcefcb892be85c493bdb92b911c428","reference_id":"1ff2bd566fbcefcb892be85c493bdb92b911c428","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-25T15:43:24Z/"}],"url":"https://git.kernel.org/stable/c/1ff2bd566fbcefcb892be85c493bdb92b911c428"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2294279","reference_id":"2294279","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2294279"},{"reference_url":"https://git.kernel.org/stable/c/3d08c52ba1887a1ff9c179d4b6a18b427bcb2097","reference_id":"3d08c52ba1887a1ff9c179d4b6a18b427bcb2097","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-25T15:43:24Z/"}],"url":"https://git.kernel.org/stable/c/3d08c52ba1887a1ff9c179d4b6a18b427bcb2097"},{"reference_url":"https://git.kernel.org/stable/c/9d274c19a71b3a276949933859610721a453946b","reference_id":"9d274c19a71b3a276949933859610721a453946b","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-25T15:43:24Z/"}],"url":"https://git.kernel.org/stable/c/9d274c19a71b3a276949933859610721a453946b"},{"reference_url":"https://git.kernel.org/stable/c/c993fd02ba471e296ca1996f13626fc917120158","reference_id":"c993fd02ba471e296ca1996f13626fc917120158","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-25T15:43:24Z/"}],"url":"https://git.kernel.org/stable/c/c993fd02ba471e296ca1996f13626fc917120158"},{"reference_url":"https://git.kernel.org/stable/c/f4e5ed974876c14d3623e04dc43d3e3281bc6011","reference_id":"f4e5ed974876c14d3623e04dc43d3e3281bc6011","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-25T15:43:24Z/"}],"url":"https://git.kernel.org/stable/c/f4e5ed974876c14d3623e04dc43d3e3281bc6011"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-37354"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gsfa-7qkb-rqa5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69030?format=json","vulnerability_id":"VCID-gt2x-xg6c-vbbm","summary":"kernel: Linux kernel: Denial of Service in RDMA subsystem via repeated SRQ modification","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68379.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68379.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2424874","reference_id":"2424874","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2424874"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2025-68379"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gt2x-xg6c-vbbm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77908?format=json","vulnerability_id":"VCID-gtn2-4aev-3qcw","summary":"kernel: drm/amdgpu: Add basic validation for RAS header","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38426.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38426.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2383455","reference_id":"2383455","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2383455"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2025-38426"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gtn2-4aev-3qcw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86379?format=json","vulnerability_id":"VCID-gtq6-sc4n-8bfp","summary":"kernel: drm: zynqmp_kms: Unplug DRM device before removal","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56538.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56538.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2334508","reference_id":"2334508","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2334508"},{"reference_url":"https://git.kernel.org/stable/c/2e07c88914fc5289c21820b1aa94f058feb38197","reference_id":"2e07c88914fc5289c21820b1aa94f058feb38197","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-11T15:42:57Z/"}],"url":"https://git.kernel.org/stable/c/2e07c88914fc5289c21820b1aa94f058feb38197"},{"reference_url":"https://git.kernel.org/stable/c/4fb97432e28a7e136b2d76135d50e988ada8e1af","reference_id":"4fb97432e28a7e136b2d76135d50e988ada8e1af","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-11T15:42:57Z/"}],"url":"https://git.kernel.org/stable/c/4fb97432e28a7e136b2d76135d50e988ada8e1af"},{"reference_url":"https://git.kernel.org/stable/c/692f52aedccbf79b212a1e14e3735192b4c24a7d","reference_id":"692f52aedccbf79b212a1e14e3735192b4c24a7d","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-11T15:42:57Z/"}],"url":"https://git.kernel.org/stable/c/692f52aedccbf79b212a1e14e3735192b4c24a7d"},{"reference_url":"https://git.kernel.org/stable/c/a17b9afe58c474657449cf87e238b1788200576b","reference_id":"a17b9afe58c474657449cf87e238b1788200576b","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-11T15:42:57Z/"}],"url":"https://git.kernel.org/stable/c/a17b9afe58c474657449cf87e238b1788200576b"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-56538"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gtq6-sc4n-8bfp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74395?format=json","vulnerability_id":"VCID-gvzn-mmpp-mqfn","summary":"kernel: xfrm: Reinject transport-mode packets through workqueue","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50445.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50445.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50445","reference_id":"","reference_type":"","scores":[{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04561","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50445"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2400763","reference_id":"2400763","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2400763"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2458","reference_id":"RHSA-2023:2458","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2458"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-50445"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gvzn-mmpp-mqfn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85857?format=json","vulnerability_id":"VCID-gybx-381z-rua9","summary":"kernel: net/smc: check smcd_v2_ext_offset when receiving proposal msg","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47408.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47408.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2337134","reference_id":"2337134","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2337134"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-47408"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gybx-381z-rua9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62425?format=json","vulnerability_id":"VCID-gzqg-s2gv-dufs","summary":"kernel: udp: Fix wildcard bind conflict check when using hash2","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31503.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31503.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460736","reference_id":"2460736","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460736"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2026-31503"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gzqg-s2gv-dufs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73895?format=json","vulnerability_id":"VCID-gzu5-rks6-c3ce","summary":"kernel: Input: exc3000 - properly stop timer on shutdown","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53651.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53651.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2402267","reference_id":"2402267","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2402267"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-53651"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gzu5-rks6-c3ce"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88599?format=json","vulnerability_id":"VCID-h233-6w8h-nyc2","summary":"In the Linux kernel, the following vulnerability has been resolved:  drm/amd/display: Fix NULL pointer dereference for DTN log in DCN401  When users run the command:  cat /sys/kernel/debug/dri/0/amdgpu_dm_dtn_log  The following NULL pointer dereference happens:  [  +0.000003] BUG: kernel NULL pointer dereference, address: NULL [  +0.000005] #PF: supervisor instruction fetch in kernel mode [  +0.000002] #PF: error_code(0x0010) - not-present page [  +0.000002] PGD 0 P4D 0 [  +0.000004] Oops: 0010 [#1] PREEMPT SMP NOPTI [  +0.000003] RIP: 0010:0x0 [  +0.000008] Code: Unable to access opcode bytes at 0xffffffffffffffd6. [...] [  +0.000002] PKRU: 55555554 [  +0.000002] Call Trace: [  +0.000002]  <TASK> [  +0.000003]  ? show_regs+0x65/0x70 [  +0.000006]  ? __die+0x24/0x70 [  +0.000004]  ? page_fault_oops+0x160/0x470 [  +0.000006]  ? do_user_addr_fault+0x2b5/0x690 [  +0.000003]  ? prb_read_valid+0x1c/0x30 [  +0.000005]  ? exc_page_fault+0x8c/0x1a0 [  +0.000005]  ? asm_exc_page_fault+0x27/0x30 [  +0.000012]  dcn10_log_color_state+0xf9/0x510 [amdgpu] [  +0.000306]  ? srso_alias_return_thunk+0x5/0xfbef5 [  +0.000003]  ? vsnprintf+0x2fb/0x600 [  +0.000009]  dcn10_log_hw_state+0xfd0/0xfe0 [amdgpu] [  +0.000218]  ? __mod_memcg_lruvec_state+0xe8/0x170 [  +0.000008]  ? srso_alias_return_thunk+0x5/0xfbef5 [  +0.000002]  ? debug_smp_processor_id+0x17/0x20 [  +0.000003]  ? srso_alias_return_thunk+0x5/0xfbef5 [  +0.000002]  ? srso_alias_return_thunk+0x5/0xfbef5 [  +0.000002]  ? set_ptes.isra.0+0x2b/0x90 [  +0.000004]  ? srso_alias_return_thunk+0x5/0xfbef5 [  +0.000002]  ? _raw_spin_unlock+0x19/0x40 [  +0.000004]  ? srso_alias_return_thunk+0x5/0xfbef5 [  +0.000002]  ? do_anonymous_page+0x337/0x700 [  +0.000004]  dtn_log_read+0x82/0x120 [amdgpu] [  +0.000207]  full_proxy_read+0x66/0x90 [  +0.000007]  vfs_read+0xb0/0x340 [  +0.000005]  ? __count_memcg_events+0x79/0xe0 [  +0.000002]  ? srso_alias_return_thunk+0x5/0xfbef5 [  +0.000003]  ? count_memcg_events.constprop.0+0x1e/0x40 [  +0.000003]  ? handle_mm_fault+0xb2/0x370 [  +0.000003]  ksys_read+0x6b/0xf0 [  +0.000004]  __x64_sys_read+0x19/0x20 [  +0.000003]  do_syscall_64+0x60/0x130 [  +0.000004]  entry_SYSCALL_64_after_hwframe+0x6e/0x76 [  +0.000003] RIP: 0033:0x7fdf32f147e2 [...]  This error happens when the color log tries to read the gamut remap information from DCN401 which is not initialized in the dcn401_dpp_funcs which leads to a null pointer dereference. This commit addresses this issue by adding a proper guard to access the gamut_remap callback in case the specific ASIC did not implement this function.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-43901.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-43901.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/1e68b7ce6bc6073579fe8713ec6b85aa9cd2e351","reference_id":"1e68b7ce6bc6073579fe8713ec6b85aa9cd2e351","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:28:50Z/"}],"url":"https://git.kernel.org/stable/c/1e68b7ce6bc6073579fe8713ec6b85aa9cd2e351"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2307874","reference_id":"2307874","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2307874"},{"reference_url":"https://git.kernel.org/stable/c/5af757124792817f8eb1bd0c80ad60fab519586b","reference_id":"5af757124792817f8eb1bd0c80ad60fab519586b","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:28:50Z/"}],"url":"https://git.kernel.org/stable/c/5af757124792817f8eb1bd0c80ad60fab519586b"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-43901"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h233-6w8h-nyc2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60690?format=json","vulnerability_id":"VCID-h33e-7zet-9kdx","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43262.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43262.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2026-43262"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h33e-7zet-9kdx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61400?format=json","vulnerability_id":"VCID-h49r-g9bp-qbae","summary":"kernel: wifi: mac80211: check tdls flag in ieee80211_tdls_oper","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43052.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43052.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2464352","reference_id":"2464352","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2464352"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-43052"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h49r-g9bp-qbae"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86770?format=json","vulnerability_id":"VCID-h6p7-7zen-2ydz","summary":"In the Linux kernel, the following vulnerability has been resolved:  drm/amdgpu: amdgpu_ttm_gart_bind set gtt bound flag  Otherwise after the GTT bo is released, the GTT and gart space is freed but amdgpu_ttm_backend_unbind will not clear the gart page table entry and leave valid mapping entry pointing to the stale system page. Then if GPU access the gart address mistakely, it will read undefined value instead page fault, harder to debug and reproduce the real issue.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-35817.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-35817.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2281202","reference_id":"2281202","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2281202"},{"reference_url":"https://git.kernel.org/stable/c/589c414138a1bed98e652c905937d8f790804efe","reference_id":"589c414138a1bed98e652c905937d8f790804efe","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-17T17:39:20Z/"}],"url":"https://git.kernel.org/stable/c/589c414138a1bed98e652c905937d8f790804efe"},{"reference_url":"https://git.kernel.org/stable/c/5cdce3dda3b3dacde902f63a8ee72c2b7f91912d","reference_id":"5cdce3dda3b3dacde902f63a8ee72c2b7f91912d","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-17T17:39:20Z/"}],"url":"https://git.kernel.org/stable/c/5cdce3dda3b3dacde902f63a8ee72c2b7f91912d"},{"reference_url":"https://git.kernel.org/stable/c/5d5f1a7f3b1039925f79c7894f153c2a905201fb","reference_id":"5d5f1a7f3b1039925f79c7894f153c2a905201fb","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-17T17:39:20Z/"}],"url":"https://git.kernel.org/stable/c/5d5f1a7f3b1039925f79c7894f153c2a905201fb"},{"reference_url":"https://git.kernel.org/stable/c/6c6064cbe58b43533e3451ad6a8ba9736c109ac3","reference_id":"6c6064cbe58b43533e3451ad6a8ba9736c109ac3","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-17T17:39:20Z/"}],"url":"https://git.kernel.org/stable/c/6c6064cbe58b43533e3451ad6a8ba9736c109ac3"},{"reference_url":"https://git.kernel.org/stable/c/6fcd12cb90888ef2d8af8d4c04e913252eee4ef3","reference_id":"6fcd12cb90888ef2d8af8d4c04e913252eee4ef3","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-17T17:39:20Z/"}],"url":"https://git.kernel.org/stable/c/6fcd12cb90888ef2d8af8d4c04e913252eee4ef3"},{"reference_url":"https://git.kernel.org/stable/c/e8d27caef2c829a306e1f762fb95f06e8ec676f6","reference_id":"e8d27caef2c829a306e1f762fb95f06e8ec676f6","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-17T17:39:20Z/"}],"url":"https://git.kernel.org/stable/c/e8d27caef2c829a306e1f762fb95f06e8ec676f6"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9315","reference_id":"RHSA-2024:9315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9315"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-35817"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h6p7-7zen-2ydz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75501?format=json","vulnerability_id":"VCID-h7y1-8j7d-5ffj","summary":"kernel: scsi: target: iscsi: Fix a race condition between login_work and the login thread","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50350.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50350.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50350","reference_id":"","reference_type":"","scores":[{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02101","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50350"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2395874","reference_id":"2395874","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2395874"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2458","reference_id":"RHSA-2023:2458","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2951","reference_id":"RHSA-2023:2951","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2951"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-50350"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h7y1-8j7d-5ffj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81942?format=json","vulnerability_id":"VCID-hara-qajw-wye1","summary":"kernel: drm/amdkfd: debugfs hang_hws skip GPU with MES","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-37853.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-37853.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2365261","reference_id":"2365261","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2365261"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2025-37853"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hara-qajw-wye1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83504?format=json","vulnerability_id":"VCID-hbs6-rrvt-syae","summary":"In the Linux kernel, the following vulnerability has been resolved:  ipv4: Fix data-races around sysctl_fib_multipath_hash_policy.  While reading sysctl_fib_multipath_hash_policy, it can be changed concurrently.  Thus, we need to add READ_ONCE() to its readers.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49579.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49579.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49579","reference_id":"","reference_type":"","scores":[{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19548","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49579"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/21fb844bc1dc1461f5038d655aa1a14f39e13049","reference_id":"21fb844bc1dc1461f5038d655aa1a14f39e13049","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:36:20Z/"}],"url":"https://git.kernel.org/stable/c/21fb844bc1dc1461f5038d655aa1a14f39e13049"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2348016","reference_id":"2348016","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2348016"},{"reference_url":"https://git.kernel.org/stable/c/7998c12a08c97cc26660532c9f90a34bd7d8da5a","reference_id":"7998c12a08c97cc26660532c9f90a34bd7d8da5a","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:36:20Z/"}],"url":"https://git.kernel.org/stable/c/7998c12a08c97cc26660532c9f90a34bd7d8da5a"},{"reference_url":"https://git.kernel.org/stable/c/918ee6592ab9a2ff5316d06cfd4aaef60ccabec6","reference_id":"918ee6592ab9a2ff5316d06cfd4aaef60ccabec6","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:36:20Z/"}],"url":"https://git.kernel.org/stable/c/918ee6592ab9a2ff5316d06cfd4aaef60ccabec6"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2458","reference_id":"RHSA-2023:2458","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2458"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-49579"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hbs6-rrvt-syae"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62406?format=json","vulnerability_id":"VCID-hcb1-97ja-nkgg","summary":"kernel: ext4: validate p_idx bounds in ext4_ext_correct_indexes","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31449.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31449.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460717","reference_id":"2460717","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460717"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-31449"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hcb1-97ja-nkgg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60619?format=json","vulnerability_id":"VCID-hcs7-nykt-gben","summary":"kernel: bonding: fix type confusion in bond_setup_by_slave()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43456.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43456.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2468255","reference_id":"2468255","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2468255"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-43456"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hcs7-nykt-gben"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73953?format=json","vulnerability_id":"VCID-hd8u-3r16-u7bv","summary":"kernel: hwmon: (xgene) Fix ioremap and memremap leak","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53682.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53682.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2402302","reference_id":"2402302","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2402302"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-53682"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hd8u-3r16-u7bv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82565?format=json","vulnerability_id":"VCID-hdmn-94wh-qyaj","summary":"kernel: tracing: Fix memory leak in tracing_read_pipe()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49801.json","reference_id":"","reference_type":"","scores":[{"value":"4.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49801.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49801","reference_id":"","reference_type":"","scores":[{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15613","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49801"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2363397","reference_id":"2363397","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2363397"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-49801"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hdmn-94wh-qyaj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59934?format=json","vulnerability_id":"VCID-hhkj-zpkv-euf6","summary":"kernel: net/rds: handle zerocopy send cleanup before the message is queued","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43502.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43502.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2480456","reference_id":"2480456","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2480456"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-43502"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hhkj-zpkv-euf6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88269?format=json","vulnerability_id":"VCID-hhuj-ehty-7kd4","summary":"kernel: i3c: master: cdns: Fix use after free vulnerability in cdns_i3c_master Driver Due to Race Condition","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-50061.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-50061.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2320628","reference_id":"2320628","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2320628"},{"reference_url":"https://git.kernel.org/stable/c/2a21bad9964c91b34d65ba269914233720c0b1ce","reference_id":"2a21bad9964c91b34d65ba269914233720c0b1ce","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:22:52Z/"}],"url":"https://git.kernel.org/stable/c/2a21bad9964c91b34d65ba269914233720c0b1ce"},{"reference_url":"https://git.kernel.org/stable/c/609366e7a06d035990df78f1562291c3bf0d4a12","reference_id":"609366e7a06d035990df78f1562291c3bf0d4a12","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:22:52Z/"}],"url":"https://git.kernel.org/stable/c/609366e7a06d035990df78f1562291c3bf0d4a12"},{"reference_url":"https://git.kernel.org/stable/c/687016d6a1efbfacdd2af913e2108de6b75a28d5","reference_id":"687016d6a1efbfacdd2af913e2108de6b75a28d5","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:22:52Z/"}],"url":"https://git.kernel.org/stable/c/687016d6a1efbfacdd2af913e2108de6b75a28d5"},{"reference_url":"https://git.kernel.org/stable/c/ea0256e393e0072e8c80fd941547807f0c28108b","reference_id":"ea0256e393e0072e8c80fd941547807f0c28108b","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:22:52Z/"}],"url":"https://git.kernel.org/stable/c/ea0256e393e0072e8c80fd941547807f0c28108b"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-50061"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hhuj-ehty-7kd4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88490?format=json","vulnerability_id":"VCID-hj2t-1vht-efdb","summary":"kernel: lib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47668.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47668.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/0f078f8ca93b28a34e20bd050f12cd4efeee7c0f","reference_id":"0f078f8ca93b28a34e20bd050f12cd4efeee7c0f","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:21:11Z/"}],"url":"https://git.kernel.org/stable/c/0f078f8ca93b28a34e20bd050f12cd4efeee7c0f"},{"reference_url":"https://git.kernel.org/stable/c/0f27f4f445390cb7f73d4209cb2bf32834dc53da","reference_id":"0f27f4f445390cb7f73d4209cb2bf32834dc53da","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:21:11Z/"}],"url":"https://git.kernel.org/stable/c/0f27f4f445390cb7f73d4209cb2bf32834dc53da"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2317601","reference_id":"2317601","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2317601"},{"reference_url":"https://git.kernel.org/stable/c/99418ec776a39609f50934720419e0b464ca2283","reference_id":"99418ec776a39609f50934720419e0b464ca2283","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:21:11Z/"}],"url":"https://git.kernel.org/stable/c/99418ec776a39609f50934720419e0b464ca2283"},{"reference_url":"https://git.kernel.org/stable/c/ad5ee9feebc2eb8cfc76ed74a2d6e55343b0e169","reference_id":"ad5ee9feebc2eb8cfc76ed74a2d6e55343b0e169","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:21:11Z/"}],"url":"https://git.kernel.org/stable/c/ad5ee9feebc2eb8cfc76ed74a2d6e55343b0e169"},{"reference_url":"https://git.kernel.org/stable/c/b2f11c6f3e1fc60742673b8675c95b78447f3dae","reference_id":"b2f11c6f3e1fc60742673b8675c95b78447f3dae","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:21:11Z/"}],"url":"https://git.kernel.org/stable/c/b2f11c6f3e1fc60742673b8675c95b78447f3dae"},{"reference_url":"https://git.kernel.org/stable/c/d942e855324a60107025c116245095632476613e","reference_id":"d942e855324a60107025c116245095632476613e","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:21:11Z/"}],"url":"https://git.kernel.org/stable/c/d942e855324a60107025c116245095632476613e"},{"reference_url":"https://git.kernel.org/stable/c/ebeff038744c498a036e7a92eb8e433ae0a386d7","reference_id":"ebeff038744c498a036e7a92eb8e433ae0a386d7","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:21:11Z/"}],"url":"https://git.kernel.org/stable/c/ebeff038744c498a036e7a92eb8e433ae0a386d7"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8856","reference_id":"RHSA-2024:8856","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8856"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8870","reference_id":"RHSA-2024:8870","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8870"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:6966","reference_id":"RHSA-2025:6966","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:6966"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7526","reference_id":"RHSA-2025:7526","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7526"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-47668"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hj2t-1vht-efdb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82407?format=json","vulnerability_id":"VCID-hk1c-qpfa-j7hd","summary":"kernel: net: dsa: free routing table on probe failure","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-37786.json","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-37786.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2363302","reference_id":"2363302","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2363302"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-37786"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hk1c-qpfa-j7hd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86675?format=json","vulnerability_id":"VCID-hk4k-9dn4-nbdy","summary":"In the Linux kernel, the following vulnerability has been resolved:  pstore: inode: Only d_invalidate() is needed  Unloading a modular pstore backend with records in pstorefs would trigger the dput() double-drop warning:    WARNING: CPU: 0 PID: 2569 at fs/dcache.c:762 dput.part.0+0x3f3/0x410  Using the combo of d_drop()/dput() (as mentioned in Documentation/filesystems/vfs.rst) isn't the right approach here, and leads to the reference counting problem seen above. Use d_invalidate() and update the code to not bother checking for error codes that can never happen.  ---","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27389.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27389.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2278532","reference_id":"2278532","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2278532"},{"reference_url":"https://git.kernel.org/stable/c/340682ed1932b8e3bd0bfc6c31a0c6354eb57cc6","reference_id":"340682ed1932b8e3bd0bfc6c31a0c6354eb57cc6","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-09T18:38:29Z/"}],"url":"https://git.kernel.org/stable/c/340682ed1932b8e3bd0bfc6c31a0c6354eb57cc6"},{"reference_url":"https://git.kernel.org/stable/c/4cdf9006fc095af71da80e9b5f48a32e991b9ed3","reference_id":"4cdf9006fc095af71da80e9b5f48a32e991b9ed3","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-09T18:38:29Z/"}],"url":"https://git.kernel.org/stable/c/4cdf9006fc095af71da80e9b5f48a32e991b9ed3"},{"reference_url":"https://git.kernel.org/stable/c/a43e0fc5e9134a46515de2f2f8d4100b74e50de3","reference_id":"a43e0fc5e9134a46515de2f2f8d4100b74e50de3","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-09T18:38:29Z/"}],"url":"https://git.kernel.org/stable/c/a43e0fc5e9134a46515de2f2f8d4100b74e50de3"},{"reference_url":"https://git.kernel.org/stable/c/cb9e802e49c24eeb3af35e9e8c04d526f35f112a","reference_id":"cb9e802e49c24eeb3af35e9e8c04d526f35f112a","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-09T18:38:29Z/"}],"url":"https://git.kernel.org/stable/c/cb9e802e49c24eeb3af35e9e8c04d526f35f112a"},{"reference_url":"https://git.kernel.org/stable/c/d0ee2a8adb6673382cce8a4280e1ca0849b3b783","reference_id":"d0ee2a8adb6673382cce8a4280e1ca0849b3b783","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-09T18:38:29Z/"}],"url":"https://git.kernel.org/stable/c/d0ee2a8adb6673382cce8a4280e1ca0849b3b783"},{"reference_url":"https://git.kernel.org/stable/c/db6e5e16f1ee9e3b01d2f71c7f0ba945f4bf0f4e","reference_id":"db6e5e16f1ee9e3b01d2f71c7f0ba945f4bf0f4e","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-09T18:38:29Z/"}],"url":"https://git.kernel.org/stable/c/db6e5e16f1ee9e3b01d2f71c7f0ba945f4bf0f4e"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9315","reference_id":"RHSA-2024:9315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9315"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-27389"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hk4k-9dn4-nbdy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72762?format=json","vulnerability_id":"VCID-hm96-y919-gyay","summary":"kernel: Linux kernel: Denial of Service via NULL pointer dereference in USB gadget f_acm","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40094.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40094.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2407329","reference_id":"2407329","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2407329"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-40094"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hm96-y919-gyay"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83709?format=json","vulnerability_id":"VCID-hncq-s595-ufg1","summary":"In the Linux kernel, the following vulnerability has been resolved:  reset: uniphier-glue: Fix possible null-ptr-deref  It will cause null-ptr-deref when resource_size(res) invoked, if platform_get_resource() returns NULL.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49758.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49758.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49758","reference_id":"","reference_type":"","scores":[{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12832","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49758"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2355489","reference_id":"2355489","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2355489"},{"reference_url":"https://git.kernel.org/stable/c/3a2390c6777e3f6662980c6cfc25cafe9e4fef98","reference_id":"3a2390c6777e3f6662980c6cfc25cafe9e4fef98","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T17:22:35Z/"}],"url":"https://git.kernel.org/stable/c/3a2390c6777e3f6662980c6cfc25cafe9e4fef98"},{"reference_url":"https://git.kernel.org/stable/c/633bad3dc81ce2aa561f704ec091e49eb647bd0b","reference_id":"633bad3dc81ce2aa561f704ec091e49eb647bd0b","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T17:22:35Z/"}],"url":"https://git.kernel.org/stable/c/633bad3dc81ce2aa561f704ec091e49eb647bd0b"},{"reference_url":"https://git.kernel.org/stable/c/95de286200b2a046da01c4aeba02ae9220d68ca4","reference_id":"95de286200b2a046da01c4aeba02ae9220d68ca4","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T17:22:35Z/"}],"url":"https://git.kernel.org/stable/c/95de286200b2a046da01c4aeba02ae9220d68ca4"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-49758"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hncq-s595-ufg1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/68311?format=json","vulnerability_id":"VCID-hnff-8amj-5qdk","summary":"kernel: Bluetooth: btusb: revert use of devm_kzalloc in btusb","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-71082.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-71082.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2429054","reference_id":"2429054","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2429054"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-71082"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hnff-8amj-5qdk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85864?format=json","vulnerability_id":"VCID-hnnk-ptwy-bqgg","summary":"kernel: drm/dp_mst: Fix resetting msg rx state after topology removal","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-57876.json","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-57876.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2337142","reference_id":"2337142","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2337142"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6583","reference_id":"RHSA-2023:6583","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6583"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7077","reference_id":"RHSA-2023:7077","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7077"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8248","reference_id":"RHSA-2025:8248","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8248"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-57876"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hnnk-ptwy-bqgg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84895?format=json","vulnerability_id":"VCID-hvet-44h5-j3bq","summary":"In the Linux kernel, the following vulnerability has been resolved:  can: dev: can_put_echo_skb(): don't crash kernel if can_priv::echo_skb is accessed out of bounds  If the \"struct can_priv::echoo_skb\" is accessed out of bounds, this would cause a kernel crash. Instead, issue a meaningful warning message and return with an error.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52878.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52878.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/0d30931f1fa0fb893fb7d5dc32b6b7edfb775be4","reference_id":"0d30931f1fa0fb893fb7d5dc32b6b7edfb775be4","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-21T17:05:12Z/"}],"url":"https://git.kernel.org/stable/c/0d30931f1fa0fb893fb7d5dc32b6b7edfb775be4"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2282680","reference_id":"2282680","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2282680"},{"reference_url":"https://git.kernel.org/stable/c/53c468008a7c9ca3f5fc985951f35ec2acae85bc","reference_id":"53c468008a7c9ca3f5fc985951f35ec2acae85bc","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-21T17:05:12Z/"}],"url":"https://git.kernel.org/stable/c/53c468008a7c9ca3f5fc985951f35ec2acae85bc"},{"reference_url":"https://git.kernel.org/stable/c/6411959c10fe917288cbb1038886999148560057","reference_id":"6411959c10fe917288cbb1038886999148560057","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-21T17:05:12Z/"}],"url":"https://git.kernel.org/stable/c/6411959c10fe917288cbb1038886999148560057"},{"reference_url":"https://git.kernel.org/stable/c/826120c9ba68f2d0dbae58e99013929c883d1444","reference_id":"826120c9ba68f2d0dbae58e99013929c883d1444","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-21T17:05:12Z/"}],"url":"https://git.kernel.org/stable/c/826120c9ba68f2d0dbae58e99013929c883d1444"},{"reference_url":"https://git.kernel.org/stable/c/8ab67da060157362b2e0926692c659808784708f","reference_id":"8ab67da060157362b2e0926692c659808784708f","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-21T17:05:12Z/"}],"url":"https://git.kernel.org/stable/c/8ab67da060157362b2e0926692c659808784708f"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4211","reference_id":"RHSA-2024:4211","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4211"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4352","reference_id":"RHSA-2024:4352","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4352"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9315","reference_id":"RHSA-2024:9315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9315"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4342","reference_id":"RHSA-2025:4342","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4342"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-52878"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hvet-44h5-j3bq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74927?format=json","vulnerability_id":"VCID-hvma-mz9b-pqdg","summary":"kernel: f2fs: don't reset unchangable mount option in f2fs_remount()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53447.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53447.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/115557cc226a927924f2d7d1980ccbf6e3b3bb36","reference_id":"115557cc226a927924f2d7d1980ccbf6e3b3bb36","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T19:19:57Z/"}],"url":"https://git.kernel.org/stable/c/115557cc226a927924f2d7d1980ccbf6e3b3bb36"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2396523","reference_id":"2396523","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2396523"},{"reference_url":"https://git.kernel.org/stable/c/458c15dfbce62c35fefd9ca637b20a051309c9f1","reference_id":"458c15dfbce62c35fefd9ca637b20a051309c9f1","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T19:19:57Z/"}],"url":"https://git.kernel.org/stable/c/458c15dfbce62c35fefd9ca637b20a051309c9f1"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2023-53447"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hvma-mz9b-pqdg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60724?format=json","vulnerability_id":"VCID-j1kv-r5nf-rybq","summary":"kernel: drm/vc4: Fix a memory leak in hang state error path","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43104.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43104.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467003","reference_id":"2467003","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467003"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-43104"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j1kv-r5nf-rybq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59087?format=json","vulnerability_id":"VCID-j2jm-ctxk-fubr","summary":"kernel: xfrm: ah: account for ESN high bits in async callbacks","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46193.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46193.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482525","reference_id":"2482525","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482525"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-46193"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j2jm-ctxk-fubr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/67769?format=json","vulnerability_id":"VCID-j33f-6522-bfed","summary":"kernel: vsock/virtio: fix potential underflow in virtio_transport_get_credit()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23069.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23069.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2436768","reference_id":"2436768","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2436768"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2026-23069"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j33f-6522-bfed"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/89918?format=json","vulnerability_id":"VCID-j3f1-ycf3-5udn","summary":"BlueZ HID over GATT Profile Improper Access Control Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of BlueZ. Authentication is not required to exploit this vulnerability.  The specific flaw exists within the implementation of the HID over GATT Profile. The issue results from the lack of authorization prior to allowing access to functionality. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-25177.","references":[{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.zerodayinitiative.com/advisories/ZDI-24-1229/","reference_id":"ZDI-24-1229","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-26T15:15:28Z/"}],"url":"https://www.zerodayinitiative.com/advisories/ZDI-24-1229/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-8805"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j3f1-ycf3-5udn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64404?format=json","vulnerability_id":"VCID-j438-fpyd-6kf4","summary":"kernel: PCI: dwc: ep: Flush MSI-X write before unmapping its ATU entry","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23361.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23361.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451210","reference_id":"2451210","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451210"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-23361"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j438-fpyd-6kf4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88897?format=json","vulnerability_id":"VCID-j47x-37fw-qyap","summary":"In the Linux kernel, the following vulnerability has been resolved:  btrfs: replace BUG_ON() with error handling at update_ref_for_cow()  Instead of a BUG_ON() just return an error, log an error message and abort the transaction in case we find an extent buffer belonging to the relocation tree that doesn't have the full backref flag set. This is unexpected and should never happen (save for bugs or a potential bad memory).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-46752.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-46752.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/0fbac73a97286a7ec72229cb9b42d760a2c717ac","reference_id":"0fbac73a97286a7ec72229cb9b42d760a2c717ac","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:47:19Z/"}],"url":"https://git.kernel.org/stable/c/0fbac73a97286a7ec72229cb9b42d760a2c717ac"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2313100","reference_id":"2313100","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2313100"},{"reference_url":"https://git.kernel.org/stable/c/41a0f85e268d72fe04f731b8ceea4748c2d65491","reference_id":"41a0f85e268d72fe04f731b8ceea4748c2d65491","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:47:19Z/"}],"url":"https://git.kernel.org/stable/c/41a0f85e268d72fe04f731b8ceea4748c2d65491"},{"reference_url":"https://git.kernel.org/stable/c/b50857b96429a09fd3beed9f7f21b7bb7c433688","reference_id":"b50857b96429a09fd3beed9f7f21b7bb7c433688","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:47:19Z/"}],"url":"https://git.kernel.org/stable/c/b50857b96429a09fd3beed9f7f21b7bb7c433688"},{"reference_url":"https://git.kernel.org/stable/c/b56329a782314fde5b61058e2a25097af7ccb675","reference_id":"b56329a782314fde5b61058e2a25097af7ccb675","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:47:19Z/"}],"url":"https://git.kernel.org/stable/c/b56329a782314fde5b61058e2a25097af7ccb675"},{"reference_url":"https://git.kernel.org/stable/c/f895db00c65e5d77c437cce946da9ec29dcdf563","reference_id":"f895db00c65e5d77c437cce946da9ec29dcdf563","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:47:19Z/"}],"url":"https://git.kernel.org/stable/c/f895db00c65e5d77c437cce946da9ec29dcdf563"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-46752"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j47x-37fw-qyap"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59935?format=json","vulnerability_id":"VCID-j4ws-js7c-w3fn","summary":"kernel: ipv6: rpl: reserve mac_len headroom when recompressed SRH grows","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43501.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43501.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2480457","reference_id":"2480457","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2480457"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-43501"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j4ws-js7c-w3fn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74801?format=json","vulnerability_id":"VCID-j5vg-n8es-tygd","summary":"kernel: mm: /proc/pid/smaps_rollup: fix no vma's null-deref","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50380.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50380.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50380","reference_id":"","reference_type":"","scores":[{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.06142","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50380"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2396418","reference_id":"2396418","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2396418"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-50380"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j5vg-n8es-tygd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59469?format=json","vulnerability_id":"VCID-jawa-g7vv-yfeg","summary":"kernel: inotify: fix watch count leak when fsnotify_add_inode_mark_locked() fails","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46040.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46040.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482032","reference_id":"2482032","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482032"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-46040"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jawa-g7vv-yfeg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/76151?format=json","vulnerability_id":"VCID-jctp-kajd-e7d1","summary":"kernel: drm/amd/display: fix a Null pointer dereference vulnerability","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39705.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39705.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2393494","reference_id":"2393494","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2393494"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2025-39705"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jctp-kajd-e7d1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64476?format=json","vulnerability_id":"VCID-jd15-6q7g-m7dw","summary":"kernel: net/sched: act_ife: Fix metalist update behavior","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23378.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23378.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451271","reference_id":"2451271","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451271"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2026-23378"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jd15-6q7g-m7dw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86348?format=json","vulnerability_id":"VCID-jejs-azgt-ukev","summary":"kernel: sched/deadline: Fix warning in migrate_enable for boosted tasks","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56583.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56583.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2334485","reference_id":"2334485","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2334485"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-56583"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jejs-azgt-ukev"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75374?format=json","vulnerability_id":"VCID-jg51-e57v-4kd8","summary":"kernel: Linux kernel: Denial of Service in the cdns3 USB driver due to improper spin lock handling","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53287.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53287.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/2319b9c87fe243327285f2fefd7374ffd75a65fc","reference_id":"2319b9c87fe243327285f2fefd7374ffd75a65fc","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T18:09:59Z/"}],"url":"https://git.kernel.org/stable/c/2319b9c87fe243327285f2fefd7374ffd75a65fc"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2395698","reference_id":"2395698","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2395698"},{"reference_url":"https://git.kernel.org/stable/c/bbc9c3652708108738009e096d608ece3cd9fa8a","reference_id":"bbc9c3652708108738009e096d608ece3cd9fa8a","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T18:09:59Z/"}],"url":"https://git.kernel.org/stable/c/bbc9c3652708108738009e096d608ece3cd9fa8a"},{"reference_url":"https://git.kernel.org/stable/c/c861a61be6d30538ebcf7fcab1d43f244e298840","reference_id":"c861a61be6d30538ebcf7fcab1d43f244e298840","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T18:09:59Z/"}],"url":"https://git.kernel.org/stable/c/c861a61be6d30538ebcf7fcab1d43f244e298840"},{"reference_url":"https://git.kernel.org/stable/c/d3f372ec95b89776f72d5c9a475424e27734c223","reference_id":"d3f372ec95b89776f72d5c9a475424e27734c223","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T18:09:59Z/"}],"url":"https://git.kernel.org/stable/c/d3f372ec95b89776f72d5c9a475424e27734c223"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:6966","reference_id":"RHSA-2025:6966","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:6966"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-53287"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jg51-e57v-4kd8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80407?format=json","vulnerability_id":"VCID-jjqk-at35-r7f3","summary":"Uncontrolled resource consumption in some Intel(R) Ethernet E810 Adapter drivers for Linux before version 1.0.4 may allow an authenticated user to potentially enable denial of service via local access.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-24504.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-24504.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-24504","reference_id":"","reference_type":"","scores":[{"value":"0.00196","scoring_system":"epss","scoring_elements":"0.414","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-24504"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1930376","reference_id":"1930376","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1930376"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4140","reference_id":"RHSA-2021:4140","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4140"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4356","reference_id":"RHSA-2021:4356","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4356"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2020-24504"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jjqk-at35-r7f3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86404?format=json","vulnerability_id":"VCID-jmk5-nsa7-1bh5","summary":"kernel: net/smc: fix LGR and link use-after-free issue","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56640.json","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56640.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/0cf598548a6c36d90681d53c6b77d52363f2f295","reference_id":"0cf598548a6c36d90681d53c6b77d52363f2f295","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-11T15:41:51Z/"}],"url":"https://git.kernel.org/stable/c/0cf598548a6c36d90681d53c6b77d52363f2f295"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2334532","reference_id":"2334532","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2334532"},{"reference_url":"https://git.kernel.org/stable/c/2c7f14ed9c19ec0f149479d1c2842ec1f9bf76d7","reference_id":"2c7f14ed9c19ec0f149479d1c2842ec1f9bf76d7","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-11T15:41:51Z/"}],"url":"https://git.kernel.org/stable/c/2c7f14ed9c19ec0f149479d1c2842ec1f9bf76d7"},{"reference_url":"https://git.kernel.org/stable/c/673d606683ac70bc074ca6676b938bff18635226","reference_id":"673d606683ac70bc074ca6676b938bff18635226","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-11T15:41:51Z/"}],"url":"https://git.kernel.org/stable/c/673d606683ac70bc074ca6676b938bff18635226"},{"reference_url":"https://git.kernel.org/stable/c/6f0ae06a234a78ae137064f2c89135ac078a00eb","reference_id":"6f0ae06a234a78ae137064f2c89135ac078a00eb","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-11T15:41:51Z/"}],"url":"https://git.kernel.org/stable/c/6f0ae06a234a78ae137064f2c89135ac078a00eb"},{"reference_url":"https://git.kernel.org/stable/c/f502a88fdd415647a1f2dc45fac71b9c522a052b","reference_id":"f502a88fdd415647a1f2dc45fac71b9c522a052b","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-11T15:41:51Z/"}],"url":"https://git.kernel.org/stable/c/f502a88fdd415647a1f2dc45fac71b9c522a052b"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-56640"],"risk_score":2.9,"exploitability":"0.5","weighted_severity":"5.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jmk5-nsa7-1bh5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88598?format=json","vulnerability_id":"VCID-jp8u-sxfs-6qcm","summary":"In the Linux kernel, the following vulnerability has been resolved:  media: xc2028: avoid use-after-free in load_firmware_cb()  syzkaller reported use-after-free in load_firmware_cb() [1]. The reason is because the module allocated a struct tuner in tuner_probe(), and then the module initialization failed, the struct tuner was released. A worker which created during module initialization accesses this struct tuner later, it caused use-after-free.  The process is as follows:  task-6504           worker_thread tuner_probe                             <= alloc dvb_frontend [2] ... request_firmware_nowait                 <= create a worker ... tuner_remove                            <= free dvb_frontend ...                     request_firmware_work_func  <= the firmware is ready                     load_firmware_cb    <= but now the dvb_frontend has been freed  To fix the issue, check the dvd_frontend in load_firmware_cb(), if it is null, report a warning and just return.  [1]:     ==================================================================      BUG: KASAN: use-after-free in load_firmware_cb+0x1310/0x17a0      Read of size 8 at addr ffff8000d7ca2308 by task kworker/2:3/6504       Call trace:       load_firmware_cb+0x1310/0x17a0       request_firmware_work_func+0x128/0x220       process_one_work+0x770/0x1824       worker_thread+0x488/0xea0       kthread+0x300/0x430       ret_from_fork+0x10/0x20       Allocated by task 6504:       kzalloc       tuner_probe+0xb0/0x1430       i2c_device_probe+0x92c/0xaf0       really_probe+0x678/0xcd0       driver_probe_device+0x280/0x370       __device_attach_driver+0x220/0x330       bus_for_each_drv+0x134/0x1c0       __device_attach+0x1f4/0x410       device_initial_probe+0x20/0x30       bus_probe_device+0x184/0x200       device_add+0x924/0x12c0       device_register+0x24/0x30       i2c_new_device+0x4e0/0xc44       v4l2_i2c_new_subdev_board+0xbc/0x290       v4l2_i2c_new_subdev+0xc8/0x104       em28xx_v4l2_init+0x1dd0/0x3770       Freed by task 6504:       kfree+0x238/0x4e4       tuner_remove+0x144/0x1c0       i2c_device_remove+0xc8/0x290       __device_release_driver+0x314/0x5fc       device_release_driver+0x30/0x44       bus_remove_device+0x244/0x490       device_del+0x350/0x900       device_unregister+0x28/0xd0       i2c_unregister_device+0x174/0x1d0       v4l2_device_unregister+0x224/0x380       em28xx_v4l2_init+0x1d90/0x3770       The buggy address belongs to the object at ffff8000d7ca2000       which belongs to the cache kmalloc-2k of size 2048      The buggy address is located 776 bytes inside of       2048-byte region [ffff8000d7ca2000, ffff8000d7ca2800)      The buggy address belongs to the page:      page:ffff7fe00035f280 count:1 mapcount:0 mapping:ffff8000c001f000 index:0x0      flags: 0x7ff800000000100(slab)      raw: 07ff800000000100 ffff7fe00049d880 0000000300000003 ffff8000c001f000      raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000      page dumped because: kasan: bad access detected       Memory state around the buggy address:       ffff8000d7ca2200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb       ffff8000d7ca2280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb      >ffff8000d7ca2300: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb                            ^       ffff8000d7ca2380: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb       ffff8000d7ca2400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb      ==================================================================  [2]     Actually, it is allocated for struct tuner, and dvb_frontend is inside.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-43900.json","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-43900.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/208deb6d8c3cb8c3acb1f41eb31cf68ea08726d5","reference_id":"208deb6d8c3cb8c3acb1f41eb31cf68ea08726d5","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:28:53Z/"}],"url":"https://git.kernel.org/stable/c/208deb6d8c3cb8c3acb1f41eb31cf68ea08726d5"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2307873","reference_id":"2307873","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2307873"},{"reference_url":"https://git.kernel.org/stable/c/68594cec291ff9523b9feb3f43fd853dcddd1f60","reference_id":"68594cec291ff9523b9feb3f43fd853dcddd1f60","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:28:53Z/"}],"url":"https://git.kernel.org/stable/c/68594cec291ff9523b9feb3f43fd853dcddd1f60"},{"reference_url":"https://git.kernel.org/stable/c/850304152d367f104d21c77cfbcc05806504218b","reference_id":"850304152d367f104d21c77cfbcc05806504218b","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:28:53Z/"}],"url":"https://git.kernel.org/stable/c/850304152d367f104d21c77cfbcc05806504218b"},{"reference_url":"https://git.kernel.org/stable/c/ef517bdfc01818419f7bd426969a0c86b14f3e0e","reference_id":"ef517bdfc01818419f7bd426969a0c86b14f3e0e","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:28:53Z/"}],"url":"https://git.kernel.org/stable/c/ef517bdfc01818419f7bd426969a0c86b14f3e0e"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-43900"],"risk_score":2.9,"exploitability":"0.5","weighted_severity":"5.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jp8u-sxfs-6qcm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83559?format=json","vulnerability_id":"VCID-jpd8-m2r8-afbe","summary":"In the Linux kernel, the following vulnerability has been resolved:  netfilter: nf_tables: avoid skb access on nf_stolen  When verdict is NF_STOLEN, the skb might have been freed.  When tracing is enabled, this can result in a use-after-free: 1. access to skb->nf_trace 2. access to skb->mark 3. computation of trace id 4. dump of packet payload  To avoid 1, keep a cached copy of skb->nf_trace in the trace state struct. Refresh this copy whenever verdict is != STOLEN.  Avoid 2 by skipping skb->mark access if verdict is STOLEN.  3 is avoided by precomputing the trace id.  Only dump the packet when verdict is not \"STOLEN\".","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49622.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49622.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49622","reference_id":"","reference_type":"","scores":[{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03808","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49622"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/0016d5d46d7440729a3132f61a8da3bf7f84e2ba","reference_id":"0016d5d46d7440729a3132f61a8da3bf7f84e2ba","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-27T18:15:30Z/"}],"url":"https://git.kernel.org/stable/c/0016d5d46d7440729a3132f61a8da3bf7f84e2ba"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2348363","reference_id":"2348363","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2348363"},{"reference_url":"https://git.kernel.org/stable/c/e34b9ed96ce3b06c79bf884009b16961ca478f87","reference_id":"e34b9ed96ce3b06c79bf884009b16961ca478f87","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-27T18:15:30Z/"}],"url":"https://git.kernel.org/stable/c/e34b9ed96ce3b06c79bf884009b16961ca478f87"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-49622"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jpd8-m2r8-afbe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86067?format=json","vulnerability_id":"VCID-jpx3-mu5r-7fe2","summary":"kernel: ionic: Fix netdev notifier unregister on failure","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56715.json","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56715.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2334797","reference_id":"2334797","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2334797"},{"reference_url":"https://git.kernel.org/stable/c/87847938f5708b2509b279369c96572254bcf2ba","reference_id":"87847938f5708b2509b279369c96572254bcf2ba","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:58:37Z/"}],"url":"https://git.kernel.org/stable/c/87847938f5708b2509b279369c96572254bcf2ba"},{"reference_url":"https://git.kernel.org/stable/c/9590d32e090ea2751e131ae5273859ca22f5ac14","reference_id":"9590d32e090ea2751e131ae5273859ca22f5ac14","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:58:37Z/"}],"url":"https://git.kernel.org/stable/c/9590d32e090ea2751e131ae5273859ca22f5ac14"},{"reference_url":"https://git.kernel.org/stable/c/da5736f516a664a9e1ff74902663c64c423045d2","reference_id":"da5736f516a664a9e1ff74902663c64c423045d2","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:58:37Z/"}],"url":"https://git.kernel.org/stable/c/da5736f516a664a9e1ff74902663c64c423045d2"},{"reference_url":"https://git.kernel.org/stable/c/da93a12876f8b969df7316dc93aac7e725f88252","reference_id":"da93a12876f8b969df7316dc93aac7e725f88252","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:58:37Z/"}],"url":"https://git.kernel.org/stable/c/da93a12876f8b969df7316dc93aac7e725f88252"},{"reference_url":"https://git.kernel.org/stable/c/ee2e931b2b46de9af7f681258e8ec8e2cd81cfc6","reference_id":"ee2e931b2b46de9af7f681258e8ec8e2cd81cfc6","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:58:37Z/"}],"url":"https://git.kernel.org/stable/c/ee2e931b2b46de9af7f681258e8ec8e2cd81cfc6"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-56715"],"risk_score":2.3,"exploitability":"0.5","weighted_severity":"4.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jpx3-mu5r-7fe2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87753?format=json","vulnerability_id":"VCID-jrja-34ut-bkg1","summary":"In the Linux kernel, the following vulnerability has been resolved:  serial: imx: Introduce timeout when waiting on transmitter empty  By waiting at most 1 second for USR2_TXDC to be set, we avoid a potential deadlock.  In case of the timeout, there is not much we can do, so we simply ignore the transmitter state and optimistically try to continue.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-40967.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-40967.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2297551","reference_id":"2297551","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2297551"},{"reference_url":"https://git.kernel.org/stable/c/53b2c95547427c358f45515a9f144efee95e3701","reference_id":"53b2c95547427c358f45515a9f144efee95e3701","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:03:07Z/"}],"url":"https://git.kernel.org/stable/c/53b2c95547427c358f45515a9f144efee95e3701"},{"reference_url":"https://git.kernel.org/stable/c/7f2b9ab6d0b26f16cd38dd9fd91d51899635f7c7","reference_id":"7f2b9ab6d0b26f16cd38dd9fd91d51899635f7c7","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:03:07Z/"}],"url":"https://git.kernel.org/stable/c/7f2b9ab6d0b26f16cd38dd9fd91d51899635f7c7"},{"reference_url":"https://git.kernel.org/stable/c/7f9e70c68b7ace0141fe3bc94bf7b61296b71916","reference_id":"7f9e70c68b7ace0141fe3bc94bf7b61296b71916","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:03:07Z/"}],"url":"https://git.kernel.org/stable/c/7f9e70c68b7ace0141fe3bc94bf7b61296b71916"},{"reference_url":"https://git.kernel.org/stable/c/982ae3376c4c91590d38dc8a676c10f7df048a44","reference_id":"982ae3376c4c91590d38dc8a676c10f7df048a44","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:03:07Z/"}],"url":"https://git.kernel.org/stable/c/982ae3376c4c91590d38dc8a676c10f7df048a44"},{"reference_url":"https://git.kernel.org/stable/c/e533e4c62e9993e62e947ae9bbec34e4c7ae81c2","reference_id":"e533e4c62e9993e62e947ae9bbec34e4c7ae81c2","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:03:07Z/"}],"url":"https://git.kernel.org/stable/c/e533e4c62e9993e62e947ae9bbec34e4c7ae81c2"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9315","reference_id":"RHSA-2024:9315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9315"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-40967"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jrja-34ut-bkg1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60694?format=json","vulnerability_id":"VCID-jsq1-3rub-ryfw","summary":"kernel: net: af_key: zero aligned sockaddr tail in PF_KEY exports","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43088.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43088.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2466981","reference_id":"2466981","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2466981"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-43088"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jsq1-3rub-ryfw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88168?format=json","vulnerability_id":"VCID-jsuh-a7bk-yyhs","summary":"kernel: static_call: Replace pointless WARN_ON() in static_call_module_notify()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-49954.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-49954.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2320546","reference_id":"2320546","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2320546"},{"reference_url":"https://git.kernel.org/stable/c/85a104aaef1f56623acc10ba4c42d5f046ba65b7","reference_id":"85a104aaef1f56623acc10ba4c42d5f046ba65b7","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:35:58Z/"}],"url":"https://git.kernel.org/stable/c/85a104aaef1f56623acc10ba4c42d5f046ba65b7"},{"reference_url":"https://git.kernel.org/stable/c/b83bef74c121a3311240fc4002d23486b85355e4","reference_id":"b83bef74c121a3311240fc4002d23486b85355e4","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:35:58Z/"}],"url":"https://git.kernel.org/stable/c/b83bef74c121a3311240fc4002d23486b85355e4"},{"reference_url":"https://git.kernel.org/stable/c/bc9356513d56b688775497b7ac6f2b967f46a80c","reference_id":"bc9356513d56b688775497b7ac6f2b967f46a80c","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:35:58Z/"}],"url":"https://git.kernel.org/stable/c/bc9356513d56b688775497b7ac6f2b967f46a80c"},{"reference_url":"https://git.kernel.org/stable/c/e67534bd31d79952b50e791e92adf0b3e6c13b8c","reference_id":"e67534bd31d79952b50e791e92adf0b3e6c13b8c","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:35:58Z/"}],"url":"https://git.kernel.org/stable/c/e67534bd31d79952b50e791e92adf0b3e6c13b8c"},{"reference_url":"https://git.kernel.org/stable/c/ea2cdf4da093d0482f0ef36ba971e2e0c7673425","reference_id":"ea2cdf4da093d0482f0ef36ba971e2e0c7673425","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:35:58Z/"}],"url":"https://git.kernel.org/stable/c/ea2cdf4da093d0482f0ef36ba971e2e0c7673425"},{"reference_url":"https://git.kernel.org/stable/c/fe513c2ef0a172a58f158e2e70465c4317f0a9a2","reference_id":"fe513c2ef0a172a58f158e2e70465c4317f0a9a2","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:35:58Z/"}],"url":"https://git.kernel.org/stable/c/fe513c2ef0a172a58f158e2e70465c4317f0a9a2"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:6966","reference_id":"RHSA-2025:6966","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:6966"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-49954"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jsuh-a7bk-yyhs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59549?format=json","vulnerability_id":"VCID-jtc1-9umn-q3gs","summary":"kernel: crypto: atmel-aes - Fix 3-page memory leak in atmel_aes_buff_cleanup","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46019.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46019.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482095","reference_id":"2482095","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482095"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-46019"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jtc1-9umn-q3gs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81525?format=json","vulnerability_id":"VCID-ju3y-nfsc-2qbw","summary":"kernel: dm-bufio: don't schedule in atomic context","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-37928.json","reference_id":"","reference_type":"","scores":[{"value":"2.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-37928.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2367512","reference_id":"2367512","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2367512"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/local/52329.py","reference_id":"CVE-2025-37928","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/local/52329.py"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-37928"],"risk_score":4.4,"exploitability":"2.0","weighted_severity":"2.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ju3y-nfsc-2qbw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84607?format=json","vulnerability_id":"VCID-jv76-xsk2-9kf1","summary":"In the Linux kernel, the following vulnerability has been resolved:  NTB: fix possible name leak in ntb_register_device()  If device_register() fails in ntb_register_device(), the device name allocated by dev_set_name() should be freed. As per the comment in device_register(), callers should use put_device() to give up the reference in the error path. So fix this by calling put_device() in the error path so that the name can be freed in kobject_cleanup().  As a result of this, put_device() in the error path of ntb_register_device() is removed and the actual error is returned.  [mani: reworded commit message]","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52652.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52652.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2278517","reference_id":"2278517","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2278517"},{"reference_url":"https://git.kernel.org/stable/c/6632a54ac8057cc0b0d789c6f73883e871bcd25c","reference_id":"6632a54ac8057cc0b0d789c6f73883e871bcd25c","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T15:06:43Z/"}],"url":"https://git.kernel.org/stable/c/6632a54ac8057cc0b0d789c6f73883e871bcd25c"},{"reference_url":"https://git.kernel.org/stable/c/913421f9f7fd8324dcc41753d0f28b52e177ef04","reference_id":"913421f9f7fd8324dcc41753d0f28b52e177ef04","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T15:06:43Z/"}],"url":"https://git.kernel.org/stable/c/913421f9f7fd8324dcc41753d0f28b52e177ef04"},{"reference_url":"https://git.kernel.org/stable/c/a039690d323221eb5865f1f31db3ec264e7a14b6","reference_id":"a039690d323221eb5865f1f31db3ec264e7a14b6","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T15:06:43Z/"}],"url":"https://git.kernel.org/stable/c/a039690d323221eb5865f1f31db3ec264e7a14b6"},{"reference_url":"https://git.kernel.org/stable/c/a62b9f3d7bbfac874cc0c638bc1776dcf1f8ec06","reference_id":"a62b9f3d7bbfac874cc0c638bc1776dcf1f8ec06","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T15:06:43Z/"}],"url":"https://git.kernel.org/stable/c/a62b9f3d7bbfac874cc0c638bc1776dcf1f8ec06"},{"reference_url":"https://git.kernel.org/stable/c/aebfdfe39b9327a3077d0df8db3beb3160c9bdd0","reference_id":"aebfdfe39b9327a3077d0df8db3beb3160c9bdd0","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T15:06:43Z/"}],"url":"https://git.kernel.org/stable/c/aebfdfe39b9327a3077d0df8db3beb3160c9bdd0"},{"reference_url":"https://git.kernel.org/stable/c/e8025439ef8e16029dc313d78a351ef192469b7b","reference_id":"e8025439ef8e16029dc313d78a351ef192469b7b","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T15:06:43Z/"}],"url":"https://git.kernel.org/stable/c/e8025439ef8e16029dc313d78a351ef192469b7b"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-52652"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jv76-xsk2-9kf1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62372?format=json","vulnerability_id":"VCID-jvjt-nfaf-eqeh","summary":"kernel: ext4: replace BUG_ON with proper error handling in ext4_read_inline_folio","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31451.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31451.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460690","reference_id":"2460690","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460690"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-31451"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jvjt-nfaf-eqeh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70327?format=json","vulnerability_id":"VCID-jwzh-6u6r-qqh7","summary":"kernel: nvmet-fc: avoid scheduling association deletion twice","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40343.json","reference_id":"","reference_type":"","scores":[{"value":"5.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40343.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2420418","reference_id":"2420418","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2420418"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-40343"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jwzh-6u6r-qqh7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70522?format=json","vulnerability_id":"VCID-jx4t-ssnu-87hc","summary":"kernel: drm/amdgpu: hide VRAM sysfs attributes on GPUs without VRAM","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40289.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40289.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2419950","reference_id":"2419950","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2419950"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2025-40289"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jx4t-ssnu-87hc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62858?format=json","vulnerability_id":"VCID-jxts-kn8c-mfab","summary":"kernel: Linux kernel: Use-after-free in bonding driver leads to denial of service","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31419.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31419.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2457829","reference_id":"2457829","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2457829"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13566","reference_id":"RHSA-2026:13566","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13566"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19521","reference_id":"RHSA-2026:19521","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19521"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21209","reference_id":"RHSA-2026:21209","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21209"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22334","reference_id":"RHSA-2026:22334","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22334"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22900","reference_id":"RHSA-2026:22900","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22900"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22940","reference_id":"RHSA-2026:22940","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22940"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:23224","reference_id":"RHSA-2026:23224","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:23224"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-31419"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jxts-kn8c-mfab"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85884?format=json","vulnerability_id":"VCID-jyvx-nysd-bkcq","summary":"kernel: PCI: imx6: Fix suspend/resume support on i.MX6QDL","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-57809.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-57809.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2337333","reference_id":"2337333","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2337333"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:6966","reference_id":"RHSA-2025:6966","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:6966"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-57809"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jyvx-nysd-bkcq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59172?format=json","vulnerability_id":"VCID-jztf-3qsy-87ca","summary":"kernel: RDMA/ocrdma: Don't NULL deref uctx on errors in ocrdma_copy_pd_uresp()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46127.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46127.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482582","reference_id":"2482582","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482582"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-46127"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jztf-3qsy-87ca"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88354?format=json","vulnerability_id":"VCID-k61a-prs6-87cu","summary":"In the Linux kernel, the following vulnerability has been resolved:  closures: Change BUG_ON() to WARN_ON()  If a BUG_ON() can be hit in the wild, it shouldn't be a BUG_ON()  For reference, this has popped up once in the CI, and we'll need more info to debug it:  03240 ------------[ cut here ]------------ 03240 kernel BUG at lib/closure.c:21! 03240 kernel BUG at lib/closure.c:21! 03240 Internal error: Oops - BUG: 00000000f2000800 [#1] SMP 03240 Modules linked in: 03240 CPU: 15 PID: 40534 Comm: kworker/u80:1 Not tainted 6.10.0-rc4-ktest-ga56da69799bd #25570 03240 Hardware name: linux,dummy-virt (DT) 03240 Workqueue: btree_update btree_interior_update_work 03240 pstate: 00001005 (nzcv daif -PAN -UAO -TCO -DIT +SSBS BTYPE=--) 03240 pc : closure_put+0x224/0x2a0 03240 lr : closure_put+0x24/0x2a0 03240 sp : ffff0000d12071c0 03240 x29: ffff0000d12071c0 x28: dfff800000000000 x27: ffff0000d1207360 03240 x26: 0000000000000040 x25: 0000000000000040 x24: 0000000000000040 03240 x23: ffff0000c1f20180 x22: 0000000000000000 x21: ffff0000c1f20168 03240 x20: 0000000040000000 x19: ffff0000c1f20140 x18: 0000000000000001 03240 x17: 0000000000003aa0 x16: 0000000000003ad0 x15: 1fffe0001c326974 03240 x14: 0000000000000a1e x13: 0000000000000000 x12: 1fffe000183e402d 03240 x11: ffff6000183e402d x10: dfff800000000000 x9 : ffff6000183e402e 03240 x8 : 0000000000000001 x7 : 00009fffe7c1bfd3 x6 : ffff0000c1f2016b 03240 x5 : ffff0000c1f20168 x4 : ffff6000183e402e x3 : ffff800081391954 03240 x2 : 0000000000000001 x1 : 0000000000000000 x0 : 00000000a8000000 03240 Call trace: 03240  closure_put+0x224/0x2a0 03240  bch2_check_for_deadlock+0x910/0x1028 03240  bch2_six_check_for_deadlock+0x1c/0x30 03240  six_lock_slowpath.isra.0+0x29c/0xed0 03240  six_lock_ip_waiter+0xa8/0xf8 03240  __bch2_btree_node_lock_write+0x14c/0x298 03240  bch2_trans_lock_write+0x6d4/0xb10 03240  __bch2_trans_commit+0x135c/0x5520 03240  btree_interior_update_work+0x1248/0x1c10 03240  process_scheduled_works+0x53c/0xd90 03240  worker_thread+0x370/0x8c8 03240  kthread+0x258/0x2e8 03240  ret_from_fork+0x10/0x20 03240 Code: aa1303e0 d63f0020 a94363f7 17ffff8c (d4210000) 03240 ---[ end trace 0000000000000000 ]--- 03240 Kernel panic - not syncing: Oops - BUG: Fatal exception 03240 SMP: stopping secondary CPUs 03241 SMP: failed to stop secondary CPUs 13,15 03241 Kernel Offset: disabled 03241 CPU features: 0x00,00000003,80000008,4240500b 03241 Memory Limit: none 03241 ---[ end Kernel panic - not syncing: Oops - BUG: Fatal exception ]--- 03246 ========= FAILED TIMEOUT copygc_torture_no_checksum in 7200s","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-42252.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-42252.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2303633","reference_id":"2303633","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2303633"},{"reference_url":"https://git.kernel.org/stable/c/339b84ab6b1d66900c27bd999271cb2ae40ce812","reference_id":"339b84ab6b1d66900c27bd999271cb2ae40ce812","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:13:12Z/"}],"url":"https://git.kernel.org/stable/c/339b84ab6b1d66900c27bd999271cb2ae40ce812"},{"reference_url":"https://git.kernel.org/stable/c/5d85f2ab79d5918a66539ebf046c099f7448db8d","reference_id":"5d85f2ab79d5918a66539ebf046c099f7448db8d","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:13:12Z/"}],"url":"https://git.kernel.org/stable/c/5d85f2ab79d5918a66539ebf046c099f7448db8d"},{"reference_url":"https://git.kernel.org/stable/c/c894a74756478bb7aec894bcc513add3d554c0cf","reference_id":"c894a74756478bb7aec894bcc513add3d554c0cf","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:13:12Z/"}],"url":"https://git.kernel.org/stable/c/c894a74756478bb7aec894bcc513add3d554c0cf"},{"reference_url":"https://git.kernel.org/stable/c/ecb4aaa658da760fb83afd79cc5fd4360aa60635","reference_id":"ecb4aaa658da760fb83afd79cc5fd4360aa60635","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:13:12Z/"}],"url":"https://git.kernel.org/stable/c/ecb4aaa658da760fb83afd79cc5fd4360aa60635"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-42252"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k61a-prs6-87cu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82870?format=json","vulnerability_id":"VCID-k822-e7be-3ua3","summary":"In the Linux kernel, the following vulnerability has been resolved:  parisc: Fix non-access data TLB cache flush faults  When a page is not present, we get non-access data TLB faults from the fdc and fic instructions in flush_user_dcache_range_asm and flush_user_icache_range_asm. When these occur, the cache line is not invalidated and potentially we get memory corruption. The problem was hidden by the nullification of the flush instructions.  These faults also affect performance. With pa8800/pa8900 processors, there will be 32 faults per 4 KB page since the cache line is 128 bytes.  There will be more faults with earlier processors.  The problem is fixed by using flush_cache_pages(). It does the flush using a tmp alias mapping.  The flush_cache_pages() call in flush_cache_range() flushed too large a range.  V2: Remove unnecessary preempt_disable() and preempt_enable() calls.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49172.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49172.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49172","reference_id":"","reference_type":"","scores":[{"value":"0.00122","scoring_system":"epss","scoring_elements":"0.30793","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49172"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2348134","reference_id":"2348134","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2348134"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-49172"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k822-e7be-3ua3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64481?format=json","vulnerability_id":"VCID-k8xd-kuyr-ufff","summary":"kernel: nfc: nci: complete pending data exchange on device close","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23330.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23330.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451276","reference_id":"2451276","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451276"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-23330"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k8xd-kuyr-ufff"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59235?format=json","vulnerability_id":"VCID-kajm-et9v-3uhz","summary":"kernel: libceph: Fix slab-out-of-bounds access in auth message processing","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46119.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46119.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482621","reference_id":"2482621","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482621"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-46119"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kajm-et9v-3uhz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83268?format=json","vulnerability_id":"VCID-kaxv-mdug-6kh9","summary":"In the Linux kernel, the following vulnerability has been resolved:  net: annotate races around sk->sk_bound_dev_if  UDP sendmsg() is lockless, and reads sk->sk_bound_dev_if while this field can be changed by another thread.  Adds minimal annotations to avoid KCSAN splats for UDP. Following patches will add more annotations to potential lockless readers.  BUG: KCSAN: data-race in __ip6_datagram_connect / udpv6_sendmsg  write to 0xffff888136d47a94 of 4 bytes by task 7681 on cpu 0:  __ip6_datagram_connect+0x6e2/0x930 net/ipv6/datagram.c:221  ip6_datagram_connect+0x2a/0x40 net/ipv6/datagram.c:272  inet_dgram_connect+0x107/0x190 net/ipv4/af_inet.c:576  __sys_connect_file net/socket.c:1900 [inline]  __sys_connect+0x197/0x1b0 net/socket.c:1917  __do_sys_connect net/socket.c:1927 [inline]  __se_sys_connect net/socket.c:1924 [inline]  __x64_sys_connect+0x3d/0x50 net/socket.c:1924  do_syscall_x64 arch/x86/entry/common.c:50 [inline]  do_syscall_64+0x2b/0x50 arch/x86/entry/common.c:80  entry_SYSCALL_64_after_hwframe+0x44/0xae  read to 0xffff888136d47a94 of 4 bytes by task 7670 on cpu 1:  udpv6_sendmsg+0xc60/0x16e0 net/ipv6/udp.c:1436  inet6_sendmsg+0x5f/0x80 net/ipv6/af_inet6.c:652  sock_sendmsg_nosec net/socket.c:705 [inline]  sock_sendmsg net/socket.c:725 [inline]  ____sys_sendmsg+0x39a/0x510 net/socket.c:2413  ___sys_sendmsg net/socket.c:2467 [inline]  __sys_sendmmsg+0x267/0x4c0 net/socket.c:2553  __do_sys_sendmmsg net/socket.c:2582 [inline]  __se_sys_sendmmsg net/socket.c:2579 [inline]  __x64_sys_sendmmsg+0x53/0x60 net/socket.c:2579  do_syscall_x64 arch/x86/entry/common.c:50 [inline]  do_syscall_64+0x2b/0x50 arch/x86/entry/common.c:80  entry_SYSCALL_64_after_hwframe+0x44/0xae  value changed: 0x00000000 -> 0xffffff9b  Reported by Kernel Concurrency Sanitizer on: CPU: 1 PID: 7670 Comm: syz-executor.3 Tainted: G        W         5.18.0-rc1-syzkaller-dirty #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011  I chose to not add Fixes: tag because race has minor consequences and stable teams busy enough.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49420.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49420.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49420","reference_id":"","reference_type":"","scores":[{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24709","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49420"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2347846","reference_id":"2347846","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2347846"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-49420"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kaxv-mdug-6kh9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79729?format=json","vulnerability_id":"VCID-kb19-r7ye-27dw","summary":"kernel: Linux kernel: Denial of Service due to sleepable page allocation in KASAN","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38029.json","reference_id":"","reference_type":"","scores":[{"value":"4.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38029.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2373378","reference_id":"2373378","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2373378"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2025-38029"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kb19-r7ye-27dw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75578?format=json","vulnerability_id":"VCID-kbdh-1fyf-v3bj","summary":"kernel: Linux kernel: Denial of Service via unchecked return value in mmc_add_host()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50267.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50267.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50267","reference_id":"","reference_type":"","scores":[{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06338","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50267"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2395224","reference_id":"2395224","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2395224"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-50267"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kbdh-1fyf-v3bj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/65143?format=json","vulnerability_id":"VCID-kbxd-r1em-zubf","summary":"kernel: Kernel: Race condition in espintcp can lead to denial of service","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23239.json","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23239.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2446109","reference_id":"2446109","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2446109"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-23239"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kbxd-r1em-zubf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86362?format=json","vulnerability_id":"VCID-kc9y-7rc5-buc6","summary":"kernel: Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56604.json","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56604.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2334495","reference_id":"2334495","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2334495"},{"reference_url":"https://git.kernel.org/stable/c/32df687e129ef0f9afcbcc914f7c32deb28fd481","reference_id":"32df687e129ef0f9afcbcc914f7c32deb28fd481","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-11T15:42:12Z/"}],"url":"https://git.kernel.org/stable/c/32df687e129ef0f9afcbcc914f7c32deb28fd481"},{"reference_url":"https://git.kernel.org/stable/c/3945c799f12b8d1f49a3b48369ca494d981ac465","reference_id":"3945c799f12b8d1f49a3b48369ca494d981ac465","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-11T15:42:12Z/"}],"url":"https://git.kernel.org/stable/c/3945c799f12b8d1f49a3b48369ca494d981ac465"},{"reference_url":"https://git.kernel.org/stable/c/6021ccc2471b7b95e29b7cfc7938e042bf56e281","reference_id":"6021ccc2471b7b95e29b7cfc7938e042bf56e281","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-11T15:42:12Z/"}],"url":"https://git.kernel.org/stable/c/6021ccc2471b7b95e29b7cfc7938e042bf56e281"},{"reference_url":"https://git.kernel.org/stable/c/ac3eaac4cf142a15fe67be747a682b1416efeb6e","reference_id":"ac3eaac4cf142a15fe67be747a682b1416efeb6e","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-11T15:42:12Z/"}],"url":"https://git.kernel.org/stable/c/ac3eaac4cf142a15fe67be747a682b1416efeb6e"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:6966","reference_id":"RHSA-2025:6966","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:6966"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-56604"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kc9y-7rc5-buc6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88042?format=json","vulnerability_id":"VCID-kcp6-8edz-93h7","summary":"kernel: drm/amd/display: Add NULL check for clk_mgr in dcn32_init_hw","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-49915.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-49915.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/0d94d9cbd9fec7344d230c4f7b781826f7799c60","reference_id":"0d94d9cbd9fec7344d230c4f7b781826f7799c60","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:41:07Z/"}],"url":"https://git.kernel.org/stable/c/0d94d9cbd9fec7344d230c4f7b781826f7799c60"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2320456","reference_id":"2320456","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2320456"},{"reference_url":"https://git.kernel.org/stable/c/7d1854c86d02cea8f8a0c0ca05f4ab14292baf3d","reference_id":"7d1854c86d02cea8f8a0c0ca05f4ab14292baf3d","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:41:07Z/"}],"url":"https://git.kernel.org/stable/c/7d1854c86d02cea8f8a0c0ca05f4ab14292baf3d"},{"reference_url":"https://git.kernel.org/stable/c/c395fd47d1565bd67671f45cca281b3acc2c31ef","reference_id":"c395fd47d1565bd67671f45cca281b3acc2c31ef","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:41:07Z/"}],"url":"https://git.kernel.org/stable/c/c395fd47d1565bd67671f45cca281b3acc2c31ef"},{"reference_url":"https://git.kernel.org/stable/c/ec1be3c527b4a5fc85bcc1b0be7cec08bf60c796","reference_id":"ec1be3c527b4a5fc85bcc1b0be7cec08bf60c796","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:41:07Z/"}],"url":"https://git.kernel.org/stable/c/ec1be3c527b4a5fc85bcc1b0be7cec08bf60c796"},{"reference_url":"https://git.kernel.org/stable/c/f0454b3cb0584a6bf275aeb49be61a760fd546a2","reference_id":"f0454b3cb0584a6bf275aeb49be61a760fd546a2","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:41:07Z/"}],"url":"https://git.kernel.org/stable/c/f0454b3cb0584a6bf275aeb49be61a760fd546a2"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-49915"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kcp6-8edz-93h7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86944?format=json","vulnerability_id":"VCID-kewc-y35f-xugc","summary":"In the Linux kernel, the following vulnerability has been resolved:  dma-direct: Leak pages on dma_set_decrypted() failure  On TDX it is possible for the untrusted host to cause set_memory_encrypted() or set_memory_decrypted() to fail such that an error is returned and the resulting memory is shared. Callers need to take care to handle these errors to avoid returning decrypted (shared) memory to the page allocator, which could lead to functional or security issues.  DMA could free decrypted/shared pages if dma_set_decrypted() fails. This should be a rare case. Just leak the pages in this case instead of freeing them.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-35939.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-35939.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2281817","reference_id":"2281817","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2281817"},{"reference_url":"https://git.kernel.org/stable/c/4031b72ca747a1e6e9ae4fa729e765b43363d66a","reference_id":"4031b72ca747a1e6e9ae4fa729e765b43363d66a","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-20T14:32:53Z/"}],"url":"https://git.kernel.org/stable/c/4031b72ca747a1e6e9ae4fa729e765b43363d66a"},{"reference_url":"https://git.kernel.org/stable/c/4e0cfb25d49da2e6261ad582f58ffa5b5dd8c8e9","reference_id":"4e0cfb25d49da2e6261ad582f58ffa5b5dd8c8e9","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-20T14:32:53Z/"}],"url":"https://git.kernel.org/stable/c/4e0cfb25d49da2e6261ad582f58ffa5b5dd8c8e9"},{"reference_url":"https://git.kernel.org/stable/c/b57326c96b7bc7638aa8c44e12afa2defe0c934c","reference_id":"b57326c96b7bc7638aa8c44e12afa2defe0c934c","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-20T14:32:53Z/"}],"url":"https://git.kernel.org/stable/c/b57326c96b7bc7638aa8c44e12afa2defe0c934c"},{"reference_url":"https://git.kernel.org/stable/c/b9fa16949d18e06bdf728a560f5c8af56d2bdcaf","reference_id":"b9fa16949d18e06bdf728a560f5c8af56d2bdcaf","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-20T14:32:53Z/"}],"url":"https://git.kernel.org/stable/c/b9fa16949d18e06bdf728a560f5c8af56d2bdcaf"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8856","reference_id":"RHSA-2024:8856","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8856"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8870","reference_id":"RHSA-2024:8870","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8870"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9315","reference_id":"RHSA-2024:9315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9315"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4342","reference_id":"RHSA-2025:4342","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4342"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-35939"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kewc-y35f-xugc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79222?format=json","vulnerability_id":"VCID-kg5h-6j7r-aqhc","summary":"kernel: Linux Kernel: Denial of Service in iwlwifi due to improper firmware error handling","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38096.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38096.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2376048","reference_id":"2376048","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2376048"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2025-38096"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kg5h-6j7r-aqhc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83275?format=json","vulnerability_id":"VCID-kg7k-a1vp-2bgz","summary":"kernel: Linux kernel: PCI/ASPM use-after-free during hot-unplug","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-58093.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-58093.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2360287","reference_id":"2360287","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2360287"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2024-58093"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kg7k-a1vp-2bgz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69163?format=json","vulnerability_id":"VCID-khtj-hjxw-jfdu","summary":"kernel: dmaengine: sf-pdma: pdma_desc memory leak fix","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-54020.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-54020.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2424988","reference_id":"2424988","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2424988"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-54020"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-khtj-hjxw-jfdu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87531?format=json","vulnerability_id":"VCID-kj1c-vqtw-4kdx","summary":"In the Linux kernel, the following vulnerability has been resolved:  drm/amdgpu/mes: fix use-after-free issue  Delete fence fallback timer to fix the ramdom use-after-free issue.  v2: move to amdgpu_mes.c","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38581.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38581.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/0f98c144c15c8fc0f3176c994bd4e727ef718a5c","reference_id":"0f98c144c15c8fc0f3176c994bd4e727ef718a5c","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-20T14:58:15Z/"}],"url":"https://git.kernel.org/stable/c/0f98c144c15c8fc0f3176c994bd4e727ef718a5c"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2293408","reference_id":"2293408","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2293408"},{"reference_url":"https://git.kernel.org/stable/c/39cfce75168c11421d70b8c0c65f6133edccb82a","reference_id":"39cfce75168c11421d70b8c0c65f6133edccb82a","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-20T14:58:15Z/"}],"url":"https://git.kernel.org/stable/c/39cfce75168c11421d70b8c0c65f6133edccb82a"},{"reference_url":"https://git.kernel.org/stable/c/70b1bf6d9edc8692d241f59a65f073aec6d501de","reference_id":"70b1bf6d9edc8692d241f59a65f073aec6d501de","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-20T14:58:15Z/"}],"url":"https://git.kernel.org/stable/c/70b1bf6d9edc8692d241f59a65f073aec6d501de"},{"reference_url":"https://git.kernel.org/stable/c/948255282074d9367e01908b3f5dcf8c10fc9c3d","reference_id":"948255282074d9367e01908b3f5dcf8c10fc9c3d","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-20T14:58:15Z/"}],"url":"https://git.kernel.org/stable/c/948255282074d9367e01908b3f5dcf8c10fc9c3d"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7000","reference_id":"RHSA-2024:7000","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7000"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7001","reference_id":"RHSA-2024:7001","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7001"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9315","reference_id":"RHSA-2024:9315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9315"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4342","reference_id":"RHSA-2025:4342","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4342"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-38581"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kj1c-vqtw-4kdx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88160?format=json","vulnerability_id":"VCID-kj9d-s2x9-17cj","summary":"kernel: scsi: lpfc: Validate hdwq pointers before dereferencing in reset/errata paths","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-49891.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-49891.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2320540","reference_id":"2320540","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2320540"},{"reference_url":"https://git.kernel.org/stable/c/232a138bd843d48cb2368f604646d990db7640f3","reference_id":"232a138bd843d48cb2368f604646d990db7640f3","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:44:17Z/"}],"url":"https://git.kernel.org/stable/c/232a138bd843d48cb2368f604646d990db7640f3"},{"reference_url":"https://git.kernel.org/stable/c/2be1d4f11944cd6283cb97268b3e17c4424945ca","reference_id":"2be1d4f11944cd6283cb97268b3e17c4424945ca","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:44:17Z/"}],"url":"https://git.kernel.org/stable/c/2be1d4f11944cd6283cb97268b3e17c4424945ca"},{"reference_url":"https://git.kernel.org/stable/c/5873aa7f814754085d418848b2089ef406a02dd0","reference_id":"5873aa7f814754085d418848b2089ef406a02dd0","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:44:17Z/"}],"url":"https://git.kernel.org/stable/c/5873aa7f814754085d418848b2089ef406a02dd0"},{"reference_url":"https://git.kernel.org/stable/c/99a801e2fca39a6f31e543fc3383058a8955896f","reference_id":"99a801e2fca39a6f31e543fc3383058a8955896f","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:44:17Z/"}],"url":"https://git.kernel.org/stable/c/99a801e2fca39a6f31e543fc3383058a8955896f"},{"reference_url":"https://git.kernel.org/stable/c/fd665c8dbdb19548965b0ae80c490de00e906366","reference_id":"fd665c8dbdb19548965b0ae80c490de00e906366","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:44:17Z/"}],"url":"https://git.kernel.org/stable/c/fd665c8dbdb19548965b0ae80c490de00e906366"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-49891"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kj9d-s2x9-17cj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87178?format=json","vulnerability_id":"VCID-kmyv-f94u-nfdd","summary":"In the Linux kernel, the following vulnerability has been resolved:  Bluetooth: qca: add missing firmware sanity checks  Add the missing sanity checks when parsing the firmware files before downloading them to avoid accessing and corrupting memory beyond the vmalloced buffer.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-36880.json","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-36880.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/02f05ed44b71152d5e11d29be28aed91c0489b4e","reference_id":"02f05ed44b71152d5e11d29be28aed91c0489b4e","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-03T16:40:42Z/"}],"url":"https://git.kernel.org/stable/c/02f05ed44b71152d5e11d29be28aed91c0489b4e"},{"reference_url":"https://git.kernel.org/stable/c/1caceadfb50432dbf6d808796cb6c34ebb6d662c","reference_id":"1caceadfb50432dbf6d808796cb6c34ebb6d662c","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-03T16:40:42Z/"}],"url":"https://git.kernel.org/stable/c/1caceadfb50432dbf6d808796cb6c34ebb6d662c"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2284280","reference_id":"2284280","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2284280"},{"reference_url":"https://git.kernel.org/stable/c/2e4edfa1e2bd821a317e7d006517dcf2f3fac68d","reference_id":"2e4edfa1e2bd821a317e7d006517dcf2f3fac68d","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-03T16:40:42Z/"}],"url":"https://git.kernel.org/stable/c/2e4edfa1e2bd821a317e7d006517dcf2f3fac68d"},{"reference_url":"https://git.kernel.org/stable/c/427281f9498ed614f9aabc80e46ec077c487da6d","reference_id":"427281f9498ed614f9aabc80e46ec077c487da6d","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-03T16:40:42Z/"}],"url":"https://git.kernel.org/stable/c/427281f9498ed614f9aabc80e46ec077c487da6d"},{"reference_url":"https://git.kernel.org/stable/c/ed53949cc92e28aaa3463d246942bda1fbb7f307","reference_id":"ed53949cc92e28aaa3463d246942bda1fbb7f307","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-03T16:40:42Z/"}],"url":"https://git.kernel.org/stable/c/ed53949cc92e28aaa3463d246942bda1fbb7f307"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:6966","reference_id":"RHSA-2025:6966","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:6966"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-36880"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kmyv-f94u-nfdd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86587?format=json","vulnerability_id":"VCID-kp1e-32zk-1kev","summary":"In the Linux kernel, the following vulnerability has been resolved:  net/mlx5e: Prevent deadlock while disabling aRFS  When disabling aRFS under the `priv->state_lock`, any scheduled aRFS works are canceled using the `cancel_work_sync` function, which waits for the work to end if it has already started. However, while waiting for the work handler, the handler will try to acquire the `state_lock` which is already acquired.  The worker acquires the lock to delete the rules if the state is down, which is not the worker's responsibility since disabling aRFS deletes the rules.  Add an aRFS state variable, which indicates whether the aRFS is enabled and prevent adding rules when the aRFS is disabled.  Kernel log:  ====================================================== WARNING: possible circular locking dependency detected 6.7.0-rc4_net_next_mlx5_5483eb2 #1 Tainted: G          I ------------------------------------------------------ ethtool/386089 is trying to acquire lock: ffff88810f21ce68 ((work_completion)(&rule->arfs_work)){+.+.}-{0:0}, at: __flush_work+0x74/0x4e0  but task is already holding lock: ffff8884a1808cc0 (&priv->state_lock){+.+.}-{3:3}, at: mlx5e_ethtool_set_channels+0x53/0x200 [mlx5_core]  which lock already depends on the new lock.  the existing dependency chain (in reverse order) is:  -> #1 (&priv->state_lock){+.+.}-{3:3}:        __mutex_lock+0x80/0xc90        arfs_handle_work+0x4b/0x3b0 [mlx5_core]        process_one_work+0x1dc/0x4a0        worker_thread+0x1bf/0x3c0        kthread+0xd7/0x100        ret_from_fork+0x2d/0x50        ret_from_fork_asm+0x11/0x20  -> #0 ((work_completion)(&rule->arfs_work)){+.+.}-{0:0}:        __lock_acquire+0x17b4/0x2c80        lock_acquire+0xd0/0x2b0        __flush_work+0x7a/0x4e0        __cancel_work_timer+0x131/0x1c0        arfs_del_rules+0x143/0x1e0 [mlx5_core]        mlx5e_arfs_disable+0x1b/0x30 [mlx5_core]        mlx5e_ethtool_set_channels+0xcb/0x200 [mlx5_core]        ethnl_set_channels+0x28f/0x3b0        ethnl_default_set_doit+0xec/0x240        genl_family_rcv_msg_doit+0xd0/0x120        genl_rcv_msg+0x188/0x2c0        netlink_rcv_skb+0x54/0x100        genl_rcv+0x24/0x40        netlink_unicast+0x1a1/0x270        netlink_sendmsg+0x214/0x460        __sock_sendmsg+0x38/0x60        __sys_sendto+0x113/0x170        __x64_sys_sendto+0x20/0x30        do_syscall_64+0x40/0xe0        entry_SYSCALL_64_after_hwframe+0x46/0x4e  other info that might help us debug this:   Possible unsafe locking scenario:         CPU0                    CPU1        ----                    ----   lock(&priv->state_lock);                                lock((work_completion)(&rule->arfs_work));                                lock(&priv->state_lock);   lock((work_completion)(&rule->arfs_work));   *** DEADLOCK ***  3 locks held by ethtool/386089:  #0: ffffffff82ea7210 (cb_lock){++++}-{3:3}, at: genl_rcv+0x15/0x40  #1: ffffffff82e94c88 (rtnl_mutex){+.+.}-{3:3}, at: ethnl_default_set_doit+0xd3/0x240  #2: ffff8884a1808cc0 (&priv->state_lock){+.+.}-{3:3}, at: mlx5e_ethtool_set_channels+0x53/0x200 [mlx5_core]  stack backtrace: CPU: 15 PID: 386089 Comm: ethtool Tainted: G          I        6.7.0-rc4_net_next_mlx5_5483eb2 #1 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014 Call Trace:  <TASK>  dump_stack_lvl+0x60/0xa0  check_noncircular+0x144/0x160  __lock_acquire+0x17b4/0x2c80  lock_acquire+0xd0/0x2b0  ? __flush_work+0x74/0x4e0  ? save_trace+0x3e/0x360  ? __flush_work+0x74/0x4e0  __flush_work+0x7a/0x4e0  ? __flush_work+0x74/0x4e0  ? __lock_acquire+0xa78/0x2c80  ? lock_acquire+0xd0/0x2b0  ? mark_held_locks+0x49/0x70  __cancel_work_timer+0x131/0x1c0  ? mark_held_locks+0x49/0x70  arfs_del_rules+0x143/0x1e0 [mlx5_core]  mlx5e_arfs_disable+0x1b/0x30 [mlx5_core]  mlx5e_ethtool_set_channels+0xcb/0x200 [mlx5_core]  ethnl_set_channels+0x28f/0x3b0  ethnl_default_set_doit+0xec/0x240  genl_family_rcv_msg_doit+0xd0/0x120  genl_rcv_msg+0x188/0x2c0  ? ethn ---truncated---","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27014.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27014.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/0080bf99499468030248ebd25dd645e487dcecdc","reference_id":"0080bf99499468030248ebd25dd645e487dcecdc","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-17T17:40:27Z/"}],"url":"https://git.kernel.org/stable/c/0080bf99499468030248ebd25dd645e487dcecdc"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2278268","reference_id":"2278268","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2278268"},{"reference_url":"https://git.kernel.org/stable/c/46efa4d5930cf3c2af8c01f75e0a47e4fc045e3b","reference_id":"46efa4d5930cf3c2af8c01f75e0a47e4fc045e3b","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-17T17:40:27Z/"}],"url":"https://git.kernel.org/stable/c/46efa4d5930cf3c2af8c01f75e0a47e4fc045e3b"},{"reference_url":"https://git.kernel.org/stable/c/48c4bb81df19402d4346032353d0795260255e3b","reference_id":"48c4bb81df19402d4346032353d0795260255e3b","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-17T17:40:27Z/"}],"url":"https://git.kernel.org/stable/c/48c4bb81df19402d4346032353d0795260255e3b"},{"reference_url":"https://git.kernel.org/stable/c/fef965764cf562f28afb997b626fc7c3cec99693","reference_id":"fef965764cf562f28afb997b626fc7c3cec99693","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-17T17:40:27Z/"}],"url":"https://git.kernel.org/stable/c/fef965764cf562f28afb997b626fc7c3cec99693"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3618","reference_id":"RHSA-2024:3618","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3618"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3627","reference_id":"RHSA-2024:3627","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3627"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9315","reference_id":"RHSA-2024:9315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9315"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3021","reference_id":"RHSA-2025:3021","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3021"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-27014"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kp1e-32zk-1kev"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88108?format=json","vulnerability_id":"VCID-kp39-xewx-vuf1","summary":"kernel: drm/amd/display: Add NULL check for function pointer in dcn20_set_output_transfer_func","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-49911.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-49911.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/02411e9359297512946705b1cd8cf5e6b0806fa0","reference_id":"02411e9359297512946705b1cd8cf5e6b0806fa0","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:41:37Z/"}],"url":"https://git.kernel.org/stable/c/02411e9359297512946705b1cd8cf5e6b0806fa0"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2320504","reference_id":"2320504","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2320504"},{"reference_url":"https://git.kernel.org/stable/c/62ed6f0f198da04e884062264df308277628004f","reference_id":"62ed6f0f198da04e884062264df308277628004f","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:41:37Z/"}],"url":"https://git.kernel.org/stable/c/62ed6f0f198da04e884062264df308277628004f"},{"reference_url":"https://git.kernel.org/stable/c/827380b114f83c30b3e56d1a675980b6d65f7c88","reference_id":"827380b114f83c30b3e56d1a675980b6d65f7c88","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:41:37Z/"}],"url":"https://git.kernel.org/stable/c/827380b114f83c30b3e56d1a675980b6d65f7c88"},{"reference_url":"https://git.kernel.org/stable/c/8c854138b593efbbd8fa46a25f3288c121c1d1a1","reference_id":"8c854138b593efbbd8fa46a25f3288c121c1d1a1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:41:37Z/"}],"url":"https://git.kernel.org/stable/c/8c854138b593efbbd8fa46a25f3288c121c1d1a1"},{"reference_url":"https://git.kernel.org/stable/c/e8a24767899c86f4c5f1e4d3b2608942d054900f","reference_id":"e8a24767899c86f4c5f1e4d3b2608942d054900f","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:41:37Z/"}],"url":"https://git.kernel.org/stable/c/e8a24767899c86f4c5f1e4d3b2608942d054900f"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-49911"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kp39-xewx-vuf1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81540?format=json","vulnerability_id":"VCID-kr31-kvjj-r3h3","summary":"kernel: xsk: Fix race condition in AF_XDP generic RX path","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-37920.json","reference_id":"","reference_type":"","scores":[{"value":"4.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-37920.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2367524","reference_id":"2367524","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2367524"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-37920"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kr31-kvjj-r3h3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/68004?format=json","vulnerability_id":"VCID-ks8n-b3r7-dkf2","summary":"kernel: net: marvell: prestera: fix NULL dereference on devlink_alloc() failure","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23019.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23019.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2435666","reference_id":"2435666","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2435666"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2026-23019"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ks8n-b3r7-dkf2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87198?format=json","vulnerability_id":"VCID-kspf-2bhp-nbcu","summary":"In the Linux kernel, the following vulnerability has been resolved:  drm/amd/display: Atom Integrated System Info v2_2 for DCN35  New request from KMD/VBIOS in order to support new UMA carveout model. This fixes a null dereference from accessing Ctx->dc_bios->integrated_info while it was NULL.  DAL parses through the BIOS and extracts the necessary integrated_info but was missing a case for the new BIOS version 2.3.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-36897.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-36897.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/02f5300f6827206f6e48a77f51e6264993695e5c","reference_id":"02f5300f6827206f6e48a77f51e6264993695e5c","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-17T14:04:54Z/"}],"url":"https://git.kernel.org/stable/c/02f5300f6827206f6e48a77f51e6264993695e5c"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2284553","reference_id":"2284553","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2284553"},{"reference_url":"https://git.kernel.org/stable/c/3c7013a87124bab54216d9b99f77e8b6de6fbc1a","reference_id":"3c7013a87124bab54216d9b99f77e8b6de6fbc1a","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-17T14:04:54Z/"}],"url":"https://git.kernel.org/stable/c/3c7013a87124bab54216d9b99f77e8b6de6fbc1a"},{"reference_url":"https://git.kernel.org/stable/c/7e3030774431eb093165a31baff040d35446fb8b","reference_id":"7e3030774431eb093165a31baff040d35446fb8b","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-17T14:04:54Z/"}],"url":"https://git.kernel.org/stable/c/7e3030774431eb093165a31baff040d35446fb8b"},{"reference_url":"https://git.kernel.org/stable/c/9a35d205f466501dcfe5625ca313d944d0ac2d60","reference_id":"9a35d205f466501dcfe5625ca313d944d0ac2d60","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-17T14:04:54Z/"}],"url":"https://git.kernel.org/stable/c/9a35d205f466501dcfe5625ca313d944d0ac2d60"},{"reference_url":"https://git.kernel.org/stable/c/c2797ec16d9072327e7578d09ee05bcab52fffd0","reference_id":"c2797ec16d9072327e7578d09ee05bcab52fffd0","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-17T14:04:54Z/"}],"url":"https://git.kernel.org/stable/c/c2797ec16d9072327e7578d09ee05bcab52fffd0"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-36897"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kspf-2bhp-nbcu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87969?format=json","vulnerability_id":"VCID-kt66-s1jt-2ucz","summary":"kernel: f2fs: get rid of online repaire on corrupted directory","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47690.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47690.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2320253","reference_id":"2320253","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2320253"},{"reference_url":"https://git.kernel.org/stable/c/884ee6dc85b959bc152f15bca80c30f06069e6c4","reference_id":"884ee6dc85b959bc152f15bca80c30f06069e6c4","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T13:06:03Z/"}],"url":"https://git.kernel.org/stable/c/884ee6dc85b959bc152f15bca80c30f06069e6c4"},{"reference_url":"https://git.kernel.org/stable/c/8be95cd607478d85fa4626e86f811e785905bcbf","reference_id":"8be95cd607478d85fa4626e86f811e785905bcbf","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T13:06:03Z/"}],"url":"https://git.kernel.org/stable/c/8be95cd607478d85fa4626e86f811e785905bcbf"},{"reference_url":"https://git.kernel.org/stable/c/bcefd0b0611f35b560d0a7281d87529fbe7a1e32","reference_id":"bcefd0b0611f35b560d0a7281d87529fbe7a1e32","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T13:06:03Z/"}],"url":"https://git.kernel.org/stable/c/bcefd0b0611f35b560d0a7281d87529fbe7a1e32"},{"reference_url":"https://git.kernel.org/stable/c/e8d64f598eeb079c42a52deaa3a91312c736a49d","reference_id":"e8d64f598eeb079c42a52deaa3a91312c736a49d","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T13:06:03Z/"}],"url":"https://git.kernel.org/stable/c/e8d64f598eeb079c42a52deaa3a91312c736a49d"},{"reference_url":"https://git.kernel.org/stable/c/f4746f2d79507f65cfbde11d3c39ee8338aa50af","reference_id":"f4746f2d79507f65cfbde11d3c39ee8338aa50af","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T13:06:03Z/"}],"url":"https://git.kernel.org/stable/c/f4746f2d79507f65cfbde11d3c39ee8338aa50af"},{"reference_url":"https://git.kernel.org/stable/c/f9ce2f550d53d044ecfb5ce996406cf42cd6b84d","reference_id":"f9ce2f550d53d044ecfb5ce996406cf42cd6b84d","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T13:06:03Z/"}],"url":"https://git.kernel.org/stable/c/f9ce2f550d53d044ecfb5ce996406cf42cd6b84d"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-47690"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kt66-s1jt-2ucz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69146?format=json","vulnerability_id":"VCID-ktfn-1dcd-u3cx","summary":"kernel: btrfs: fix race between balance and cancel/pause","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-54023.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-54023.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2424976","reference_id":"2424976","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2424976"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-54023"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ktfn-1dcd-u3cx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74855?format=json","vulnerability_id":"VCID-kx41-5jh2-27gh","summary":"kernel: USB: dwc3: fix memory leak with using debugfs_lookup()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53415.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53415.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2396466","reference_id":"2396466","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2396466"},{"reference_url":"https://git.kernel.org/stable/c/bab872b638130a18fd54d9adfad7db77ed6457be","reference_id":"bab872b638130a18fd54d9adfad7db77ed6457be","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T19:05:29Z/"}],"url":"https://git.kernel.org/stable/c/bab872b638130a18fd54d9adfad7db77ed6457be"},{"reference_url":"https://git.kernel.org/stable/c/be308d68785b205e483b3a0c61ba3a82da468f2c","reference_id":"be308d68785b205e483b3a0c61ba3a82da468f2c","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T19:05:29Z/"}],"url":"https://git.kernel.org/stable/c/be308d68785b205e483b3a0c61ba3a82da468f2c"},{"reference_url":"https://git.kernel.org/stable/c/ce234af49d103d95e3fdca59b25e0d0242f41bb4","reference_id":"ce234af49d103d95e3fdca59b25e0d0242f41bb4","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T19:05:29Z/"}],"url":"https://git.kernel.org/stable/c/ce234af49d103d95e3fdca59b25e0d0242f41bb4"},{"reference_url":"https://git.kernel.org/stable/c/cf52c320cf74245ce1c12b0bd48f77b87d77fbc9","reference_id":"cf52c320cf74245ce1c12b0bd48f77b87d77fbc9","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T19:05:29Z/"}],"url":"https://git.kernel.org/stable/c/cf52c320cf74245ce1c12b0bd48f77b87d77fbc9"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2394","reference_id":"RHSA-2024:2394","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2394"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-53415"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kx41-5jh2-27gh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75878?format=json","vulnerability_id":"VCID-kx4s-3jf8-gkfm","summary":"kernel: orangefs: Fix kmemleak in orangefs_sysfs_init()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50316.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50316.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50316","reference_id":"","reference_type":"","scores":[{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06275","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50316"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2395411","reference_id":"2395411","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2395411"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-50316"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kx4s-3jf8-gkfm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59234?format=json","vulnerability_id":"VCID-ky7g-3phc-vbg8","summary":"kernel: KVM: arm64: Fix pin leak and publication ordering in __pkvm_init_vcpu()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46147.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46147.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482620","reference_id":"2482620","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482620"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2026-46147"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ky7g-3phc-vbg8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86493?format=json","vulnerability_id":"VCID-kyqq-4eb6-mqbq","summary":"In the Linux kernel, the following vulnerability has been resolved:  ARM: 9359/1: flush: check if the folio is reserved for no-mapping addresses  Since commit a4d5613c4dc6 (\"arm: extend pfn_valid to take into account freed memory map alignment\") changes the semantics of pfn_valid() to check presence of the memory map for a PFN. A valid page for an address which is reserved but not mapped by the kernel[1], the system crashed during some uio test with the following memory layout:   node   0: [mem 0x00000000c0a00000-0x00000000cc8fffff]  node   0: [mem 0x00000000d0000000-0x00000000da1fffff]  the uio layout is：0xc0900000, 0x100000  the crash backtrace like:    Unable to handle kernel paging request at virtual address bff00000   [...]   CPU: 1 PID: 465 Comm: startapp.bin Tainted: G           O      5.10.0 #1   Hardware name: Generic DT based system   PC is at b15_flush_kern_dcache_area+0x24/0x3c   LR is at __sync_icache_dcache+0x6c/0x98   [...]    (b15_flush_kern_dcache_area) from (__sync_icache_dcache+0x6c/0x98)    (__sync_icache_dcache) from (set_pte_at+0x28/0x54)    (set_pte_at) from (remap_pfn_range+0x1a0/0x274)    (remap_pfn_range) from (uio_mmap+0x184/0x1b8 [uio])    (uio_mmap [uio]) from (__mmap_region+0x264/0x5f4)    (__mmap_region) from (__do_mmap_mm+0x3ec/0x440)    (__do_mmap_mm) from (do_mmap+0x50/0x58)    (do_mmap) from (vm_mmap_pgoff+0xfc/0x188)    (vm_mmap_pgoff) from (ksys_mmap_pgoff+0xac/0xc4)    (ksys_mmap_pgoff) from (ret_fast_syscall+0x0/0x5c)   Code: e0801001 e2423001 e1c00003 f57ff04f (ee070f3e)   ---[ end trace 09cf0734c3805d52 ]---   Kernel panic - not syncing: Fatal exception  So check if PG_reserved was set to solve this issue.  [1]: https://lore.kernel.org/lkml/Zbtdue57RO0QScJM@linux.ibm.com/","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26947.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26947.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/0c027c2bad7f5111c51a358b5d392e1a695dabff","reference_id":"0c027c2bad7f5111c51a358b5d392e1a695dabff","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-17T17:40:49Z/"}],"url":"https://git.kernel.org/stable/c/0c027c2bad7f5111c51a358b5d392e1a695dabff"},{"reference_url":"https://git.kernel.org/stable/c/0c66c6f4e21cb22220cbd8821c5c73fc157d20dc","reference_id":"0c66c6f4e21cb22220cbd8821c5c73fc157d20dc","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-17T17:40:49Z/"}],"url":"https://git.kernel.org/stable/c/0c66c6f4e21cb22220cbd8821c5c73fc157d20dc"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2278167","reference_id":"2278167","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2278167"},{"reference_url":"https://git.kernel.org/stable/c/9f7ddc222cae8254e93d5c169a8ae11a49d912a7","reference_id":"9f7ddc222cae8254e93d5c169a8ae11a49d912a7","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-17T17:40:49Z/"}],"url":"https://git.kernel.org/stable/c/9f7ddc222cae8254e93d5c169a8ae11a49d912a7"},{"reference_url":"https://git.kernel.org/stable/c/fb3a122a978626b33de3367ee1762da934c0f512","reference_id":"fb3a122a978626b33de3367ee1762da934c0f512","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-17T17:40:49Z/"}],"url":"https://git.kernel.org/stable/c/fb3a122a978626b33de3367ee1762da934c0f512"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5066","reference_id":"RHSA-2024:5066","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5066"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5067","reference_id":"RHSA-2024:5067","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5067"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6997","reference_id":"RHSA-2024:6997","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6997"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-26947"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kyqq-4eb6-mqbq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85975?format=json","vulnerability_id":"VCID-kz5y-5edk-3ya1","summary":"In the Linux kernel, the following vulnerability has been resolved:  md: Don't ignore suspended array in md_check_recovery()  mddev_suspend() never stop sync_thread, hence it doesn't make sense to ignore suspended array in md_check_recovery(), which might cause sync_thread can't be unregistered.  After commit f52f5c71f3d4 (\"md: fix stopping sync thread\"), following hang can be triggered by test shell/integrity-caching.sh:  1) suspend the array: raid_postsuspend  mddev_suspend  2) stop the array: raid_dtr  md_stop   __md_stop_writes    stop_sync_thread     set_bit(MD_RECOVERY_INTR, &mddev->recovery);     md_wakeup_thread_directly(mddev->sync_thread);     wait_event(..., !test_bit(MD_RECOVERY_RUNNING, &mddev->recovery))  3) sync thread done: md_do_sync  set_bit(MD_RECOVERY_DONE, &mddev->recovery);  md_wakeup_thread(mddev->thread);  4) daemon thread can't unregister sync thread: md_check_recovery  if (mddev->suspended)    return; -> return directly  md_read_sync_thread  clear_bit(MD_RECOVERY_RUNNING, &mddev->recovery);  -> MD_RECOVERY_RUNNING can't be cleared, hence step 2 hang;  This problem is not just related to dm-raid, fix it by ignoring suspended array in md_check_recovery(). And follow up patches will improve dm-raid better to frozen sync thread during suspend.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26758.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26758.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/1baae052cccd08daf9a9d64c3f959d8cdb689757","reference_id":"1baae052cccd08daf9a9d64c3f959d8cdb689757","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-04T15:44:46Z/"}],"url":"https://git.kernel.org/stable/c/1baae052cccd08daf9a9d64c3f959d8cdb689757"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2273206","reference_id":"2273206","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2273206"},{"reference_url":"https://git.kernel.org/stable/c/a55f0d6179a19c6b982e2dc344d58c98647a3be0","reference_id":"a55f0d6179a19c6b982e2dc344d58c98647a3be0","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-04T15:44:46Z/"}],"url":"https://git.kernel.org/stable/c/a55f0d6179a19c6b982e2dc344d58c98647a3be0"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9315","reference_id":"RHSA-2024:9315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9315"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-26758"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kz5y-5edk-3ya1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88919?format=json","vulnerability_id":"VCID-kzpc-hk41-mqcp","summary":"In the Linux kernel, the following vulnerability has been resolved:  drm/amd/display: Run DC_LOG_DC after checking link->link_enc  [WHAT] The DC_LOG_DC should be run after link->link_enc is checked, not before.  This fixes 1 REVERSE_INULL issue reported by Coverity.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-46776.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-46776.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2313124","reference_id":"2313124","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2313124"},{"reference_url":"https://git.kernel.org/stable/c/3a82f62b0d9d7687eac47603bb6cd14a50fa718b","reference_id":"3a82f62b0d9d7687eac47603bb6cd14a50fa718b","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:39:20Z/"}],"url":"https://git.kernel.org/stable/c/3a82f62b0d9d7687eac47603bb6cd14a50fa718b"},{"reference_url":"https://git.kernel.org/stable/c/874e3bb302f97b94ac548959ec4f925b8e7b45e2","reference_id":"874e3bb302f97b94ac548959ec4f925b8e7b45e2","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:39:20Z/"}],"url":"https://git.kernel.org/stable/c/874e3bb302f97b94ac548959ec4f925b8e7b45e2"},{"reference_url":"https://git.kernel.org/stable/c/adc74d25cdbba978afbb57caec23bbcd0329f7b8","reference_id":"adc74d25cdbba978afbb57caec23bbcd0329f7b8","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:39:20Z/"}],"url":"https://git.kernel.org/stable/c/adc74d25cdbba978afbb57caec23bbcd0329f7b8"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-46776"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kzpc-hk41-mqcp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88013?format=json","vulnerability_id":"VCID-m21w-83w1-eqdc","summary":"kernel: drm/amd/display: Check null pointer before try to access it","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-49906.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-49906.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/1b686053c06ffb9f4524b288110cf2a831ff7a25","reference_id":"1b686053c06ffb9f4524b288110cf2a831ff7a25","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:42:14Z/"}],"url":"https://git.kernel.org/stable/c/1b686053c06ffb9f4524b288110cf2a831ff7a25"},{"reference_url":"https://git.kernel.org/stable/c/2002ccb93004e76a471b180560accb2c1f850f35","reference_id":"2002ccb93004e76a471b180560accb2c1f850f35","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:42:14Z/"}],"url":"https://git.kernel.org/stable/c/2002ccb93004e76a471b180560accb2c1f850f35"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2320434","reference_id":"2320434","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2320434"},{"reference_url":"https://git.kernel.org/stable/c/ebef6616219ff04abdeb39450625f85419787ee3","reference_id":"ebef6616219ff04abdeb39450625f85419787ee3","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:42:14Z/"}],"url":"https://git.kernel.org/stable/c/ebef6616219ff04abdeb39450625f85419787ee3"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-49906"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m21w-83w1-eqdc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60259?format=json","vulnerability_id":"VCID-m57w-kwzy-9qg6","summary":"kernel: KVM: SVM: Set/clear CR8 write interception when AVIC is (de)activated","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43483.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43483.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2477073","reference_id":"2477073","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2477073"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2026-43483"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m57w-kwzy-9qg6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79188?format=json","vulnerability_id":"VCID-m6a5-nxvq-qfe4","summary":"kernel: Linux kernel: Use-after-free vulnerability in page_pool_recycle_in_ring can lead to arbitrary code execution","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38129.json","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38129.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2376034","reference_id":"2376034","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2376034"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3066","reference_id":"RHSA-2026:3066","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3066"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3083","reference_id":"RHSA-2026:3083","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3083"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3110","reference_id":"RHSA-2026:3110","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3110"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4011","reference_id":"RHSA-2026:4011","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4011"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4111","reference_id":"RHSA-2026:4111","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4111"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4242","reference_id":"RHSA-2026:4242","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4242"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4243","reference_id":"RHSA-2026:4243","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4243"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4244","reference_id":"RHSA-2026:4244","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4244"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4245","reference_id":"RHSA-2026:4245","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4245"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4246","reference_id":"RHSA-2026:4246","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4246"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4444","reference_id":"RHSA-2026:4444","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4444"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5690","reference_id":"RHSA-2026:5690","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5690"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5813","reference_id":"RHSA-2026:5813","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5813"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5821","reference_id":"RHSA-2026:5821","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5821"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-38129"],"risk_score":3.3,"exploitability":"0.5","weighted_severity":"6.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m6a5-nxvq-qfe4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87544?format=json","vulnerability_id":"VCID-m6dq-1utf-cugr","summary":"In the Linux kernel, the following vulnerability has been resolved:  net: stmmac: move the EST lock to struct stmmac_priv  Reinitialize the whole EST structure would also reset the mutex lock which is embedded in the EST structure, and then trigger the following warning. To address this, move the lock to struct stmmac_priv. We also need to reacquire the mutex lock when doing this initialization.  DEBUG_LOCKS_WARN_ON(lock->magic != lock) WARNING: CPU: 3 PID: 505 at kernel/locking/mutex.c:587 __mutex_lock+0xd84/0x1068  Modules linked in:  CPU: 3 PID: 505 Comm: tc Not tainted 6.9.0-rc6-00053-g0106679839f7-dirty #29  Hardware name: NXP i.MX8MPlus EVK board (DT)  pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)  pc : __mutex_lock+0xd84/0x1068  lr : __mutex_lock+0xd84/0x1068  sp : ffffffc0864e3570  x29: ffffffc0864e3570 x28: ffffffc0817bdc78 x27: 0000000000000003  x26: ffffff80c54f1808 x25: ffffff80c9164080 x24: ffffffc080d723ac  x23: 0000000000000000 x22: 0000000000000002 x21: 0000000000000000  x20: 0000000000000000 x19: ffffffc083bc3000 x18: ffffffffffffffff  x17: ffffffc08117b080 x16: 0000000000000002 x15: ffffff80d2d40000  x14: 00000000000002da x13: ffffff80d2d404b8 x12: ffffffc082b5a5c8  x11: ffffffc082bca680 x10: ffffffc082bb2640 x9 : ffffffc082bb2698  x8 : 0000000000017fe8 x7 : c0000000ffffefff x6 : 0000000000000001  x5 : ffffff8178fe0d48 x4 : 0000000000000000 x3 : 0000000000000027  x2 : ffffff8178fe0d50 x1 : 0000000000000000 x0 : 0000000000000000  Call trace:   __mutex_lock+0xd84/0x1068   mutex_lock_nested+0x28/0x34   tc_setup_taprio+0x118/0x68c   stmmac_setup_tc+0x50/0xf0   taprio_change+0x868/0xc9c","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38594.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38594.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2293376","reference_id":"2293376","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2293376"},{"reference_url":"https://git.kernel.org/stable/c/36ac9e7f2e5786bd37c5cd91132e1f39c29b8197","reference_id":"36ac9e7f2e5786bd37c5cd91132e1f39c29b8197","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:13:43Z/"}],"url":"https://git.kernel.org/stable/c/36ac9e7f2e5786bd37c5cd91132e1f39c29b8197"},{"reference_url":"https://git.kernel.org/stable/c/487f9030b1ef34bab123f2df2a4ccbe01ba84416","reference_id":"487f9030b1ef34bab123f2df2a4ccbe01ba84416","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:13:43Z/"}],"url":"https://git.kernel.org/stable/c/487f9030b1ef34bab123f2df2a4ccbe01ba84416"},{"reference_url":"https://git.kernel.org/stable/c/6f476aff2d8da1a189621c4c16a76a6c534e4312","reference_id":"6f476aff2d8da1a189621c4c16a76a6c534e4312","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:13:43Z/"}],"url":"https://git.kernel.org/stable/c/6f476aff2d8da1a189621c4c16a76a6c534e4312"},{"reference_url":"https://git.kernel.org/stable/c/b538fefeb1026aad9dcdcbb410c42b56dff8aae9","reference_id":"b538fefeb1026aad9dcdcbb410c42b56dff8aae9","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:13:43Z/"}],"url":"https://git.kernel.org/stable/c/b538fefeb1026aad9dcdcbb410c42b56dff8aae9"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-38594"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m6dq-1utf-cugr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61974?format=json","vulnerability_id":"VCID-m9cq-ejf2-mqef","summary":"kernel: net: usb: cdc-phonet: fix skb frags[] overflow in rx_complete()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31623.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31623.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461478","reference_id":"2461478","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461478"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-31623"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m9cq-ejf2-mqef"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74147?format=json","vulnerability_id":"VCID-mb8k-3u86-u3fk","summary":"kernel: netdevsim: fix memory leak in nsim_drv_probe() when nsim_dev_resources_register() failed","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50500.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50500.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50500","reference_id":"","reference_type":"","scores":[{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05639","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50500"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2401526","reference_id":"2401526","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2401526"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-50500"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mb8k-3u86-u3fk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62031?format=json","vulnerability_id":"VCID-mbcp-qzxd-w3e3","summary":"kernel: batman-adv: hold claim backbone gateways by reference","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31657.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31657.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461519","reference_id":"2461519","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461519"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2026-31657"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mbcp-qzxd-w3e3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/58963?format=json","vulnerability_id":"VCID-mcmh-yshq-v7f2","summary":"kernel: drm/amd/display: Fix dc_link NULL handling in HPD init","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46245.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46245.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2484444","reference_id":"2484444","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2484444"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2026-46245"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mcmh-yshq-v7f2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64391?format=json","vulnerability_id":"VCID-mdmt-exws-27hm","summary":"kernel: net: annotate data-races around sk->sk_{data_ready,write_space}","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23302.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23302.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451200","reference_id":"2451200","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451200"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-23302"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mdmt-exws-27hm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/68132?format=json","vulnerability_id":"VCID-memc-2s8z-83bu","summary":"kernel: netfilter: nf_tables: avoid chain re-validation if possible","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-71160.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-71160.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2432392","reference_id":"2432392","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2432392"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2025-71160"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-memc-2s8z-83bu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83236?format=json","vulnerability_id":"VCID-mfas-25np-hqaf","summary":"kernel: net: decrease cached dst counters in dst_release","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-22057.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-22057.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2360270","reference_id":"2360270","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2360270"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2025-22057"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mfas-25np-hqaf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59532?format=json","vulnerability_id":"VCID-mfyw-c943-y3fa","summary":"kernel: ext2: reject inodes with zero i_nlink and valid mode in ext2_iget()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46002.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46002.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482081","reference_id":"2482081","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482081"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-46002"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mfyw-c943-y3fa"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61987?format=json","vulnerability_id":"VCID-mfzm-sbhd-dkb1","summary":"kernel: media: em28xx: fix use-after-free in em28xx_v4l2_open()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31583.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31583.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461487","reference_id":"2461487","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461487"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-31583"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mfzm-sbhd-dkb1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75645?format=json","vulnerability_id":"VCID-mh2k-qcum-5yd7","summary":"kernel: iommu/mediatek: Fix crash on isr after kexec()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50236.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50236.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50236","reference_id":"","reference_type":"","scores":[{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01348","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50236"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2395262","reference_id":"2395262","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2395262"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-50236"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mh2k-qcum-5yd7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84650?format=json","vulnerability_id":"VCID-mh37-hrvc-pbeb","summary":"In the Linux kernel, the following vulnerability has been resolved:  f2fs: fix to wait on block writeback for post_read case  If inode is compressed, but not encrypted, it missed to call f2fs_wait_on_block_writeback() to wait for GCed page writeback in IPU write path.  Thread A\t\t\t\tGC-Thread \t\t\t\t\t- f2fs_gc \t\t\t\t\t - do_garbage_collect \t\t\t\t\t  - gc_data_segment \t\t\t\t\t   - move_data_block \t\t\t\t\t    - f2fs_submit_page_write \t\t\t\t\t     migrate normal cluster's block via \t\t\t\t\t     meta_inode's page cache - f2fs_write_single_data_page  - f2fs_do_write_data_page   - f2fs_inplace_write_data    - f2fs_submit_page_bio  IRQ - f2fs_read_end_io \t\t\t\t\tIRQ \t\t\t\t\told data overrides new data due to \t\t\t\t\tout-of-order GC and common IO. \t\t\t\t\t- f2fs_read_end_io","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52682.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52682.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2281319","reference_id":"2281319","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2281319"},{"reference_url":"https://git.kernel.org/stable/c/2bfe8fdb674f71747553a65f2ef27e14c8880655","reference_id":"2bfe8fdb674f71747553a65f2ef27e14c8880655","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-23T19:39:15Z/"}],"url":"https://git.kernel.org/stable/c/2bfe8fdb674f71747553a65f2ef27e14c8880655"},{"reference_url":"https://git.kernel.org/stable/c/4535be48780431753505e74e1b1ad4836a189bc2","reference_id":"4535be48780431753505e74e1b1ad4836a189bc2","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-23T19:39:15Z/"}],"url":"https://git.kernel.org/stable/c/4535be48780431753505e74e1b1ad4836a189bc2"},{"reference_url":"https://git.kernel.org/stable/c/55fdc1c24a1d6229fe0ecf31335fb9a2eceaaa00","reference_id":"55fdc1c24a1d6229fe0ecf31335fb9a2eceaaa00","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-23T19:39:15Z/"}],"url":"https://git.kernel.org/stable/c/55fdc1c24a1d6229fe0ecf31335fb9a2eceaaa00"},{"reference_url":"https://git.kernel.org/stable/c/9bfd5ea71521d0e522ba581c6ccc5db93759c0c3","reference_id":"9bfd5ea71521d0e522ba581c6ccc5db93759c0c3","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-23T19:39:15Z/"}],"url":"https://git.kernel.org/stable/c/9bfd5ea71521d0e522ba581c6ccc5db93759c0c3"},{"reference_url":"https://git.kernel.org/stable/c/f904c156d8011d8291ffd5b6b398f3747e294986","reference_id":"f904c156d8011d8291ffd5b6b398f3747e294986","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-23T19:39:15Z/"}],"url":"https://git.kernel.org/stable/c/f904c156d8011d8291ffd5b6b398f3747e294986"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-52682"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mh37-hrvc-pbeb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87084?format=json","vulnerability_id":"VCID-mjsn-nrsu-mycw","summary":"kernel: filemap: Fix bounds checking in filemap_read()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-50272.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-50272.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2327189","reference_id":"2327189","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2327189"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:6966","reference_id":"RHSA-2025:6966","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:6966"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-50272"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mjsn-nrsu-mycw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59656?format=json","vulnerability_id":"VCID-mmv3-bhb7-jka9","summary":"kernel: md/raid5: validate payload size before accessing journal metadata","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46070.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46070.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482173","reference_id":"2482173","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482173"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-46070"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mmv3-bhb7-jka9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87127?format=json","vulnerability_id":"VCID-msf7-4up1-a3d5","summary":"kernel: net: stmmac: TSO: Fix unbalanced DMA map/unmap for non-paged SKB data","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-53058.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-53058.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/07c9c26e37542486e34d767505e842f48f29c3f6","reference_id":"07c9c26e37542486e34d767505e842f48f29c3f6","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T20:12:56Z/"}],"url":"https://git.kernel.org/stable/c/07c9c26e37542486e34d767505e842f48f29c3f6"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2327341","reference_id":"2327341","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2327341"},{"reference_url":"https://git.kernel.org/stable/c/58d23d835eb498336716cca55b5714191a309286","reference_id":"58d23d835eb498336716cca55b5714191a309286","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T20:12:56Z/"}],"url":"https://git.kernel.org/stable/c/58d23d835eb498336716cca55b5714191a309286"},{"reference_url":"https://git.kernel.org/stable/c/66600fac7a984dea4ae095411f644770b2561ede","reference_id":"66600fac7a984dea4ae095411f644770b2561ede","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T20:12:56Z/"}],"url":"https://git.kernel.org/stable/c/66600fac7a984dea4ae095411f644770b2561ede"},{"reference_url":"https://git.kernel.org/stable/c/a3ff23f7c3f0e13f718900803e090fd3997d6bc9","reference_id":"a3ff23f7c3f0e13f718900803e090fd3997d6bc9","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T20:12:56Z/"}],"url":"https://git.kernel.org/stable/c/a3ff23f7c3f0e13f718900803e090fd3997d6bc9"},{"reference_url":"https://git.kernel.org/stable/c/ece593fc9c00741b682869d3f3dc584d37b7c9df","reference_id":"ece593fc9c00741b682869d3f3dc584d37b7c9df","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T20:12:56Z/"}],"url":"https://git.kernel.org/stable/c/ece593fc9c00741b682869d3f3dc584d37b7c9df"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-53058"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-msf7-4up1-a3d5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85727?format=json","vulnerability_id":"VCID-msvr-hy5z-ykgj","summary":"In the Linux kernel, the following vulnerability has been resolved:  drm/amdgpu: fix use-after-free bug  The bug can be triggered by sending a single amdgpu_gem_userptr_ioctl to the AMDGPU DRM driver on any ASICs with an invalid address and size. The bug was reported by Joonkyo Jung <joonkyoj@yonsei.ac.kr>. For example the following code:  static void Syzkaller1(int fd) { \tstruct drm_amdgpu_gem_userptr arg; \tint ret;  \targ.addr = 0xffffffffffff0000; \targ.size = 0x80000000; /*2 Gb*/ \targ.flags = 0x7; \tret = drmIoctl(fd, 0xc1186451/*amdgpu_gem_userptr_ioctl*/, &arg); }  Due to the address and size are not valid there is a failure in amdgpu_hmm_register->mmu_interval_notifier_insert->__mmu_interval_notifier_insert-> check_shl_overflow, but we even the amdgpu_hmm_register failure we still call amdgpu_hmm_unregister into  amdgpu_gem_object_free which causes access to a bad address. The following stack is below when the issue is reproduced when Kazan is enabled:  [  +0.000014] Hardware name: ASUS System Product Name/ROG STRIX B550-F GAMING (WI-FI), BIOS 1401 12/03/2020 [  +0.000009] RIP: 0010:mmu_interval_notifier_remove+0x327/0x340 [  +0.000017] Code: ff ff 49 89 44 24 08 48 b8 00 01 00 00 00 00 ad de 4c 89 f7 49 89 47 40 48 83 c0 22 49 89 47 48 e8 ce d1 2d 01 e9 32 ff ff ff <0f> 0b e9 16 ff ff ff 4c 89 ef e8 fa 14 b3 ff e9 36 ff ff ff e8 80 [  +0.000014] RSP: 0018:ffffc90002657988 EFLAGS: 00010246 [  +0.000013] RAX: 0000000000000000 RBX: 1ffff920004caf35 RCX: ffffffff8160565b [  +0.000011] RDX: dffffc0000000000 RSI: 0000000000000004 RDI: ffff8881a9f78260 [  +0.000010] RBP: ffffc90002657a70 R08: 0000000000000001 R09: fffff520004caf25 [  +0.000010] R10: 0000000000000003 R11: ffffffff8161d1d6 R12: ffff88810e988c00 [  +0.000010] R13: ffff888126fb5a00 R14: ffff88810e988c0c R15: ffff8881a9f78260 [  +0.000011] FS:  00007ff9ec848540(0000) GS:ffff8883cc880000(0000) knlGS:0000000000000000 [  +0.000012] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [  +0.000010] CR2: 000055b3f7e14328 CR3: 00000001b5770000 CR4: 0000000000350ef0 [  +0.000010] Call Trace: [  +0.000006]  <TASK> [  +0.000007]  ? show_regs+0x6a/0x80 [  +0.000018]  ? __warn+0xa5/0x1b0 [  +0.000019]  ? mmu_interval_notifier_remove+0x327/0x340 [  +0.000018]  ? report_bug+0x24a/0x290 [  +0.000022]  ? handle_bug+0x46/0x90 [  +0.000015]  ? exc_invalid_op+0x19/0x50 [  +0.000016]  ? asm_exc_invalid_op+0x1b/0x20 [  +0.000017]  ? kasan_save_stack+0x26/0x50 [  +0.000017]  ? mmu_interval_notifier_remove+0x23b/0x340 [  +0.000019]  ? mmu_interval_notifier_remove+0x327/0x340 [  +0.000019]  ? mmu_interval_notifier_remove+0x23b/0x340 [  +0.000020]  ? __pfx_mmu_interval_notifier_remove+0x10/0x10 [  +0.000017]  ? kasan_save_alloc_info+0x1e/0x30 [  +0.000018]  ? srso_return_thunk+0x5/0x5f [  +0.000014]  ? __kasan_kmalloc+0xb1/0xc0 [  +0.000018]  ? srso_return_thunk+0x5/0x5f [  +0.000013]  ? __kasan_check_read+0x11/0x20 [  +0.000020]  amdgpu_hmm_unregister+0x34/0x50 [amdgpu] [  +0.004695]  amdgpu_gem_object_free+0x66/0xa0 [amdgpu] [  +0.004534]  ? __pfx_amdgpu_gem_object_free+0x10/0x10 [amdgpu] [  +0.004291]  ? do_syscall_64+0x5f/0xe0 [  +0.000023]  ? srso_return_thunk+0x5/0x5f [  +0.000017]  drm_gem_object_free+0x3b/0x50 [drm] [  +0.000489]  amdgpu_gem_userptr_ioctl+0x306/0x500 [amdgpu] [  +0.004295]  ? __pfx_amdgpu_gem_userptr_ioctl+0x10/0x10 [amdgpu] [  +0.004270]  ? srso_return_thunk+0x5/0x5f [  +0.000014]  ? __this_cpu_preempt_check+0x13/0x20 [  +0.000015]  ? srso_return_thunk+0x5/0x5f [  +0.000013]  ? sysvec_apic_timer_interrupt+0x57/0xc0 [  +0.000020]  ? srso_return_thunk+0x5/0x5f [  +0.000014]  ? asm_sysvec_apic_timer_interrupt+0x1b/0x20 [  +0.000022]  ? drm_ioctl_kernel+0x17b/0x1f0 [drm] [  +0.000496]  ? __pfx_amdgpu_gem_userptr_ioctl+0x10/0x10 [amdgpu] [  +0.004272]  ? drm_ioctl_kernel+0x190/0x1f0 [drm] [  +0.000492]  drm_ioctl_kernel+0x140/0x1f0 [drm] [  +0.000497]  ? __pfx_amdgpu_gem_userptr_ioctl+0x10/0x10 [amdgpu] [  +0.004297]  ? __pfx_drm_ioctl_kernel+0x10/0x10 [d ---truncated---","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26656.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26656.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/22207fd5c80177b860279653d017474b2812af5e","reference_id":"22207fd5c80177b860279653d017474b2812af5e","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-02T14:54:50Z/"}],"url":"https://git.kernel.org/stable/c/22207fd5c80177b860279653d017474b2812af5e"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2272692","reference_id":"2272692","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2272692"},{"reference_url":"https://git.kernel.org/stable/c/22f665ecfd1225afa1309ace623157d12bb9bb0c","reference_id":"22f665ecfd1225afa1309ace623157d12bb9bb0c","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-02T14:54:50Z/"}],"url":"https://git.kernel.org/stable/c/22f665ecfd1225afa1309ace623157d12bb9bb0c"},{"reference_url":"https://git.kernel.org/stable/c/2e13f88e01ae7e28a7e831bf5c2409c4748e0a60","reference_id":"2e13f88e01ae7e28a7e831bf5c2409c4748e0a60","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-02T14:54:50Z/"}],"url":"https://git.kernel.org/stable/c/2e13f88e01ae7e28a7e831bf5c2409c4748e0a60"},{"reference_url":"https://git.kernel.org/stable/c/af054a5fb24a144f99895afce9519d709891894c","reference_id":"af054a5fb24a144f99895afce9519d709891894c","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-02T14:54:50Z/"}],"url":"https://git.kernel.org/stable/c/af054a5fb24a144f99895afce9519d709891894c"},{"reference_url":"https://git.kernel.org/stable/c/e87e08c94c9541b4e18c4c13f2f605935f512605","reference_id":"e87e08c94c9541b4e18c4c13f2f605935f512605","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-02T14:54:50Z/"}],"url":"https://git.kernel.org/stable/c/e87e08c94c9541b4e18c4c13f2f605935f512605"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4211","reference_id":"RHSA-2024:4211","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4211"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4352","reference_id":"RHSA-2024:4352","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4352"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4740","reference_id":"RHSA-2024:4740","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4740"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9315","reference_id":"RHSA-2024:9315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9315"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9497","reference_id":"RHSA-2024:9497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9498","reference_id":"RHSA-2024:9498","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9498"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9500","reference_id":"RHSA-2024:9500","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9500"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9546","reference_id":"RHSA-2024:9546","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9546"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-26656"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-msvr-hy5z-ykgj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88190?format=json","vulnerability_id":"VCID-mu6t-srt9-zkfv","summary":"kernel: gso: fix udp gso fraglist segmentation after pull from frag_list","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-49978.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-49978.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/080e6c9a3908de193a48f646c5ce1bfb15676ffc","reference_id":"080e6c9a3908de193a48f646c5ce1bfb15676ffc","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:32:53Z/"}],"url":"https://git.kernel.org/stable/c/080e6c9a3908de193a48f646c5ce1bfb15676ffc"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2320561","reference_id":"2320561","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2320561"},{"reference_url":"https://git.kernel.org/stable/c/33e28acf42ee863f332a958bfc2f1a284a3659df","reference_id":"33e28acf42ee863f332a958bfc2f1a284a3659df","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:32:53Z/"}],"url":"https://git.kernel.org/stable/c/33e28acf42ee863f332a958bfc2f1a284a3659df"},{"reference_url":"https://git.kernel.org/stable/c/3cd00d2e3655fad3bda96dc1ebf17b6495f86fea","reference_id":"3cd00d2e3655fad3bda96dc1ebf17b6495f86fea","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:32:53Z/"}],"url":"https://git.kernel.org/stable/c/3cd00d2e3655fad3bda96dc1ebf17b6495f86fea"},{"reference_url":"https://git.kernel.org/stable/c/a1e40ac5b5e9077fe1f7ae0eb88034db0f9ae1ab","reference_id":"a1e40ac5b5e9077fe1f7ae0eb88034db0f9ae1ab","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:32:53Z/"}],"url":"https://git.kernel.org/stable/c/a1e40ac5b5e9077fe1f7ae0eb88034db0f9ae1ab"},{"reference_url":"https://git.kernel.org/stable/c/af3122f5fdc0d00581d6e598a668df6bf54c9daa","reference_id":"af3122f5fdc0d00581d6e598a668df6bf54c9daa","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:32:53Z/"}],"url":"https://git.kernel.org/stable/c/af3122f5fdc0d00581d6e598a668df6bf54c9daa"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-49978"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mu6t-srt9-zkfv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73172?format=json","vulnerability_id":"VCID-myfv-reqe-gqfs","summary":"kernel: f2fs: fix to avoid overflow while left shift operation","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40077.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40077.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2406759","reference_id":"2406759","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2406759"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2025-40077"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-myfv-reqe-gqfs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74667?format=json","vulnerability_id":"VCID-myux-y45y-kucn","summary":"kernel: vxlan: Fix NPD when refreshing an FDB entry with a nexthop object","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39851.json","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39851.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/0e8630f24c14d9c655d19eabe2e52a9e9f713307","reference_id":"0e8630f24c14d9c655d19eabe2e52a9e9f713307","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T19:21:10Z/"}],"url":"https://git.kernel.org/stable/c/0e8630f24c14d9c655d19eabe2e52a9e9f713307"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2396916","reference_id":"2396916","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2396916"},{"reference_url":"https://git.kernel.org/stable/c/4ff4f3104da6507e0f118c63c4560dfdeb59dce3","reference_id":"4ff4f3104da6507e0f118c63c4560dfdeb59dce3","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T19:21:10Z/"}],"url":"https://git.kernel.org/stable/c/4ff4f3104da6507e0f118c63c4560dfdeb59dce3"},{"reference_url":"https://git.kernel.org/stable/c/6ead38147ebb813f08be6ea8ef547a0e4c09559a","reference_id":"6ead38147ebb813f08be6ea8ef547a0e4c09559a","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T19:21:10Z/"}],"url":"https://git.kernel.org/stable/c/6ead38147ebb813f08be6ea8ef547a0e4c09559a"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2025-39851"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-myux-y45y-kucn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88734?format=json","vulnerability_id":"VCID-n1np-tfsh-27ck","summary":"kernel: ELF: fix kernel.randomize_va_space double read","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-46826.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-46826.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/1cf8cd80903073440b6ea055811d04edd24fe4f7","reference_id":"1cf8cd80903073440b6ea055811d04edd24fe4f7","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:12:53Z/"}],"url":"https://git.kernel.org/stable/c/1cf8cd80903073440b6ea055811d04edd24fe4f7"},{"reference_url":"https://git.kernel.org/stable/c/1f81d51141a234ad0a3874b4d185dc27a521cd27","reference_id":"1f81d51141a234ad0a3874b4d185dc27a521cd27","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:12:53Z/"}],"url":"https://git.kernel.org/stable/c/1f81d51141a234ad0a3874b4d185dc27a521cd27"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315178","reference_id":"2315178","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315178"},{"reference_url":"https://git.kernel.org/stable/c/2a97388a807b6ab5538aa8f8537b2463c6988bd2","reference_id":"2a97388a807b6ab5538aa8f8537b2463c6988bd2","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:12:53Z/"}],"url":"https://git.kernel.org/stable/c/2a97388a807b6ab5538aa8f8537b2463c6988bd2"},{"reference_url":"https://git.kernel.org/stable/c/53f17409abf61f66b6f05aff795e938e5ba811d1","reference_id":"53f17409abf61f66b6f05aff795e938e5ba811d1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:12:53Z/"}],"url":"https://git.kernel.org/stable/c/53f17409abf61f66b6f05aff795e938e5ba811d1"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8856","reference_id":"RHSA-2024:8856","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8856"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8870","reference_id":"RHSA-2024:8870","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8870"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10701","reference_id":"RHSA-2025:10701","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10701"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4341","reference_id":"RHSA-2025:4341","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4341"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-46826"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n1np-tfsh-27ck"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60764?format=json","vulnerability_id":"VCID-n2y1-ucnb-vkea","summary":"kernel: xfrm_user: fix info leak in build_mapping()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43089.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43089.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467024","reference_id":"2467024","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467024"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-43089"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n2y1-ucnb-vkea"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73181?format=json","vulnerability_id":"VCID-n2zj-7hnv-dkem","summary":"kernel: f2fs: fix UAF issue in f2fs_merge_page_bio()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40054.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40054.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2406765","reference_id":"2406765","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2406765"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2025-40054"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n2zj-7hnv-dkem"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72257?format=json","vulnerability_id":"VCID-n3jk-kfwn-zbhb","summary":"kernel: sparc: fix accurate exception reporting in copy_{from_to}_user for UltraSPARC","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40126.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40126.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2414510","reference_id":"2414510","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2414510"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-40126"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n3jk-kfwn-zbhb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59517?format=json","vulnerability_id":"VCID-n3ys-23sg-qyax","summary":"kernel: crypto: atmel-sha204a - Fix potential UAF and memory leak in remove path","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46075.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46075.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482068","reference_id":"2482068","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482068"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-46075"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n3ys-23sg-qyax"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84739?format=json","vulnerability_id":"VCID-n5ks-jcrb-e3aj","summary":"kernel: PCI: Avoid putting some root ports into D3 on TUXEDO Sirius Gen1","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21831.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21831.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2350385","reference_id":"2350385","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2350385"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2025-21831"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n5ks-jcrb-e3aj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83596?format=json","vulnerability_id":"VCID-n5vp-pn31-x7c4","summary":"In the Linux kernel, the following vulnerability has been resolved:  net: dsa: qca8k: reset cpu port on MTU change  It was discovered that the Documentation lacks of a fundamental detail on how to correctly change the MAX_FRAME_SIZE of the switch.  In fact if the MAX_FRAME_SIZE is changed while the cpu port is on, the switch panics and cease to send any packet. This cause the mgmt ethernet system to not receive any packet (the slow fallback still works) and makes the device not reachable. To recover from this a switch reset is required.  To correctly handle this, turn off the cpu ports before changing the MAX_FRAME_SIZE and turn on again after the value is applied.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49654.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49654.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49654","reference_id":"","reference_type":"","scores":[{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.17412","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49654"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2347970","reference_id":"2347970","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2347970"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-49654"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n5vp-pn31-x7c4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62224?format=json","vulnerability_id":"VCID-n65w-1uwp-hka4","summary":"kernel: ipv4: nexthop: allocate skb dynamically in rtm_get_nexthop()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31531.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31531.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461108","reference_id":"2461108","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461108"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-31531"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n65w-1uwp-hka4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73999?format=json","vulnerability_id":"VCID-n6am-apdj-sfbr","summary":"kernel: Linux kernel: Denial of Service due to memory leak in SMB client","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39929.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39929.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2401419","reference_id":"2401419","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2401419"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-39929"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n6am-apdj-sfbr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88626?format=json","vulnerability_id":"VCID-n7bz-kduz-hyfm","summary":"In the Linux kernel, the following vulnerability has been resolved:  f2fs: fix to do sanity check on F2FS_INLINE_DATA flag in inode during GC  syzbot reports a f2fs bug as below:  ------------[ cut here ]------------ kernel BUG at fs/f2fs/inline.c:258! CPU: 1 PID: 34 Comm: kworker/u8:2 Not tainted 6.9.0-rc6-syzkaller-00012-g9e4bc4bcae01 #0 RIP: 0010:f2fs_write_inline_data+0x781/0x790 fs/f2fs/inline.c:258 Call Trace:  f2fs_write_single_data_page+0xb65/0x1d60 fs/f2fs/data.c:2834  f2fs_write_cache_pages fs/f2fs/data.c:3133 [inline]  __f2fs_write_data_pages fs/f2fs/data.c:3288 [inline]  f2fs_write_data_pages+0x1efe/0x3a90 fs/f2fs/data.c:3315  do_writepages+0x35b/0x870 mm/page-writeback.c:2612  __writeback_single_inode+0x165/0x10b0 fs/fs-writeback.c:1650  writeback_sb_inodes+0x905/0x1260 fs/fs-writeback.c:1941  wb_writeback+0x457/0xce0 fs/fs-writeback.c:2117  wb_do_writeback fs/fs-writeback.c:2264 [inline]  wb_workfn+0x410/0x1090 fs/fs-writeback.c:2304  process_one_work kernel/workqueue.c:3254 [inline]  process_scheduled_works+0xa12/0x17c0 kernel/workqueue.c:3335  worker_thread+0x86d/0xd70 kernel/workqueue.c:3416  kthread+0x2f2/0x390 kernel/kthread.c:388  ret_from_fork+0x4d/0x80 arch/x86/kernel/process.c:147  ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244  The root cause is: inline_data inode can be fuzzed, so that there may be valid blkaddr in its direct node, once f2fs triggers background GC to migrate the block, it will hit f2fs_bug_on() during dirty page writeback.  Let's add sanity check on F2FS_INLINE_DATA flag in inode during GC, so that, it can forbid migrating inline_data inode's data block for fixing.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-44942.json","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-44942.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2307901","reference_id":"2307901","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2307901"},{"reference_url":"https://git.kernel.org/stable/c/26c07775fb5dc74351d1c3a2bc3cdf609b03e49f","reference_id":"26c07775fb5dc74351d1c3a2bc3cdf609b03e49f","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:27:26Z/"}],"url":"https://git.kernel.org/stable/c/26c07775fb5dc74351d1c3a2bc3cdf609b03e49f"},{"reference_url":"https://git.kernel.org/stable/c/ae00e6536a2dd54b64b39e9a39548870cf835745","reference_id":"ae00e6536a2dd54b64b39e9a39548870cf835745","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:27:26Z/"}],"url":"https://git.kernel.org/stable/c/ae00e6536a2dd54b64b39e9a39548870cf835745"},{"reference_url":"https://git.kernel.org/stable/c/fc01008c92f40015aeeced94750855a7111b6929","reference_id":"fc01008c92f40015aeeced94750855a7111b6929","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:27:26Z/"}],"url":"https://git.kernel.org/stable/c/fc01008c92f40015aeeced94750855a7111b6929"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-44942"],"risk_score":3.2,"exploitability":"0.5","weighted_severity":"6.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n7bz-kduz-hyfm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80277?format=json","vulnerability_id":"VCID-n7t1-5g5a-nyfj","summary":"kernel: bpf: Fix a data-race around bpf_jit_limit.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49967.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49967.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49967","reference_id":"","reference_type":"","scores":[{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13462","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49967"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2373651","reference_id":"2373651","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2373651"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2458","reference_id":"RHSA-2023:2458","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2458"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-49967"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n7t1-5g5a-nyfj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60631?format=json","vulnerability_id":"VCID-n8mr-48hk-27f7","summary":"kernel: btrfs: fix transaction abort when snapshotting received subvolumes","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43361.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43361.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2468264","reference_id":"2468264","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2468264"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2026-43361"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n8mr-48hk-27f7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61441?format=json","vulnerability_id":"VCID-n9av-7ndf-6qaw","summary":"kernel: btrfs: reject root items with drop_progress and zero drop_level","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43046.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43046.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2464390","reference_id":"2464390","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2464390"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2026-43046"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n9av-7ndf-6qaw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85561?format=json","vulnerability_id":"VCID-n9fy-6a59-ubcq","summary":"In the Linux kernel before 6.9, an untrusted hypervisor can inject virtual interrupt 29 (#VC) at any point in time and can trigger its handler. This affects AMD SEV-SNP and AMD SEV-ES.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-25742.json","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-25742.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2270836","reference_id":"2270836","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2270836"},{"reference_url":"https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3008.html","reference_id":"amd-sb-3008.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-20T14:09:31Z/"}],"url":"https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3008.html"},{"reference_url":"https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.9","reference_id":"ChangeLog-6.9","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-20T14:09:31Z/"}],"url":"https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.9"},{"reference_url":"https://github.com/torvalds/linux/commit/e3ef461af35a8c74f2f4ce6616491ddb355a208f","reference_id":"e3ef461af35a8c74f2f4ce6616491ddb355a208f","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-20T14:09:31Z/"}],"url":"https://github.com/torvalds/linux/commit/e3ef461af35a8c74f2f4ce6616491ddb355a208f"},{"reference_url":"https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e3ef461af35a8c74f2f4ce6616491ddb355a208f","reference_id":"?id=e3ef461af35a8c74f2f4ce6616491ddb355a208f","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-20T14:09:31Z/"}],"url":"https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e3ef461af35a8c74f2f4ce6616491ddb355a208f"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2627","reference_id":"RHSA-2024:2627","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2627"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2628","reference_id":"RHSA-2024:2628","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2628"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2758","reference_id":"RHSA-2024:2758","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2758"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2950","reference_id":"RHSA-2024:2950","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2950"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3138","reference_id":"RHSA-2024:3138","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3138"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3421","reference_id":"RHSA-2024:3421","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3421"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3810","reference_id":"RHSA-2024:3810","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3810"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-25742"],"risk_score":3.2,"exploitability":"0.5","weighted_severity":"6.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n9fy-6a59-ubcq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83088?format=json","vulnerability_id":"VCID-n9qw-wgq3-1bak","summary":"In the Linux kernel, the following vulnerability has been resolved:  mt76: fix use-after-free by removing a non-RCU wcid pointer  Fixes an issue caught by KASAN about use-after-free in mt76_txq_schedule by protecting mtxq->wcid with rcu_lock between mt76_txq_schedule and sta_info_[alloc, free].  [18853.876689] ================================================================== [18853.876751] BUG: KASAN: use-after-free in mt76_txq_schedule+0x204/0xaf8 [mt76] [18853.876773] Read of size 8 at addr ffffffaf989a2138 by task mt76-tx phy0/883 [18853.876786] [18853.876810] CPU: 5 PID: 883 Comm: mt76-tx phy0 Not tainted 5.10.100-fix-510-56778d365941-kasan #5 0b01fbbcf41a530f52043508fec2e31a4215  [18853.876840] Call trace: [18853.876861]  dump_backtrace+0x0/0x3ec [18853.876878]  show_stack+0x20/0x2c [18853.876899]  dump_stack+0x11c/0x1ac [18853.876918]  print_address_description+0x74/0x514 [18853.876934]  kasan_report+0x134/0x174 [18853.876948]  __asan_report_load8_noabort+0x44/0x50 [18853.876976]  mt76_txq_schedule+0x204/0xaf8 [mt76 074e03e4640e97fe7405ee1fab547b81c4fa45d2] [18853.877002]  mt76_txq_schedule_all+0x2c/0x48 [mt76 074e03e4640e97fe7405ee1fab547b81c4fa45d2] [18853.877030]  mt7921_tx_worker+0xa0/0x1cc [mt7921_common f0875ebac9d7b4754e1010549e7db50fbd90a047] [18853.877054]  __mt76_worker_fn+0x190/0x22c [mt76 074e03e4640e97fe7405ee1fab547b81c4fa45d2] [18853.877071]  kthread+0x2f8/0x3b8 [18853.877087]  ret_from_fork+0x10/0x30 [18853.877098] [18853.877112] Allocated by task 941: [18853.877131]  kasan_save_stack+0x38/0x68 [18853.877147]  __kasan_kmalloc+0xd4/0xfc [18853.877163]  kasan_kmalloc+0x10/0x1c [18853.877177]  __kmalloc+0x264/0x3c4 [18853.877294]  sta_info_alloc+0x460/0xf88 [mac80211] [18853.877410]  ieee80211_prep_connection+0x204/0x1ee0 [mac80211] [18853.877523]  ieee80211_mgd_auth+0x6c4/0xa4c [mac80211] [18853.877635]  ieee80211_auth+0x20/0x2c [mac80211] [18853.877733]  rdev_auth+0x7c/0x438 [cfg80211] [18853.877826]  cfg80211_mlme_auth+0x26c/0x390 [cfg80211] [18853.877919]  nl80211_authenticate+0x6d4/0x904 [cfg80211] [18853.877938]  genl_rcv_msg+0x748/0x93c [18853.877954]  netlink_rcv_skb+0x160/0x2a8 [18853.877969]  genl_rcv+0x3c/0x54 [18853.877985]  netlink_unicast_kernel+0x104/0x1ec [18853.877999]  netlink_unicast+0x178/0x268 [18853.878015]  netlink_sendmsg+0x3cc/0x5f0 [18853.878030]  sock_sendmsg+0xb4/0xd8 [18853.878043]  ____sys_sendmsg+0x2f8/0x53c [18853.878058]  ___sys_sendmsg+0xe8/0x150 [18853.878071]  __sys_sendmsg+0xc4/0x1f4 [18853.878087]  __arm64_compat_sys_sendmsg+0x88/0x9c [18853.878101]  el0_svc_common+0x1b4/0x390 [18853.878115]  do_el0_svc_compat+0x8c/0xdc [18853.878131]  el0_svc_compat+0x10/0x1c [18853.878146]  el0_sync_compat_handler+0xa8/0xcc [18853.878161]  el0_sync_compat+0x188/0x1c0 [18853.878171] [18853.878183] Freed by task 10927: [18853.878200]  kasan_save_stack+0x38/0x68 [18853.878215]  kasan_set_track+0x28/0x3c [18853.878228]  kasan_set_free_info+0x24/0x48 [18853.878244]  __kasan_slab_free+0x11c/0x154 [18853.878259]  kasan_slab_free+0x14/0x24 [18853.878273]  slab_free_freelist_hook+0xac/0x1b0 [18853.878287]  kfree+0x104/0x390 [18853.878402]  sta_info_free+0x198/0x210 [mac80211] [18853.878515]  __sta_info_destroy_part2+0x230/0x2d4 [mac80211] [18853.878628]  __sta_info_flush+0x300/0x37c [mac80211] [18853.878740]  ieee80211_set_disassoc+0x2cc/0xa7c [mac80211] [18853.878851]  ieee80211_mgd_deauth+0x4a4/0x10a0 [mac80211] [18853.878962]  ieee80211_deauth+0x20/0x2c [mac80211] [18853.879057]  rdev_deauth+0x7c/0x438 [cfg80211] [18853.879150]  cfg80211_mlme_deauth+0x274/0x414 [cfg80211] [18853.879243]  cfg80211_mlme_down+0xe4/0x118 [cfg80211] [18853.879335]  cfg80211_disconnect+0x218/0x2d8 [cfg80211] [18853.879427]  __cfg80211_leave+0x17c/0x240 [cfg80211] [18853.879519]  cfg80211_leave+0x3c/0x58 [cfg80211] [18853.879611]  wiphy_suspend+0xdc/0x200 [cfg80211] [18853.879628]  dpm_run_callback+0x58/0x408 [18853.879642]  __device_suspend+0x4cc/0x864 [18853.879658]  async_suspend+0x34/0xf4 [18 ---truncated---","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49328.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49328.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49328","reference_id":"","reference_type":"","scores":[{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.0373","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49328"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2348217","reference_id":"2348217","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2348217"},{"reference_url":"https://git.kernel.org/stable/c/4448327b41738dbfcda680eb4935ff835568f468","reference_id":"4448327b41738dbfcda680eb4935ff835568f468","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-27T18:16:47Z/"}],"url":"https://git.kernel.org/stable/c/4448327b41738dbfcda680eb4935ff835568f468"},{"reference_url":"https://git.kernel.org/stable/c/51fb1278aa57ae0fc54adaa786e1965362bed4fb","reference_id":"51fb1278aa57ae0fc54adaa786e1965362bed4fb","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-27T18:16:47Z/"}],"url":"https://git.kernel.org/stable/c/51fb1278aa57ae0fc54adaa786e1965362bed4fb"},{"reference_url":"https://git.kernel.org/stable/c/d5f77f1dbb59feae81f88e44551e8e1d8a802d9a","reference_id":"d5f77f1dbb59feae81f88e44551e8e1d8a802d9a","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-27T18:16:47Z/"}],"url":"https://git.kernel.org/stable/c/d5f77f1dbb59feae81f88e44551e8e1d8a802d9a"},{"reference_url":"https://git.kernel.org/stable/c/e55bcdd0bf34a8b10d45ce80ebb3164c5292a17d","reference_id":"e55bcdd0bf34a8b10d45ce80ebb3164c5292a17d","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-27T18:16:47Z/"}],"url":"https://git.kernel.org/stable/c/e55bcdd0bf34a8b10d45ce80ebb3164c5292a17d"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2458","reference_id":"RHSA-2023:2458","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2951","reference_id":"RHSA-2023:2951","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2951"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10179","reference_id":"RHSA-2025:10179","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10179"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10828","reference_id":"RHSA-2025:10828","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10828"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9493","reference_id":"RHSA-2025:9493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9494","reference_id":"RHSA-2025:9494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9498","reference_id":"RHSA-2025:9498","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9498"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-49328"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n9qw-wgq3-1bak"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60740?format=json","vulnerability_id":"VCID-n9qz-8rsq-fkav","summary":"kernel: wifi: brcmfmac: validate bsscfg indices in IF events","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43110.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43110.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467014","reference_id":"2467014","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467014"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21556","reference_id":"RHSA-2026:21556","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21556"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21557","reference_id":"RHSA-2026:21557","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21557"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:23237","reference_id":"RHSA-2026:23237","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:23237"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-43110"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n9qz-8rsq-fkav"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70238?format=json","vulnerability_id":"VCID-nay5-pree-9qgt","summary":"kernel: drm/msm: fix workqueue leak on bind errors","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53849.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53849.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2420320","reference_id":"2420320","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2420320"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-53849"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nay5-pree-9qgt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85089?format=json","vulnerability_id":"VCID-ndtr-3vbp-67av","summary":"kernel: ipv4: use RCU protection in __ip_rt_update_pmtu()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21766.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21766.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2348632","reference_id":"2348632","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2348632"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-21766"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ndtr-3vbp-67av"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84684?format=json","vulnerability_id":"VCID-newa-v1s4-yyc3","summary":"kernel: KVM: x86: Load DR6 with guest value only before entering .vcpu_run() loop","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21839.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21839.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2350585","reference_id":"2350585","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2350585"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:20518","reference_id":"RHSA-2025:20518","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:20518"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:18134","reference_id":"RHSA-2026:18134","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:18134"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-21839"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-newa-v1s4-yyc3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84201?format=json","vulnerability_id":"VCID-nggz-zw65-2ygm","summary":"A flaw was found in the Linux kernel's ksmbd component. A memory leak can occur if a client sends a session setup request with an unknown NTLMSSP message type,  potentially leading to resource exhaustion.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-32255.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-32255.json"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2385884","reference_id":"2385884","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-04T13:20:59Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2385884"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10","reference_id":"cpe:/o:redhat:enterprise_linux:10","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9","reference_id":"cpe:/o:redhat:enterprise_linux:9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2023-32255","reference_id":"CVE-2023-32255","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-04T13:20:59Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2023-32255"},{"reference_url":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6d7cb549c2ca20e1f07593f15e936fd54b763028","reference_id":"?id=6d7cb549c2ca20e1f07593f15e936fd54b763028","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-04T13:20:59Z/"}],"url":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6d7cb549c2ca20e1f07593f15e936fd54b763028"},{"reference_url":"https://www.zerodayinitiative.com/advisories/ZDI-23-703/","reference_id":"ZDI-23-703","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-04T13:20:59Z/"}],"url":"https://www.zerodayinitiative.com/advisories/ZDI-23-703/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-32255"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nggz-zw65-2ygm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60727?format=json","vulnerability_id":"VCID-njdc-rwaz-skds","summary":"kernel: netfilter: ctnetlink: ensure safe access to master conntrack","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43116.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43116.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467005","reference_id":"2467005","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467005"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21557","reference_id":"RHSA-2026:21557","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21557"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2026-43116"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-njdc-rwaz-skds"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/67814?format=json","vulnerability_id":"VCID-njzh-h6gt-duaw","summary":"kernel: vsock/virtio: cap TX credit to local buffer size","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23086.json","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23086.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2436799","reference_id":"2436799","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2436799"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2026-23086"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-njzh-h6gt-duaw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/68480?format=json","vulnerability_id":"VCID-nkdw-d63v-tbf6","summary":"kernel: mt76: mt7615: Fix memory leak in mt7615_mcu_wtbl_sta_add()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68765.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68765.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2427118","reference_id":"2427118","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2427118"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-68765"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nkdw-d63v-tbf6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85578?format=json","vulnerability_id":"VCID-nkh7-4ykm-z3cm","summary":"kernel: rds: sysctl: rds_tcp_{rcv,snd}buf: avoid using current->nsproxy","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21635.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21635.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2338815","reference_id":"2338815","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2338815"},{"reference_url":"https://git.kernel.org/stable/c/7f5611cbc4871c7fb1ad36c2e5a9edad63dca95c","reference_id":"7f5611cbc4871c7fb1ad36c2e5a9edad63dca95c","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:54:16Z/"}],"url":"https://git.kernel.org/stable/c/7f5611cbc4871c7fb1ad36c2e5a9edad63dca95c"},{"reference_url":"https://git.kernel.org/stable/c/de8d6de0ee27be4b2b1e5b06f04aeacbabbba492","reference_id":"de8d6de0ee27be4b2b1e5b06f04aeacbabbba492","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:54:16Z/"}],"url":"https://git.kernel.org/stable/c/de8d6de0ee27be4b2b1e5b06f04aeacbabbba492"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2025-21635"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nkh7-4ykm-z3cm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74184?format=json","vulnerability_id":"VCID-nnv1-gxh1-m7cj","summary":"kernel: gpio: mvebu: fix irq domain leak","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53579.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53579.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2401547","reference_id":"2401547","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2401547"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-53579"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nnv1-gxh1-m7cj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82617?format=json","vulnerability_id":"VCID-np33-x6s2-zqbe","summary":"kernel: cifs: Fix connections leak when tlink setup failed","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49822.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49822.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49822","reference_id":"","reference_type":"","scores":[{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20287","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49822"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2363431","reference_id":"2363431","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2363431"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-49822"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-np33-x6s2-zqbe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61983?format=json","vulnerability_id":"VCID-nqpm-ce1e-ybg4","summary":"kernel: ocfs2: fix use-after-free in ocfs2_fault() when VM_FAULT_RETRY","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31597.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31597.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461484","reference_id":"2461484","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461484"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-31597"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nqpm-ce1e-ybg4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60048?format=json","vulnerability_id":"VCID-nrpc-rk56-mqd9","summary":"kernel: lib/crypto: mpi: Fix integer underflow in mpi_read_raw_from_sgl()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43492.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43492.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479815","reference_id":"2479815","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479815"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-43492"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nrpc-rk56-mqd9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87102?format=json","vulnerability_id":"VCID-nskc-bufy-wqgb","summary":"kernel: net: enetc: allocate vf_state during PF probes","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-50298.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-50298.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2327202","reference_id":"2327202","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2327202"},{"reference_url":"https://git.kernel.org/stable/c/35668e29e979b3a1927d3959cdd87327afd8e5eb","reference_id":"35668e29e979b3a1927d3959cdd87327afd8e5eb","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T20:14:01Z/"}],"url":"https://git.kernel.org/stable/c/35668e29e979b3a1927d3959cdd87327afd8e5eb"},{"reference_url":"https://git.kernel.org/stable/c/7eb923f8d4819737c07d6a8d0daef0a4d7f99e0c","reference_id":"7eb923f8d4819737c07d6a8d0daef0a4d7f99e0c","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T20:14:01Z/"}],"url":"https://git.kernel.org/stable/c/7eb923f8d4819737c07d6a8d0daef0a4d7f99e0c"},{"reference_url":"https://git.kernel.org/stable/c/e15c5506dd39885cd047f811a64240e2e8ab401b","reference_id":"e15c5506dd39885cd047f811a64240e2e8ab401b","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T20:14:01Z/"}],"url":"https://git.kernel.org/stable/c/e15c5506dd39885cd047f811a64240e2e8ab401b"},{"reference_url":"https://git.kernel.org/stable/c/ef0edfbe9eeed1fccad7cb705648af5222664944","reference_id":"ef0edfbe9eeed1fccad7cb705648af5222664944","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T20:14:01Z/"}],"url":"https://git.kernel.org/stable/c/ef0edfbe9eeed1fccad7cb705648af5222664944"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-50298"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nskc-bufy-wqgb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75839?format=json","vulnerability_id":"VCID-nskz-jpv3-3ffc","summary":"kernel: firmware: dmi-sysfs: Fix null-ptr-deref in dmi_sysfs_register_handle","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53250.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53250.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/18e126e97c961f7a93823795c879d7c085fe5098","reference_id":"18e126e97c961f7a93823795c879d7c085fe5098","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T18:00:07Z/"}],"url":"https://git.kernel.org/stable/c/18e126e97c961f7a93823795c879d7c085fe5098"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2395378","reference_id":"2395378","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2395378"},{"reference_url":"https://git.kernel.org/stable/c/5d0492d1d934642bdfd2057acc1b56f4b57be465","reference_id":"5d0492d1d934642bdfd2057acc1b56f4b57be465","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T18:00:07Z/"}],"url":"https://git.kernel.org/stable/c/5d0492d1d934642bdfd2057acc1b56f4b57be465"},{"reference_url":"https://git.kernel.org/stable/c/b4fe158259fb5fead52ff2b55841ec5c39492604","reference_id":"b4fe158259fb5fead52ff2b55841ec5c39492604","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T18:00:07Z/"}],"url":"https://git.kernel.org/stable/c/b4fe158259fb5fead52ff2b55841ec5c39492604"},{"reference_url":"https://git.kernel.org/stable/c/e851996b32264e78a10863c2ac41a8689d7b9252","reference_id":"e851996b32264e78a10863c2ac41a8689d7b9252","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T18:00:07Z/"}],"url":"https://git.kernel.org/stable/c/e851996b32264e78a10863c2ac41a8689d7b9252"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-53250"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nskz-jpv3-3ffc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/68645?format=json","vulnerability_id":"VCID-nsum-g65z-vuh8","summary":"kernel: bpf: Fix issue in verifying allow_ptr_leaks","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-54181.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-54181.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2426082","reference_id":"2426082","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2426082"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-54181"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nsum-g65z-vuh8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85144?format=json","vulnerability_id":"VCID-nt5b-f1v5-kybc","summary":"kernel: hrtimers: Force migrate away hrtimers queued after CPUHP_AP_HRTIMERS_DYING","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21816.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21816.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2348909","reference_id":"2348909","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2348909"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-21816"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nt5b-f1v5-kybc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79054?format=json","vulnerability_id":"VCID-ntqv-5fnc-j7d5","summary":"kernel: fbdev: Fix do_register_framebuffer to prevent null-ptr-deref in fb_videomode_to_var","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38215.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38215.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2376362","reference_id":"2376362","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2376362"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-38215"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ntqv-5fnc-j7d5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86794?format=json","vulnerability_id":"VCID-ntxz-fmrp-fkas","summary":"kernel: sched/task_stack: fix object_is_on_stack() for KASAN tagged pointers","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-53128.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-53128.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2330340","reference_id":"2330340","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2330340"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-53128"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ntxz-fmrp-fkas"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87160?format=json","vulnerability_id":"VCID-ntzs-vtzt-pkbm","summary":"In the Linux kernel, the following vulnerability has been resolved:  null_blk: fix null-ptr-dereference while configuring 'power' and 'submit_queues'  Writing 'power' and 'submit_queues' concurrently will trigger kernel panic:  Test script:  modprobe null_blk nr_devices=0 mkdir -p /sys/kernel/config/nullb/nullb0 while true; do echo 1 > submit_queues; echo 4 > submit_queues; done & while true; do echo 1 > power; echo 0 > power; done  Test result:  BUG: kernel NULL pointer dereference, address: 0000000000000148 Oops: 0000 [#1] PREEMPT SMP RIP: 0010:__lock_acquire+0x41d/0x28f0 Call Trace:  <TASK>  lock_acquire+0x121/0x450  down_write+0x5f/0x1d0  simple_recursive_removal+0x12f/0x5c0  blk_mq_debugfs_unregister_hctxs+0x7c/0x100  blk_mq_update_nr_hw_queues+0x4a3/0x720  nullb_update_nr_hw_queues+0x71/0xf0 [null_blk]  nullb_device_submit_queues_store+0x79/0xf0 [null_blk]  configfs_write_iter+0x119/0x1e0  vfs_write+0x326/0x730  ksys_write+0x74/0x150  This is because del_gendisk() can concurrent with blk_mq_update_nr_hw_queues():  nullb_device_power_store\tnullb_apply_submit_queues  null_del_dev  del_gendisk \t\t\t\t nullb_update_nr_hw_queues \t\t\t\t  if (!dev->nullb) \t\t\t\t  // still set while gendisk is deleted \t\t\t\t   return 0 \t\t\t\t  blk_mq_update_nr_hw_queues  dev->nullb = NULL  Fix this problem by resuing the global mutex to protect nullb_device_power_store() and nullb_update_nr_hw_queues() from configfs.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-36478.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-36478.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/1d4c8baef435c98e8d5aa7027dc5a9f70834ba16","reference_id":"1d4c8baef435c98e8d5aa7027dc5a9f70834ba16","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:09:31Z/"}],"url":"https://git.kernel.org/stable/c/1d4c8baef435c98e8d5aa7027dc5a9f70834ba16"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2293710","reference_id":"2293710","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2293710"},{"reference_url":"https://git.kernel.org/stable/c/5d0495473ee4c1d041b5a917f10446a22c047f47","reference_id":"5d0495473ee4c1d041b5a917f10446a22c047f47","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:09:31Z/"}],"url":"https://git.kernel.org/stable/c/5d0495473ee4c1d041b5a917f10446a22c047f47"},{"reference_url":"https://git.kernel.org/stable/c/a2db328b0839312c169eb42746ec46fc1ab53ed2","reference_id":"a2db328b0839312c169eb42746ec46fc1ab53ed2","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:09:31Z/"}],"url":"https://git.kernel.org/stable/c/a2db328b0839312c169eb42746ec46fc1ab53ed2"},{"reference_url":"https://git.kernel.org/stable/c/aaadb755f2d684f715a6eb85cb7243aa0c67dfa9","reference_id":"aaadb755f2d684f715a6eb85cb7243aa0c67dfa9","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:09:31Z/"}],"url":"https://git.kernel.org/stable/c/aaadb755f2d684f715a6eb85cb7243aa0c67dfa9"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-36478"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ntzs-vtzt-pkbm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72252?format=json","vulnerability_id":"VCID-nu94-8cqs-akgq","summary":"kernel: net: use dst_dev_rcu() in sk_setup_caps()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40170.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40170.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2414506","reference_id":"2414506","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2414506"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1690","reference_id":"RHSA-2026:1690","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1690"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2212","reference_id":"RHSA-2026:2212","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2212"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2264","reference_id":"RHSA-2026:2264","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2264"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22964","reference_id":"RHSA-2026:22964","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22964"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:23237","reference_id":"RHSA-2026:23237","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:23237"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2378","reference_id":"RHSA-2026:2378","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2378"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2025-40170"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nu94-8cqs-akgq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61017?format=json","vulnerability_id":"VCID-nw7f-tz7e-gkdc","summary":"kernel: tcp: fix potential race in tcp_v6_syn_recv_sock()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43198.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43198.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467228","reference_id":"2467228","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467228"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2026-43198"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nw7f-tz7e-gkdc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84515?format=json","vulnerability_id":"VCID-nwev-wj4e-rfgk","summary":"In the Linux kernel, the following vulnerability has been resolved:  drm/msm/dpu: Add mutex lock in control vblank irq  Add a mutex lock to control vblank irq to synchronize vblank enable/disable operations happening from different threads to prevent race conditions while registering/unregistering the vblank irq callback.  v4: -Removed vblank_ctl_lock from dpu_encoder_virt, so it is only a     parameter of dpu_encoder_phys.     -Switch from atomic refcnt to a simple int counter as mutex has     now been added v3: Mistakenly did not change wording in last version. It is done now. v2: Slightly changed wording of commit message  Patchwork: https://patchwork.freedesktop.org/patch/571854/","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52586.json","reference_id":"","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52586.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/14f109bf74dd67e1d0469fed859c8e506b0df53f","reference_id":"14f109bf74dd67e1d0469fed859c8e506b0df53f","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:56:01Z/"}],"url":"https://git.kernel.org/stable/c/14f109bf74dd67e1d0469fed859c8e506b0df53f"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2268333","reference_id":"2268333","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2268333"},{"reference_url":"https://git.kernel.org/stable/c/45284ff733e4caf6c118aae5131eb7e7cf3eea5a","reference_id":"45284ff733e4caf6c118aae5131eb7e7cf3eea5a","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:56:01Z/"}],"url":"https://git.kernel.org/stable/c/45284ff733e4caf6c118aae5131eb7e7cf3eea5a"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2023-52586"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nwev-wj4e-rfgk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60702?format=json","vulnerability_id":"VCID-nysd-ujaw-byds","summary":"kernel: xfrm: account XFRMA_IF_ID in aevent size calculation","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43107.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43107.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2466987","reference_id":"2466987","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2466987"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-43107"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nysd-ujaw-byds"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84982?format=json","vulnerability_id":"VCID-nysg-nhqs-8ybn","summary":"kernel: net: ipv6: fix dst ref loops in rpl, seg6 and ioam6 lwtunnels","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21768.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21768.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2348539","reference_id":"2348539","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2348539"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2025-21768"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nysg-nhqs-8ybn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87813?format=json","vulnerability_id":"VCID-nz9j-mg8z-yuf3","summary":"In the Linux kernel, the following vulnerability has been resolved:  drm/amdgpu: change vm->task_info handling  This patch changes the handling and lifecycle of vm->task_info object. The major changes are: - vm->task_info is a dynamically allocated ptr now, and its uasge is   reference counted. - introducing two new helper funcs for task_info lifecycle management     - amdgpu_vm_get_task_info: reference counts up task_info before       returning this info     - amdgpu_vm_put_task_info: reference counts down task_info - last put to task_info() frees task_info from the vm.  This patch also does logistical changes required for existing usage of vm->task_info.  V2: Do not block all the prints when task_info not found (Felix)  V3: Fixed review comments from Felix    - Fix wrong indentation    - No debug message for -ENOMEM    - Add NULL check for task_info    - Do not duplicate the debug messages (ti vs no ti)    - Get first reference of task_info in vm_init(), put last      in vm_fini()  V4: Fixed review comments from Felix    - fix double reference increment in create_task_info    - change amdgpu_vm_get_task_info_pasid    - additional changes in amdgpu_gem.c while porting","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-41008.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-41008.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2298079","reference_id":"2298079","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2298079"},{"reference_url":"https://git.kernel.org/stable/c/b8f67b9ddf4f8fe6dd536590712b5912ad78f99c","reference_id":"b8f67b9ddf4f8fe6dd536590712b5912ad78f99c","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:00:49Z/"}],"url":"https://git.kernel.org/stable/c/b8f67b9ddf4f8fe6dd536590712b5912ad78f99c"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10771","reference_id":"RHSA-2024:10771","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10771"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7000","reference_id":"RHSA-2024:7000","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7000"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7001","reference_id":"RHSA-2024:7001","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7001"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9315","reference_id":"RHSA-2024:9315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9315"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-41008"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nz9j-mg8z-yuf3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79824?format=json","vulnerability_id":"VCID-p139-e5z6-e3ex","summary":"kernel: ASoC: SOF: Intel: hda: Fix potential buffer overflow by snprintf()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50050.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50050.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50050","reference_id":"","reference_type":"","scores":[{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16494","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50050"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2373423","reference_id":"2373423","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2373423"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2458","reference_id":"RHSA-2023:2458","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2951","reference_id":"RHSA-2023:2951","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2951"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19268","reference_id":"RHSA-2025:19268","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19268"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19492","reference_id":"RHSA-2025:19492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21084","reference_id":"RHSA-2025:21084","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21084"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22752","reference_id":"RHSA-2025:22752","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22752"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-50050"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p139-e5z6-e3ex"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84523?format=json","vulnerability_id":"VCID-p1rr-am53-s7ec","summary":"In the Linux kernel, the following vulnerability has been resolved:  reiserfs: Avoid touching renamed directory if parent does not change  The VFS will not be locking moved directory if its parent does not change. Change reiserfs rename code to avoid touching renamed directory if its parent does not change as without locking that can corrupt the filesystem.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52591.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52591.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/17e1361cb91dc1325834da95d2ab532959d2debc","reference_id":"17e1361cb91dc1325834da95d2ab532959d2debc","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-06T16:59:49Z/"}],"url":"https://git.kernel.org/stable/c/17e1361cb91dc1325834da95d2ab532959d2debc"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2268323","reference_id":"2268323","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2268323"},{"reference_url":"https://git.kernel.org/stable/c/49db9b1b86a82448dfaf3fcfefcf678dee56c8ed","reference_id":"49db9b1b86a82448dfaf3fcfefcf678dee56c8ed","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-06T16:59:49Z/"}],"url":"https://git.kernel.org/stable/c/49db9b1b86a82448dfaf3fcfefcf678dee56c8ed"},{"reference_url":"https://git.kernel.org/stable/c/c04c162f82ac403917780eb6d1654694455d4e7c","reference_id":"c04c162f82ac403917780eb6d1654694455d4e7c","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-06T16:59:49Z/"}],"url":"https://git.kernel.org/stable/c/c04c162f82ac403917780eb6d1654694455d4e7c"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2023-52591"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p1rr-am53-s7ec"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87840?format=json","vulnerability_id":"VCID-p28h-q5ze-gyfg","summary":"In the Linux kernel, the following vulnerability has been resolved:  net: ks8851: Fix deadlock with the SPI chip variant  When SMP is enabled and spinlocks are actually functional then there is a deadlock with the 'statelock' spinlock between ks8851_start_xmit_spi and ks8851_irq:      watchdog: BUG: soft lockup - CPU#0 stuck for 27s!     call trace:       queued_spin_lock_slowpath+0x100/0x284       do_raw_spin_lock+0x34/0x44       ks8851_start_xmit_spi+0x30/0xb8       ks8851_start_xmit+0x14/0x20       netdev_start_xmit+0x40/0x6c       dev_hard_start_xmit+0x6c/0xbc       sch_direct_xmit+0xa4/0x22c       __qdisc_run+0x138/0x3fc       qdisc_run+0x24/0x3c       net_tx_action+0xf8/0x130       handle_softirqs+0x1ac/0x1f0       __do_softirq+0x14/0x20       ____do_softirq+0x10/0x1c       call_on_irq_stack+0x3c/0x58       do_softirq_own_stack+0x1c/0x28       __irq_exit_rcu+0x54/0x9c       irq_exit_rcu+0x10/0x1c       el1_interrupt+0x38/0x50       el1h_64_irq_handler+0x18/0x24       el1h_64_irq+0x64/0x68       __netif_schedule+0x6c/0x80       netif_tx_wake_queue+0x38/0x48       ks8851_irq+0xb8/0x2c8       irq_thread_fn+0x2c/0x74       irq_thread+0x10c/0x1b0       kthread+0xc8/0xd8       ret_from_fork+0x10/0x20  This issue has not been identified earlier because tests were done on a device with SMP disabled and so spinlocks were actually NOPs.  Now use spin_(un)lock_bh for TX queue related locking to avoid execution of softirq work synchronously that would lead to a deadlock.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-41036.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-41036.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/0913ec336a6c0c4a2b296bd9f74f8e41c4c83c8c","reference_id":"0913ec336a6c0c4a2b296bd9f74f8e41c4c83c8c","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:23:30Z/"}],"url":"https://git.kernel.org/stable/c/0913ec336a6c0c4a2b296bd9f74f8e41c4c83c8c"},{"reference_url":"https://git.kernel.org/stable/c/10fec0cd0e8f56ff06c46bb24254c7d8f8f2bbf0","reference_id":"10fec0cd0e8f56ff06c46bb24254c7d8f8f2bbf0","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:23:30Z/"}],"url":"https://git.kernel.org/stable/c/10fec0cd0e8f56ff06c46bb24254c7d8f8f2bbf0"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2300404","reference_id":"2300404","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2300404"},{"reference_url":"https://git.kernel.org/stable/c/80ece00137300d74642f2038c8fe5440deaf9f05","reference_id":"80ece00137300d74642f2038c8fe5440deaf9f05","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:23:30Z/"}],"url":"https://git.kernel.org/stable/c/80ece00137300d74642f2038c8fe5440deaf9f05"},{"reference_url":"https://git.kernel.org/stable/c/a0c69c492f4a8fad52f0a97565241c926160c9a4","reference_id":"a0c69c492f4a8fad52f0a97565241c926160c9a4","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:23:30Z/"}],"url":"https://git.kernel.org/stable/c/a0c69c492f4a8fad52f0a97565241c926160c9a4"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-41036"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p28h-q5ze-gyfg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69669?format=json","vulnerability_id":"VCID-p29g-wayb-p3ev","summary":"kernel: net: enetc: fix the deadlock of enetc_mdio_lock","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40347.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40347.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2422720","reference_id":"2422720","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2422720"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2025-40347"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p29g-wayb-p3ev"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82309?format=json","vulnerability_id":"VCID-p33x-3pgx-5ubs","summary":"In the Linux kernel, the following vulnerability has been resolved:  drm/vmwgfx: Remove rcu locks from user resources  User resource lookups used rcu to avoid two extra atomics. Unfortunately the rcu paths were buggy and it was easy to make the driver crash by submitting command buffers from two different threads. Because the lookups never show up in performance profiles replace them with a regular spin lock which fixes the races in accesses to those shared resources.  Fixes kernel oops'es in IGT's vmwgfx execution_buffer stress test and seen crashes with apps using shared resources.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48887.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48887.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-48887","reference_id":"","reference_type":"","scores":[{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.0213","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-48887"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2306408","reference_id":"2306408","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2306408"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-48887"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p33x-3pgx-5ubs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72239?format=json","vulnerability_id":"VCID-p36h-wmk3-7ff6","summary":"kernel: sparc: fix accurate exception reporting in copy_{from_to}_user for UltraSPARC III","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40124.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40124.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2414499","reference_id":"2414499","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2414499"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-40124"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p36h-wmk3-7ff6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66939?format=json","vulnerability_id":"VCID-p3nv-9k2r-8bcr","summary":"kernel: btrfs: do not strictly require dirty metadata threshold for metadata writepages","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23157.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23157.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2439903","reference_id":"2439903","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2439903"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2026-23157"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p3nv-9k2r-8bcr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59597?format=json","vulnerability_id":"VCID-p6y2-zt7h-qudd","summary":"kernel: KVM: SVM: Add missing save/restore handling of LBR MSRs","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46014.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46014.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482128","reference_id":"2482128","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482128"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2026-46014"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p6y2-zt7h-qudd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77175?format=json","vulnerability_id":"VCID-p79x-3vjm-h7e8","summary":"kernel: Linux kernel: Denial of Service in rxrpc due to prealloc collision","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38544.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38544.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2388933","reference_id":"2388933","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2388933"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2025-38544"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p79x-3vjm-h7e8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82608?format=json","vulnerability_id":"VCID-p7hr-g4h9-tkaq","summary":"kernel: btrfs: fix tree mod log mishandling of reallocated nodes","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49898.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49898.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49898","reference_id":"","reference_type":"","scores":[{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.18599","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49898"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2363425","reference_id":"2363425","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2363425"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-49898"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p7hr-g4h9-tkaq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59643?format=json","vulnerability_id":"VCID-p7n5-md78-1qf9","summary":"kernel: net: stmmac: fix oops when split header is enabled","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45940.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45940.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482164","reference_id":"2482164","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482164"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2026-45940"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p7n5-md78-1qf9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88649?format=json","vulnerability_id":"VCID-p7wj-qg2x-euc1","summary":"In the Linux kernel, the following vulnerability has been resolved:  btrfs: do not BUG_ON() when freeing tree block after error  When freeing a tree block, at btrfs_free_tree_block(), if we fail to create a delayed reference we don't deal with the error and just do a BUG_ON(). The error most likely to happen is -ENOMEM, and we have a comment mentioning that only -ENOMEM can happen, but that is not true, because in case qgroups are enabled any error returned from btrfs_qgroup_trace_extent_post() (can be -EUCLEAN or anything returned from btrfs_search_slot() for example) can be propagated back to btrfs_free_tree_block().  So stop doing a BUG_ON() and return the error to the callers and make them abort the transaction to prevent leaking space. Syzbot was triggering this, likely due to memory allocation failure injection.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-44963.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-44963.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/22d907bcd283d69d5e60497fc0d51969545c583b","reference_id":"22d907bcd283d69d5e60497fc0d51969545c583b","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:39:41Z/"}],"url":"https://git.kernel.org/stable/c/22d907bcd283d69d5e60497fc0d51969545c583b"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2309794","reference_id":"2309794","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2309794"},{"reference_url":"https://git.kernel.org/stable/c/98251cd60b4d702a8a81de442ab621e83a3fb24f","reference_id":"98251cd60b4d702a8a81de442ab621e83a3fb24f","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:39:41Z/"}],"url":"https://git.kernel.org/stable/c/98251cd60b4d702a8a81de442ab621e83a3fb24f"},{"reference_url":"https://git.kernel.org/stable/c/bb3868033a4cccff7be57e9145f2117cbdc91c11","reference_id":"bb3868033a4cccff7be57e9145f2117cbdc91c11","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:39:41Z/"}],"url":"https://git.kernel.org/stable/c/bb3868033a4cccff7be57e9145f2117cbdc91c11"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-44963"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p7wj-qg2x-euc1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72780?format=json","vulnerability_id":"VCID-p827-hadk-v3h6","summary":"kernel: usb: gadget: f_ecm: Refactor bind path to use __free()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40093.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40093.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2407340","reference_id":"2407340","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2407340"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-40093"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p827-hadk-v3h6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86581?format=json","vulnerability_id":"VCID-p85j-rtx2-d3cm","summary":"In the Linux kernel, the following vulnerability has been resolved:  netfilter: nf_tables: restore set elements when delete set fails  From abort path, nft_mapelem_activate() needs to restore refcounters to the original state. Currently, it uses the set->ops->walk() to iterate over these set elements. The existing set iterator skips inactive elements in the next generation, this does not work from the abort path to restore the original state since it has to skip active elements instead (not inactive ones).  This patch moves the check for inactive elements to the set iterator callback, then it reverses the logic for the .activate case which needs to skip active elements.  Toggle next generation bit for elements when delete set command is invoked and call nft_clear() from .activate (abort) path to restore the next generation bit.  The splat below shows an object in mappings memleak:  [43929.457523] ------------[ cut here ]------------ [43929.457532] WARNING: CPU: 0 PID: 1139 at include/net/netfilter/nf_tables.h:1237 nft_setelem_data_deactivate+0xe4/0xf0 [nf_tables] [...] [43929.458014] RIP: 0010:nft_setelem_data_deactivate+0xe4/0xf0 [nf_tables] [43929.458076] Code: 83 f8 01 77 ab 49 8d 7c 24 08 e8 37 5e d0 de 49 8b 6c 24 08 48 8d 7d 50 e8 e9 5c d0 de 8b 45 50 8d 50 ff 89 55 50 85 c0 75 86 <0f> 0b eb 82 0f 0b eb b3 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 [43929.458081] RSP: 0018:ffff888140f9f4b0 EFLAGS: 00010246 [43929.458086] RAX: 0000000000000000 RBX: ffff8881434f5288 RCX: dffffc0000000000 [43929.458090] RDX: 00000000ffffffff RSI: ffffffffa26d28a7 RDI: ffff88810ecc9550 [43929.458093] RBP: ffff88810ecc9500 R08: 0000000000000001 R09: ffffed10281f3e8f [43929.458096] R10: 0000000000000003 R11: ffff0000ffff0000 R12: ffff8881434f52a0 [43929.458100] R13: ffff888140f9f5f4 R14: ffff888151c7a800 R15: 0000000000000002 [43929.458103] FS:  00007f0c687c4740(0000) GS:ffff888390800000(0000) knlGS:0000000000000000 [43929.458107] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [43929.458111] CR2: 00007f58dbe5b008 CR3: 0000000123602005 CR4: 00000000001706f0 [43929.458114] Call Trace: [43929.458118]  <TASK> [43929.458121]  ? __warn+0x9f/0x1a0 [43929.458127]  ? nft_setelem_data_deactivate+0xe4/0xf0 [nf_tables] [43929.458188]  ? report_bug+0x1b1/0x1e0 [43929.458196]  ? handle_bug+0x3c/0x70 [43929.458200]  ? exc_invalid_op+0x17/0x40 [43929.458211]  ? nft_setelem_data_deactivate+0xd7/0xf0 [nf_tables] [43929.458271]  ? nft_setelem_data_deactivate+0xe4/0xf0 [nf_tables] [43929.458332]  nft_mapelem_deactivate+0x24/0x30 [nf_tables] [43929.458392]  nft_rhash_walk+0xdd/0x180 [nf_tables] [43929.458453]  ? __pfx_nft_rhash_walk+0x10/0x10 [nf_tables] [43929.458512]  ? rb_insert_color+0x2e/0x280 [43929.458520]  nft_map_deactivate+0xdc/0x1e0 [nf_tables] [43929.458582]  ? __pfx_nft_map_deactivate+0x10/0x10 [nf_tables] [43929.458642]  ? __pfx_nft_mapelem_deactivate+0x10/0x10 [nf_tables] [43929.458701]  ? __rcu_read_unlock+0x46/0x70 [43929.458709]  nft_delset+0xff/0x110 [nf_tables] [43929.458769]  nft_flush_table+0x16f/0x460 [nf_tables] [43929.458830]  nf_tables_deltable+0x501/0x580 [nf_tables]","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27012.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27012.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2278275","reference_id":"2278275","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2278275"},{"reference_url":"https://git.kernel.org/stable/c/86658fc7414d4b9e25c2699d751034537503d637","reference_id":"86658fc7414d4b9e25c2699d751034537503d637","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-14T18:56:10Z/"}],"url":"https://git.kernel.org/stable/c/86658fc7414d4b9e25c2699d751034537503d637"},{"reference_url":"https://git.kernel.org/stable/c/e79b47a8615d42c68aaeb68971593333667382ed","reference_id":"e79b47a8615d42c68aaeb68971593333667382ed","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-14T18:56:10Z/"}],"url":"https://git.kernel.org/stable/c/e79b47a8615d42c68aaeb68971593333667382ed"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9315","reference_id":"RHSA-2024:9315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9315"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1658","reference_id":"RHSA-2025:1658","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1658"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-27012"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p85j-rtx2-d3cm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82522?format=json","vulnerability_id":"VCID-pbfj-s62j-fbe2","summary":"In the Linux kernel, the following vulnerability has been resolved:  drm/amd/display: fix array index out of bound error in DCN32 DML  [Why&How] LinkCapacitySupport array is indexed with the number of voltage states and not the number of max DPPs. Fix the error by changing the array declaration to use the correct (larger) array size of total number of voltage states.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48979.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48979.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-48979","reference_id":"","reference_type":"","scores":[{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00709","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-48979"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2320739","reference_id":"2320739","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2320739"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-48979"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pbfj-s62j-fbe2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83571?format=json","vulnerability_id":"VCID-pbnh-m5hu-5bce","summary":"In the Linux kernel, the following vulnerability has been resolved:  icmp: Fix a data-race around sysctl_icmp_errors_use_inbound_ifaddr.  While reading sysctl_icmp_errors_use_inbound_ifaddr, it can be changed concurrently.  Thus, we need to add READ_ONCE() to its reader.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49632.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49632.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49632","reference_id":"","reference_type":"","scores":[{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01219","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49632"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2348197","reference_id":"2348197","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2348197"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2458","reference_id":"RHSA-2023:2458","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2458"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-49632"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pbnh-m5hu-5bce"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88044?format=json","vulnerability_id":"VCID-pbnq-z2fu-y3hj","summary":"kernel: drm/amd/display: fix double free issue during amdgpu module unload","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-49989.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-49989.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/20b5a8f9f4670a8503aa9fa95ca632e77c6bf55d","reference_id":"20b5a8f9f4670a8503aa9fa95ca632e77c6bf55d","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:31:29Z/"}],"url":"https://git.kernel.org/stable/c/20b5a8f9f4670a8503aa9fa95ca632e77c6bf55d"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2320458","reference_id":"2320458","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2320458"},{"reference_url":"https://git.kernel.org/stable/c/3c0ff4de45ce2c5f7997a1ffa6eefee4b79e6b58","reference_id":"3c0ff4de45ce2c5f7997a1ffa6eefee4b79e6b58","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:31:29Z/"}],"url":"https://git.kernel.org/stable/c/3c0ff4de45ce2c5f7997a1ffa6eefee4b79e6b58"},{"reference_url":"https://git.kernel.org/stable/c/43c296870740a3a264cdca9f18db12e12e9cfbdb","reference_id":"43c296870740a3a264cdca9f18db12e12e9cfbdb","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:31:29Z/"}],"url":"https://git.kernel.org/stable/c/43c296870740a3a264cdca9f18db12e12e9cfbdb"},{"reference_url":"https://git.kernel.org/stable/c/7af9e6fa63dbd43a61d4ecc8f59426596a75e507","reference_id":"7af9e6fa63dbd43a61d4ecc8f59426596a75e507","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:31:29Z/"}],"url":"https://git.kernel.org/stable/c/7af9e6fa63dbd43a61d4ecc8f59426596a75e507"},{"reference_url":"https://git.kernel.org/stable/c/cf6f3ebd6312d465fee096d1f58089b177c7c67f","reference_id":"cf6f3ebd6312d465fee096d1f58089b177c7c67f","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:31:29Z/"}],"url":"https://git.kernel.org/stable/c/cf6f3ebd6312d465fee096d1f58089b177c7c67f"},{"reference_url":"https://git.kernel.org/stable/c/df948b5ba6858d5da34f622d408e5517057cec07","reference_id":"df948b5ba6858d5da34f622d408e5517057cec07","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:31:29Z/"}],"url":"https://git.kernel.org/stable/c/df948b5ba6858d5da34f622d408e5517057cec07"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-49989"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pbnq-z2fu-y3hj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88302?format=json","vulnerability_id":"VCID-pdn6-83n5-x3d4","summary":"In the Linux kernel, the following vulnerability has been resolved:  s390/pkey: Use kfree_sensitive() to fix Coccinelle warnings  Replace memzero_explicit() and kfree() with kfree_sensitive() to fix warnings reported by Coccinelle:  WARNING opportunity for kfree_sensitive/kvfree_sensitive (line 1506) WARNING opportunity for kfree_sensitive/kvfree_sensitive (line 1643) WARNING opportunity for kfree_sensitive/kvfree_sensitive (line 1770)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-42158.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-42158.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/22e6824622e8a8889df0f8fc4ed5aea0e702a694","reference_id":"22e6824622e8a8889df0f8fc4ed5aea0e702a694","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:15:02Z/"}],"url":"https://git.kernel.org/stable/c/22e6824622e8a8889df0f8fc4ed5aea0e702a694"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2301529","reference_id":"2301529","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2301529"},{"reference_url":"https://git.kernel.org/stable/c/62151a0acde90823bdfa991d598c85cf4b1d387d","reference_id":"62151a0acde90823bdfa991d598c85cf4b1d387d","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:15:02Z/"}],"url":"https://git.kernel.org/stable/c/62151a0acde90823bdfa991d598c85cf4b1d387d"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-42158"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pdn6-83n5-x3d4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87682?format=json","vulnerability_id":"VCID-pdyj-kybh-jqfp","summary":"In the Linux kernel, the following vulnerability has been resolved:  riscv: rewrite __kernel_map_pages() to fix sleeping in invalid context  __kernel_map_pages() is a debug function which clears the valid bit in page table entry for deallocated pages to detect illegal memory accesses to freed pages.  This function set/clear the valid bit using __set_memory(). __set_memory() acquires init_mm's semaphore, and this operation may sleep. This is problematic, because  __kernel_map_pages() can be called in atomic context, and thus is illegal to sleep. An example warning that this causes:  BUG: sleeping function called from invalid context at kernel/locking/rwsem.c:1578 in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 2, name: kthreadd preempt_count: 2, expected: 0 CPU: 0 PID: 2 Comm: kthreadd Not tainted 6.9.0-g1d4c6d784ef6 #37 Hardware name: riscv-virtio,qemu (DT) Call Trace: [<ffffffff800060dc>] dump_backtrace+0x1c/0x24 [<ffffffff8091ef6e>] show_stack+0x2c/0x38 [<ffffffff8092baf8>] dump_stack_lvl+0x5a/0x72 [<ffffffff8092bb24>] dump_stack+0x14/0x1c [<ffffffff8003b7ac>] __might_resched+0x104/0x10e [<ffffffff8003b7f4>] __might_sleep+0x3e/0x62 [<ffffffff8093276a>] down_write+0x20/0x72 [<ffffffff8000cf00>] __set_memory+0x82/0x2fa [<ffffffff8000d324>] __kernel_map_pages+0x5a/0xd4 [<ffffffff80196cca>] __alloc_pages_bulk+0x3b2/0x43a [<ffffffff8018ee82>] __vmalloc_node_range+0x196/0x6ba [<ffffffff80011904>] copy_process+0x72c/0x17ec [<ffffffff80012ab4>] kernel_clone+0x60/0x2fe [<ffffffff80012f62>] kernel_thread+0x82/0xa0 [<ffffffff8003552c>] kthreadd+0x14a/0x1be [<ffffffff809357de>] ret_from_fork+0xe/0x1c  Rewrite this function with apply_to_existing_page_range(). It is fine to not have any locking, because __kernel_map_pages() works with pages being allocated/deallocated and those pages are not changed by anyone else in the meantime.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-40915.json","reference_id":"","reference_type":"","scores":[{"value":"4.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-40915.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2297499","reference_id":"2297499","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2297499"},{"reference_url":"https://git.kernel.org/stable/c/8661a7af04991201640863ad1a0983173f84b5eb","reference_id":"8661a7af04991201640863ad1a0983173f84b5eb","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:05:49Z/"}],"url":"https://git.kernel.org/stable/c/8661a7af04991201640863ad1a0983173f84b5eb"},{"reference_url":"https://git.kernel.org/stable/c/919f8626099d9909b9a9620b05e8c8ab06581876","reference_id":"919f8626099d9909b9a9620b05e8c8ab06581876","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:05:49Z/"}],"url":"https://git.kernel.org/stable/c/919f8626099d9909b9a9620b05e8c8ab06581876"},{"reference_url":"https://git.kernel.org/stable/c/d5257ceb19d92069195254866421f425aea42915","reference_id":"d5257ceb19d92069195254866421f425aea42915","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:05:49Z/"}],"url":"https://git.kernel.org/stable/c/d5257ceb19d92069195254866421f425aea42915"},{"reference_url":"https://git.kernel.org/stable/c/fb1cf0878328fe75d47f0aed0a65b30126fcefc4","reference_id":"fb1cf0878328fe75d47f0aed0a65b30126fcefc4","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:05:49Z/"}],"url":"https://git.kernel.org/stable/c/fb1cf0878328fe75d47f0aed0a65b30126fcefc4"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-40915"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pdyj-kybh-jqfp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86224?format=json","vulnerability_id":"VCID-pens-udz3-skdp","summary":"kernel: smb: client: fix use-after-free of signing key","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-53179.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-53179.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/0e2b654a3848bf9da3b0d54c1ccf3f1b8c635591","reference_id":"0e2b654a3848bf9da3b0d54c1ccf3f1b8c635591","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-10T17:13:09Z/"}],"url":"https://git.kernel.org/stable/c/0e2b654a3848bf9da3b0d54c1ccf3f1b8c635591"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2334401","reference_id":"2334401","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2334401"},{"reference_url":"https://git.kernel.org/stable/c/343d7fe6df9e247671440a932b6a73af4fa86d95","reference_id":"343d7fe6df9e247671440a932b6a73af4fa86d95","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-10T17:13:09Z/"}],"url":"https://git.kernel.org/stable/c/343d7fe6df9e247671440a932b6a73af4fa86d95"},{"reference_url":"https://git.kernel.org/stable/c/39619c65ab4bbb3e78c818f537687653e112764d","reference_id":"39619c65ab4bbb3e78c818f537687653e112764d","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-10T17:13:09Z/"}],"url":"https://git.kernel.org/stable/c/39619c65ab4bbb3e78c818f537687653e112764d"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-53179"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pens-udz3-skdp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83486?format=json","vulnerability_id":"VCID-pgby-vzn7-pfga","summary":"In the Linux kernel, the following vulnerability has been resolved:  KVM: x86: Use __try_cmpxchg_user() to update guest PTE A/D bits  Use the recently introduced __try_cmpxchg_user() to update guest PTE A/D bits instead of mapping the PTE into kernel address space.  The VM_PFNMAP path is broken as it assumes that vm_pgoff is the base pfn of the mapped VMA range, which is conceptually wrong as vm_pgoff is the offset relative to the file and has nothing to do with the pfn.  The horrific hack worked for the original use case (backing guest memory with /dev/mem), but leads to accessing \"random\" pfns for pretty much any other VM_PFNMAP case.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49562.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49562.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49562","reference_id":"","reference_type":"","scores":[{"value":"0.00081","scoring_system":"epss","scoring_elements":"0.23948","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49562"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2347787","reference_id":"2347787","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2347787"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2458","reference_id":"RHSA-2023:2458","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2458"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-49562"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pgby-vzn7-pfga"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72759?format=json","vulnerability_id":"VCID-pgtt-bpyw-ckbm","summary":"kernel: Linux kernel KVM: Denial of Service due to uninitialized vCPU event handling","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40102.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40102.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2407325","reference_id":"2407325","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2407325"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2025-40102"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pgtt-bpyw-ckbm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88479?format=json","vulnerability_id":"VCID-pjcu-z6dz-v7f9","summary":"kernel: smack: tcp: ipv4, fix incorrect labeling","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47659.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47659.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/0776bcf9cb6de46fdd94d10118de1cf9b05f83b9","reference_id":"0776bcf9cb6de46fdd94d10118de1cf9b05f83b9","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:23:30Z/"}],"url":"https://git.kernel.org/stable/c/0776bcf9cb6de46fdd94d10118de1cf9b05f83b9"},{"reference_url":"https://git.kernel.org/stable/c/0aea09e82eafa50a373fc8a4b84c1d4734751e2c","reference_id":"0aea09e82eafa50a373fc8a4b84c1d4734751e2c","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:23:30Z/"}],"url":"https://git.kernel.org/stable/c/0aea09e82eafa50a373fc8a4b84c1d4734751e2c"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2317583","reference_id":"2317583","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2317583"},{"reference_url":"https://git.kernel.org/stable/c/2fe209d0ad2e2729f7e22b9b31a86cc3ff0db550","reference_id":"2fe209d0ad2e2729f7e22b9b31a86cc3ff0db550","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:23:30Z/"}],"url":"https://git.kernel.org/stable/c/2fe209d0ad2e2729f7e22b9b31a86cc3ff0db550"},{"reference_url":"https://git.kernel.org/stable/c/4be9fd15c3c88775bdf6fa37acabe6de85beebff","reference_id":"4be9fd15c3c88775bdf6fa37acabe6de85beebff","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:23:30Z/"}],"url":"https://git.kernel.org/stable/c/4be9fd15c3c88775bdf6fa37acabe6de85beebff"},{"reference_url":"https://git.kernel.org/stable/c/5b4b304f196c070342e32a4752e1fa2e22fc0671","reference_id":"5b4b304f196c070342e32a4752e1fa2e22fc0671","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:23:30Z/"}],"url":"https://git.kernel.org/stable/c/5b4b304f196c070342e32a4752e1fa2e22fc0671"},{"reference_url":"https://git.kernel.org/stable/c/a948ec993541db4ef392b555c37a1186f4d61670","reference_id":"a948ec993541db4ef392b555c37a1186f4d61670","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:23:30Z/"}],"url":"https://git.kernel.org/stable/c/a948ec993541db4ef392b555c37a1186f4d61670"},{"reference_url":"https://git.kernel.org/stable/c/d3703fa94116fed91f64c7d1c7d284fb4369070f","reference_id":"d3703fa94116fed91f64c7d1c7d284fb4369070f","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:23:30Z/"}],"url":"https://git.kernel.org/stable/c/d3703fa94116fed91f64c7d1c7d284fb4369070f"},{"reference_url":"https://git.kernel.org/stable/c/d3f56c653c65f170b172d3c23120bc64ada645d8","reference_id":"d3f56c653c65f170b172d3c23120bc64ada645d8","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:23:30Z/"}],"url":"https://git.kernel.org/stable/c/d3f56c653c65f170b172d3c23120bc64ada645d8"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-47659"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pjcu-z6dz-v7f9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/76142?format=json","vulnerability_id":"VCID-pjk7-7uym-6uc4","summary":"kernel: comedi: Make insn_rw_emulate_bits() do insn->n samples","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39686.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39686.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2393487","reference_id":"2393487","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2393487"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-39686"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pjk7-7uym-6uc4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82929?format=json","vulnerability_id":"VCID-pm3q-zyj6-5bdh","summary":"In the Linux kernel, the following vulnerability has been resolved:  net: asix: add proper error handling of usb read errors  Syzbot once again hit uninit value in asix driver. The problem still the same -- asix_read_cmd() reads less bytes, than was requested by caller.  Since all read requests are performed via asix_read_cmd() let's catch usb related error there and add __must_check notation to be sure all callers actually check return value.  So, this patch adds sanity check inside asix_read_cmd(), that simply checks if bytes read are not less, than was requested and adds missing error handling of asix_read_cmd() all across the driver code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49226.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49226.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49226","reference_id":"","reference_type":"","scores":[{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01915","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49226"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2347965","reference_id":"2347965","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2347965"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7000","reference_id":"RHSA-2024:7000","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7000"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9315","reference_id":"RHSA-2024:9315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9315"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-49226"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pm3q-zyj6-5bdh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84592?format=json","vulnerability_id":"VCID-pnyj-7kdm-ruhw","summary":"kernel: ibmvnic: Don't reference skb after sending to VIOS","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21855.json","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21855.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/093b0e5c90592773863f300b908b741622eef597","reference_id":"093b0e5c90592773863f300b908b741622eef597","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-28T15:22:53Z/"}],"url":"https://git.kernel.org/stable/c/093b0e5c90592773863f300b908b741622eef597"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2351608","reference_id":"2351608","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2351608"},{"reference_url":"https://git.kernel.org/stable/c/25dddd01dcc8ef3acff964dbb32eeb0d89f098e9","reference_id":"25dddd01dcc8ef3acff964dbb32eeb0d89f098e9","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-28T15:22:53Z/"}],"url":"https://git.kernel.org/stable/c/25dddd01dcc8ef3acff964dbb32eeb0d89f098e9"},{"reference_url":"https://git.kernel.org/stable/c/501ac6a7e21b82e05207c6b4449812d82820f306","reference_id":"501ac6a7e21b82e05207c6b4449812d82820f306","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-28T15:22:53Z/"}],"url":"https://git.kernel.org/stable/c/501ac6a7e21b82e05207c6b4449812d82820f306"},{"reference_url":"https://git.kernel.org/stable/c/abaff2717470e4b5b7c0c3a90e128b211a23da09","reference_id":"abaff2717470e4b5b7c0c3a90e128b211a23da09","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-28T15:22:53Z/"}],"url":"https://git.kernel.org/stable/c/abaff2717470e4b5b7c0c3a90e128b211a23da09"},{"reference_url":"https://git.kernel.org/stable/c/bdf5d13aa05ec314d4385b31ac974d6c7e0997c9","reference_id":"bdf5d13aa05ec314d4385b31ac974d6c7e0997c9","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-28T15:22:53Z/"}],"url":"https://git.kernel.org/stable/c/bdf5d13aa05ec314d4385b31ac974d6c7e0997c9"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:20095","reference_id":"RHSA-2025:20095","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:20095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:20518","reference_id":"RHSA-2025:20518","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:20518"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-21855"],"risk_score":2.9,"exploitability":"0.5","weighted_severity":"5.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pnyj-7kdm-ruhw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72345?format=json","vulnerability_id":"VCID-ppq2-1p6u-h7gb","summary":"kernel: fs: quota: create dedicated workqueue for quota_release_work","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40196.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40196.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2414745","reference_id":"2414745","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2414745"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2025-40196"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ppq2-1p6u-h7gb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59326?format=json","vulnerability_id":"VCID-pr8b-krvb-z7gw","summary":"kernel: hwrng: core - use RCU and work_struct to fix race condition","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45949.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45949.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2481908","reference_id":"2481908","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2481908"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-45949"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pr8b-krvb-z7gw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87024?format=json","vulnerability_id":"VCID-przv-eskx-nbfg","summary":"kernel: afs: Fix lock recursion","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-53090.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-53090.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2327887","reference_id":"2327887","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2327887"},{"reference_url":"https://git.kernel.org/stable/c/610a79ffea02102899a1373fe226d949944a7ed6","reference_id":"610a79ffea02102899a1373fe226d949944a7ed6","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T20:11:33Z/"}],"url":"https://git.kernel.org/stable/c/610a79ffea02102899a1373fe226d949944a7ed6"},{"reference_url":"https://git.kernel.org/stable/c/d7cbf81df996b1eae2dee8deb6df08e2eba78661","reference_id":"d7cbf81df996b1eae2dee8deb6df08e2eba78661","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T20:11:33Z/"}],"url":"https://git.kernel.org/stable/c/d7cbf81df996b1eae2dee8deb6df08e2eba78661"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:20518","reference_id":"RHSA-2025:20518","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:20518"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-53090"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-przv-eskx-nbfg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85528?format=json","vulnerability_id":"VCID-ps19-1mnv-abe1","summary":"kernel: riscv: mm: Fix the out of bound issue of vmemmap address","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-57945.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-57945.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2339131","reference_id":"2339131","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2339131"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-57945"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ps19-1mnv-abe1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62040?format=json","vulnerability_id":"VCID-ps7u-h3us-jkac","summary":"kernel: drm/i915/gt: fix refcount underflow in intel_engine_park_heartbeat","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31656.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31656.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461525","reference_id":"2461525","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461525"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2026-31656"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ps7u-h3us-jkac"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62408?format=json","vulnerability_id":"VCID-pt17-5xvc-27ar","summary":"kernel: xfrm: prevent policy_hthresh.work from racing with netns teardown","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31516.json","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31516.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460720","reference_id":"2460720","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460720"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-31516"],"risk_score":2.9,"exploitability":"0.5","weighted_severity":"5.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pt17-5xvc-27ar"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59309?format=json","vulnerability_id":"VCID-pvk8-ufgp-aug8","summary":"kernel: openvswitch: cap upcall PID array size and pre-size vport replies","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45840.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45840.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2481862","reference_id":"2481862","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2481862"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2026-45840"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pvk8-ufgp-aug8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3242?format=json","vulnerability_id":"VCID-pzge-pjx2-cqem","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3567.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3567.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3567","reference_id":"","reference_type":"","scores":[{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.07025","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3567"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2143943","reference_id":"2143943","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2143943"},{"reference_url":"https://security.archlinux.org/AVG-2834","reference_id":"AVG-2834","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2834"},{"reference_url":"https://security.archlinux.org/AVG-2835","reference_id":"AVG-2835","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2835"},{"reference_url":"https://security.archlinux.org/AVG-2836","reference_id":"AVG-2836","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2836"},{"reference_url":"https://security.archlinux.org/AVG-2837","reference_id":"AVG-2837","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2837"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2148","reference_id":"RHSA-2023:2148","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2148"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2458","reference_id":"RHSA-2023:2458","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2736","reference_id":"RHSA-2023:2736","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2736"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2951","reference_id":"RHSA-2023:2951","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2951"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0412","reference_id":"RHSA-2024:0412","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0412"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-3567"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pzge-pjx2-cqem"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88156?format=json","vulnerability_id":"VCID-q1mq-7s3x-kkdc","summary":"kernel: drm/msm/adreno: Assign msm_gpu-&gt;pdev earlier to avoid nullptrs","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-49901.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-49901.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/16007768551d5bfe53426645401435ca8d2ef54f","reference_id":"16007768551d5bfe53426645401435ca8d2ef54f","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:42:53Z/"}],"url":"https://git.kernel.org/stable/c/16007768551d5bfe53426645401435ca8d2ef54f"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2320537","reference_id":"2320537","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2320537"},{"reference_url":"https://git.kernel.org/stable/c/9288a9676c529ad9c856096db68fad812499bc4a","reference_id":"9288a9676c529ad9c856096db68fad812499bc4a","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:42:53Z/"}],"url":"https://git.kernel.org/stable/c/9288a9676c529ad9c856096db68fad812499bc4a"},{"reference_url":"https://git.kernel.org/stable/c/9773737375b20070ea935203fd66cb9fa17c5acb","reference_id":"9773737375b20070ea935203fd66cb9fa17c5acb","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:42:53Z/"}],"url":"https://git.kernel.org/stable/c/9773737375b20070ea935203fd66cb9fa17c5acb"},{"reference_url":"https://git.kernel.org/stable/c/e8ac2060597a5768e4699bb61d604b4c09927b85","reference_id":"e8ac2060597a5768e4699bb61d604b4c09927b85","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:42:53Z/"}],"url":"https://git.kernel.org/stable/c/e8ac2060597a5768e4699bb61d604b4c09927b85"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-49901"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q1mq-7s3x-kkdc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60691?format=json","vulnerability_id":"VCID-q4td-fnf4-5kfn","summary":"kernel: ocfs2: fix out-of-bounds write in ocfs2_write_end_inline","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43075.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43075.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2466979","reference_id":"2466979","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2466979"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-43075"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q4td-fnf4-5kfn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87223?format=json","vulnerability_id":"VCID-q81f-7vrq-ukeh","summary":"In the Linux kernel, the following vulnerability has been resolved:  block: fix overflow in blk_ioctl_discard()  There is no check for overflow of 'start + len' in blk_ioctl_discard(). Hung task occurs if submit an discard ioctl with the following param:   start = 0x80000000000ff000, len = 0x8000000000fff000; Add the overflow validation now.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-36917.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-36917.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2284519","reference_id":"2284519","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2284519"},{"reference_url":"https://git.kernel.org/stable/c/22d24a544b0d49bbcbd61c8c0eaf77d3c9297155","reference_id":"22d24a544b0d49bbcbd61c8c0eaf77d3c9297155","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-05T14:26:26Z/"}],"url":"https://git.kernel.org/stable/c/22d24a544b0d49bbcbd61c8c0eaf77d3c9297155"},{"reference_url":"https://git.kernel.org/stable/c/507d526a98c355e6f3fb2c47aacad44a69784bee","reference_id":"507d526a98c355e6f3fb2c47aacad44a69784bee","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-05T14:26:26Z/"}],"url":"https://git.kernel.org/stable/c/507d526a98c355e6f3fb2c47aacad44a69784bee"},{"reference_url":"https://git.kernel.org/stable/c/8a26198186e97ee5fc4b42fde82629cff8c75cd6","reference_id":"8a26198186e97ee5fc4b42fde82629cff8c75cd6","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-05T14:26:26Z/"}],"url":"https://git.kernel.org/stable/c/8a26198186e97ee5fc4b42fde82629cff8c75cd6"},{"reference_url":"https://git.kernel.org/stable/c/e1d38cde2b7b0fbd1c48082e7a98c37d750af59b","reference_id":"e1d38cde2b7b0fbd1c48082e7a98c37d750af59b","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-05T14:26:26Z/"}],"url":"https://git.kernel.org/stable/c/e1d38cde2b7b0fbd1c48082e7a98c37d750af59b"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5101","reference_id":"RHSA-2024:5101","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5101"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5102","reference_id":"RHSA-2024:5102","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5102"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9315","reference_id":"RHSA-2024:9315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9315"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9584","reference_id":"RHSA-2025:9584","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9584"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-36917"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q81f-7vrq-ukeh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88291?format=json","vulnerability_id":"VCID-q8h2-fc69-j7ay","summary":"In the Linux kernel, the following vulnerability has been resolved:  crypto: hisilicon/debugfs - Fix debugfs uninit process issue  During the zip probe process, the debugfs failure does not stop the probe. When debugfs initialization fails, jumping to the error branch will also release regs, in addition to its own rollback operation.  As a result, it may be released repeatedly during the regs uninit process. Therefore, the null check needs to be added to the regs uninit process.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-42147.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-42147.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2301513","reference_id":"2301513","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2301513"},{"reference_url":"https://git.kernel.org/stable/c/7fc8d9a525b5c3f8dfa5ed50901e764d8ede7e1e","reference_id":"7fc8d9a525b5c3f8dfa5ed50901e764d8ede7e1e","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:15:37Z/"}],"url":"https://git.kernel.org/stable/c/7fc8d9a525b5c3f8dfa5ed50901e764d8ede7e1e"},{"reference_url":"https://git.kernel.org/stable/c/8be0913389718e8d27c4f1d4537b5e1b99ed7739","reference_id":"8be0913389718e8d27c4f1d4537b5e1b99ed7739","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:15:37Z/"}],"url":"https://git.kernel.org/stable/c/8be0913389718e8d27c4f1d4537b5e1b99ed7739"},{"reference_url":"https://git.kernel.org/stable/c/e0a2d2df9ba7bd6bd7e0a9b6a5e3894f7e8445b3","reference_id":"e0a2d2df9ba7bd6bd7e0a9b6a5e3894f7e8445b3","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:15:37Z/"}],"url":"https://git.kernel.org/stable/c/e0a2d2df9ba7bd6bd7e0a9b6a5e3894f7e8445b3"},{"reference_url":"https://git.kernel.org/stable/c/eda60520cfe3aba9f088c68ebd5bcbca9fc6ac3c","reference_id":"eda60520cfe3aba9f088c68ebd5bcbca9fc6ac3c","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:15:37Z/"}],"url":"https://git.kernel.org/stable/c/eda60520cfe3aba9f088c68ebd5bcbca9fc6ac3c"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-42147"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q8h2-fc69-j7ay"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60725?format=json","vulnerability_id":"VCID-q8pn-a6a2-vye5","summary":"kernel: xsk: tighten UMEM headroom validation to account for tailroom and min frame","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43093.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43093.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467004","reference_id":"2467004","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467004"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-43093"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q8pn-a6a2-vye5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72278?format=json","vulnerability_id":"VCID-q8w9-mm3d-jug3","summary":"kernel: ipv6: use RCU in ip6_output()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40158.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40158.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2414523","reference_id":"2414523","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2414523"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1690","reference_id":"RHSA-2026:1690","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1690"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2212","reference_id":"RHSA-2026:2212","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2212"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2264","reference_id":"RHSA-2026:2264","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2264"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22964","reference_id":"RHSA-2026:22964","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22964"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:23237","reference_id":"RHSA-2026:23237","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:23237"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2378","reference_id":"RHSA-2026:2378","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2378"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2025-40158"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q8w9-mm3d-jug3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83024?format=json","vulnerability_id":"VCID-q9zt-7wn8-fban","summary":"In the Linux kernel, the following vulnerability has been resolved:  uaccess: fix integer overflow on access_ok()  Three architectures check the end of a user access against the address limit without taking a possible overflow into account. Passing a negative length or another overflow in here returns success when it should not.  Use the most common correct implementation here, which optimizes for a constant 'size' argument, and turns the common case into a single comparison.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49289.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49289.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49289","reference_id":"","reference_type":"","scores":[{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.29703","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49289"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2348170","reference_id":"2348170","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2348170"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-49289"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q9zt-7wn8-fban"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82857?format=json","vulnerability_id":"VCID-qa5b-e3sq-x3ca","summary":"In the Linux kernel, the following vulnerability has been resolved:  scsi: qla2xxx: Fix crash during module load unload test  During purex packet handling the driver was incorrectly freeing a pre-allocated structure. Fix this by skipping that entry.  System crashed with the following stack during a module unload test.  Call Trace: \tsbitmap_init_node+0x7f/0x1e0 \tsbitmap_queue_init_node+0x24/0x150 \tblk_mq_init_bitmaps+0x3d/0xa0 \tblk_mq_init_tags+0x68/0x90 \tblk_mq_alloc_map_and_rqs+0x44/0x120 \tblk_mq_alloc_set_map_and_rqs+0x63/0x150 \tblk_mq_alloc_tag_set+0x11b/0x230 \tscsi_add_host_with_dma.cold+0x3f/0x245 \tqla2x00_probe_one+0xd5a/0x1b80 [qla2xxx]  Call Trace with slub_debug and debug kernel: \tkasan_report_invalid_free+0x50/0x80 \t__kasan_slab_free+0x137/0x150 \tslab_free_freelist_hook+0xc6/0x190 \tkfree+0xe8/0x2e0 \tqla2x00_free_device+0x3bb/0x5d0 [qla2xxx] \tqla2x00_remove_one+0x668/0xcf0 [qla2xxx]","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49160.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49160.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49160","reference_id":"","reference_type":"","scores":[{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.0167","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49160"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2347673","reference_id":"2347673","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2347673"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7683","reference_id":"RHSA-2022:7683","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7683"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8267","reference_id":"RHSA-2022:8267","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8267"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-49160"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qa5b-e3sq-x3ca"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82877?format=json","vulnerability_id":"VCID-qaf1-k25n-e3gg","summary":"In the Linux kernel, the following vulnerability has been resolved:  memstick/mspro_block: fix handling of read-only devices  Use set_disk_ro to propagate the read-only state to the block layer instead of checking for it in ->open and leaking a reference in case of a read-only device.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49178.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49178.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49178","reference_id":"","reference_type":"","scores":[{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01756","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49178"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2347935","reference_id":"2347935","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2347935"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-49178"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qaf1-k25n-e3gg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86360?format=json","vulnerability_id":"VCID-qaks-mvfq-rqhs","summary":"kernel: bpf: Call free_htab_elem() after htab_unlock_bucket()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56592.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56592.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2334494","reference_id":"2334494","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2334494"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-56592"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qaks-mvfq-rqhs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59595?format=json","vulnerability_id":"VCID-qb5u-abf3-cubv","summary":"kernel: RDMA/rxe: Validate pad and ICRC before payload_size() in rxe_rcv","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46043.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46043.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482127","reference_id":"2482127","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482127"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-46043"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qb5u-abf3-cubv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62313?format=json","vulnerability_id":"VCID-qcnk-s35k-77e2","summary":"kernel: drm/amdgpu: prevent immediate PASID reuse case","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31462.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31462.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460647","reference_id":"2460647","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460647"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-31462"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qcnk-s35k-77e2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88866?format=json","vulnerability_id":"VCID-qd3j-xttx-3bg7","summary":"In the Linux kernel, the following vulnerability has been resolved:  drm/amd/display: Ensure array index tg_inst won't be -1  [WHY & HOW] tg_inst will be a negative if timing_generator_count equals 0, which should be checked before used.  This fixes 2 OVERRUN issues reported by Coverity.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-46730.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-46730.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2313061","reference_id":"2313061","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2313061"},{"reference_url":"https://git.kernel.org/stable/c/687fe329f18ab0ab0496b20ed2cb003d4879d931","reference_id":"687fe329f18ab0ab0496b20ed2cb003d4879d931","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:54:24Z/"}],"url":"https://git.kernel.org/stable/c/687fe329f18ab0ab0496b20ed2cb003d4879d931"},{"reference_url":"https://git.kernel.org/stable/c/a64284b9e1999ad5580debced4bc6d6adb28aad4","reference_id":"a64284b9e1999ad5580debced4bc6d6adb28aad4","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:54:24Z/"}],"url":"https://git.kernel.org/stable/c/a64284b9e1999ad5580debced4bc6d6adb28aad4"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-46730"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qd3j-xttx-3bg7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82766?format=json","vulnerability_id":"VCID-qfyj-bh8q-4be1","summary":"kernel: drm/scheduler: fix fence ref counting","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49829.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49829.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49829","reference_id":"","reference_type":"","scores":[{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22384","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49829"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2363528","reference_id":"2363528","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2363528"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-49829"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qfyj-bh8q-4be1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87912?format=json","vulnerability_id":"VCID-qj29-hczq-sbdx","summary":"kernel: icmp: change the order of rate limits","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47678.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47678.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2320212","reference_id":"2320212","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2320212"},{"reference_url":"https://git.kernel.org/stable/c/483397b4ba280813e4a9c161a0a85172ddb43d19","reference_id":"483397b4ba280813e4a9c161a0a85172ddb43d19","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T13:07:41Z/"}],"url":"https://git.kernel.org/stable/c/483397b4ba280813e4a9c161a0a85172ddb43d19"},{"reference_url":"https://git.kernel.org/stable/c/662ec52260cc07b9ae53ecd3925183c29d34288b","reference_id":"662ec52260cc07b9ae53ecd3925183c29d34288b","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T13:07:41Z/"}],"url":"https://git.kernel.org/stable/c/662ec52260cc07b9ae53ecd3925183c29d34288b"},{"reference_url":"https://git.kernel.org/stable/c/8c2bd38b95f75f3d2a08c93e35303e26d480d24e","reference_id":"8c2bd38b95f75f3d2a08c93e35303e26d480d24e","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T13:07:41Z/"}],"url":"https://git.kernel.org/stable/c/8c2bd38b95f75f3d2a08c93e35303e26d480d24e"},{"reference_url":"https://git.kernel.org/stable/c/997ba8889611891f91e8ad83583466aeab6239a3","reference_id":"997ba8889611891f91e8ad83583466aeab6239a3","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T13:07:41Z/"}],"url":"https://git.kernel.org/stable/c/997ba8889611891f91e8ad83583466aeab6239a3"},{"reference_url":"https://git.kernel.org/stable/c/a7722921adb046e3836eb84372241f32584bdb07","reference_id":"a7722921adb046e3836eb84372241f32584bdb07","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T13:07:41Z/"}],"url":"https://git.kernel.org/stable/c/a7722921adb046e3836eb84372241f32584bdb07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:6966","reference_id":"RHSA-2025:6966","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:6966"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-47678"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qj29-hczq-sbdx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85098?format=json","vulnerability_id":"VCID-qkeu-rz4s-53a1","summary":"kernel: xfrm: state: fix out-of-bounds read during lookup","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-57982.json","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-57982.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2348640","reference_id":"2348640","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2348640"},{"reference_url":"https://git.kernel.org/stable/c/a16871c7832ea6435abb6e0b58289ae7dcb7e4fc","reference_id":"a16871c7832ea6435abb6e0b58289ae7dcb7e4fc","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:31:46Z/"}],"url":"https://git.kernel.org/stable/c/a16871c7832ea6435abb6e0b58289ae7dcb7e4fc"},{"reference_url":"https://git.kernel.org/stable/c/b86dc510308d7a8955f3f47a4fea4bef887653e4","reference_id":"b86dc510308d7a8955f3f47a4fea4bef887653e4","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:31:46Z/"}],"url":"https://git.kernel.org/stable/c/b86dc510308d7a8955f3f47a4fea4bef887653e4"},{"reference_url":"https://git.kernel.org/stable/c/dd4c2a174994238d55ab54da2545543d36f4e0d0","reference_id":"dd4c2a174994238d55ab54da2545543d36f4e0d0","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:31:46Z/"}],"url":"https://git.kernel.org/stable/c/dd4c2a174994238d55ab54da2545543d36f4e0d0"},{"reference_url":"https://git.kernel.org/stable/c/e952837f3ddb0ff726d5b582aa1aad9aa38d024d","reference_id":"e952837f3ddb0ff726d5b582aa1aad9aa38d024d","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:31:46Z/"}],"url":"https://git.kernel.org/stable/c/e952837f3ddb0ff726d5b582aa1aad9aa38d024d"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-57982"],"risk_score":3.2,"exploitability":"0.5","weighted_severity":"6.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qkeu-rz4s-53a1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62067?format=json","vulnerability_id":"VCID-qmkt-912x-9yfb","summary":"kernel: rxrpc: proc: size address buffers for %pISpc output","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31630.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31630.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461545","reference_id":"2461545","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461545"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2026-31630"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qmkt-912x-9yfb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79295?format=json","vulnerability_id":"VCID-qmpc-u417-hqfu","summary":"kernel: ice: fix Tx scheduler error handling in XDP callback","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38127.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38127.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2376087","reference_id":"2376087","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2376087"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:20518","reference_id":"RHSA-2025:20518","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:20518"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2025-38127"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qmpc-u417-hqfu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75112?format=json","vulnerability_id":"VCID-qncn-y5be-gudr","summary":"kernel: accel/habanalabs: postpone mem_mgr IDR destruction to hpriv_release()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53353.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53353.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2396135","reference_id":"2396135","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2396135"},{"reference_url":"https://git.kernel.org/stable/c/2e8e9a895c4589f124a37fc84d123b5114406e94","reference_id":"2e8e9a895c4589f124a37fc84d123b5114406e94","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T18:42:03Z/"}],"url":"https://git.kernel.org/stable/c/2e8e9a895c4589f124a37fc84d123b5114406e94"},{"reference_url":"https://git.kernel.org/stable/c/840de329ca99cafd0cdde9c6ac160b1330942aba","reference_id":"840de329ca99cafd0cdde9c6ac160b1330942aba","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T18:42:03Z/"}],"url":"https://git.kernel.org/stable/c/840de329ca99cafd0cdde9c6ac160b1330942aba"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2023-53353"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qncn-y5be-gudr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83195?format=json","vulnerability_id":"VCID-qp2v-18yp-afdv","summary":"kernel: spufs: fix gang directory lifetimes","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-22072.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-22072.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2360245","reference_id":"2360245","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2360245"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-22072"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qp2v-18yp-afdv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62418?format=json","vulnerability_id":"VCID-qrwc-h3he-afd8","summary":"kernel: xfs: avoid dereferencing log items after push callbacks","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31453.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31453.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460731","reference_id":"2460731","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460731"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2026-31453"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qrwc-h3he-afd8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82974?format=json","vulnerability_id":"VCID-qtzs-8pbg-4qdf","summary":"In the Linux kernel, the following vulnerability has been resolved:  block: fix rq-qos breakage from skipping rq_qos_done_bio()  a647a524a467 (\"block: don't call rq_qos_ops->done_bio if the bio isn't tracked\") made bio_endio() skip rq_qos_done_bio() if BIO_TRACKED is not set. While this fixed a potential oops, it also broke blk-iocost by skipping the done_bio callback for merged bios.  Before, whether a bio goes through rq_qos_throttle() or rq_qos_merge(), rq_qos_done_bio() would be called on the bio on completion with BIO_TRACKED distinguishing the former from the latter. rq_qos_done_bio() is not called for bios which wenth through rq_qos_merge(). This royally confuses blk-iocost as the merged bios never finish and are considered perpetually in-flight.  One reliably reproducible failure mode is an intermediate cgroup geting stuck active preventing its children from being activated due to the leaf-only rule, leading to loss of control. The following is from resctl-bench protection scenario which emulates isolating a web server like workload from a memory bomb run on an iocost configuration which should yield a reasonable level of protection.    # cat /sys/block/nvme2n1/device/model   Samsung SSD 970 PRO 512GB   # cat /sys/fs/cgroup/io.cost.model   259:0 ctrl=user model=linear rbps=834913556 rseqiops=93622 rrandiops=102913 wbps=618985353 wseqiops=72325 wrandiops=71025   # cat /sys/fs/cgroup/io.cost.qos   259:0 enable=1 ctrl=user rpct=95.00 rlat=18776 wpct=95.00 wlat=8897 min=60.00 max=100.00   # resctl-bench -m 29.6G -r out.json run protection::scenario=mem-hog,loops=1   ...   Memory Hog Summary   ==================    IO Latency: R p50=242u:336u/2.5m p90=794u:1.4m/7.5m p99=2.7m:8.0m/62.5m max=8.0m:36.4m/350m               W p50=221u:323u/1.5m p90=709u:1.2m/5.5m p99=1.5m:2.5m/9.5m max=6.9m:35.9m/350m    Isolation and Request Latency Impact Distributions:                  min   p01   p05   p10   p25   p50   p75   p90   p95   p99   max  mean stdev   isol%       15.90 15.90 15.90 40.05 57.24 59.07 60.01 74.63 74.63 90.35 90.35 58.12 15.82   lat-imp%        0     0     0     0     0  4.55 14.68 15.54 233.5 548.1 548.1 53.88 143.6    Result: isol=58.12:15.82% lat_imp=53.88%:143.6 work_csv=100.0% missing=3.96%  The isolation result of 58.12% is close to what this device would show without any IO control.  Fix it by introducing a new flag BIO_QOS_MERGED to mark merged bios and calling rq_qos_done_bio() on them too. For consistency and clarity, rename BIO_TRACKED to BIO_QOS_THROTTLED. The flag checks are moved into rq_qos_done_bio() so that it's next to the code paths that set the flags.  With the patch applied, the above same benchmark shows:    # resctl-bench -m 29.6G -r out.json run protection::scenario=mem-hog,loops=1   ...   Memory Hog Summary   ==================    IO Latency: R p50=123u:84.4u/985u p90=322u:256u/2.5m p99=1.6m:1.4m/9.5m max=11.1m:36.0m/350m               W p50=429u:274u/995u p90=1.7m:1.3m/4.5m p99=3.4m:2.7m/11.5m max=7.9m:5.9m/26.5m    Isolation and Request Latency Impact Distributions:                  min   p01   p05   p10   p25   p50   p75   p90   p95   p99   max  mean stdev   isol%       84.91 84.91 89.51 90.73 92.31 94.49 96.36 98.04 98.71 100.0 100.0 94.42  2.81   lat-imp%        0     0     0     0     0  2.81  5.73 11.11 13.92 17.53 22.61  4.10  4.68    Result: isol=94.42:2.81% lat_imp=4.10%:4.68 work_csv=58.34% missing=0%","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49266.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49266.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49266","reference_id":"","reference_type":"","scores":[{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01915","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49266"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2347985","reference_id":"2347985","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2347985"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-49266"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qtzs-8pbg-4qdf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84846?format=json","vulnerability_id":"VCID-qu8p-j9jz-sbbp","summary":"In the Linux kernel, the following vulnerability has been resolved:  atl1c: Work around the DMA RX overflow issue  This is based on alx driver commit 881d0327db37 (\"net: alx: Work around the DMA RX overflow issue\").  The alx and atl1c drivers had RX overflow error which was why a custom allocator was created to avoid certain addresses. The simpler workaround then created for alx driver, but not for atl1c due to lack of tester.  Instead of using a custom allocator, check the allocated skb address and use skb_reserve() to move away from problematic 0x...fc0 address.  Tested on AR8131 on Acer 4540.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52834.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52834.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2282744","reference_id":"2282744","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2282744"},{"reference_url":"https://git.kernel.org/stable/c/32f08b7b430ee01ec47d730f961a3306c1c7b6fb","reference_id":"32f08b7b430ee01ec47d730f961a3306c1c7b6fb","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-21T18:09:31Z/"}],"url":"https://git.kernel.org/stable/c/32f08b7b430ee01ec47d730f961a3306c1c7b6fb"},{"reference_url":"https://git.kernel.org/stable/c/54a6152da4993ec8e4b53dc3cf577f5a2c829afa","reference_id":"54a6152da4993ec8e4b53dc3cf577f5a2c829afa","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-21T18:09:31Z/"}],"url":"https://git.kernel.org/stable/c/54a6152da4993ec8e4b53dc3cf577f5a2c829afa"},{"reference_url":"https://git.kernel.org/stable/c/57e44ff9c2c9747b2b1a53556810b0e5192655d6","reference_id":"57e44ff9c2c9747b2b1a53556810b0e5192655d6","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-21T18:09:31Z/"}],"url":"https://git.kernel.org/stable/c/57e44ff9c2c9747b2b1a53556810b0e5192655d6"},{"reference_url":"https://git.kernel.org/stable/c/86565682e9053e5deb128193ea9e88531bbae9cf","reference_id":"86565682e9053e5deb128193ea9e88531bbae9cf","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-21T18:09:31Z/"}],"url":"https://git.kernel.org/stable/c/86565682e9053e5deb128193ea9e88531bbae9cf"},{"reference_url":"https://git.kernel.org/stable/c/c29a89b23f67ee592f4dee61f9d7efbf86d60315","reference_id":"c29a89b23f67ee592f4dee61f9d7efbf86d60315","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-21T18:09:31Z/"}],"url":"https://git.kernel.org/stable/c/c29a89b23f67ee592f4dee61f9d7efbf86d60315"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5101","reference_id":"RHSA-2024:5101","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5101"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5102","reference_id":"RHSA-2024:5102","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5102"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9315","reference_id":"RHSA-2024:9315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9315"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10701","reference_id":"RHSA-2025:10701","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10701"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-52834"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qu8p-j9jz-sbbp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86349?format=json","vulnerability_id":"VCID-qu9k-d2p3-pkec","summary":"kernel: Bluetooth: hci_core: Fix not checking skb length on hci_acldata_packet","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56590.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56590.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2334486","reference_id":"2334486","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2334486"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:6966","reference_id":"RHSA-2025:6966","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:6966"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-56590"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qu9k-d2p3-pkec"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59607?format=json","vulnerability_id":"VCID-qwfq-k94h-q7hx","summary":"kernel: erofs: fix the out-of-bounds nameoff handling for trailing dirents","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46078.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46078.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482136","reference_id":"2482136","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482136"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-46078"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qwfq-k94h-q7hx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59642?format=json","vulnerability_id":"VCID-qwkq-f23k-zqgu","summary":"kernel: ata: libata-scsi: avoid Non-NCQ command starvation","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45855.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45855.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482163","reference_id":"2482163","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482163"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-45855"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qwkq-f23k-zqgu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61656?format=json","vulnerability_id":"VCID-r1z1-zffy-3kem","summary":"kernel: rtnetlink: add missing netlink_ns_capable() check for peer netns","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31692.json","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31692.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2464093","reference_id":"2464093","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2464093"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2026-31692"],"risk_score":3.2,"exploitability":"0.5","weighted_severity":"6.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r1z1-zffy-3kem"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82920?format=json","vulnerability_id":"VCID-r2d7-u7fx-fuew","summary":"In the Linux kernel, the following vulnerability has been resolved:  drm/dp: Fix OOB read when handling Post Cursor2 register  The link_status array was not large enough to read the Adjust Request Post Cursor2 register, so remove the common helper function to avoid an OOB read, found with a -Warray-bounds build:  drivers/gpu/drm/drm_dp_helper.c: In function 'drm_dp_get_adjust_request_post_cursor': drivers/gpu/drm/drm_dp_helper.c:59:27: error: array subscript 10 is outside array bounds of 'const u8[6]' {aka 'const unsigned char[6]'} [-Werror=array-bounds]    59 |         return link_status[r - DP_LANE0_1_STATUS];       |                ~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~ drivers/gpu/drm/drm_dp_helper.c:147:51: note: while referencing 'link_status'   147 | u8 drm_dp_get_adjust_request_post_cursor(const u8 link_status[DP_LINK_STATUS_SIZE],       |                                          ~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~  Replace the only user of the helper with an open-coded fetch and decode, similar to drivers/gpu/drm/amd/display/dc/core/dc_link_dp.c.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49218.json","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49218.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49218","reference_id":"","reference_type":"","scores":[{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01476","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49218"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2348078","reference_id":"2348078","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2348078"},{"reference_url":"https://git.kernel.org/stable/c/a2151490cc6c57b368d7974ffd447a8b36ade639","reference_id":"a2151490cc6c57b368d7974ffd447a8b36ade639","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:46:31Z/"}],"url":"https://git.kernel.org/stable/c/a2151490cc6c57b368d7974ffd447a8b36ade639"},{"reference_url":"https://git.kernel.org/stable/c/aeaed9a9fe694f8b1462fb81e2d33298c929180b","reference_id":"aeaed9a9fe694f8b1462fb81e2d33298c929180b","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:46:31Z/"}],"url":"https://git.kernel.org/stable/c/aeaed9a9fe694f8b1462fb81e2d33298c929180b"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-49218"],"risk_score":3.2,"exploitability":"0.5","weighted_severity":"6.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r2d7-u7fx-fuew"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88509?format=json","vulnerability_id":"VCID-r2re-s1bf-wkdc","summary":"In the Linux kernel, the following vulnerability has been resolved:  s390/uv: Don't call folio_wait_writeback() without a folio reference  folio_wait_writeback() requires that no spinlocks are held and that a folio reference is held, as documented. After we dropped the PTL, the folio could get freed concurrently. So grab a temporary reference.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-43832.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-43832.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/1a1eb2f3fc453dcd52726d13e863938561489cb7","reference_id":"1a1eb2f3fc453dcd52726d13e863938561489cb7","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:08:24Z/"}],"url":"https://git.kernel.org/stable/c/1a1eb2f3fc453dcd52726d13e863938561489cb7"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2305490","reference_id":"2305490","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2305490"},{"reference_url":"https://git.kernel.org/stable/c/3f29f6537f54d74e64bac0a390fb2e26da25800d","reference_id":"3f29f6537f54d74e64bac0a390fb2e26da25800d","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:08:24Z/"}],"url":"https://git.kernel.org/stable/c/3f29f6537f54d74e64bac0a390fb2e26da25800d"},{"reference_url":"https://git.kernel.org/stable/c/8736604ef53359a718c246087cd21dcec232d2fb","reference_id":"8736604ef53359a718c246087cd21dcec232d2fb","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:08:24Z/"}],"url":"https://git.kernel.org/stable/c/8736604ef53359a718c246087cd21dcec232d2fb"},{"reference_url":"https://git.kernel.org/stable/c/b21aba72aadd94bdac275deab021fc84d6c72b16","reference_id":"b21aba72aadd94bdac275deab021fc84d6c72b16","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:08:24Z/"}],"url":"https://git.kernel.org/stable/c/b21aba72aadd94bdac275deab021fc84d6c72b16"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-43832"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r2re-s1bf-wkdc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75423?format=json","vulnerability_id":"VCID-r3d1-rg6p-p3dz","summary":"kernel: net: rose: convert 'use' field to refcount_t","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39826.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39826.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2395799","reference_id":"2395799","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2395799"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-39826"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r3d1-rg6p-p3dz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83061?format=json","vulnerability_id":"VCID-r4u1-rwcy-hbhv","summary":"In the Linux kernel, the following vulnerability has been resolved:  f2fs: avoid infinite loop to flush node pages  xfstests/generic/475 can give EIO all the time which give an infinite loop to flush node page like below. Let's avoid it.  [16418.518551] Call Trace: [16418.518553]  ? dm_submit_bio+0x48/0x400 [16418.518574]  ? submit_bio_checks+0x1ac/0x5a0 [16418.525207]  __submit_bio+0x1a9/0x230 [16418.525210]  ? kmem_cache_alloc+0x29e/0x3c0 [16418.525223]  submit_bio_noacct+0xa8/0x2b0 [16418.525226]  submit_bio+0x4d/0x130 [16418.525238]  __submit_bio+0x49/0x310 [f2fs] [16418.525339]  ? bio_add_page+0x6a/0x90 [16418.525344]  f2fs_submit_page_bio+0x134/0x1f0 [f2fs] [16418.525365]  read_node_page+0x125/0x1b0 [f2fs] [16418.525388]  __get_node_page.part.0+0x58/0x3f0 [f2fs] [16418.525409]  __get_node_page+0x2f/0x60 [f2fs] [16418.525431]  f2fs_get_dnode_of_data+0x423/0x860 [f2fs] [16418.525452]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [16418.525458]  ? __mod_memcg_state.part.0+0x2a/0x30 [16418.525465]  ? __mod_memcg_lruvec_state+0x27/0x40 [16418.525467]  ? __xa_set_mark+0x57/0x70 [16418.525472]  f2fs_do_write_data_page+0x10e/0x7b0 [f2fs] [16418.525493]  f2fs_write_single_data_page+0x555/0x830 [f2fs] [16418.525514]  ? sysvec_apic_timer_interrupt+0x4e/0x90 [16418.525518]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [16418.525523]  f2fs_write_cache_pages+0x303/0x880 [f2fs] [16418.525545]  ? blk_flush_plug_list+0x47/0x100 [16418.525548]  f2fs_write_data_pages+0xfd/0x320 [f2fs] [16418.525569]  do_writepages+0xd5/0x210 [16418.525648]  filemap_fdatawrite_wbc+0x7d/0xc0 [16418.525655]  filemap_fdatawrite+0x50/0x70 [16418.525658]  f2fs_sync_dirty_inodes+0xa4/0x230 [f2fs] [16418.525679]  f2fs_write_checkpoint+0x16d/0x1720 [f2fs] [16418.525699]  ? ttwu_do_wakeup+0x1c/0x160 [16418.525709]  ? ttwu_do_activate+0x6d/0xd0 [16418.525711]  ? __wait_for_common+0x11d/0x150 [16418.525715]  kill_f2fs_super+0xca/0x100 [f2fs] [16418.525733]  deactivate_locked_super+0x3b/0xb0 [16418.525739]  deactivate_super+0x40/0x50 [16418.525741]  cleanup_mnt+0x139/0x190 [16418.525747]  __cleanup_mnt+0x12/0x20 [16418.525749]  task_work_run+0x6d/0xa0 [16418.525765]  exit_to_user_mode_prepare+0x1ad/0x1b0 [16418.525771]  syscall_exit_to_user_mode+0x27/0x50 [16418.525774]  do_syscall_64+0x48/0xc0 [16418.525776]  entry_SYSCALL_64_after_hwframe+0x44/0xae","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49317.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49317.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49317","reference_id":"","reference_type":"","scores":[{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01648","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49317"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2347754","reference_id":"2347754","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2347754"},{"reference_url":"https://git.kernel.org/stable/c/a7b8618aa2f0f926ce85f2486ac835a85c753ca7","reference_id":"a7b8618aa2f0f926ce85f2486ac835a85c753ca7","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:43:54Z/"}],"url":"https://git.kernel.org/stable/c/a7b8618aa2f0f926ce85f2486ac835a85c753ca7"},{"reference_url":"https://git.kernel.org/stable/c/bd47ea5d776d8b524fb6f60de3240f95603901dd","reference_id":"bd47ea5d776d8b524fb6f60de3240f95603901dd","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:43:54Z/"}],"url":"https://git.kernel.org/stable/c/bd47ea5d776d8b524fb6f60de3240f95603901dd"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-49317"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r4u1-rwcy-hbhv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73923?format=json","vulnerability_id":"VCID-r5d8-hm9u-vyet","summary":"kernel: netfilter: conntrack: fix wrong ct->timeout value","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53635.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53635.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2402285","reference_id":"2402285","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2402285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6583","reference_id":"RHSA-2023:6583","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6583"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-53635"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r5d8-hm9u-vyet"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/68418?format=json","vulnerability_id":"VCID-r5ka-s4yf-2uak","summary":"Integer overflow in the firmware for some Intel(R) Graphics Drivers for Windows * before version 26.20.100.7212 and before Linux kernel version 5.5 may allow a privileged user to potentially enable an escalation of privilege via local access.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12362.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12362.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-12362","reference_id":"","reference_type":"","scores":[{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29531","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-12362"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1930246","reference_id":"1930246","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1930246"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1578","reference_id":"RHSA-2021:1578","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1578"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1620","reference_id":"RHSA-2021:1620","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1620"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1739","reference_id":"RHSA-2021:1739","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1739"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2106","reference_id":"RHSA-2021:2106","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2106"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2164","reference_id":"RHSA-2021:2164","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2164"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2185","reference_id":"RHSA-2021:2185","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2185"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2190","reference_id":"RHSA-2021:2190","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2190"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2293","reference_id":"RHSA-2021:2293","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2293"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2314","reference_id":"RHSA-2021:2314","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2314"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2316","reference_id":"RHSA-2021:2316","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2316"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2355","reference_id":"RHSA-2021:2355","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2355"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2523","reference_id":"RHSA-2021:2523","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2523"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2735","reference_id":"RHSA-2021:2735","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2735"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2020-12362"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r5ka-s4yf-2uak"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85095?format=json","vulnerability_id":"VCID-r5m7-c2ex-c3av","summary":"kernel: btrfs: do proper folio cleanup when cow_file_range() failed","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-57976.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-57976.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2348637","reference_id":"2348637","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2348637"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-57976"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r5m7-c2ex-c3av"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85836?format=json","vulnerability_id":"VCID-r5v2-jywv-skch","summary":"kernel: net/smc: check v2_ext_offset/eid_cnt/ism_gid_cnt when receiving proposal msg","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-49568.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-49568.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2337119","reference_id":"2337119","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2337119"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-49568"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r5v2-jywv-skch"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59506?format=json","vulnerability_id":"VCID-r648-kgz5-vfds","summary":"kernel: ALSA: control: Validate buf_len before strnlen() in snd_ctl_elem_init_enum_names()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46088.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46088.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482059","reference_id":"2482059","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482059"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-46088"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r648-kgz5-vfds"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75625?format=json","vulnerability_id":"VCID-r6qe-mb55-37dk","summary":"kernel: drm/amdgpu: install stub fence into potential unused fence pointers","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53248.json","reference_id":"","reference_type":"","scores":[{"value":"6.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53248.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/187916e6ed9d0c3b3abc27429f7a5f8c936bd1f0","reference_id":"187916e6ed9d0c3b3abc27429f7a5f8c936bd1f0","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T17:59:31Z/"}],"url":"https://git.kernel.org/stable/c/187916e6ed9d0c3b3abc27429f7a5f8c936bd1f0"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2395250","reference_id":"2395250","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2395250"},{"reference_url":"https://git.kernel.org/stable/c/78b25110eb8c6990f7f5096bc0136c12a2b4cc99","reference_id":"78b25110eb8c6990f7f5096bc0136c12a2b4cc99","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T17:59:31Z/"}],"url":"https://git.kernel.org/stable/c/78b25110eb8c6990f7f5096bc0136c12a2b4cc99"},{"reference_url":"https://git.kernel.org/stable/c/aa9e9ba5748c524eb0925a2ef6984b78793646d6","reference_id":"aa9e9ba5748c524eb0925a2ef6984b78793646d6","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T17:59:31Z/"}],"url":"https://git.kernel.org/stable/c/aa9e9ba5748c524eb0925a2ef6984b78793646d6"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2394","reference_id":"RHSA-2024:2394","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2394"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-53248"],"risk_score":2.7,"exploitability":"0.5","weighted_severity":"5.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r6qe-mb55-37dk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84089?format=json","vulnerability_id":"VCID-r81n-bayf-jbbw","summary":"In the Linux kernel before 5.16, tools/perf/util/expr.c lacks a check for the hashmap__new return value.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-23003.json","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-23003.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-23003","reference_id":"","reference_type":"","scores":[{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32111","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-23003"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/torvalds/linux/commit/0a515a06c5ebfa46fee3ac519e418f801e718da4","reference_id":"0a515a06c5ebfa46fee3ac519e418f801e718da4","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-06T15:56:46Z/"}],"url":"https://github.com/torvalds/linux/commit/0a515a06c5ebfa46fee3ac519e418f801e718da4"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2182662","reference_id":"2182662","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2182662"},{"reference_url":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16","reference_id":"ChangeLog-5.16","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-06T15:56:46Z/"}],"url":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230331-0003/","reference_id":"ntap-20230331-0003","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-06T15:56:46Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230331-0003/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-23003"],"risk_score":1.8,"exploitability":"0.5","weighted_severity":"3.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r81n-bayf-jbbw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84051?format=json","vulnerability_id":"VCID-r98u-nk4m-9qfg","summary":"kernel: drm/i915: Fix a memory leak with reused mmap_offset","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53002.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53002.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/0220e4fe178c3390eb0291cdb34912d66972db8a","reference_id":"0220e4fe178c3390eb0291cdb34912d66972db8a","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T20:08:10Z/"}],"url":"https://git.kernel.org/stable/c/0220e4fe178c3390eb0291cdb34912d66972db8a"},{"reference_url":"https://git.kernel.org/stable/c/0bdc4b4ba7206c452ee81c82fa66e39d0e1780fb","reference_id":"0bdc4b4ba7206c452ee81c82fa66e39d0e1780fb","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T20:08:10Z/"}],"url":"https://git.kernel.org/stable/c/0bdc4b4ba7206c452ee81c82fa66e39d0e1780fb"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2355447","reference_id":"2355447","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2355447"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6583","reference_id":"RHSA-2023:6583","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6583"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7077","reference_id":"RHSA-2023:7077","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7077"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-53002"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r98u-nk4m-9qfg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/76228?format=json","vulnerability_id":"VCID-r9np-y9qs-uqd2","summary":"kernel: drm/amdkfd: Destroy KFD debugfs after destroy KFD wq","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39706.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39706.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2393545","reference_id":"2393545","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2393545"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-39706"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r9np-y9qs-uqd2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88601?format=json","vulnerability_id":"VCID-r9nv-jzhb-fkgj","summary":"In the Linux kernel, the following vulnerability has been resolved:  drm/amd/display: Add null checks for 'stream' and 'plane' before dereferencing  This commit adds null checks for the 'stream' and 'plane' variables in the dcn30_apply_idle_power_optimizations function. These variables were previously assumed to be null at line 922, but they were used later in the code without checking if they were null. This could potentially lead to a null pointer dereference, which would cause a crash.  The null checks ensure that 'stream' and 'plane' are not null before they are used, preventing potential crashes.  Fixes the below static smatch checker: drivers/gpu/drm/amd/amdgpu/../display/dc/hwss/dcn30/dcn30_hwseq.c:938 dcn30_apply_idle_power_optimizations() error: we previously assumed 'stream' could be null (see line 922) drivers/gpu/drm/amd/amdgpu/../display/dc/hwss/dcn30/dcn30_hwseq.c:940 dcn30_apply_idle_power_optimizations() error: we previously assumed 'plane' could be null (see line 922)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-43904.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-43904.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/10c20d79d59cadfe572480d98cec271a89ffb024","reference_id":"10c20d79d59cadfe572480d98cec271a89ffb024","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:28:40Z/"}],"url":"https://git.kernel.org/stable/c/10c20d79d59cadfe572480d98cec271a89ffb024"},{"reference_url":"https://git.kernel.org/stable/c/15c2990e0f0108b9c3752d7072a97d45d4283aea","reference_id":"15c2990e0f0108b9c3752d7072a97d45d4283aea","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:28:40Z/"}],"url":"https://git.kernel.org/stable/c/15c2990e0f0108b9c3752d7072a97d45d4283aea"},{"reference_url":"https://git.kernel.org/stable/c/16a8a2a839d19c4cf7253642b493ffb8eee1d857","reference_id":"16a8a2a839d19c4cf7253642b493ffb8eee1d857","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:28:40Z/"}],"url":"https://git.kernel.org/stable/c/16a8a2a839d19c4cf7253642b493ffb8eee1d857"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2307877","reference_id":"2307877","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2307877"},{"reference_url":"https://git.kernel.org/stable/c/5e84eda48ffb2363437db44bbd0235594f8a58f9","reference_id":"5e84eda48ffb2363437db44bbd0235594f8a58f9","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:28:40Z/"}],"url":"https://git.kernel.org/stable/c/5e84eda48ffb2363437db44bbd0235594f8a58f9"},{"reference_url":"https://git.kernel.org/stable/c/fcf9d6a9f30ea414b6b84a6e901cebd44e146847","reference_id":"fcf9d6a9f30ea414b6b84a6e901cebd44e146847","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:28:40Z/"}],"url":"https://git.kernel.org/stable/c/fcf9d6a9f30ea414b6b84a6e901cebd44e146847"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-43904"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r9nv-jzhb-fkgj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69289?format=json","vulnerability_id":"VCID-r9qv-pqj1-s7g9","summary":"kernel: btrfs: set generation before calling btrfs_clean_tree_block in btrfs_init_new_buffer","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50766.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50766.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50766","reference_id":"","reference_type":"","scores":[{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.08353","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50766"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2425094","reference_id":"2425094","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2425094"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-50766"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r9qv-pqj1-s7g9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88864?format=json","vulnerability_id":"VCID-ra5g-vte5-q7h7","summary":"In the Linux kernel, the following vulnerability has been resolved:  drm/amd/display: Check index for aux_rd_interval before using  aux_rd_interval has size of 7 and should be checked.  This fixes 3 OVERRUN and 1 INTEGER_OVERFLOW issues reported by Coverity.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-46728.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-46728.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2313059","reference_id":"2313059","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2313059"},{"reference_url":"https://git.kernel.org/stable/c/48e0b68e2360b16edf2a0bae05c0051c00fbb48a","reference_id":"48e0b68e2360b16edf2a0bae05c0051c00fbb48a","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:54:57Z/"}],"url":"https://git.kernel.org/stable/c/48e0b68e2360b16edf2a0bae05c0051c00fbb48a"},{"reference_url":"https://git.kernel.org/stable/c/6c588e9350dd7a9fb97a56fe74852c9ecc44450c","reference_id":"6c588e9350dd7a9fb97a56fe74852c9ecc44450c","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:54:57Z/"}],"url":"https://git.kernel.org/stable/c/6c588e9350dd7a9fb97a56fe74852c9ecc44450c"},{"reference_url":"https://git.kernel.org/stable/c/9ba2ea6337b4f159aecb177555a6a81da92d302e","reference_id":"9ba2ea6337b4f159aecb177555a6a81da92d302e","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:54:57Z/"}],"url":"https://git.kernel.org/stable/c/9ba2ea6337b4f159aecb177555a6a81da92d302e"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-46728"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ra5g-vte5-q7h7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59167?format=json","vulnerability_id":"VCID-racz-vt1y-gyd9","summary":"kernel: usb: usblp: fix heap leak in IEEE 1284 device ID via short response","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46151.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46151.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482579","reference_id":"2482579","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482579"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-46151"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-racz-vt1y-gyd9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88197?format=json","vulnerability_id":"VCID-rbpg-vfh2-ckd9","summary":"kernel: drm/amd/display: Initialize denominators' default to 1","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-49899.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-49899.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2320566","reference_id":"2320566","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2320566"},{"reference_url":"https://git.kernel.org/stable/c/7f8e93b862aba08d540f1e9e03e0ceb4d0cfd5fb","reference_id":"7f8e93b862aba08d540f1e9e03e0ceb4d0cfd5fb","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:43:09Z/"}],"url":"https://git.kernel.org/stable/c/7f8e93b862aba08d540f1e9e03e0ceb4d0cfd5fb"},{"reference_url":"https://git.kernel.org/stable/c/9be768f08b16f020da376538b08463ac3a2ce8cd","reference_id":"9be768f08b16f020da376538b08463ac3a2ce8cd","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:43:09Z/"}],"url":"https://git.kernel.org/stable/c/9be768f08b16f020da376538b08463ac3a2ce8cd"},{"reference_url":"https://git.kernel.org/stable/c/9f35cec5e4b9759b38c663d18eae4eaf30f36527","reference_id":"9f35cec5e4b9759b38c663d18eae4eaf30f36527","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:43:09Z/"}],"url":"https://git.kernel.org/stable/c/9f35cec5e4b9759b38c663d18eae4eaf30f36527"},{"reference_url":"https://git.kernel.org/stable/c/b995c0a6de6c74656a0c39cd57a0626351b13e3c","reference_id":"b995c0a6de6c74656a0c39cd57a0626351b13e3c","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:43:09Z/"}],"url":"https://git.kernel.org/stable/c/b995c0a6de6c74656a0c39cd57a0626351b13e3c"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-49899"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rbpg-vfh2-ckd9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74063?format=json","vulnerability_id":"VCID-rgx7-4z44-kyh5","summary":"kernel: wifi: rtw88: delete timer and free skb queue when unloading","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53574.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53574.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2401475","reference_id":"2401475","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2401475"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2023-53574"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rgx7-4z44-kyh5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72788?format=json","vulnerability_id":"VCID-rjd3-9ak7-4qb4","summary":"kernel: smb: client: Fix refcount leak for cifs_sb_tlink","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40103.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40103.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2407350","reference_id":"2407350","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2407350"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-40103"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rjd3-9ak7-4qb4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84830?format=json","vulnerability_id":"VCID-rkuz-s4rw-aqf1","summary":"In the Linux kernel, the following vulnerability has been resolved:  drm/amdgpu/vkms: fix a possible null pointer dereference  In amdgpu_vkms_conn_get_modes(), the return value of drm_cvt_mode() is assigned to mode, which will lead to a NULL pointer dereference on failure of drm_cvt_mode(). Add a check to avoid null pointer dereference.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52815.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52815.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2282781","reference_id":"2282781","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2282781"},{"reference_url":"https://git.kernel.org/stable/c/33fb1a555354bd593f785935ddcb5d9dd4d3847f","reference_id":"33fb1a555354bd593f785935ddcb5d9dd4d3847f","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-22T18:24:04Z/"}],"url":"https://git.kernel.org/stable/c/33fb1a555354bd593f785935ddcb5d9dd4d3847f"},{"reference_url":"https://git.kernel.org/stable/c/70f831f21155c692bb336c434936fd6f24f3f81a","reference_id":"70f831f21155c692bb336c434936fd6f24f3f81a","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-22T18:24:04Z/"}],"url":"https://git.kernel.org/stable/c/70f831f21155c692bb336c434936fd6f24f3f81a"},{"reference_url":"https://git.kernel.org/stable/c/8c6c85a073768df68c1a3fea143d013a38c66d34","reference_id":"8c6c85a073768df68c1a3fea143d013a38c66d34","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-22T18:24:04Z/"}],"url":"https://git.kernel.org/stable/c/8c6c85a073768df68c1a3fea143d013a38c66d34"},{"reference_url":"https://git.kernel.org/stable/c/cd90511557fdfb394bb4ac4c3b539b007383914c","reference_id":"cd90511557fdfb394bb4ac4c3b539b007383914c","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-22T18:24:04Z/"}],"url":"https://git.kernel.org/stable/c/cd90511557fdfb394bb4ac4c3b539b007383914c"},{"reference_url":"https://git.kernel.org/stable/c/eaa03ea366c85ae3cb69c8d4bbc67c8bc2167a27","reference_id":"eaa03ea366c85ae3cb69c8d4bbc67c8bc2167a27","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-22T18:24:04Z/"}],"url":"https://git.kernel.org/stable/c/eaa03ea366c85ae3cb69c8d4bbc67c8bc2167a27"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-52815"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rkuz-s4rw-aqf1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60400?format=json","vulnerability_id":"VCID-rn67-9us1-n7bf","summary":"kernel: btrfs: do not ASSERT() when the fs flips RO inside btrfs_repair_io_failure()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43299.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43299.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2468058","reference_id":"2468058","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2468058"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2026-43299"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rn67-9us1-n7bf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/76138?format=json","vulnerability_id":"VCID-rnnc-wjw5-vue4","summary":"kernel: drm/amdgpu: check if hubbub is NULL in debugfs/amdgpu_dm_capabilities","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39707.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39707.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2393485","reference_id":"2393485","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2393485"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2025-39707"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rnnc-wjw5-vue4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88845?format=json","vulnerability_id":"VCID-rq4y-vn2p-4bcp","summary":"In the Linux kernel, the following vulnerability has been resolved:  driver: iio: add missing checks on iio_info's callback access  Some callbacks from iio_info structure are accessed without any check, so if a driver doesn't implement them trying to access the corresponding sysfs entries produce a kernel oops such as:  [ 2203.527791] Unable to handle kernel NULL pointer dereference at virtual address 00000000 when execute [...] [ 2203.783416] Call trace: [ 2203.783429]  iio_read_channel_info_avail from dev_attr_show+0x18/0x48 [ 2203.789807]  dev_attr_show from sysfs_kf_seq_show+0x90/0x120 [ 2203.794181]  sysfs_kf_seq_show from seq_read_iter+0xd0/0x4e4 [ 2203.798555]  seq_read_iter from vfs_read+0x238/0x2a0 [ 2203.802236]  vfs_read from ksys_read+0xa4/0xd4 [ 2203.805385]  ksys_read from ret_fast_syscall+0x0/0x54 [ 2203.809135] Exception stack(0xe0badfa8 to 0xe0badff0) [ 2203.812880] dfa0:                   00000003 b6f10f80 00000003 b6eab000 00020000 00000000 [ 2203.819746] dfc0: 00000003 b6f10f80 7ff00000 00000003 00000003 00000000 00020000 00000000 [ 2203.826619] dfe0: b6e1bc88 bed80958 b6e1bc94 b6e1bcb0 [ 2203.830363] Code: bad PC value [ 2203.832695] ---[ end trace 0000000000000000 ]---","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-46715.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-46715.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/0cc7e0ee31e5c44904e98e2229d591e093282a70","reference_id":"0cc7e0ee31e5c44904e98e2229d591e093282a70","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:58:24Z/"}],"url":"https://git.kernel.org/stable/c/0cc7e0ee31e5c44904e98e2229d591e093282a70"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2313045","reference_id":"2313045","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2313045"},{"reference_url":"https://git.kernel.org/stable/c/2b961d5786b4b31c367c719a2f918569b444c007","reference_id":"2b961d5786b4b31c367c719a2f918569b444c007","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:58:24Z/"}],"url":"https://git.kernel.org/stable/c/2b961d5786b4b31c367c719a2f918569b444c007"},{"reference_url":"https://git.kernel.org/stable/c/72f022ebb9deac28663fa4c04ba315ed5d6654d1","reference_id":"72f022ebb9deac28663fa4c04ba315ed5d6654d1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:58:24Z/"}],"url":"https://git.kernel.org/stable/c/72f022ebb9deac28663fa4c04ba315ed5d6654d1"},{"reference_url":"https://git.kernel.org/stable/c/c4ec8dedca961db056ec85cb7ca8c9f7e2e92252","reference_id":"c4ec8dedca961db056ec85cb7ca8c9f7e2e92252","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:58:24Z/"}],"url":"https://git.kernel.org/stable/c/c4ec8dedca961db056ec85cb7ca8c9f7e2e92252"},{"reference_url":"https://git.kernel.org/stable/c/dc537a72f64890d883d24ae4ac58733fc5bc523d","reference_id":"dc537a72f64890d883d24ae4ac58733fc5bc523d","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:58:24Z/"}],"url":"https://git.kernel.org/stable/c/dc537a72f64890d883d24ae4ac58733fc5bc523d"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-46715"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rq4y-vn2p-4bcp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69652?format=json","vulnerability_id":"VCID-rq53-1ejs-q3hy","summary":"kernel: drm/radeon: delete radeon_fence_process in is_signaled, no deadlock","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68223.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68223.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2422707","reference_id":"2422707","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2422707"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-68223"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rq53-1ejs-q3hy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78823?format=json","vulnerability_id":"VCID-rq8c-8qhc-kkf4","summary":"kernel: riscv: save the SR_SUM status over switches","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38261.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38261.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2378994","reference_id":"2378994","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2378994"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2025-38261"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rq8c-8qhc-kkf4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77733?format=json","vulnerability_id":"VCID-rtfg-g3zs-x3an","summary":"kernel: mptcp: make fallback action and fallback decision atomic","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38491.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38491.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2383900","reference_id":"2383900","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2383900"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-38491"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rtfg-g3zs-x3an"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61936?format=json","vulnerability_id":"VCID-rtv1-xjgr-ckew","summary":"kernel: staging: sm750fb: fix division by zero in ps_to_hz()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31603.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31603.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461450","reference_id":"2461450","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461450"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-31603"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rtv1-xjgr-ckew"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73806?format=json","vulnerability_id":"VCID-ruch-ye3j-2bek","summary":"kernel: scsi: hisi_sas: Grab sas_dev lock when traversing the members of sas_dev.list","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53627.json","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53627.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2402208","reference_id":"2402208","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2402208"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2023-53627"],"risk_score":2.9,"exploitability":"0.5","weighted_severity":"5.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ruch-ye3j-2bek"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72778?format=json","vulnerability_id":"VCID-rx24-h93w-vfan","summary":"kernel: usb: gadget: f_rndis: Refactor bind path to use __free()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40095.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40095.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2407339","reference_id":"2407339","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2407339"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-40095"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rx24-h93w-vfan"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69740?format=json","vulnerability_id":"VCID-rzeq-n69g-p3bh","summary":"kernel: staging: rtl8723bs: fix out-of-bounds read in rtw_get_ie() parser","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68256.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68256.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2422777","reference_id":"2422777","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2422777"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-68256"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rzeq-n69g-p3bh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81311?format=json","vulnerability_id":"VCID-s49t-g697-3yaf","summary":"In the Linux kernel, the following vulnerability has been resolved:  octeontx2-af: Fix possible null pointer dereference.  This patch fixes possible null pointer dereference in files \"rvu_debugfs.c\" and \"rvu_nix.c\"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47484.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47484.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-47484","reference_id":"","reference_type":"","scores":[{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.09302","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-47484"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2282938","reference_id":"2282938","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2282938"},{"reference_url":"https://git.kernel.org/stable/c/c2d4c543f74c90f883e8ec62a31973ae8807d354","reference_id":"c2d4c543f74c90f883e8ec62a31973ae8807d354","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-29T17:09:25Z/"}],"url":"https://git.kernel.org/stable/c/c2d4c543f74c90f883e8ec62a31973ae8807d354"},{"reference_url":"https://git.kernel.org/stable/c/f1e3cd1cc80204fd02b9e9843450925a2af90dc0","reference_id":"f1e3cd1cc80204fd02b9e9843450925a2af90dc0","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-29T17:09:25Z/"}],"url":"https://git.kernel.org/stable/c/f1e3cd1cc80204fd02b9e9843450925a2af90dc0"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2021-47484"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s49t-g697-3yaf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73122?format=json","vulnerability_id":"VCID-s5sk-j3na-5uf2","summary":"kernel: f2fs: fix to do sanity check on node footer for non inode dnode","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40025.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40025.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2406715","reference_id":"2406715","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2406715"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2025-40025"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s5sk-j3na-5uf2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88216?format=json","vulnerability_id":"VCID-s76c-q3zh-k3a3","summary":"kernel: drm/amd/display: Check null pointers before multiple uses","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-49920.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-49920.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2320579","reference_id":"2320579","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2320579"},{"reference_url":"https://git.kernel.org/stable/c/26787fb6c2b2ee0d1a7e1574b36f4711ae40fe27","reference_id":"26787fb6c2b2ee0d1a7e1574b36f4711ae40fe27","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:40:29Z/"}],"url":"https://git.kernel.org/stable/c/26787fb6c2b2ee0d1a7e1574b36f4711ae40fe27"},{"reference_url":"https://git.kernel.org/stable/c/fdd5ecbbff751c3b9061d8ebb08e5c96119915b4","reference_id":"fdd5ecbbff751c3b9061d8ebb08e5c96119915b4","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:40:29Z/"}],"url":"https://git.kernel.org/stable/c/fdd5ecbbff751c3b9061d8ebb08e5c96119915b4"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-49920"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s76c-q3zh-k3a3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/76668?format=json","vulnerability_id":"VCID-s82g-aypv-gfh3","summary":"kernel: media: venus: Fix OOB read due to missing payload bound check","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38679.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38679.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2393207","reference_id":"2393207","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2393207"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-38679"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s82g-aypv-gfh3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3243?format=json","vulnerability_id":"VCID-s859-mmvd-v7gu","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3566.json","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3566.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3566","reference_id":"","reference_type":"","scores":[{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.07455","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3566"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2143893","reference_id":"2143893","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2143893"},{"reference_url":"https://security.archlinux.org/AVG-2834","reference_id":"AVG-2834","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2834"},{"reference_url":"https://security.archlinux.org/AVG-2835","reference_id":"AVG-2835","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2835"},{"reference_url":"https://security.archlinux.org/AVG-2836","reference_id":"AVG-2836","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2836"},{"reference_url":"https://security.archlinux.org/AVG-2837","reference_id":"AVG-2837","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2837"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2148","reference_id":"RHSA-2023:2148","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2148"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2458","reference_id":"RHSA-2023:2458","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2736","reference_id":"RHSA-2023:2736","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2736"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2951","reference_id":"RHSA-2023:2951","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2951"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0724","reference_id":"RHSA-2024:0724","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0724"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-3566"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s859-mmvd-v7gu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61417?format=json","vulnerability_id":"VCID-s9nf-ezdw-mbcg","summary":"kernel: usb: typec: ucsi: validate connector number in ucsi_notify_common()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31729.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31729.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2464373","reference_id":"2464373","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2464373"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-31729"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s9nf-ezdw-mbcg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59098?format=json","vulnerability_id":"VCID-saze-95c3-fub5","summary":"kernel: RDMA/mlx4: Fix mis-use of RCU in mlx4_srq_event()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46181.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46181.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482532","reference_id":"2482532","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482532"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2026-46181"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-saze-95c3-fub5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85108?format=json","vulnerability_id":"VCID-saze-qk8p-47gf","summary":"kernel: ASoC: SOF: Intel: hda-dai: Ensure DAI widget is valid during params","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-58012.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-58012.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2348650","reference_id":"2348650","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2348650"},{"reference_url":"https://git.kernel.org/stable/c/569922b82ca660f8b24e705f6cf674e6b1f99cc7","reference_id":"569922b82ca660f8b24e705f6cf674e6b1f99cc7","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T20:08:27Z/"}],"url":"https://git.kernel.org/stable/c/569922b82ca660f8b24e705f6cf674e6b1f99cc7"},{"reference_url":"https://git.kernel.org/stable/c/789a2fbf0900982788408d3b0034e0e3f914fb3b","reference_id":"789a2fbf0900982788408d3b0034e0e3f914fb3b","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T20:08:27Z/"}],"url":"https://git.kernel.org/stable/c/789a2fbf0900982788408d3b0034e0e3f914fb3b"},{"reference_url":"https://git.kernel.org/stable/c/e012a77e4d7632cf615ba9625b1600ed8985c3b5","reference_id":"e012a77e4d7632cf615ba9625b1600ed8985c3b5","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T20:08:27Z/"}],"url":"https://git.kernel.org/stable/c/e012a77e4d7632cf615ba9625b1600ed8985c3b5"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:20095","reference_id":"RHSA-2025:20095","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:20095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:20518","reference_id":"RHSA-2025:20518","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:20518"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-58012"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-saze-qk8p-47gf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64844?format=json","vulnerability_id":"VCID-sb3p-ge81-kfez","summary":"kernel: btrfs: fix reservation leak in some error paths when inserting inline extent","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-71268.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-71268.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2448696","reference_id":"2448696","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2448696"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-71268"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sb3p-ge81-kfez"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84023?format=json","vulnerability_id":"VCID-sb5q-pcew-wufr","summary":"kernel: uprobes: Reject the shared zeropage in uprobe_write_opcode()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21881.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21881.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2355422","reference_id":"2355422","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2355422"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-21881"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sb5q-pcew-wufr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88083?format=json","vulnerability_id":"VCID-scra-yzvv-43au","summary":"kernel: drm/amdkfd: amdkfd_free_gtt_mem clear the correct pointer","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-49991.json","reference_id":"","reference_type":"","scores":[{"value":"6.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-49991.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2320486","reference_id":"2320486","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2320486"},{"reference_url":"https://git.kernel.org/stable/c/30ceb873cc2e97348d9da2265b2d1ddf07f682e1","reference_id":"30ceb873cc2e97348d9da2265b2d1ddf07f682e1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:31:14Z/"}],"url":"https://git.kernel.org/stable/c/30ceb873cc2e97348d9da2265b2d1ddf07f682e1"},{"reference_url":"https://git.kernel.org/stable/c/6c9289806591807e4e3be9a23df8ee2069180055","reference_id":"6c9289806591807e4e3be9a23df8ee2069180055","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:31:14Z/"}],"url":"https://git.kernel.org/stable/c/6c9289806591807e4e3be9a23df8ee2069180055"},{"reference_url":"https://git.kernel.org/stable/c/71f3240f82987f0f070ea5bed559033de7d4c0e1","reference_id":"71f3240f82987f0f070ea5bed559033de7d4c0e1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:31:14Z/"}],"url":"https://git.kernel.org/stable/c/71f3240f82987f0f070ea5bed559033de7d4c0e1"},{"reference_url":"https://git.kernel.org/stable/c/c86ad39140bbcb9dc75a10046c2221f657e8083b","reference_id":"c86ad39140bbcb9dc75a10046c2221f657e8083b","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:31:14Z/"}],"url":"https://git.kernel.org/stable/c/c86ad39140bbcb9dc75a10046c2221f657e8083b"},{"reference_url":"https://git.kernel.org/stable/c/e7831613cbbcd9058d3658fbcdc5d5884ceb2e0c","reference_id":"e7831613cbbcd9058d3658fbcdc5d5884ceb2e0c","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:31:14Z/"}],"url":"https://git.kernel.org/stable/c/e7831613cbbcd9058d3658fbcdc5d5884ceb2e0c"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:6966","reference_id":"RHSA-2025:6966","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:6966"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-49991"],"risk_score":2.7,"exploitability":"0.5","weighted_severity":"5.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-scra-yzvv-43au"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84967?format=json","vulnerability_id":"VCID-sdnw-pa3z-8ybs","summary":"In the Linux kernel, the following vulnerability has been resolved:  bpf: support non-r10 register spill/fill to/from stack in precision tracking  Use instruction (jump) history to record instructions that performed register spill/fill to/from stack, regardless if this was done through read-only r10 register, or any other register after copying r10 into it *and* potentially adjusting offset.  To make this work reliably, we push extra per-instruction flags into instruction history, encoding stack slot index (spi) and stack frame number in extra 10 bit flags we take away from prev_idx in instruction history. We don't touch idx field for maximum performance, as it's checked most frequently during backtracking.  This change removes basically the last remaining practical limitation of precision backtracking logic in BPF verifier. It fixes known deficiencies, but also opens up new opportunities to reduce number of verified states, explored in the subsequent patches.  There are only three differences in selftests' BPF object files according to veristat, all in the positive direction (less states).  File                                    Program        Insns (A)  Insns (B)  Insns  (DIFF)  States (A)  States (B)  States (DIFF) --------------------------------------  -------------  ---------  ---------  -------------  ----------  ----------  ------------- test_cls_redirect_dynptr.bpf.linked3.o  cls_redirect        2987       2864  -123 (-4.12%)         240         231    -9 (-3.75%) xdp_synproxy_kern.bpf.linked3.o         syncookie_tc       82848      82661  -187 (-0.23%)        5107        5073   -34 (-0.67%) xdp_synproxy_kern.bpf.linked3.o         syncookie_xdp      85116      84964  -152 (-0.18%)        5162        5130   -32 (-0.62%)  Note, I avoided renaming jmp_history to more generic insn_hist to minimize number of lines changed and potential merge conflicts between bpf and bpf-next trees.  Notice also cur_hist_entry pointer reset to NULL at the beginning of instruction verification loop. This pointer avoids the problem of relying on last jump history entry's insn_idx to determine whether we already have entry for current instruction or not. It can happen that we added jump history entry because current instruction is_jmp_point(), but also we need to add instruction flags for stack access. In this case, we don't want to entries, so we need to reuse last added entry, if it is present.  Relying on insn_idx comparison has the same ambiguity problem as the one that was fixed recently in [0], so we avoid that.    [0] https://patchwork.kernel.org/project/netdevbpf/patch/20231110002638.4168352-3-andrii@kernel.org/","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52920.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52920.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2323841","reference_id":"2323841","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2323841"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2023-52920"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sdnw-pa3z-8ybs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79716?format=json","vulnerability_id":"VCID-sdpu-jraw-k3g4","summary":"kernel: PCI: endpoint: pci-epf-test: Fix double free that causes kernel to oops","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38069.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38069.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2373370","reference_id":"2373370","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2373370"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2025-38069"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sdpu-jraw-k3g4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59152?format=json","vulnerability_id":"VCID-sepw-z3rs-t3gh","summary":"kernel: 8021q: delete cleared egress QoS mappings","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46153.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46153.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482569","reference_id":"2482569","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482569"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2026-46153"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sepw-z3rs-t3gh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84549?format=json","vulnerability_id":"VCID-sf9z-2yzw-cqd4","summary":"In the Linux kernel, the following vulnerability has been resolved:  net/sched: act_ct: fix skb leak and crash on ooo frags  act_ct adds skb->users before defragmentation. If frags arrive in order, the last frag's reference is reset in:    inet_frag_reasm_prepare     skb_morph  which is not straightforward.  However when frags arrive out of order, nobody unref the last frag, and all frags are leaked. The situation is even worse, as initiating packet capture can lead to a crash[0] when skb has been cloned and shared at the same time.  Fix the issue by removing skb_get() before defragmentation. act_ct returns TC_ACT_CONSUMED when defrag failed or in progress.  [0]: [  843.804823] ------------[ cut here ]------------ [  843.809659] kernel BUG at net/core/skbuff.c:2091! [  843.814516] invalid opcode: 0000 [#1] PREEMPT SMP [  843.819296] CPU: 7 PID: 0 Comm: swapper/7 Kdump: loaded Tainted: G S 6.7.0-rc3 #2 [  843.824107] Hardware name: XFUSION 1288H V6/BC13MBSBD, BIOS 1.29 11/25/2022 [  843.828953] RIP: 0010:pskb_expand_head+0x2ac/0x300 [  843.833805] Code: 8b 70 28 48 85 f6 74 82 48 83 c6 08 bf 01 00 00 00 e8 38 bd ff ff 8b 83 c0 00 00 00 48 03 83 c8 00 00 00 e9 62 ff ff ff 0f 0b <0f> 0b e8 8d d0 ff ff e9 b3 fd ff ff 81 7c 24 14 40 01 00 00 4c 89 [  843.843698] RSP: 0018:ffffc9000cce07c0 EFLAGS: 00010202 [  843.848524] RAX: 0000000000000002 RBX: ffff88811a211d00 RCX: 0000000000000820 [  843.853299] RDX: 0000000000000640 RSI: 0000000000000000 RDI: ffff88811a211d00 [  843.857974] RBP: ffff888127d39518 R08: 00000000bee97314 R09: 0000000000000000 [  843.862584] R10: 0000000000000000 R11: ffff8881109f0000 R12: 0000000000000880 [  843.867147] R13: ffff888127d39580 R14: 0000000000000640 R15: ffff888170f7b900 [  843.871680] FS:  0000000000000000(0000) GS:ffff889ffffc0000(0000) knlGS:0000000000000000 [  843.876242] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [  843.880778] CR2: 00007fa42affcfb8 CR3: 000000011433a002 CR4: 0000000000770ef0 [  843.885336] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [  843.889809] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [  843.894229] PKRU: 55555554 [  843.898539] Call Trace: [  843.902772]  <IRQ> [  843.906922]  ? __die_body+0x1e/0x60 [  843.911032]  ? die+0x3c/0x60 [  843.915037]  ? do_trap+0xe2/0x110 [  843.918911]  ? pskb_expand_head+0x2ac/0x300 [  843.922687]  ? do_error_trap+0x65/0x80 [  843.926342]  ? pskb_expand_head+0x2ac/0x300 [  843.929905]  ? exc_invalid_op+0x50/0x60 [  843.933398]  ? pskb_expand_head+0x2ac/0x300 [  843.936835]  ? asm_exc_invalid_op+0x1a/0x20 [  843.940226]  ? pskb_expand_head+0x2ac/0x300 [  843.943580]  inet_frag_reasm_prepare+0xd1/0x240 [  843.946904]  ip_defrag+0x5d4/0x870 [  843.950132]  nf_ct_handle_fragments+0xec/0x130 [nf_conntrack] [  843.953334]  tcf_ct_act+0x252/0xd90 [act_ct] [  843.956473]  ? tcf_mirred_act+0x516/0x5a0 [act_mirred] [  843.959657]  tcf_action_exec+0xa1/0x160 [  843.962823]  fl_classify+0x1db/0x1f0 [cls_flower] [  843.966010]  ? skb_clone+0x53/0xc0 [  843.969173]  tcf_classify+0x24d/0x420 [  843.972333]  tc_run+0x8f/0xf0 [  843.975465]  __netif_receive_skb_core+0x67a/0x1080 [  843.978634]  ? dev_gro_receive+0x249/0x730 [  843.981759]  __netif_receive_skb_list_core+0x12d/0x260 [  843.984869]  netif_receive_skb_list_internal+0x1cb/0x2f0 [  843.987957]  ? mlx5e_handle_rx_cqe_mpwrq_rep+0xfa/0x1a0 [mlx5_core] [  843.991170]  napi_complete_done+0x72/0x1a0 [  843.994305]  mlx5e_napi_poll+0x28c/0x6d0 [mlx5_core] [  843.997501]  __napi_poll+0x25/0x1b0 [  844.000627]  net_rx_action+0x256/0x330 [  844.003705]  __do_softirq+0xb3/0x29b [  844.006718]  irq_exit_rcu+0x9e/0xc0 [  844.009672]  common_interrupt+0x86/0xa0 [  844.012537]  </IRQ> [  844.015285]  <TASK> [  844.017937]  asm_common_interrupt+0x26/0x40 [  844.020591] RIP: 0010:acpi_safe_halt+0x1b/0x20 [  844.023247] Code: ff 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 65 48 8b 04 25 00 18 03 00 48 8b 00 a8 08 75 0c 66 90 0f 00 2d 81 d0 44 00 fb ---truncated---","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52610.json","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52610.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/0b5b831122fc3789fff75be433ba3e4dd7b779d4","reference_id":"0b5b831122fc3789fff75be433ba3e4dd7b779d4","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-21T16:09:12Z/"}],"url":"https://git.kernel.org/stable/c/0b5b831122fc3789fff75be433ba3e4dd7b779d4"},{"reference_url":"https://git.kernel.org/stable/c/172ba7d46c202e679f3ccb10264c67416aaeb1c4","reference_id":"172ba7d46c202e679f3ccb10264c67416aaeb1c4","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-21T16:09:12Z/"}],"url":"https://git.kernel.org/stable/c/172ba7d46c202e679f3ccb10264c67416aaeb1c4"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2270080","reference_id":"2270080","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2270080"},{"reference_url":"https://git.kernel.org/stable/c/3f14b377d01d8357eba032b4cabc8c1149b458b6","reference_id":"3f14b377d01d8357eba032b4cabc8c1149b458b6","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-21T16:09:12Z/"}],"url":"https://git.kernel.org/stable/c/3f14b377d01d8357eba032b4cabc8c1149b458b6"},{"reference_url":"https://git.kernel.org/stable/c/73f7da5fd124f2cda9161e2e46114915e6e82e97","reference_id":"73f7da5fd124f2cda9161e2e46114915e6e82e97","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-21T16:09:12Z/"}],"url":"https://git.kernel.org/stable/c/73f7da5fd124f2cda9161e2e46114915e6e82e97"},{"reference_url":"https://git.kernel.org/stable/c/f5346df0591d10bc948761ca854b1fae6d2ef441","reference_id":"f5346df0591d10bc948761ca854b1fae6d2ef441","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-21T16:09:12Z/"}],"url":"https://git.kernel.org/stable/c/f5346df0591d10bc948761ca854b1fae6d2ef441"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2394","reference_id":"RHSA-2024:2394","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2394"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3618","reference_id":"RHSA-2024:3618","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3618"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3627","reference_id":"RHSA-2024:3627","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3627"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5255","reference_id":"RHSA-2024:5255","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5255"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5692","reference_id":"RHSA-2024:5692","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5692"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22095","reference_id":"RHSA-2025:22095","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22124","reference_id":"RHSA-2025:22124","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22124"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22997","reference_id":"RHSA-2025:22997","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22997"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22999","reference_id":"RHSA-2025:22999","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22999"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-52610"],"risk_score":2.9,"exploitability":"0.5","weighted_severity":"5.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sf9z-2yzw-cqd4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75149?format=json","vulnerability_id":"VCID-sgz8-kq4u-8bhz","summary":"kernel: Kernel: Denial of Service due to deadlock in btrfs during block group relocation with scrub","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53348.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53348.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/10a5831b193390b77705fc174a309476c23ba64a","reference_id":"10a5831b193390b77705fc174a309476c23ba64a","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T18:40:40Z/"}],"url":"https://git.kernel.org/stable/c/10a5831b193390b77705fc174a309476c23ba64a"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2396154","reference_id":"2396154","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2396154"},{"reference_url":"https://git.kernel.org/stable/c/2d82a40aa7d6fcae0250ec68b8566cdee7bfd44c","reference_id":"2d82a40aa7d6fcae0250ec68b8566cdee7bfd44c","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T18:40:40Z/"}],"url":"https://git.kernel.org/stable/c/2d82a40aa7d6fcae0250ec68b8566cdee7bfd44c"},{"reference_url":"https://git.kernel.org/stable/c/6134a4bb6b1c411a244edee041ac89266c78d45c","reference_id":"6134a4bb6b1c411a244edee041ac89266c78d45c","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T18:40:40Z/"}],"url":"https://git.kernel.org/stable/c/6134a4bb6b1c411a244edee041ac89266c78d45c"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-53348"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sgz8-kq4u-8bhz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59261?format=json","vulnerability_id":"VCID-sjwj-f5pz-ykds","summary":"kernel: vsock: fix buffer size clamping order","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46234.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46234.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482640","reference_id":"2482640","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482640"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-46234"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sjwj-f5pz-ykds"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61381?format=json","vulnerability_id":"VCID-sjxu-aw3t-5qap","summary":"kernel: media: vidtv: fix pass-by-value structs causing MSAN warnings","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43058.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43058.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2464629","reference_id":"2464629","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2464629"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-43058"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sjxu-aw3t-5qap"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86937?format=json","vulnerability_id":"VCID-sk2r-7cyk-ybdt","summary":"In the Linux kernel, the following vulnerability has been resolved:  drm/vc4: don't check if plane->state->fb == state->fb  Currently, when using non-blocking commits, we can see the following kernel warning:  [  110.908514] ------------[ cut here ]------------ [  110.908529] refcount_t: underflow; use-after-free. [  110.908620] WARNING: CPU: 0 PID: 1866 at lib/refcount.c:87 refcount_dec_not_one+0xb8/0xc0 [  110.908664] Modules linked in: rfcomm snd_seq_dummy snd_hrtimer snd_seq snd_seq_device cmac algif_hash aes_arm64 aes_generic algif_skcipher af_alg bnep hid_logitech_hidpp vc4 brcmfmac hci_uart btbcm brcmutil bluetooth snd_soc_hdmi_codec cfg80211 cec drm_display_helper drm_dma_helper drm_kms_helper snd_soc_core snd_compress snd_pcm_dmaengine fb_sys_fops sysimgblt syscopyarea sysfillrect raspberrypi_hwmon ecdh_generic ecc rfkill libaes i2c_bcm2835 binfmt_misc joydev snd_bcm2835(C) bcm2835_codec(C) bcm2835_isp(C) v4l2_mem2mem videobuf2_dma_contig snd_pcm bcm2835_v4l2(C) raspberrypi_gpiomem bcm2835_mmal_vchiq(C) videobuf2_v4l2 snd_timer videobuf2_vmalloc videobuf2_memops videobuf2_common snd videodev vc_sm_cma(C) mc hid_logitech_dj uio_pdrv_genirq uio i2c_dev drm fuse dm_mod drm_panel_orientation_quirks backlight ip_tables x_tables ipv6 [  110.909086] CPU: 0 PID: 1866 Comm: kodi.bin Tainted: G         C         6.1.66-v8+ #32 [  110.909104] Hardware name: Raspberry Pi 3 Model B Rev 1.2 (DT) [  110.909114] pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) [  110.909132] pc : refcount_dec_not_one+0xb8/0xc0 [  110.909152] lr : refcount_dec_not_one+0xb4/0xc0 [  110.909170] sp : ffffffc00913b9c0 [  110.909177] x29: ffffffc00913b9c0 x28: 000000556969bbb0 x27: 000000556990df60 [  110.909205] x26: 0000000000000002 x25: 0000000000000004 x24: ffffff8004448480 [  110.909230] x23: ffffff800570b500 x22: ffffff802e03a7bc x21: ffffffecfca68c78 [  110.909257] x20: ffffff8002b42000 x19: ffffff802e03a600 x18: 0000000000000000 [  110.909283] x17: 0000000000000011 x16: ffffffffffffffff x15: 0000000000000004 [  110.909308] x14: 0000000000000fff x13: ffffffed577e47e0 x12: 0000000000000003 [  110.909333] x11: 0000000000000000 x10: 0000000000000027 x9 : c912d0d083728c00 [  110.909359] x8 : c912d0d083728c00 x7 : 65646e75203a745f x6 : 746e756f63666572 [  110.909384] x5 : ffffffed579f62ee x4 : ffffffed579eb01e x3 : 0000000000000000 [  110.909409] x2 : 0000000000000000 x1 : ffffffc00913b750 x0 : 0000000000000001 [  110.909434] Call trace: [  110.909441]  refcount_dec_not_one+0xb8/0xc0 [  110.909461]  vc4_bo_dec_usecnt+0x4c/0x1b0 [vc4] [  110.909903]  vc4_cleanup_fb+0x44/0x50 [vc4] [  110.910315]  drm_atomic_helper_cleanup_planes+0x88/0xa4 [drm_kms_helper] [  110.910669]  vc4_atomic_commit_tail+0x390/0x9dc [vc4] [  110.911079]  commit_tail+0xb0/0x164 [drm_kms_helper] [  110.911397]  drm_atomic_helper_commit+0x1d0/0x1f0 [drm_kms_helper] [  110.911716]  drm_atomic_commit+0xb0/0xdc [drm] [  110.912569]  drm_mode_atomic_ioctl+0x348/0x4b8 [drm] [  110.913330]  drm_ioctl_kernel+0xec/0x15c [drm] [  110.914091]  drm_ioctl+0x24c/0x3b0 [drm] [  110.914850]  __arm64_sys_ioctl+0x9c/0xd4 [  110.914873]  invoke_syscall+0x4c/0x114 [  110.914897]  el0_svc_common+0xd0/0x118 [  110.914917]  do_el0_svc+0x38/0xd0 [  110.914936]  el0_svc+0x30/0x8c [  110.914958]  el0t_64_sync_handler+0x84/0xf0 [  110.914979]  el0t_64_sync+0x18c/0x190 [  110.914996] ---[ end trace 0000000000000000 ]---  This happens because, although `prepare_fb` and `cleanup_fb` are perfectly balanced, we cannot guarantee consistency in the check plane->state->fb == state->fb. This means that sometimes we can increase the refcount in `prepare_fb` and don't decrease it in `cleanup_fb`. The opposite can also be true.  In fact, the struct drm_plane .state shouldn't be accessed directly but instead, the `drm_atomic_get_new_plane_state()` helper function should be used. So, we could stick to this check, but using `drm_atomic_get_new_plane_state()`. But actually, this check is not re ---truncated---","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-35932.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-35932.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2281831","reference_id":"2281831","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2281831"},{"reference_url":"https://git.kernel.org/stable/c/48bfb4b03c5ff6e1fa1dc73fb915e150b0968c40","reference_id":"48bfb4b03c5ff6e1fa1dc73fb915e150b0968c40","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-17T17:38:26Z/"}],"url":"https://git.kernel.org/stable/c/48bfb4b03c5ff6e1fa1dc73fb915e150b0968c40"},{"reference_url":"https://git.kernel.org/stable/c/5343f724c912c77541029123f47ecd3d2ea63bdd","reference_id":"5343f724c912c77541029123f47ecd3d2ea63bdd","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-17T17:38:26Z/"}],"url":"https://git.kernel.org/stable/c/5343f724c912c77541029123f47ecd3d2ea63bdd"},{"reference_url":"https://git.kernel.org/stable/c/5ee0d47dcf33efd8950b347dcf4d20bab12a3fa9","reference_id":"5ee0d47dcf33efd8950b347dcf4d20bab12a3fa9","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-17T17:38:26Z/"}],"url":"https://git.kernel.org/stable/c/5ee0d47dcf33efd8950b347dcf4d20bab12a3fa9"},{"reference_url":"https://git.kernel.org/stable/c/d6b2fe2db1d0927b2d7df5c763eba55d0e1def3c","reference_id":"d6b2fe2db1d0927b2d7df5c763eba55d0e1def3c","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-17T17:38:26Z/"}],"url":"https://git.kernel.org/stable/c/d6b2fe2db1d0927b2d7df5c763eba55d0e1def3c"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-35932"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sk2r-7cyk-ybdt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70252?format=json","vulnerability_id":"VCID-snfm-69er-dkgq","summary":"kernel: RDMA/siw: Fix QP destroy to wait for all references dropped","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50666.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50666.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50666","reference_id":"","reference_type":"","scores":[{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.08353","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50666"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2420334","reference_id":"2420334","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2420334"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-50666"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-snfm-69er-dkgq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84638?format=json","vulnerability_id":"VCID-sqcm-ktmn-xyfx","summary":"In the Linux kernel, the following vulnerability has been resolved:  drm/amd/display: Fix hang/underflow when transitioning to ODM4:1  [Why] Under some circumstances, disabling an OPTC and attempting to reclaim its OPP(s) for a different OPTC could cause a hang/underflow due to OPPs not being properly disconnected from the disabled OPTC.  [How] Ensure that all OPPs are unassigned from an OPTC when it gets disabled.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52671.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52671.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2281342","reference_id":"2281342","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2281342"},{"reference_url":"https://git.kernel.org/stable/c/4b6b479b2da6badff099b2e3abf0248936eefbf5","reference_id":"4b6b479b2da6badff099b2e3abf0248936eefbf5","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-17T17:16:12Z/"}],"url":"https://git.kernel.org/stable/c/4b6b479b2da6badff099b2e3abf0248936eefbf5"},{"reference_url":"https://git.kernel.org/stable/c/ae62f1dde66a6f0eee98defc4c7a346bd5acd239","reference_id":"ae62f1dde66a6f0eee98defc4c7a346bd5acd239","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-17T17:16:12Z/"}],"url":"https://git.kernel.org/stable/c/ae62f1dde66a6f0eee98defc4c7a346bd5acd239"},{"reference_url":"https://git.kernel.org/stable/c/e7b2b108cdeab76a7e7324459e50b0c1214c0386","reference_id":"e7b2b108cdeab76a7e7324459e50b0c1214c0386","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-17T17:16:12Z/"}],"url":"https://git.kernel.org/stable/c/e7b2b108cdeab76a7e7324459e50b0c1214c0386"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2023-52671"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sqcm-ktmn-xyfx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82037?format=json","vulnerability_id":"VCID-ss63-xq4f-87bv","summary":"kernel: bpf: Fix kmemleak warning for percpu hashmap","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-37807.json","reference_id":"","reference_type":"","scores":[{"value":"6.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-37807.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2365021","reference_id":"2365021","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2365021"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2025-37807"],"risk_score":2.7,"exploitability":"0.5","weighted_severity":"5.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ss63-xq4f-87bv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59553?format=json","vulnerability_id":"VCID-sst2-r5h8-pbbv","summary":"kernel: mm: fix deferred split queue races during migration","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46017.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46017.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482097","reference_id":"2482097","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482097"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2026-46017"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sst2-r5h8-pbbv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87283?format=json","vulnerability_id":"VCID-sttr-rjhm-7bfs","summary":"kernel: btrfs: fix use-after-free of block device file in __btrfs_free_extra_devids()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-50217.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-50217.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2324866","reference_id":"2324866","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2324866"},{"reference_url":"https://git.kernel.org/stable/c/47a83f8df39545f3f552bb6a1b6d9c30e37621dd","reference_id":"47a83f8df39545f3f552bb6a1b6d9c30e37621dd","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-12-11T14:25:44Z/"}],"url":"https://git.kernel.org/stable/c/47a83f8df39545f3f552bb6a1b6d9c30e37621dd"},{"reference_url":"https://git.kernel.org/stable/c/aec8e6bf839101784f3ef037dcdb9432c3f32343","reference_id":"aec8e6bf839101784f3ef037dcdb9432c3f32343","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-12-11T14:25:44Z/"}],"url":"https://git.kernel.org/stable/c/aec8e6bf839101784f3ef037dcdb9432c3f32343"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-50217"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sttr-rjhm-7bfs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86453?format=json","vulnerability_id":"VCID-sv9k-ntm8-jqa3","summary":"kernel: can: hi311x: hi3110_can_ist(): fix potential use-after-free","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56651.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56651.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/1128022009444faf49359bd406cd665b177cb643","reference_id":"1128022009444faf49359bd406cd665b177cb643","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-11T15:41:42Z/"}],"url":"https://git.kernel.org/stable/c/1128022009444faf49359bd406cd665b177cb643"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2334567","reference_id":"2334567","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2334567"},{"reference_url":"https://git.kernel.org/stable/c/4ad77eb8f2e07bcfa0e28887d3c7dbb732d92cc1","reference_id":"4ad77eb8f2e07bcfa0e28887d3c7dbb732d92cc1","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-11T15:41:42Z/"}],"url":"https://git.kernel.org/stable/c/4ad77eb8f2e07bcfa0e28887d3c7dbb732d92cc1"},{"reference_url":"https://git.kernel.org/stable/c/9ad86d377ef4a19c75a9c639964879a5b25a433b","reference_id":"9ad86d377ef4a19c75a9c639964879a5b25a433b","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-11T15:41:42Z/"}],"url":"https://git.kernel.org/stable/c/9ad86d377ef4a19c75a9c639964879a5b25a433b"},{"reference_url":"https://git.kernel.org/stable/c/bc30b2fe8c54694f8ae08a5b8a5d174d16d93075","reference_id":"bc30b2fe8c54694f8ae08a5b8a5d174d16d93075","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-11T15:41:42Z/"}],"url":"https://git.kernel.org/stable/c/bc30b2fe8c54694f8ae08a5b8a5d174d16d93075"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-56651"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sv9k-ntm8-jqa3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82338?format=json","vulnerability_id":"VCID-svv1-adx7-a3cj","summary":"kernel: drm/amd/display: Do not set DRR on pipe Commit","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53042.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53042.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2363793","reference_id":"2363793","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2363793"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6583","reference_id":"RHSA-2023:6583","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6583"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7077","reference_id":"RHSA-2023:7077","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7077"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-53042"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-svv1-adx7-a3cj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/68715?format=json","vulnerability_id":"VCID-svzg-7r22-zqhy","summary":"kernel: f2fs: fix to check readonly condition correctly","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-54182.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-54182.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2426131","reference_id":"2426131","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2426131"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-54182"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-svzg-7r22-zqhy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88725?format=json","vulnerability_id":"VCID-swmd-davs-yffw","summary":"In the Linux kernel, the following vulnerability has been resolved:  drm/msm/dpu: move dpu_encoder's connector assignment to atomic_enable()  For cases where the crtc's connectors_changed was set without enable/active getting toggled , there is an atomic_enable() call followed by an atomic_disable() but without an atomic_mode_set().  This results in a NULL ptr access for the dpu_encoder_get_drm_fmt() call in the atomic_enable() as the dpu_encoder's connector was cleared in the atomic_disable() but not re-assigned as there was no atomic_mode_set() call.  Fix the NULL ptr access by moving the assignment for atomic_enable() and also use drm_atomic_get_new_connector_for_encoder() to get the connector from the atomic_state.  Patchwork: https://patchwork.freedesktop.org/patch/606729/","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45015.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45015.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2311712","reference_id":"2311712","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2311712"},{"reference_url":"https://git.kernel.org/stable/c/3bacf814b6a61cc683c68465f175ebd938f09c52","reference_id":"3bacf814b6a61cc683c68465f175ebd938f09c52","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T15:49:35Z/"}],"url":"https://git.kernel.org/stable/c/3bacf814b6a61cc683c68465f175ebd938f09c52"},{"reference_url":"https://git.kernel.org/stable/c/3fb61718bcbe309279205d1cc275a6435611dc77","reference_id":"3fb61718bcbe309279205d1cc275a6435611dc77","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T15:49:35Z/"}],"url":"https://git.kernel.org/stable/c/3fb61718bcbe309279205d1cc275a6435611dc77"},{"reference_url":"https://git.kernel.org/stable/c/aedf02e46eb549dac8db4821a6b9f0c6bf6e3990","reference_id":"aedf02e46eb549dac8db4821a6b9f0c6bf6e3990","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T15:49:35Z/"}],"url":"https://git.kernel.org/stable/c/aedf02e46eb549dac8db4821a6b9f0c6bf6e3990"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-45015"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-swmd-davs-yffw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85878?format=json","vulnerability_id":"VCID-t12f-yjct-3kes","summary":"In the Linux kernel, the following vulnerability has been resolved:  parisc: Fix random data corruption from exception handler  The current exception handler implementation, which assists when accessing user space memory, may exhibit random data corruption if the compiler decides to use a different register than the specified register %r29 (defined in ASM_EXCEPTIONTABLE_REG) for the error code. If the compiler choose another register, the fault handler will nevertheless store -EFAULT into %r29 and thus trash whatever this register is used for. Looking at the assembly I found that this happens sometimes in emulate_ldd().  To solve the issue, the easiest solution would be if it somehow is possible to tell the fault handler which register is used to hold the error code. Using %0 or %1 in the inline assembly is not posssible as it will show up as e.g. %r29 (with the \"%r\" prefix), which the GNU assembler can not convert to an integer.  This patch takes another, better and more flexible approach: We extend the __ex_table (which is out of the execution path) by one 32-word. In this word we tell the compiler to insert the assembler instruction \"or %r0,%r0,%reg\", where %reg references the register which the compiler choosed for the error return code. In case of an access failure, the fault handler finds the __ex_table entry and can examine the opcode. The used register is encoded in the lowest 5 bits, and the fault handler can then store -EFAULT into this register.  Since we extend the __ex_table to 3 words we can't use the BUILDTIME_TABLE_SORT config option any longer.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26706.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26706.json"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2273170","reference_id":"2273170","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2273170"},{"reference_url":"https://git.kernel.org/stable/c/23027309b099ffc4efca5477009a11dccbdae592","reference_id":"23027309b099ffc4efca5477009a11dccbdae592","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-17T19:29:32Z/"}],"url":"https://git.kernel.org/stable/c/23027309b099ffc4efca5477009a11dccbdae592"},{"reference_url":"https://git.kernel.org/stable/c/8b1d72395635af45410b66cc4c4ab37a12c4a831","reference_id":"8b1d72395635af45410b66cc4c4ab37a12c4a831","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-17T19:29:32Z/"}],"url":"https://git.kernel.org/stable/c/8b1d72395635af45410b66cc4c4ab37a12c4a831"},{"reference_url":"https://git.kernel.org/stable/c/ce31d79aa1f13a2345791f84935281a2c194e003","reference_id":"ce31d79aa1f13a2345791f84935281a2c194e003","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-17T19:29:32Z/"}],"url":"https://git.kernel.org/stable/c/ce31d79aa1f13a2345791f84935281a2c194e003"},{"reference_url":"https://git.kernel.org/stable/c/fa69a8063f8b27f3c7434a0d4f464a76a62f24d2","reference_id":"fa69a8063f8b27f3c7434a0d4f464a76a62f24d2","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-17T19:29:32Z/"}],"url":"https://git.kernel.org/stable/c/fa69a8063f8b27f3c7434a0d4f464a76a62f24d2"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-26706"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t12f-yjct-3kes"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87490?format=json","vulnerability_id":"VCID-t14j-bmzh-ykgt","summary":"In the Linux kernel, the following vulnerability has been resolved:  gfs2: Fix potential glock use-after-free on unmount  When a DLM lockspace is released and there ares still locks in that lockspace, DLM will unlock those locks automatically.  Commit fb6791d100d1b started exploiting this behavior to speed up filesystem unmount: gfs2 would simply free glocks it didn't want to unlock and then release the lockspace.  This didn't take the bast callbacks for asynchronous lock contention notifications into account, which remain active until until a lock is unlocked or its lockspace is released.  To prevent those callbacks from accessing deallocated objects, put the glocks that should not be unlocked on the sd_dead_glocks list, release the lockspace, and only then free those glocks.  As an additional measure, ignore unexpected ast and bast callbacks if the receiving glock is dead.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38570.json","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38570.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/0636b34b44589b142700ac137b5f69802cfe2e37","reference_id":"0636b34b44589b142700ac137b5f69802cfe2e37","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:14:22Z/"}],"url":"https://git.kernel.org/stable/c/0636b34b44589b142700ac137b5f69802cfe2e37"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2293423","reference_id":"2293423","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2293423"},{"reference_url":"https://git.kernel.org/stable/c/501cd8fabf621d10bd4893e37f6ce6c20523c8ca","reference_id":"501cd8fabf621d10bd4893e37f6ce6c20523c8ca","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:14:22Z/"}],"url":"https://git.kernel.org/stable/c/501cd8fabf621d10bd4893e37f6ce6c20523c8ca"},{"reference_url":"https://git.kernel.org/stable/c/d98779e687726d8f8860f1c54b5687eec5f63a73","reference_id":"d98779e687726d8f8860f1c54b5687eec5f63a73","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:14:22Z/"}],"url":"https://git.kernel.org/stable/c/d98779e687726d8f8860f1c54b5687eec5f63a73"},{"reference_url":"https://git.kernel.org/stable/c/e42e8a24d7f02d28763d16ca7ec5fc6d1f142af0","reference_id":"e42e8a24d7f02d28763d16ca7ec5fc6d1f142af0","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:14:22Z/"}],"url":"https://git.kernel.org/stable/c/e42e8a24d7f02d28763d16ca7ec5fc6d1f142af0"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5692","reference_id":"RHSA-2024:5692","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5692"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6206","reference_id":"RHSA-2024:6206","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6206"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6267","reference_id":"RHSA-2024:6267","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6267"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6268","reference_id":"RHSA-2024:6268","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6268"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6997","reference_id":"RHSA-2024:6997","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6997"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7000","reference_id":"RHSA-2024:7000","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7000"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7001","reference_id":"RHSA-2024:7001","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7001"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-38570"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t14j-bmzh-ykgt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82166?format=json","vulnerability_id":"VCID-t294-xrah-4qef","summary":"kernel: net: usb: lan78xx: Limit packet length to skb->len","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53068.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53068.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2363687","reference_id":"2363687","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2363687"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9315","reference_id":"RHSA-2024:9315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9315"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-53068"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t294-xrah-4qef"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70329?format=json","vulnerability_id":"VCID-t317-vs3c-b3gm","summary":"kernel: f2fs: fix infinite loop in __insert_extent_tree()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40333.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40333.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2420420","reference_id":"2420420","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2420420"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2025-40333"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t317-vs3c-b3gm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87164?format=json","vulnerability_id":"VCID-t3cn-bs3k-zfdw","summary":"In the Linux kernel, the following vulnerability has been resolved:  fpga: bridge: add owner module and take its refcount  The current implementation of the fpga bridge assumes that the low-level module registers a driver for the parent device and uses its owner pointer to take the module's refcount. This approach is problematic since it can lead to a null pointer dereference while attempting to get the bridge if the parent device does not have a driver.  To address this problem, add a module owner pointer to the fpga_bridge struct and use it to take the module's refcount. Modify the function for registering a bridge to take an additional owner module parameter and rename it to avoid conflicts. Use the old function name for a helper macro that automatically sets the module that registers the bridge as the owner. This ensures compatibility with existing low-level control modules and reduces the chances of registering a bridge without setting the owner.  Also, update the documentation to keep it consistent with the new interface for registering an fpga bridge.  Other changes: opportunistically move put_device() from __fpga_bridge_get() to fpga_bridge_get() and of_fpga_bridge_get() to improve code clarity since the bridge device is taken in these functions.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-36479.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-36479.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/18dc8366abb6cadcb77668b1a16434654e355d49","reference_id":"18dc8366abb6cadcb77668b1a16434654e355d49","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:08:33Z/"}],"url":"https://git.kernel.org/stable/c/18dc8366abb6cadcb77668b1a16434654e355d49"},{"reference_url":"https://git.kernel.org/stable/c/1da11f822042eb6ef4b6064dc048f157a7852529","reference_id":"1da11f822042eb6ef4b6064dc048f157a7852529","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:08:33Z/"}],"url":"https://git.kernel.org/stable/c/1da11f822042eb6ef4b6064dc048f157a7852529"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2294212","reference_id":"2294212","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2294212"},{"reference_url":"https://git.kernel.org/stable/c/6896b6b2e2d9ec4e1b0acb4c1698a75a4b34d125","reference_id":"6896b6b2e2d9ec4e1b0acb4c1698a75a4b34d125","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:08:33Z/"}],"url":"https://git.kernel.org/stable/c/6896b6b2e2d9ec4e1b0acb4c1698a75a4b34d125"},{"reference_url":"https://git.kernel.org/stable/c/d7c4081c54a1d4068de9440957303a76f9e5c95b","reference_id":"d7c4081c54a1d4068de9440957303a76f9e5c95b","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:08:33Z/"}],"url":"https://git.kernel.org/stable/c/d7c4081c54a1d4068de9440957303a76f9e5c95b"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-36479"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t3cn-bs3k-zfdw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64841?format=json","vulnerability_id":"VCID-t3qz-2ves-t3fz","summary":"kernel: f2fs: fix IS_CHECKPOINTED flag inconsistency issue caused by concurrent atomic commit and checkpoint writes","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23267.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23267.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2448691","reference_id":"2448691","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2448691"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2026-23267"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t3qz-2ves-t3fz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80718?format=json","vulnerability_id":"VCID-t3wu-cwg3-ryb9","summary":"In the Linux kernel, the following vulnerability has been resolved:  mm/damon/dbgfs: fix 'struct pid' leaks in 'dbgfs_target_ids_write()'  DAMON debugfs interface increases the reference counts of 'struct pid's for targets from the 'target_ids' file write callback ('dbgfs_target_ids_write()'), but decreases the counts only in DAMON monitoring termination callback ('dbgfs_before_terminate()').  Therefore, when 'target_ids' file is repeatedly written without DAMON monitoring start/termination, the reference count is not decreased and therefore memory for the 'struct pid' cannot be freed.  This commit fixes this issue by decreasing the reference counts when 'target_ids' is written.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46937.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46937.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-46937","reference_id":"","reference_type":"","scores":[{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03301","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-46937"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2266378","reference_id":"2266378","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2266378"},{"reference_url":"https://git.kernel.org/stable/c/ebb3f994dd92f8fb4d70c7541091216c1e10cb71","reference_id":"ebb3f994dd92f8fb4d70c7541091216c1e10cb71","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-27T15:48:08Z/"}],"url":"https://git.kernel.org/stable/c/ebb3f994dd92f8fb4d70c7541091216c1e10cb71"},{"reference_url":"https://git.kernel.org/stable/c/ffe4a1ba1a82c416a6b3a09d46594f6a885ae141","reference_id":"ffe4a1ba1a82c416a6b3a09d46594f6a885ae141","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-27T15:48:08Z/"}],"url":"https://git.kernel.org/stable/c/ffe4a1ba1a82c416a6b3a09d46594f6a885ae141"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2021-46937"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t3wu-cwg3-ryb9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87766?format=json","vulnerability_id":"VCID-t4ba-41wa-xqfg","summary":"In the Linux kernel, the following vulnerability has been resolved:  ext4: do not create EA inode under buffer lock  ext4_xattr_set_entry() creates new EA inodes while holding buffer lock on the external xattr block. This is problematic as it nests all the allocation locking (which acquires locks on other buffers) under the buffer lock. This can even deadlock when the filesystem is corrupted and e.g. quota file is setup to contain xattr block as data block. Move the allocation of EA inode out of ext4_xattr_set_entry() into the callers.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-40972.json","reference_id":"","reference_type":"","scores":[{"value":"4.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-40972.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/0752e7fb549d90c33b4d4186f11cfd25a556d1dd","reference_id":"0752e7fb549d90c33b4d4186f11cfd25a556d1dd","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:02:50Z/"}],"url":"https://git.kernel.org/stable/c/0752e7fb549d90c33b4d4186f11cfd25a556d1dd"},{"reference_url":"https://git.kernel.org/stable/c/0a46ef234756dca04623b7591e8ebb3440622f0b","reference_id":"0a46ef234756dca04623b7591e8ebb3440622f0b","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:02:50Z/"}],"url":"https://git.kernel.org/stable/c/0a46ef234756dca04623b7591e8ebb3440622f0b"},{"reference_url":"https://git.kernel.org/stable/c/111103907234bffd0a34fba070ad9367de058752","reference_id":"111103907234bffd0a34fba070ad9367de058752","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:02:50Z/"}],"url":"https://git.kernel.org/stable/c/111103907234bffd0a34fba070ad9367de058752"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2297556","reference_id":"2297556","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2297556"},{"reference_url":"https://git.kernel.org/stable/c/737fb7853acd5bc8984f6f42e4bfba3334be8ae1","reference_id":"737fb7853acd5bc8984f6f42e4bfba3334be8ae1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:02:50Z/"}],"url":"https://git.kernel.org/stable/c/737fb7853acd5bc8984f6f42e4bfba3334be8ae1"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7000","reference_id":"RHSA-2024:7000","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7000"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7001","reference_id":"RHSA-2024:7001","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7001"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8617","reference_id":"RHSA-2024:8617","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8617"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-40972"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t4ba-41wa-xqfg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61981?format=json","vulnerability_id":"VCID-t4fb-dtgk-5fe5","summary":"kernel: rxrpc: fix reference count leak in rxrpc_server_keyring()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31634.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31634.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461483","reference_id":"2461483","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461483"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2026-31634"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t4fb-dtgk-5fe5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84648?format=json","vulnerability_id":"VCID-t4sq-mg85-2ufc","summary":"In the Linux kernel, the following vulnerability has been resolved:  ALSA: scarlett2: Add missing error checks to *_ctl_get()  The *_ctl_get() functions which call scarlett2_update_*() were not checking the return value. Fix to check the return value and pass to the caller.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52680.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52680.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2281324","reference_id":"2281324","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2281324"},{"reference_url":"https://git.kernel.org/stable/c/3a09488f4f67f7ade59b8ac62a6c7fb29439cf51","reference_id":"3a09488f4f67f7ade59b8ac62a6c7fb29439cf51","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-12T15:14:15Z/"}],"url":"https://git.kernel.org/stable/c/3a09488f4f67f7ade59b8ac62a6c7fb29439cf51"},{"reference_url":"https://git.kernel.org/stable/c/50603a67daef161c78c814580d57f7f0be57167e","reference_id":"50603a67daef161c78c814580d57f7f0be57167e","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-12T15:14:15Z/"}],"url":"https://git.kernel.org/stable/c/50603a67daef161c78c814580d57f7f0be57167e"},{"reference_url":"https://git.kernel.org/stable/c/773e38f73461ef2134a0d33a08f1668edde9b7c3","reference_id":"773e38f73461ef2134a0d33a08f1668edde9b7c3","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-12T15:14:15Z/"}],"url":"https://git.kernel.org/stable/c/773e38f73461ef2134a0d33a08f1668edde9b7c3"},{"reference_url":"https://git.kernel.org/stable/c/821fbaeaaae23d483d3df799fe91ec8045973ec3","reference_id":"821fbaeaaae23d483d3df799fe91ec8045973ec3","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-12T15:14:15Z/"}],"url":"https://git.kernel.org/stable/c/821fbaeaaae23d483d3df799fe91ec8045973ec3"},{"reference_url":"https://git.kernel.org/stable/c/cda7762bea857e6951315a2f7d0632ea1850ed43","reference_id":"cda7762bea857e6951315a2f7d0632ea1850ed43","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-12T15:14:15Z/"}],"url":"https://git.kernel.org/stable/c/cda7762bea857e6951315a2f7d0632ea1850ed43"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9315","reference_id":"RHSA-2024:9315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9315"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-52680"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t4sq-mg85-2ufc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85598?format=json","vulnerability_id":"VCID-t5t5-jfpa-6ugt","summary":"In the Linux kernel, the following vulnerability has been resolved:  mlxsw: spectrum_acl_tcam: Fix NULL pointer dereference in error path  When calling mlxsw_sp_acl_tcam_region_destroy() from an error path after failing to attach the region to an ACL group, we hit a NULL pointer dereference upon 'region->group->tcam' [1].  Fix by retrieving the 'tcam' pointer using mlxsw_sp_acl_to_tcam().  [1] BUG: kernel NULL pointer dereference, address: 0000000000000000 [...] RIP: 0010:mlxsw_sp_acl_tcam_region_destroy+0xa0/0xd0 [...] Call Trace:  mlxsw_sp_acl_tcam_vchunk_get+0x88b/0xa20  mlxsw_sp_acl_tcam_ventry_add+0x25/0xe0  mlxsw_sp_acl_rule_add+0x47/0x240  mlxsw_sp_flower_replace+0x1a9/0x1d0  tc_setup_cb_add+0xdc/0x1c0  fl_hw_replace_filter+0x146/0x1f0  fl_change+0xc17/0x1360  tc_new_tfilter+0x472/0xb90  rtnetlink_rcv_msg+0x313/0x3b0  netlink_rcv_skb+0x58/0x100  netlink_unicast+0x244/0x390  netlink_sendmsg+0x1e4/0x440  ____sys_sendmsg+0x164/0x260  ___sys_sendmsg+0x9a/0xe0  __sys_sendmsg+0x7a/0xc0  do_syscall_64+0x40/0xe0  entry_SYSCALL_64_after_hwframe+0x63/0x6b","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26595.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26595.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2265799","reference_id":"2265799","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2265799"},{"reference_url":"https://git.kernel.org/stable/c/75fa2d8b3c0175b519c99ace54ab8474cfd0077e","reference_id":"75fa2d8b3c0175b519c99ace54ab8474cfd0077e","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-23T16:34:10Z/"}],"url":"https://git.kernel.org/stable/c/75fa2d8b3c0175b519c99ace54ab8474cfd0077e"},{"reference_url":"https://git.kernel.org/stable/c/817840d125a370626895df269c50c923b79b0a39","reference_id":"817840d125a370626895df269c50c923b79b0a39","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-23T16:34:10Z/"}],"url":"https://git.kernel.org/stable/c/817840d125a370626895df269c50c923b79b0a39"},{"reference_url":"https://git.kernel.org/stable/c/d0a1efe417c97a1e9b914056ee6b86f1ef75fe1f","reference_id":"d0a1efe417c97a1e9b914056ee6b86f1ef75fe1f","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-23T16:34:10Z/"}],"url":"https://git.kernel.org/stable/c/d0a1efe417c97a1e9b914056ee6b86f1ef75fe1f"},{"reference_url":"https://git.kernel.org/stable/c/efeb7dfea8ee10cdec11b6b6ba4e405edbe75809","reference_id":"efeb7dfea8ee10cdec11b6b6ba4e405edbe75809","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-23T16:34:10Z/"}],"url":"https://git.kernel.org/stable/c/efeb7dfea8ee10cdec11b6b6ba4e405edbe75809"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7000","reference_id":"RHSA-2024:7000","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7000"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7001","reference_id":"RHSA-2024:7001","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7001"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-26595"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t5t5-jfpa-6ugt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82055?format=json","vulnerability_id":"VCID-t5w4-z74q-dyg5","summary":"In the Linux kernel, the following vulnerability has been resolved:  KVM: LAPIC: Also cancel preemption timer during SET_LAPIC  The below warning is splatting during guest reboot.    ------------[ cut here ]------------   WARNING: CPU: 0 PID: 1931 at arch/x86/kvm/x86.c:10322 kvm_arch_vcpu_ioctl_run+0x874/0x880 [kvm]   CPU: 0 PID: 1931 Comm: qemu-system-x86 Tainted: G          I       5.17.0-rc1+ #5   RIP: 0010:kvm_arch_vcpu_ioctl_run+0x874/0x880 [kvm]   Call Trace:    <TASK>    kvm_vcpu_ioctl+0x279/0x710 [kvm]    __x64_sys_ioctl+0x83/0xb0    do_syscall_64+0x3b/0xc0    entry_SYSCALL_64_after_hwframe+0x44/0xae   RIP: 0033:0x7fd39797350b  This can be triggered by not exposing tsc-deadline mode and doing a reboot in the guest. The lapic_shutdown() function which is called in sys_reboot path will not disarm the flying timer, it just masks LVTT. lapic_shutdown() clears APIC state w/ LVT_MASKED and timer-mode bit is 0, this can trigger timer-mode switch between tsc-deadline and oneshot/periodic, which can result in preemption timer be cancelled in apic_update_lvtt(). However, We can't depend on this when not exposing tsc-deadline mode and oneshot/periodic modes emulated by preemption timer. Qemu will synchronise states around reset, let's cancel preemption timer under KVM_SET_LAPIC.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48765.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48765.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-48765","reference_id":"","reference_type":"","scores":[{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.10039","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-48765"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2293344","reference_id":"2293344","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2293344"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7683","reference_id":"RHSA-2022:7683","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7683"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8267","reference_id":"RHSA-2022:8267","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8267"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-48765"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t5w4-z74q-dyg5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87052?format=json","vulnerability_id":"VCID-t6hn-t795-f3ea","summary":"In the Linux kernel, the following vulnerability has been resolved:  ax25: Fix netdev refcount issue  The dev_tracker is added to ax25_cb in ax25_bind(). When the ax25 device is detaching, the dev_tracker of ax25_cb should be deallocated in ax25_kill_by_device() instead of the dev_tracker of ax25_dev. The log reported by ref_tracker is shown below:  [   80.884935] ref_tracker: reference already released. [   80.885150] ref_tracker: allocated in: [   80.885349]  ax25_dev_device_up+0x105/0x540 [   80.885730]  ax25_device_event+0xa4/0x420 [   80.885730]  notifier_call_chain+0xc9/0x1e0 [   80.885730]  __dev_notify_flags+0x138/0x280 [   80.885730]  dev_change_flags+0xd7/0x180 [   80.885730]  dev_ifsioc+0x6a9/0xa30 [   80.885730]  dev_ioctl+0x4d8/0xd90 [   80.885730]  sock_do_ioctl+0x1c2/0x2d0 [   80.885730]  sock_ioctl+0x38b/0x4f0 [   80.885730]  __se_sys_ioctl+0xad/0xf0 [   80.885730]  do_syscall_64+0xc4/0x1b0 [   80.885730]  entry_SYSCALL_64_after_hwframe+0x67/0x6f [   80.885730] ref_tracker: freed in: [   80.885730]  ax25_device_event+0x272/0x420 [   80.885730]  notifier_call_chain+0xc9/0x1e0 [   80.885730]  dev_close_many+0x272/0x370 [   80.885730]  unregister_netdevice_many_notify+0x3b5/0x1180 [   80.885730]  unregister_netdev+0xcf/0x120 [   80.885730]  sixpack_close+0x11f/0x1b0 [   80.885730]  tty_ldisc_kill+0xcb/0x190 [   80.885730]  tty_ldisc_hangup+0x338/0x3d0 [   80.885730]  __tty_hangup+0x504/0x740 [   80.885730]  tty_release+0x46e/0xd80 [   80.885730]  __fput+0x37f/0x770 [   80.885730]  __x64_sys_close+0x7b/0xb0 [   80.885730]  do_syscall_64+0xc4/0x1b0 [   80.885730]  entry_SYSCALL_64_after_hwframe+0x67/0x6f [   80.893739] ------------[ cut here ]------------ [   80.894030] WARNING: CPU: 2 PID: 140 at lib/ref_tracker.c:255 ref_tracker_free+0x47b/0x6b0 [   80.894297] Modules linked in: [   80.894929] CPU: 2 PID: 140 Comm: ax25_conn_rel_6 Not tainted 6.9.0-rc4-g8cd26fd90c1a #11 [   80.895190] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qem4 [   80.895514] RIP: 0010:ref_tracker_free+0x47b/0x6b0 [   80.895808] Code: 83 c5 18 4c 89 eb 48 c1 eb 03 8a 04 13 84 c0 0f 85 df 01 00 00 41 83 7d 00 00 75 4b 4c 89 ff 9 [   80.896171] RSP: 0018:ffff888009edf8c0 EFLAGS: 00000286 [   80.896339] RAX: 1ffff1100141ac00 RBX: 1ffff1100149463b RCX: dffffc0000000000 [   80.896502] RDX: 0000000000000001 RSI: 0000000000000246 RDI: ffff88800a0d6518 [   80.896925] RBP: ffff888009edf9b0 R08: ffff88806d3288d3 R09: 1ffff1100da6511a [   80.897212] R10: dffffc0000000000 R11: ffffed100da6511b R12: ffff88800a4a31d4 [   80.897859] R13: ffff88800a4a31d8 R14: dffffc0000000000 R15: ffff88800a0d6518 [   80.898279] FS:  00007fd88b7fe700(0000) GS:ffff88806d300000(0000) knlGS:0000000000000000 [   80.899436] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [   80.900181] CR2: 00007fd88c001d48 CR3: 000000000993e000 CR4: 00000000000006f0 ... [   80.935774] ref_tracker: sp%d@000000000bb9df3d has 1/1 users at [   80.935774]      ax25_bind+0x424/0x4e0 [   80.935774]      __sys_bind+0x1d9/0x270 [   80.935774]      __x64_sys_bind+0x75/0x80 [   80.935774]      do_syscall_64+0xc4/0x1b0 [   80.935774]      entry_SYSCALL_64_after_hwframe+0x67/0x6f  Change ax25_dev->dev_tracker to the dev_tracker of ax25_cb in order to mitigate the bug.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-36009.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-36009.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/0d14f104027e30720582448706c7d6b43065c851","reference_id":"0d14f104027e30720582448706c7d6b43065c851","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-13T20:06:19Z/"}],"url":"https://git.kernel.org/stable/c/0d14f104027e30720582448706c7d6b43065c851"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2281981","reference_id":"2281981","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2281981"},{"reference_url":"https://git.kernel.org/stable/c/467324bcfe1a31ec65d0cf4aa59421d6b7a7d52b","reference_id":"467324bcfe1a31ec65d0cf4aa59421d6b7a7d52b","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-13T20:06:19Z/"}],"url":"https://git.kernel.org/stable/c/467324bcfe1a31ec65d0cf4aa59421d6b7a7d52b"},{"reference_url":"https://git.kernel.org/stable/c/4fee8fa86a15d7790268eea458b1aec69c695530","reference_id":"4fee8fa86a15d7790268eea458b1aec69c695530","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-13T20:06:19Z/"}],"url":"https://git.kernel.org/stable/c/4fee8fa86a15d7790268eea458b1aec69c695530"},{"reference_url":"https://git.kernel.org/stable/c/c42b073d9af4a5329b25b17390c63ab3847f30e8","reference_id":"c42b073d9af4a5329b25b17390c63ab3847f30e8","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-13T20:06:19Z/"}],"url":"https://git.kernel.org/stable/c/c42b073d9af4a5329b25b17390c63ab3847f30e8"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-36009"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t6hn-t795-f3ea"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/76606?format=json","vulnerability_id":"VCID-t7t9-9fm7-q7bj","summary":"kernel: fbdev: fix potential buffer overflow in do_register_framebuffer()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38702.json","reference_id":"","reference_type":"","scores":[{"value":"6.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38702.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2393168","reference_id":"2393168","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2393168"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-38702"],"risk_score":2.7,"exploitability":"0.5","weighted_severity":"5.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t7t9-9fm7-q7bj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61933?format=json","vulnerability_id":"VCID-t8d3-n3xj-5fb6","summary":"kernel: usb: gadget: f_ncm: validate minimum block_len in ncm_unwrap_ntb()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31617.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31617.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461448","reference_id":"2461448","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461448"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-31617"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t8d3-n3xj-5fb6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82681?format=json","vulnerability_id":"VCID-t96n-6pju-a7hz","summary":"kernel: octeontx2-pf: Fix SQE threshold checking","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49858.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49858.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49858","reference_id":"","reference_type":"","scores":[{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22384","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49858"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2363470","reference_id":"2363470","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2363470"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-49858"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t96n-6pju-a7hz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80091?format=json","vulnerability_id":"VCID-t9ra-nv6d-fyd6","summary":"kernel: iavf: Fix reset error handling","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50053.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50053.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50053","reference_id":"","reference_type":"","scores":[{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11656","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50053"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2373553","reference_id":"2373553","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2373553"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7110","reference_id":"RHSA-2022:7110","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7110"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7683","reference_id":"RHSA-2022:7683","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7683"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0334","reference_id":"RHSA-2023:0334","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0334"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2458","reference_id":"RHSA-2023:2458","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10756","reference_id":"RHSA-2026:10756","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10756"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9870","reference_id":"RHSA-2026:9870","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9870"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-50053"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t9ra-nv6d-fyd6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59472?format=json","vulnerability_id":"VCID-t9vv-6jgv-m7a6","summary":"kernel: spi: fix resource leaks on device setup failure","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46083.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46083.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482034","reference_id":"2482034","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482034"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-46083"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t9vv-6jgv-m7a6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74400?format=json","vulnerability_id":"VCID-ta7c-nqac-g3ca","summary":"kernel: iommu: Fix error unwind in iommu_group_alloc()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53482.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53482.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2400768","reference_id":"2400768","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2400768"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-53482"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ta7c-nqac-g3ca"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88473?format=json","vulnerability_id":"VCID-tdut-5rgt-v3dp","summary":"In the Linux kernel, the following vulnerability has been resolved:  kvm: s390: Reject memory region operations for ucontrol VMs  This change rejects the KVM_SET_USER_MEMORY_REGION and KVM_SET_USER_MEMORY_REGION2 ioctls when called on a ucontrol VM. This is necessary since ucontrol VMs have kvm->arch.gmap set to 0 and would thus result in a null pointer dereference further in. Memory management needs to be performed in userspace and using the ioctls KVM_S390_UCAS_MAP and KVM_S390_UCAS_UNMAP.  Also improve s390 specific documentation for KVM_SET_USER_MEMORY_REGION and KVM_SET_USER_MEMORY_REGION2.  [frankja@linux.ibm.com: commit message spelling fix, subject prefix fix]","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-43819.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-43819.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2305477","reference_id":"2305477","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2305477"},{"reference_url":"https://git.kernel.org/stable/c/49c9945c054df4c22008e2bf87ca74d3e2507aa6","reference_id":"49c9945c054df4c22008e2bf87ca74d3e2507aa6","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:09:06Z/"}],"url":"https://git.kernel.org/stable/c/49c9945c054df4c22008e2bf87ca74d3e2507aa6"},{"reference_url":"https://git.kernel.org/stable/c/7816e58967d0e6cadce05c8540b47ed027dc2499","reference_id":"7816e58967d0e6cadce05c8540b47ed027dc2499","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:09:06Z/"}],"url":"https://git.kernel.org/stable/c/7816e58967d0e6cadce05c8540b47ed027dc2499"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-43819"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tdut-5rgt-v3dp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83080?format=json","vulnerability_id":"VCID-tdz5-t67u-p3e5","summary":"kernel: jfs: add check read-only before txBeginAnon() call","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-58095.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-58095.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2360197","reference_id":"2360197","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2360197"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2024-58095"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tdz5-t67u-p3e5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88711?format=json","vulnerability_id":"VCID-tes4-xku6-1qbd","summary":"kernel: drm/bridge: tc358767: Check if fully initialized before signalling HPD event via IRQ","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-46810.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-46810.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/162e48cb1d84c2c966b649b8ac5c9d4f75f6d44f","reference_id":"162e48cb1d84c2c966b649b8ac5c9d4f75f6d44f","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:19:18Z/"}],"url":"https://git.kernel.org/stable/c/162e48cb1d84c2c966b649b8ac5c9d4f75f6d44f"},{"reference_url":"https://git.kernel.org/stable/c/1fb13693953737783b424aa4712f0a27a9eaf5a8","reference_id":"1fb13693953737783b424aa4712f0a27a9eaf5a8","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:19:18Z/"}],"url":"https://git.kernel.org/stable/c/1fb13693953737783b424aa4712f0a27a9eaf5a8"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315161","reference_id":"2315161","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315161"},{"reference_url":"https://git.kernel.org/stable/c/9d567126474e68f959b2c2543c375f3bb32e948a","reference_id":"9d567126474e68f959b2c2543c375f3bb32e948a","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:19:18Z/"}],"url":"https://git.kernel.org/stable/c/9d567126474e68f959b2c2543c375f3bb32e948a"},{"reference_url":"https://git.kernel.org/stable/c/adc5674c23b8191e596ed0dbaa9600265ac896a8","reference_id":"adc5674c23b8191e596ed0dbaa9600265ac896a8","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:19:18Z/"}],"url":"https://git.kernel.org/stable/c/adc5674c23b8191e596ed0dbaa9600265ac896a8"},{"reference_url":"https://git.kernel.org/stable/c/e1b121f21bbc56a6ae035aa5b77daac62bfb9be5","reference_id":"e1b121f21bbc56a6ae035aa5b77daac62bfb9be5","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:19:18Z/"}],"url":"https://git.kernel.org/stable/c/e1b121f21bbc56a6ae035aa5b77daac62bfb9be5"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-46810"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tes4-xku6-1qbd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61575?format=json","vulnerability_id":"VCID-tfh9-kxje-tfdg","summary":"kernel: f2fs: fix use-after-free of sbi in f2fs_compress_write_end_io()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31702.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31702.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2464495","reference_id":"2464495","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2464495"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-31702"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tfh9-kxje-tfdg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83592?format=json","vulnerability_id":"VCID-tgdn-s2bu-pbda","summary":"In the Linux kernel, the following vulnerability has been resolved:  srcu: Tighten cleanup_srcu_struct() GP checks  Currently, cleanup_srcu_struct() checks for a grace period in progress, but it does not check for a grace period that has not yet started but which might start at any time.  Such a situation could result in a use-after-free bug, so this commit adds a check for a grace period that is needed but not yet started to cleanup_srcu_struct().","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49651.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49651.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49651","reference_id":"","reference_type":"","scores":[{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03808","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49651"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2347649","reference_id":"2347649","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2347649"},{"reference_url":"https://git.kernel.org/stable/c/8ed00760203d8018bee042fbfe8e076579be2c2b","reference_id":"8ed00760203d8018bee042fbfe8e076579be2c2b","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-27T18:15:18Z/"}],"url":"https://git.kernel.org/stable/c/8ed00760203d8018bee042fbfe8e076579be2c2b"},{"reference_url":"https://git.kernel.org/stable/c/e997dda6502eefbc1032d6b0da7b353c53344b07","reference_id":"e997dda6502eefbc1032d6b0da7b353c53344b07","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-27T18:15:18Z/"}],"url":"https://git.kernel.org/stable/c/e997dda6502eefbc1032d6b0da7b353c53344b07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2458","reference_id":"RHSA-2023:2458","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2458"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-49651"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tgdn-s2bu-pbda"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64466?format=json","vulnerability_id":"VCID-thbx-gu1n-ykaz","summary":"kernel: ice: Fix memory leak in ice_set_ringparam()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23389.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23389.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451263","reference_id":"2451263","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451263"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-23389"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-thbx-gu1n-ykaz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72783?format=json","vulnerability_id":"VCID-tn51-2954-5yhv","summary":"kernel: usb: gadget: f_ncm: Refactor bind path to use __free()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40092.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40092.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2407344","reference_id":"2407344","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2407344"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-40092"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tn51-2954-5yhv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82109?format=json","vulnerability_id":"VCID-tnkz-amtf-sfgy","summary":"kernel: bpf: track changes_pkt_data property for global functions","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-58098.json","reference_id":"","reference_type":"","scores":[{"value":"6.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-58098.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2364096","reference_id":"2364096","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2364096"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-58098"],"risk_score":2.7,"exploitability":"0.5","weighted_severity":"5.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tnkz-amtf-sfgy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73138?format=json","vulnerability_id":"VCID-tnm2-t55t-myb3","summary":"kernel: ipv4: start using dst_dev_rcu()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40074.json","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40074.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2406739","reference_id":"2406739","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2406739"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2025-40074"],"risk_score":2.9,"exploitability":"0.5","weighted_severity":"5.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tnm2-t55t-myb3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86184?format=json","vulnerability_id":"VCID-tnps-zvhq-4qff","summary":"kernel: f2fs: fix race in concurrent f2fs_stop_gc_thread","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-53218.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-53218.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2334372","reference_id":"2334372","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2334372"},{"reference_url":"https://git.kernel.org/stable/c/60457ed6c67625c87861f96912b4179dc2293896","reference_id":"60457ed6c67625c87861f96912b4179dc2293896","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-11T15:43:11Z/"}],"url":"https://git.kernel.org/stable/c/60457ed6c67625c87861f96912b4179dc2293896"},{"reference_url":"https://git.kernel.org/stable/c/794fa8792d4eacac191f1cbcc2e81b7369e4662a","reference_id":"794fa8792d4eacac191f1cbcc2e81b7369e4662a","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-11T15:43:11Z/"}],"url":"https://git.kernel.org/stable/c/794fa8792d4eacac191f1cbcc2e81b7369e4662a"},{"reference_url":"https://git.kernel.org/stable/c/7b0033dbc48340a1c1c3f12448ba17d6587ca092","reference_id":"7b0033dbc48340a1c1c3f12448ba17d6587ca092","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-11T15:43:11Z/"}],"url":"https://git.kernel.org/stable/c/7b0033dbc48340a1c1c3f12448ba17d6587ca092"},{"reference_url":"https://git.kernel.org/stable/c/c631207897a9b3d41167ceca58e07f8f94720e42","reference_id":"c631207897a9b3d41167ceca58e07f8f94720e42","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-11T15:43:11Z/"}],"url":"https://git.kernel.org/stable/c/c631207897a9b3d41167ceca58e07f8f94720e42"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-53218"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tnps-zvhq-4qff"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60986?format=json","vulnerability_id":"VCID-tnq8-e5p8-sbef","summary":"kernel: net: Drop the lock in skb_may_tx_timestamp()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43216.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43216.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467205","reference_id":"2467205","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467205"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2026-43216"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tnq8-e5p8-sbef"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83144?format=json","vulnerability_id":"VCID-tpn4-19t8-ffb3","summary":"In the Linux kernel, the following vulnerability has been resolved:  drm/panfrost: Job should reference MMU not file_priv  For a while now it's been allowed for a MMU context to outlive it's corresponding panfrost_priv, however the job structure still references panfrost_priv to get hold of the MMU context. If panfrost_priv has been freed this is a use-after-free which I've been able to trigger resulting in a splat.  To fix this, drop the reference to panfrost_priv in the job structure and add a direct reference to the MMU structure which is what's actually needed.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49359.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49359.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49359","reference_id":"","reference_type":"","scores":[{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04965","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49359"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2347876","reference_id":"2347876","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2347876"},{"reference_url":"https://git.kernel.org/stable/c/472dd7ea5e19a1aeabf1711ddc756777e05ee7c2","reference_id":"472dd7ea5e19a1aeabf1711ddc756777e05ee7c2","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-27T18:16:38Z/"}],"url":"https://git.kernel.org/stable/c/472dd7ea5e19a1aeabf1711ddc756777e05ee7c2"},{"reference_url":"https://git.kernel.org/stable/c/6e516faf04317db2c46cbec4e3b78b4653a5b109","reference_id":"6e516faf04317db2c46cbec4e3b78b4653a5b109","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-27T18:16:38Z/"}],"url":"https://git.kernel.org/stable/c/6e516faf04317db2c46cbec4e3b78b4653a5b109"},{"reference_url":"https://git.kernel.org/stable/c/8c8e8cc91a6ffc79865108279a74fd57d9070a17","reference_id":"8c8e8cc91a6ffc79865108279a74fd57d9070a17","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-27T18:16:38Z/"}],"url":"https://git.kernel.org/stable/c/8c8e8cc91a6ffc79865108279a74fd57d9070a17"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-49359"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tpn4-19t8-ffb3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69643?format=json","vulnerability_id":"VCID-tsys-hcgy-uffj","summary":"kernel: drm/amdgpu/atom: Check kcalloc() for WS buffer in amdgpu_atom_execute_table_locked()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68190.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68190.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2422701","reference_id":"2422701","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2422701"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2025-68190"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tsys-hcgy-uffj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72270?format=json","vulnerability_id":"VCID-tt8h-rvkq-qkbp","summary":"kernel: f2fs: fix to truncate first page in error path of f2fs_truncate()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40137.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40137.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2414520","reference_id":"2414520","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2414520"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2025-40137"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tt8h-rvkq-qkbp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60923?format=json","vulnerability_id":"VCID-ttep-m9ba-u7d8","summary":"kernel: staging: rtl8723bs: fix memory leak on failure path","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43225.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43225.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467165","reference_id":"2467165","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467165"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2026-43225"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ttep-m9ba-u7d8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61969?format=json","vulnerability_id":"VCID-tudw-p4k5-j7c2","summary":"kernel: usb: gadget: renesas_usb3: validate endpoint index in standard request handlers","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31615.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31615.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461475","reference_id":"2461475","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461475"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-31615"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tudw-p4k5-j7c2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79149?format=json","vulnerability_id":"VCID-tvuw-dgrw-5qcx","summary":"kernel: net: clear the dst when changing skb protocol","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38192.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38192.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2376403","reference_id":"2376403","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2376403"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-38192"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tvuw-dgrw-5qcx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83552?format=json","vulnerability_id":"VCID-tx1n-rrf3-4yht","summary":"In the Linux kernel, the following vulnerability has been resolved:  ASoC: rt7*-sdw: harden jack_detect_handler  Realtek headset codec drivers typically check if the card is instantiated before proceeding with the jack detection.  The rt700, rt711 and rt711-sdca are however missing a check on the card pointer, which can lead to NULL dereferences encountered in driver bind/unbind tests.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49616.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49616.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49616","reference_id":"","reference_type":"","scores":[{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23702","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49616"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2347865","reference_id":"2347865","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2347865"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7683","reference_id":"RHSA-2022:7683","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7683"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-49616"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tx1n-rrf3-4yht"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84641?format=json","vulnerability_id":"VCID-tx7p-duny-t7ee","summary":"In the Linux kernel, the following vulnerability has been resolved:  ALSA: scarlett2: Add clamp() in scarlett2_mixer_ctl_put()  Ensure the value passed to scarlett2_mixer_ctl_put() is between 0 and SCARLETT2_MIXER_MAX_VALUE so we don't attempt to access outside scarlett2_mixer_values[].","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52674.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52674.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/03035872e17897ba89866940bbc9cefca601e572","reference_id":"03035872e17897ba89866940bbc9cefca601e572","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-31T18:43:58Z/"}],"url":"https://git.kernel.org/stable/c/03035872e17897ba89866940bbc9cefca601e572"},{"reference_url":"https://git.kernel.org/stable/c/04f8f053252b86c7583895c962d66747ecdc61b7","reference_id":"04f8f053252b86c7583895c962d66747ecdc61b7","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-31T18:43:58Z/"}],"url":"https://git.kernel.org/stable/c/04f8f053252b86c7583895c962d66747ecdc61b7"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2281336","reference_id":"2281336","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2281336"},{"reference_url":"https://git.kernel.org/stable/c/ad945ea8d47dd4454c271510bea24850119847c2","reference_id":"ad945ea8d47dd4454c271510bea24850119847c2","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-31T18:43:58Z/"}],"url":"https://git.kernel.org/stable/c/ad945ea8d47dd4454c271510bea24850119847c2"},{"reference_url":"https://git.kernel.org/stable/c/d8d8897d65061cbe36bf2909057338303a904810","reference_id":"d8d8897d65061cbe36bf2909057338303a904810","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-31T18:43:58Z/"}],"url":"https://git.kernel.org/stable/c/d8d8897d65061cbe36bf2909057338303a904810"},{"reference_url":"https://git.kernel.org/stable/c/e517645ead5ea22c69d2a44694baa23fe1ce7c2b","reference_id":"e517645ead5ea22c69d2a44694baa23fe1ce7c2b","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-31T18:43:58Z/"}],"url":"https://git.kernel.org/stable/c/e517645ead5ea22c69d2a44694baa23fe1ce7c2b"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9315","reference_id":"RHSA-2024:9315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9315"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-52674"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tx7p-duny-t7ee"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61869?format=json","vulnerability_id":"VCID-txtk-ndxv-6ug1","summary":"kernel: openvswitch: defer tunnel netdev_put to RCU release","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31678.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31678.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461761","reference_id":"2461761","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461761"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2026-31678"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-txtk-ndxv-6ug1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86231?format=json","vulnerability_id":"VCID-ty32-3hfp-huhn","summary":"kernel: virtiofs: use pages instead of pointer for kernel direct IO","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-53219.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-53219.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2334407","reference_id":"2334407","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2334407"},{"reference_url":"https://git.kernel.org/stable/c/2bc07714dc955a91d2923a440ea02c3cb3376b10","reference_id":"2bc07714dc955a91d2923a440ea02c3cb3376b10","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T20:03:23Z/"}],"url":"https://git.kernel.org/stable/c/2bc07714dc955a91d2923a440ea02c3cb3376b10"},{"reference_url":"https://git.kernel.org/stable/c/41748675c0bf252b3c5f600a95830f0936d366c1","reference_id":"41748675c0bf252b3c5f600a95830f0936d366c1","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T20:03:23Z/"}],"url":"https://git.kernel.org/stable/c/41748675c0bf252b3c5f600a95830f0936d366c1"},{"reference_url":"https://git.kernel.org/stable/c/9a8fde56d4b6d51930936ed50f6370a9097328d1","reference_id":"9a8fde56d4b6d51930936ed50f6370a9097328d1","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T20:03:23Z/"}],"url":"https://git.kernel.org/stable/c/9a8fde56d4b6d51930936ed50f6370a9097328d1"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-53219"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ty32-3hfp-huhn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82512?format=json","vulnerability_id":"VCID-u4dz-m5yc-4qfg","summary":"In the Linux kernel, the following vulnerability has been resolved:  gpiolib: fix memory leak in gpiochip_setup_dev()  Here is a backtrace report about memory leak detected in gpiochip_setup_dev():  unreferenced object 0xffff88810b406400 (size 512):   comm \"python3\", pid 1682, jiffies 4295346908 (age 24.090s)   backtrace:     kmalloc_trace     device_add\t\tdevice_private_init at drivers/base/core.c:3361 \t\t\t(inlined by) device_add at drivers/base/core.c:3411     cdev_device_add     gpiolib_cdev_register     gpiochip_setup_dev     gpiochip_add_data_with_key  gcdev_register() & gcdev_unregister() would call device_add() & device_del() (no matter CONFIG_GPIO_CDEV is enabled or not) to register/unregister device.  However, if device_add() succeeds, some resource (like struct device_private allocated by device_private_init()) is not released by device_del().  Therefore, after device_add() succeeds by gcdev_register(), it needs to call put_device() to release resource in the error handle path.  Here we move forward the register of release function, and let it release every piece of resource by put_device() instead of kfree().  While at it, fix another subtle issue, i.e. when gc->ngpio is equal to 0, we still call kcalloc() and, in case of further error, kfree() on the ZERO_PTR pointer, which is not NULL. It's not a bug per se, but rather waste of the resources and potentially wrong expectation about contents of the gdev->descs variable.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48975.json","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48975.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-48975","reference_id":"","reference_type":"","scores":[{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03708","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-48975"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2320704","reference_id":"2320704","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2320704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6583","reference_id":"RHSA-2023:6583","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6583"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-48975"],"risk_score":3.2,"exploitability":"0.5","weighted_severity":"6.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u4dz-m5yc-4qfg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87525?format=json","vulnerability_id":"VCID-u6c6-12q4-hka2","summary":"kernel: bpf: Use raw_spinlock_t in ringbuf","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-50138.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-50138.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2323951","reference_id":"2323951","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2323951"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-50138"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u6c6-12q4-hka2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75864?format=json","vulnerability_id":"VCID-u6j2-8d25-guas","summary":"kernel: 9p: set req refcount to zero to avoid uninitialized usage","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50335.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50335.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50335","reference_id":"","reference_type":"","scores":[{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06338","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50335"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2395395","reference_id":"2395395","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2395395"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-50335"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u6j2-8d25-guas"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77070?format=json","vulnerability_id":"VCID-u73h-etb9-xbet","summary":"kernel: net/mlx5e: Remove skb secpath if xfrm state is not found","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38590.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38590.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2389481","reference_id":"2389481","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2389481"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2025-38590"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u73h-etb9-xbet"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/90339?format=json","vulnerability_id":"VCID-u98v-m13d-cqbw","summary":"IEEE P802.11-REVme D1.1 through D7.0 allows FragAttacks against mesh networks. In mesh networks using Wi-Fi Protected Access (WPA, WPA2, or WPA3) or Wired Equivalent Privacy (WEP), an adversary can exploit this vulnerability to inject arbitrary frames towards devices that support receiving non-SSP A-MSDU frames. NOTE: this issue exists because of an incorrect fix for CVE-2020-24588. P802.11-REVme, as of early 2025, is a planned release of the 802.11 standard.","references":[{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/vanhoefm/fragattacks-survey-public/blob/main/README.md","reference_id":"README.md","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-05-22T17:44:16Z/"}],"url":"https://github.com/vanhoefm/fragattacks-survey-public/blob/main/README.md"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-27558"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u98v-m13d-cqbw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59139?format=json","vulnerability_id":"VCID-uapt-u8g5-jffn","summary":"kernel: batman-adv: bla: only purge non-released claims","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46233.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46233.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482561","reference_id":"2482561","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482561"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-46233"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uapt-u8g5-jffn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88669?format=json","vulnerability_id":"VCID-uay3-k3w6-juc3","summary":"In the Linux kernel, the following vulnerability has been resolved:  drm/msm/dpu: cleanup FB if dpu_format_populate_layout fails  If the dpu_format_populate_layout() fails, then FB is prepared, but not cleaned up. This ends up leaking the pin_count on the GEM object and causes a splat during DRM file closure:  msm_obj->pin_count WARNING: CPU: 2 PID: 569 at drivers/gpu/drm/msm/msm_gem.c:121 update_lru_locked+0xc4/0xcc [...] Call trace:  update_lru_locked+0xc4/0xcc  put_pages+0xac/0x100  msm_gem_free_object+0x138/0x180  drm_gem_object_free+0x1c/0x30  drm_gem_object_handle_put_unlocked+0x108/0x10c  drm_gem_object_release_handle+0x58/0x70  idr_for_each+0x68/0xec  drm_gem_release+0x28/0x40  drm_file_free+0x174/0x234  drm_release+0xb0/0x160  __fput+0xc0/0x2c8  __fput_sync+0x50/0x5c  __arm64_sys_close+0x38/0x7c  invoke_syscall+0x48/0x118  el0_svc_common.constprop.0+0x40/0xe0  do_el0_svc+0x1c/0x28  el0_svc+0x4c/0x120  el0t_64_sync_handler+0x100/0x12c  el0t_64_sync+0x190/0x194 irq event stamp: 129818 hardirqs last  enabled at (129817): [<ffffa5f6d953fcc0>] console_unlock+0x118/0x124 hardirqs last disabled at (129818): [<ffffa5f6da7dcf04>] el1_dbg+0x24/0x8c softirqs last  enabled at (129808): [<ffffa5f6d94afc18>] handle_softirqs+0x4c8/0x4e8 softirqs last disabled at (129785): [<ffffa5f6d94105e4>] __do_softirq+0x14/0x20  Patchwork: https://patchwork.freedesktop.org/patch/600714/","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-44982.json","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-44982.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/02193c70723118889281f75b88722b26b58bf4ae","reference_id":"02193c70723118889281f75b88722b26b58bf4ae","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:02:05Z/"}],"url":"https://git.kernel.org/stable/c/02193c70723118889281f75b88722b26b58bf4ae"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2309845","reference_id":"2309845","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2309845"},{"reference_url":"https://git.kernel.org/stable/c/7ecf85542169012765e4c2817cd3be6c2e009962","reference_id":"7ecf85542169012765e4c2817cd3be6c2e009962","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:02:05Z/"}],"url":"https://git.kernel.org/stable/c/7ecf85542169012765e4c2817cd3be6c2e009962"},{"reference_url":"https://git.kernel.org/stable/c/9b8b65211a880af8fe8330a101e1e239a2d4008f","reference_id":"9b8b65211a880af8fe8330a101e1e239a2d4008f","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:02:05Z/"}],"url":"https://git.kernel.org/stable/c/9b8b65211a880af8fe8330a101e1e239a2d4008f"},{"reference_url":"https://git.kernel.org/stable/c/a3c5815b07f4ee19d0b7e2ddf91ff9f03ecbf27d","reference_id":"a3c5815b07f4ee19d0b7e2ddf91ff9f03ecbf27d","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:02:05Z/"}],"url":"https://git.kernel.org/stable/c/a3c5815b07f4ee19d0b7e2ddf91ff9f03ecbf27d"},{"reference_url":"https://git.kernel.org/stable/c/bfa1a6283be390947d3649c482e5167186a37016","reference_id":"bfa1a6283be390947d3649c482e5167186a37016","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:02:05Z/"}],"url":"https://git.kernel.org/stable/c/bfa1a6283be390947d3649c482e5167186a37016"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-44982"],"risk_score":2.3,"exploitability":"0.5","weighted_severity":"4.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uay3-k3w6-juc3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86253?format=json","vulnerability_id":"VCID-ub45-rgxj-8ufr","summary":"kernel: f2fs: fix to account dirty data in __get_secs_required()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-53220.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-53220.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2334413","reference_id":"2334413","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2334413"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-53220"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ub45-rgxj-8ufr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63620?format=json","vulnerability_id":"VCID-uc6h-awgm-t7hz","summary":"kernel: netfilter: conntrack: add missing netlink policy validations","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31407.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31407.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2455331","reference_id":"2455331","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2455331"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-31407"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uc6h-awgm-t7hz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74363?format=json","vulnerability_id":"VCID-ud16-vns8-yyh6","summary":"kernel: wifi: rtw88: Fix memory leak in rtw88_usb","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53529.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53529.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2400736","reference_id":"2400736","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2400736"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2023-53529"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ud16-vns8-yyh6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81329?format=json","vulnerability_id":"VCID-ud3q-2rua-tfbv","summary":"In the Linux kernel, the following vulnerability has been resolved:  io_uring: ensure task_work gets run as part of cancelations  If we successfully cancel a work item but that work item needs to be processed through task_work, then we can be sleeping uninterruptibly in io_uring_cancel_generic() and never process it. Hence we don't make forward progress and we end up with an uninterruptible sleep warning.  While in there, correct a comment that should be IFF, not IIF.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47504.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47504.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-47504","reference_id":"","reference_type":"","scores":[{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04302","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-47504"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2283450","reference_id":"2283450","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2283450"},{"reference_url":"https://git.kernel.org/stable/c/78a780602075d8b00c98070fa26e389b3b3efa72","reference_id":"78a780602075d8b00c98070fa26e389b3b3efa72","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-14T18:38:00Z/"}],"url":"https://git.kernel.org/stable/c/78a780602075d8b00c98070fa26e389b3b3efa72"},{"reference_url":"https://git.kernel.org/stable/c/8e12976c0c19ebc14b60046b1348c516a74c25a2","reference_id":"8e12976c0c19ebc14b60046b1348c516a74c25a2","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-14T18:38:00Z/"}],"url":"https://git.kernel.org/stable/c/8e12976c0c19ebc14b60046b1348c516a74c25a2"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2021-47504"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ud3q-2rua-tfbv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75390?format=json","vulnerability_id":"VCID-udt2-whuw-mue9","summary":"kernel: net: rose: include node references in rose_neigh refcount","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39827.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39827.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2395782","reference_id":"2395782","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2395782"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-39827"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-udt2-whuw-mue9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87260?format=json","vulnerability_id":"VCID-uesd-nu7f-vbbk","summary":"In the Linux kernel, the following vulnerability has been resolved:  amd/amdkfd: sync all devices to wait all processes being evicted  If there are more than one device doing reset in parallel, the first device will call kfd_suspend_all_processes() to evict all processes on all devices, this call takes time to finish. other device will start reset and recover without waiting. if the process has not been evicted before doing recover, it will be restored, then caused page fault.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-36949.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-36949.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2284456","reference_id":"2284456","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2284456"},{"reference_url":"https://git.kernel.org/stable/c/b6f6626528fe724b512c34f3fb5946c36a135f58","reference_id":"b6f6626528fe724b512c34f3fb5946c36a135f58","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-17T15:33:14Z/"}],"url":"https://git.kernel.org/stable/c/b6f6626528fe724b512c34f3fb5946c36a135f58"},{"reference_url":"https://git.kernel.org/stable/c/d06af584be5a769d124b7302b32a033e9559761d","reference_id":"d06af584be5a769d124b7302b32a033e9559761d","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-17T15:33:14Z/"}],"url":"https://git.kernel.org/stable/c/d06af584be5a769d124b7302b32a033e9559761d"},{"reference_url":"https://git.kernel.org/stable/c/ed28ef3840bbf93a64376ea7814ce39f86352e14","reference_id":"ed28ef3840bbf93a64376ea7814ce39f86352e14","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-17T15:33:14Z/"}],"url":"https://git.kernel.org/stable/c/ed28ef3840bbf93a64376ea7814ce39f86352e14"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-36949"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uesd-nu7f-vbbk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88606?format=json","vulnerability_id":"VCID-ufjk-vhvk-m3g3","summary":"In the Linux kernel, the following vulnerability has been resolved:  drm/amdgpu/pm: Fix the null pointer dereference for smu7  optimize the code to avoid pass a null pointer (hwmgr->backend) to function smu7_update_edc_leakage_table.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-43909.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-43909.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/09544cd95c688d3041328a4253bd7514972399bb","reference_id":"09544cd95c688d3041328a4253bd7514972399bb","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:28:23Z/"}],"url":"https://git.kernel.org/stable/c/09544cd95c688d3041328a4253bd7514972399bb"},{"reference_url":"https://git.kernel.org/stable/c/1b8aa82b80bd947b68a8ab051d960a0c7935e22d","reference_id":"1b8aa82b80bd947b68a8ab051d960a0c7935e22d","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:28:23Z/"}],"url":"https://git.kernel.org/stable/c/1b8aa82b80bd947b68a8ab051d960a0c7935e22d"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2307881","reference_id":"2307881","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2307881"},{"reference_url":"https://git.kernel.org/stable/c/37b9df457cbcf095963d18f17d6cb7dfa0a03fce","reference_id":"37b9df457cbcf095963d18f17d6cb7dfa0a03fce","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:28:23Z/"}],"url":"https://git.kernel.org/stable/c/37b9df457cbcf095963d18f17d6cb7dfa0a03fce"},{"reference_url":"https://git.kernel.org/stable/c/7f56f050f02c27ed89cce1ea0c04b34abce32751","reference_id":"7f56f050f02c27ed89cce1ea0c04b34abce32751","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:28:23Z/"}],"url":"https://git.kernel.org/stable/c/7f56f050f02c27ed89cce1ea0c04b34abce32751"},{"reference_url":"https://git.kernel.org/stable/c/c02c1960c93eede587576625a1221205a68a904f","reference_id":"c02c1960c93eede587576625a1221205a68a904f","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:28:23Z/"}],"url":"https://git.kernel.org/stable/c/c02c1960c93eede587576625a1221205a68a904f"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-43909"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ufjk-vhvk-m3g3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86943?format=json","vulnerability_id":"VCID-ufsc-envw-n3cp","summary":"In the Linux kernel, the following vulnerability has been resolved:  wifi: ath11k: decrease MHI channel buffer length to 8KB  Currently buf_len field of ath11k_mhi_config_qca6390 is assigned with 0, making MHI use a default size, 64KB, to allocate channel buffers. This is likely to fail in some scenarios where system memory is highly fragmented and memory compaction or reclaim is not allowed.  There is a fail report which is caused by it: kworker/u32:45: page allocation failure: order:4, mode:0x40c00(GFP_NOIO|__GFP_COMP), nodemask=(null),cpuset=/,mems_allowed=0 CPU: 0 PID: 19318 Comm: kworker/u32:45 Not tainted 6.8.0-rc3-1.gae4495f-default #1 openSUSE Tumbleweed (unreleased) 493b6d5b382c603654d7a81fc3c144d59a1dfceb Workqueue: events_unbound async_run_entry_fn Call Trace:  <TASK>  dump_stack_lvl+0x47/0x60  warn_alloc+0x13a/0x1b0  ? srso_alias_return_thunk+0x5/0xfbef5  ? __alloc_pages_direct_compact+0xab/0x210  __alloc_pages_slowpath.constprop.0+0xd3e/0xda0  __alloc_pages+0x32d/0x350  ? mhi_prepare_channel+0x127/0x2d0 [mhi 40df44e07c05479f7a6e7b90fba9f0e0031a7814]  __kmalloc_large_node+0x72/0x110  __kmalloc+0x37c/0x480  ? mhi_map_single_no_bb+0x77/0xf0 [mhi 40df44e07c05479f7a6e7b90fba9f0e0031a7814]  ? mhi_prepare_channel+0x127/0x2d0 [mhi 40df44e07c05479f7a6e7b90fba9f0e0031a7814]  mhi_prepare_channel+0x127/0x2d0 [mhi 40df44e07c05479f7a6e7b90fba9f0e0031a7814]  __mhi_prepare_for_transfer+0x44/0x80 [mhi 40df44e07c05479f7a6e7b90fba9f0e0031a7814]  ? __pfx_____mhi_prepare_for_transfer+0x10/0x10 [mhi 40df44e07c05479f7a6e7b90fba9f0e0031a7814]  device_for_each_child+0x5c/0xa0  ? __pfx_pci_pm_resume+0x10/0x10  ath11k_core_resume+0x65/0x100 [ath11k a5094e22d7223135c40d93c8f5321cf09fd85e4e]  ? srso_alias_return_thunk+0x5/0xfbef5  ath11k_pci_pm_resume+0x32/0x60 [ath11k_pci 830b7bfc3ea80ebef32e563cafe2cb55e9cc73ec]  ? srso_alias_return_thunk+0x5/0xfbef5  dpm_run_callback+0x8c/0x1e0  device_resume+0x104/0x340  ? __pfx_dpm_watchdog_handler+0x10/0x10  async_resume+0x1d/0x30  async_run_entry_fn+0x32/0x120  process_one_work+0x168/0x330  worker_thread+0x2f5/0x410  ? __pfx_worker_thread+0x10/0x10  kthread+0xe8/0x120  ? __pfx_kthread+0x10/0x10  ret_from_fork+0x34/0x50  ? __pfx_kthread+0x10/0x10  ret_from_fork_asm+0x1b/0x30  </TASK>  Actually those buffers are used only by QMI target -> host communication. And for WCN6855 and QCA6390, the largest packet size for that is less than 6KB. So change buf_len field to 8KB, which results in order 1 allocation if page size is 4KB. In this way, we can at least save some memory, and as well as decrease the possibility of allocation failure in those scenarios.  Tested-on: WCN6855 hw2.0 PCI WLAN.HSP.1.1-03125-QCAHSPSWPL_V1_V2_SILICONZ_LITE-3.6510.30","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-35938.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-35938.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/138fdeac75fb7512a7f9f1c3b236cd2e754af793","reference_id":"138fdeac75fb7512a7f9f1c3b236cd2e754af793","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-28T19:33:50Z/"}],"url":"https://git.kernel.org/stable/c/138fdeac75fb7512a7f9f1c3b236cd2e754af793"},{"reference_url":"https://git.kernel.org/stable/c/1cca1bddf9ef080503c15378cecf4877f7510015","reference_id":"1cca1bddf9ef080503c15378cecf4877f7510015","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-28T19:33:50Z/"}],"url":"https://git.kernel.org/stable/c/1cca1bddf9ef080503c15378cecf4877f7510015"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2281819","reference_id":"2281819","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2281819"},{"reference_url":"https://git.kernel.org/stable/c/6597a6687af54e2cb58371cf8f6ee4dd85c537de","reference_id":"6597a6687af54e2cb58371cf8f6ee4dd85c537de","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-28T19:33:50Z/"}],"url":"https://git.kernel.org/stable/c/6597a6687af54e2cb58371cf8f6ee4dd85c537de"},{"reference_url":"https://git.kernel.org/stable/c/805a1cdde82fec00c7471a393f4bb437b2741559","reference_id":"805a1cdde82fec00c7471a393f4bb437b2741559","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-28T19:33:50Z/"}],"url":"https://git.kernel.org/stable/c/805a1cdde82fec00c7471a393f4bb437b2741559"},{"reference_url":"https://git.kernel.org/stable/c/ae5876b3b7b2243d874e2afa099e7926122087a1","reference_id":"ae5876b3b7b2243d874e2afa099e7926122087a1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-28T19:33:50Z/"}],"url":"https://git.kernel.org/stable/c/ae5876b3b7b2243d874e2afa099e7926122087a1"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5101","reference_id":"RHSA-2024:5101","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5101"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5102","reference_id":"RHSA-2024:5102","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5102"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9315","reference_id":"RHSA-2024:9315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9315"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3935","reference_id":"RHSA-2025:3935","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3935"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-35938"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ufsc-envw-n3cp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59649?format=json","vulnerability_id":"VCID-uj56-zg83-subf","summary":"kernel: net/smc: avoid early lgr access in smc_clc_wait_msg","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46027.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46027.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482168","reference_id":"2482168","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482168"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-46027"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uj56-zg83-subf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80904?format=json","vulnerability_id":"VCID-umqu-p3an-77hm","summary":"In the Linux kernel, the following vulnerability has been resolved:  ice: xsk: return xsk buffers back to pool when cleaning the ring  Currently we only NULL the xdp_buff pointer in the internal SW ring but we never give it back to the xsk buffer pool. This means that buffers can be leaked out of the buff pool and never be used again.  Add missing xsk_buff_free() call to the routine that is supposed to clean the entries that are left in the ring so that these buffers in the umem can be used by other sockets.  Also, only go through the space that is actually left to be cleaned instead of a whole ring.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47105.json","reference_id":"","reference_type":"","scores":[{"value":"6.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47105.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-47105","reference_id":"","reference_type":"","scores":[{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02863","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-47105"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2267912","reference_id":"2267912","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2267912"},{"reference_url":"https://git.kernel.org/stable/c/ad6d20da2cfbe14b7b1200d15f39e65988b0b9e8","reference_id":"ad6d20da2cfbe14b7b1200d15f39e65988b0b9e8","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-06T19:54:23Z/"}],"url":"https://git.kernel.org/stable/c/ad6d20da2cfbe14b7b1200d15f39e65988b0b9e8"},{"reference_url":"https://git.kernel.org/stable/c/afe8a3ba85ec2a6b6849367e25c06a2f8e0ddd05","reference_id":"afe8a3ba85ec2a6b6849367e25c06a2f8e0ddd05","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-06T19:54:23Z/"}],"url":"https://git.kernel.org/stable/c/afe8a3ba85ec2a6b6849367e25c06a2f8e0ddd05"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2021-47105"],"risk_score":2.7,"exploitability":"0.5","weighted_severity":"5.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-umqu-p3an-77hm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86297?format=json","vulnerability_id":"VCID-un22-d3z3-1ye5","summary":"kernel: f2fs: fix to drop all discards after creating snapshot on lvm device","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56565.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56565.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2334447","reference_id":"2334447","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2334447"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-56565"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-un22-d3z3-1ye5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61528?format=json","vulnerability_id":"VCID-uqwc-gv9m-qkgw","summary":"kernel: usb: cdns3: gadget: fix state inconsistency on gadget init failure","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31754.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31754.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2464459","reference_id":"2464459","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2464459"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2026-31754"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uqwc-gv9m-qkgw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81836?format=json","vulnerability_id":"VCID-uqye-h3n4-zygx","summary":"In the Linux kernel, the following vulnerability has been resolved:  drm/gma500: Fix WARN_ON(lock->magic != lock) error  psb_gem_unpin() calls dma_resv_lock() but the underlying ww_mutex gets destroyed by drm_gem_object_release() move the drm_gem_object_release() call in psb_gem_free_object() to after the unpin to fix the below warning:  [   79.693962] ------------[ cut here ]------------ [   79.693992] DEBUG_LOCKS_WARN_ON(lock->magic != lock) [   79.694015] WARNING: CPU: 0 PID: 240 at kernel/locking/mutex.c:582 __ww_mutex_lock.constprop.0+0x569/0xfb0 [   79.694052] Modules linked in: rfcomm snd_seq_dummy snd_hrtimer qrtr bnep ath9k ath9k_common ath9k_hw snd_hda_codec_realtek snd_hda_codec_generic ledtrig_audio snd_hda_codec_hdmi snd_hda_intel ath3k snd_intel_dspcfg mac80211 snd_intel_sdw_acpi btusb snd_hda_codec btrtl btbcm btintel btmtk bluetooth at24 snd_hda_core snd_hwdep uvcvideo snd_seq libarc4 videobuf2_vmalloc ath videobuf2_memops videobuf2_v4l2 videobuf2_common snd_seq_device videodev acer_wmi intel_powerclamp coretemp mc snd_pcm joydev sparse_keymap ecdh_generic pcspkr wmi_bmof cfg80211 i2c_i801 i2c_smbus snd_timer snd r8169 rfkill lpc_ich soundcore acpi_cpufreq zram rtsx_pci_sdmmc mmc_core serio_raw rtsx_pci gma500_gfx(E) video wmi ip6_tables ip_tables i2c_dev fuse [   79.694436] CPU: 0 PID: 240 Comm: plymouthd Tainted: G        W   E      6.0.0-rc3+ #490 [   79.694457] Hardware name: Packard Bell dot s/SJE01_CT, BIOS V1.10 07/23/2013 [   79.694469] RIP: 0010:__ww_mutex_lock.constprop.0+0x569/0xfb0 [   79.694496] Code: ff 85 c0 0f 84 15 fb ff ff 8b 05 ca 3c 11 01 85 c0 0f 85 07 fb ff ff 48 c7 c6 30 cb 84 aa 48 c7 c7 a3 e1 82 aa e8 ac 29 f8 ff <0f> 0b e9 ed fa ff ff e8 5b 83 8a ff 85 c0 74 10 44 8b 0d 98 3c 11 [   79.694513] RSP: 0018:ffffad1dc048bbe0 EFLAGS: 00010282 [   79.694623] RAX: 0000000000000028 RBX: 0000000000000000 RCX: 0000000000000000 [   79.694636] RDX: 0000000000000001 RSI: ffffffffaa8b0ffc RDI: 00000000ffffffff [   79.694650] RBP: ffffad1dc048bc80 R08: 0000000000000000 R09: ffffad1dc048ba90 [   79.694662] R10: 0000000000000003 R11: ffffffffaad62fe8 R12: ffff9ff302103138 [   79.694675] R13: ffff9ff306ec8000 R14: ffff9ff307779078 R15: ffff9ff3014c0270 [   79.694690] FS:  00007ff1cccf1740(0000) GS:ffff9ff3bc200000(0000) knlGS:0000000000000000 [   79.694705] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [   79.694719] CR2: 0000559ecbcb4420 CR3: 0000000013210000 CR4: 00000000000006f0 [   79.694734] Call Trace: [   79.694749]  <TASK> [   79.694761]  ? __schedule+0x47f/0x1670 [   79.694796]  ? psb_gem_unpin+0x27/0x1a0 [gma500_gfx] [   79.694830]  ? lock_is_held_type+0xe3/0x140 [   79.694864]  ? ww_mutex_lock+0x38/0xa0 [   79.694885]  ? __cond_resched+0x1c/0x30 [   79.694902]  ww_mutex_lock+0x38/0xa0 [   79.694925]  psb_gem_unpin+0x27/0x1a0 [gma500_gfx] [   79.694964]  psb_gem_unpin+0x199/0x1a0 [gma500_gfx] [   79.694996]  drm_gem_object_release_handle+0x50/0x60 [   79.695020]  ? drm_gem_object_handle_put_unlocked+0xf0/0xf0 [   79.695042]  idr_for_each+0x4b/0xb0 [   79.695066]  ? _raw_spin_unlock_irqrestore+0x30/0x60 [   79.695095]  drm_gem_release+0x1c/0x30 [   79.695118]  drm_file_free.part.0+0x1ea/0x260 [   79.695150]  drm_release+0x6a/0x120 [   79.695175]  __fput+0x9f/0x260 [   79.695203]  task_work_run+0x59/0xa0 [   79.695227]  do_exit+0x387/0xbe0 [   79.695250]  ? seqcount_lockdep_reader_access.constprop.0+0x82/0x90 [   79.695275]  ? lockdep_hardirqs_on+0x7d/0x100 [   79.695304]  do_group_exit+0x33/0xb0 [   79.695331]  __x64_sys_exit_group+0x14/0x20 [   79.695353]  do_syscall_64+0x58/0x80 [   79.695376]  ? up_read+0x17/0x20 [   79.695401]  ? lock_is_held_type+0xe3/0x140 [   79.695429]  ? asm_exc_page_fault+0x22/0x30 [   79.695450]  ? lockdep_hardirqs_on+0x7d/0x100 [   79.695473]  entry_SYSCALL_64_after_hwframe+0x63/0xcd [   79.695493] RIP: 0033:0x7ff1ccefe3f1 [   79.695516] Code: Unable to access opcode bytes at RIP 0x7ff1ccefe3c7. [   79.695607] RSP: 002b:00007ffed4413378 EFLAGS:  ---truncated---","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48633.json","reference_id":"","reference_type":"","scores":[{"value":"2.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48633.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-48633","reference_id":"","reference_type":"","scores":[{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00233","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-48633"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2277839","reference_id":"2277839","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2277839"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-48633"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uqye-h3n4-zygx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/76818?format=json","vulnerability_id":"VCID-urjj-xcn1-m7d7","summary":"kernel: can: netlink: can_changelink(): fix NULL pointer deref of struct can_priv::do_set_mode","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38665.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38665.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2390409","reference_id":"2390409","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2390409"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-38665"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-urjj-xcn1-m7d7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/68565?format=json","vulnerability_id":"VCID-uukj-95tx-mbfz","summary":"kernel: ext2: Add sanity checks for group and filesystem size","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50815.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50815.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50815","reference_id":"","reference_type":"","scores":[{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06706","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50815"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2426029","reference_id":"2426029","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2426029"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-50815"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uukj-95tx-mbfz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69478?format=json","vulnerability_id":"VCID-uuvq-kqxw-uug9","summary":"kernel: can: gs_usb: gs_usb_receive_bulk_callback(): check actual_length before accessing header","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68343.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68343.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2424610","reference_id":"2424610","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2424610"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-68343"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uuvq-kqxw-uug9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62035?format=json","vulnerability_id":"VCID-uw66-w16d-nfaz","summary":"kernel: wifi: cfg80211: cancel pmsr_free_wk in cfg80211_pmsr_wdev_down","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31548.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31548.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461522","reference_id":"2461522","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461522"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2026-31548"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uw66-w16d-nfaz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59611?format=json","vulnerability_id":"VCID-uwkb-k8xy-7uh1","summary":"kernel: fbdev: defio: Disconnect deferred I/O from the lifetime of struct fb_info","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46065.json","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46065.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482139","reference_id":"2482139","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482139"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-46065"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uwkb-k8xy-7uh1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69213?format=json","vulnerability_id":"VCID-uwtm-s61u-cbca","summary":"kernel: Linux kernel: Denial of Service in qla2xxx SCSI driver due to improper command handling after chip reset","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68745.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68745.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2425039","reference_id":"2425039","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2425039"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2025-68745"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uwtm-s61u-cbca"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/67768?format=json","vulnerability_id":"VCID-uxa9-5dyh-myhq","summary":"kernel: spi: spi-sprd-adi: Fix double free in probe error path","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23068.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23068.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2436767","reference_id":"2436767","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2436767"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2026-23068"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uxa9-5dyh-myhq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61962?format=json","vulnerability_id":"VCID-uxsm-hqct-u3cw","summary":"kernel: HID: alps: fix NULL pointer dereference in alps_raw_event()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31625.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31625.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461470","reference_id":"2461470","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461470"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-31625"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uxsm-hqct-u3cw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61860?format=json","vulnerability_id":"VCID-uxu2-3kzv-dya3","summary":"kernel: net: sched: act_csum: validate nested VLAN headers","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31684.json","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31684.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461757","reference_id":"2461757","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461757"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21556","reference_id":"RHSA-2026:21556","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21556"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21557","reference_id":"RHSA-2026:21557","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21557"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21706","reference_id":"RHSA-2026:21706","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21706"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21745","reference_id":"RHSA-2026:21745","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21745"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-31684"],"risk_score":3.2,"exploitability":"0.5","weighted_severity":"6.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uxu2-3kzv-dya3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84825?format=json","vulnerability_id":"VCID-uy12-c5r2-q3a4","summary":"In the Linux kernel, the following vulnerability has been resolved:  scsi: ibmvfc: Remove BUG_ON in the case of an empty event pool  In practice the driver should never send more commands than are allocated to a queue's event pool. In the unlikely event that this happens, the code asserts a BUG_ON, and in the case that the kernel is not configured to crash on panic returns a junk event pointer from the empty event list causing things to spiral from there. This BUG_ON is a historical artifact of the ibmvfc driver first being upstreamed, and it is well known now that the use of BUG_ON is bad practice except in the most unrecoverable scenario. There is nothing about this scenario that prevents the driver from recovering and carrying on.  Remove the BUG_ON in question from ibmvfc_get_event() and return a NULL pointer in the case of an empty event pool. Update all call sites to ibmvfc_get_event() to check for a NULL pointer and perfrom the appropriate failure or recovery action.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52811.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52811.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2282743","reference_id":"2282743","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2282743"},{"reference_url":"https://git.kernel.org/stable/c/88984ec4792766df5a9de7a2ff2b5f281f94c7d4","reference_id":"88984ec4792766df5a9de7a2ff2b5f281f94c7d4","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-29T17:41:58Z/"}],"url":"https://git.kernel.org/stable/c/88984ec4792766df5a9de7a2ff2b5f281f94c7d4"},{"reference_url":"https://git.kernel.org/stable/c/8bbe784c2ff28d56ca0c548aaf3e584edc77052d","reference_id":"8bbe784c2ff28d56ca0c548aaf3e584edc77052d","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-29T17:41:58Z/"}],"url":"https://git.kernel.org/stable/c/8bbe784c2ff28d56ca0c548aaf3e584edc77052d"},{"reference_url":"https://git.kernel.org/stable/c/b39f2d10b86d0af353ea339e5815820026bca48f","reference_id":"b39f2d10b86d0af353ea339e5815820026bca48f","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-29T17:41:58Z/"}],"url":"https://git.kernel.org/stable/c/b39f2d10b86d0af353ea339e5815820026bca48f"},{"reference_url":"https://git.kernel.org/stable/c/d2af4ef80601224b90630c1ddc7cd2c7c8ab4dd8","reference_id":"d2af4ef80601224b90630c1ddc7cd2c7c8ab4dd8","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-29T17:41:58Z/"}],"url":"https://git.kernel.org/stable/c/d2af4ef80601224b90630c1ddc7cd2c7c8ab4dd8"},{"reference_url":"https://git.kernel.org/stable/c/e1d1f79b1929dce470a5dc9281c574cd58e8c6c0","reference_id":"e1d1f79b1929dce470a5dc9281c574cd58e8c6c0","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-29T17:41:58Z/"}],"url":"https://git.kernel.org/stable/c/e1d1f79b1929dce470a5dc9281c574cd58e8c6c0"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10771","reference_id":"RHSA-2024:10771","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10771"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4823","reference_id":"RHSA-2024:4823","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4823"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4831","reference_id":"RHSA-2024:4831","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4831"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5101","reference_id":"RHSA-2024:5101","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5101"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5102","reference_id":"RHSA-2024:5102","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5102"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6993","reference_id":"RHSA-2024:6993","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6993"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9315","reference_id":"RHSA-2024:9315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9315"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-52811"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uy12-c5r2-q3a4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59939?format=json","vulnerability_id":"VCID-v1kp-gtk5-5yfw","summary":"kernel: net/sched: sch_red: Replace direct dequeue call with peek and qdisc_dequeue_peeked","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43496.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43496.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2480459","reference_id":"2480459","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2480459"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-43496"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v1kp-gtk5-5yfw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59419?format=json","vulnerability_id":"VCID-v4n5-uda1-k3fe","summary":"kernel: ext4: drop extent cache after doing PARTIAL_VALID1 zeroout","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45892.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45892.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2481996","reference_id":"2481996","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2481996"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-45892"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v4n5-uda1-k3fe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61554?format=json","vulnerability_id":"VCID-v5w6-xu2n-jqcp","summary":"kernel: xfs: close crash window in attr dabtree inactivation","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43053.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43053.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2464478","reference_id":"2464478","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2464478"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2026-43053"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v5w6-xu2n-jqcp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61954?format=json","vulnerability_id":"VCID-v6mb-3c6d-b7fd","summary":"kernel: bcache: fix cached_dev.sb_bio use-after-free and crash","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31580.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31580.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461464","reference_id":"2461464","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461464"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-31580"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v6mb-3c6d-b7fd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60899?format=json","vulnerability_id":"VCID-v6p9-myq9-xbhu","summary":"kernel: alpha: fix user-space corruption during memory compaction","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43258.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43258.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467146","reference_id":"2467146","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467146"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-43258"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v6p9-myq9-xbhu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82349?format=json","vulnerability_id":"VCID-v6zm-kpcw-jfbm","summary":"In the Linux kernel, the following vulnerability has been resolved:  btrfs: do not WARN_ON() if we have PageError set  Whenever we do any extent buffer operations we call assert_eb_page_uptodate() to complain loudly if we're operating on an non-uptodate page.  Our overnight tests caught this warning earlier this week    WARNING: CPU: 1 PID: 553508 at fs/btrfs/extent_io.c:6849 assert_eb_page_uptodate+0x3f/0x50   CPU: 1 PID: 553508 Comm: kworker/u4:13 Tainted: G        W         5.17.0-rc3+ #564   Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.13.0-2.fc32 04/01/2014   Workqueue: btrfs-cache btrfs_work_helper   RIP: 0010:assert_eb_page_uptodate+0x3f/0x50   RSP: 0018:ffffa961440a7c68 EFLAGS: 00010246   RAX: 0017ffffc0002112 RBX: ffffe6e74453f9c0 RCX: 0000000000001000   RDX: ffffe6e74467c887 RSI: ffffe6e74453f9c0 RDI: ffff8d4c5efc2fc0   RBP: 0000000000000d56 R08: ffff8d4d4a224000 R09: 0000000000000000   R10: 00015817fa9d1ef0 R11: 000000000000000c R12: 00000000000007b1   R13: ffff8d4c5efc2fc0 R14: 0000000001500000 R15: 0000000001cb1000   FS:  0000000000000000(0000) GS:ffff8d4dbbd00000(0000) knlGS:0000000000000000   CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033   CR2: 00007ff31d3448d8 CR3: 0000000118be8004 CR4: 0000000000370ee0   Call Trace:     extent_buffer_test_bit+0x3f/0x70    free_space_test_bit+0xa6/0xc0    load_free_space_tree+0x1f6/0x470    caching_thread+0x454/0x630    ? rcu_read_lock_sched_held+0x12/0x60    ? rcu_read_lock_sched_held+0x12/0x60    ? rcu_read_lock_sched_held+0x12/0x60    ? lock_release+0x1f0/0x2d0    btrfs_work_helper+0xf2/0x3e0    ? lock_release+0x1f0/0x2d0    ? finish_task_switch.isra.0+0xf9/0x3a0    process_one_work+0x26d/0x580    ? process_one_work+0x580/0x580    worker_thread+0x55/0x3b0    ? process_one_work+0x580/0x580    kthread+0xf0/0x120    ? kthread_complete_and_exit+0x20/0x20    ret_from_fork+0x1f/0x30  This was partially fixed by c2e39305299f01 (\"btrfs: clear extent buffer uptodate when we fail to write it\"), however all that fix did was keep us from finding extent buffers after a failed writeout.  It didn't keep us from continuing to use a buffer that we already had found.  In this case we're searching the commit root to cache the block group, so we can start committing the transaction and switch the commit root and then start writing.  After the switch we can look up an extent buffer that hasn't been written yet and start processing that block group.  Then we fail to write that block out and clear Uptodate on the page, and then we start spewing these errors.  Normally we're protected by the tree lock to a certain degree here.  If we read a block we have that block read locked, and we block the writer from locking the block before we submit it for the write.  However this isn't necessarily fool proof because the read could happen before we do the submit_bio and after we locked and unlocked the extent buffer.  Also in this particular case we have path->skip_locking set, so that won't save us here.  We'll simply get a block that was valid when we read it, but became invalid while we were using it.  What we really want is to catch the case where we've \"read\" a block but it's not marked Uptodate.  On read we ClearPageError(), so if we're !Uptodate and !Error we know we didn't do the right thing for reading the page.  Fix this by checking !Uptodate && !Error, this way we will not complain if our buffer gets invalidated while we're using it, and we'll maintain the spirit of the check which is to make sure we have a fully in-cache block while we're messing with it.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48902.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48902.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-48902","reference_id":"","reference_type":"","scores":[{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.10039","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-48902"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2307155","reference_id":"2307155","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2307155"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-48902"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v6zm-kpcw-jfbm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83670?format=json","vulnerability_id":"VCID-v72v-aj27-27ap","summary":"In the Linux kernel, the following vulnerability has been resolved:  ice: Fix memory corruption in VF driver  Disable VF's RX/TX queues, when it's disabled. VF can have queues enabled, when it requests a reset. If PF driver assumes that VF is disabled, while VF still has queues configured, VF may unmap DMA resources. In such scenario device still can map packets to memory, which ends up silently corrupting it. Previously, VF driver could experience memory corruption, which lead to crash: [ 5119.170157] BUG: unable to handle kernel paging request at 00001b9780003237 [ 5119.170166] PGD 0 P4D 0 [ 5119.170173] Oops: 0002 [#1] PREEMPT_RT SMP PTI [ 5119.170181] CPU: 30 PID: 427592 Comm: kworker/u96:2 Kdump: loaded Tainted: G        W I      --------- -  - 4.18.0-372.9.1.rt7.166.el8.x86_64 #1 [ 5119.170189] Hardware name: Dell Inc. PowerEdge R740/014X06, BIOS 2.3.10 08/15/2019 [ 5119.170193] Workqueue: iavf iavf_adminq_task [iavf] [ 5119.170219] RIP: 0010:__page_frag_cache_drain+0x5/0x30 [ 5119.170238] Code: 0f 0f b6 77 51 85 f6 74 07 31 d2 e9 05 df ff ff e9 90 fe ff ff 48 8b 05 49 db 33 01 eb b4 0f 1f 80 00 00 00 00 0f 1f 44 00 00 <f0> 29 77 34 74 01 c3 48 8b 07 f6 c4 80 74 0f 0f b6 77 51 85 f6 74 [ 5119.170244] RSP: 0018:ffffa43b0bdcfd78 EFLAGS: 00010282 [ 5119.170250] RAX: ffffffff896b3e40 RBX: ffff8fb282524000 RCX: 0000000000000002 [ 5119.170254] RDX: 0000000049000000 RSI: 0000000000000000 RDI: 00001b9780003203 [ 5119.170259] RBP: ffff8fb248217b00 R08: 0000000000000022 R09: 0000000000000009 [ 5119.170262] R10: 2b849d6300000000 R11: 0000000000000020 R12: 0000000000000000 [ 5119.170265] R13: 0000000000001000 R14: 0000000000000009 R15: 0000000000000000 [ 5119.170269] FS:  0000000000000000(0000) GS:ffff8fb1201c0000(0000) knlGS:0000000000000000 [ 5119.170274] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 5119.170279] CR2: 00001b9780003237 CR3: 00000008f3e1a003 CR4: 00000000007726e0 [ 5119.170283] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 5119.170286] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 5119.170290] PKRU: 55555554 [ 5119.170292] Call Trace: [ 5119.170298]  iavf_clean_rx_ring+0xad/0x110 [iavf] [ 5119.170324]  iavf_free_rx_resources+0xe/0x50 [iavf] [ 5119.170342]  iavf_free_all_rx_resources.part.51+0x30/0x40 [iavf] [ 5119.170358]  iavf_virtchnl_completion+0xd8a/0x15b0 [iavf] [ 5119.170377]  ? iavf_clean_arq_element+0x210/0x280 [iavf] [ 5119.170397]  iavf_adminq_task+0x126/0x2e0 [iavf] [ 5119.170416]  process_one_work+0x18f/0x420 [ 5119.170429]  worker_thread+0x30/0x370 [ 5119.170437]  ? process_one_work+0x420/0x420 [ 5119.170445]  kthread+0x151/0x170 [ 5119.170452]  ? set_kthread_struct+0x40/0x40 [ 5119.170460]  ret_from_fork+0x35/0x40 [ 5119.170477] Modules linked in: iavf sctp ip6_udp_tunnel udp_tunnel mlx4_en mlx4_core nfp tls vhost_net vhost vhost_iotlb tap tun xt_CHECKSUM ipt_MASQUERADE xt_conntrack ipt_REJECT nf_reject_ipv4 nft_compat nft_counter nft_chain_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 nf_tables nfnetlink bridge stp llc rpcsec_gss_krb5 auth_rpcgss nfsv4 dns_resolver nfs lockd grace fscache sunrpc intel_rapl_msr iTCO_wdt iTCO_vendor_support dell_smbios wmi_bmof dell_wmi_descriptor dcdbas kvm_intel kvm irqbypass intel_rapl_common isst_if_common skx_edac irdma nfit libnvdimm x86_pkg_temp_thermal i40e intel_powerclamp coretemp crct10dif_pclmul crc32_pclmul ghash_clmulni_intel ib_uverbs rapl ipmi_ssif intel_cstate intel_uncore mei_me pcspkr acpi_ipmi ib_core mei lpc_ich i2c_i801 ipmi_si ipmi_devintf wmi ipmi_msghandler acpi_power_meter xfs libcrc32c sd_mod t10_pi sg mgag200 drm_kms_helper syscopyarea sysfillrect sysimgblt fb_sys_fops ice ahci drm libahci crc32c_intel libata tg3 megaraid_sas [ 5119.170613]  i2c_algo_bit dm_mirror dm_region_hash dm_log dm_mod fuse [last unloaded: iavf] [ 5119.170627] CR2: 00001b9780003237","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49722.json","reference_id":"","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49722.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49722","reference_id":"","reference_type":"","scores":[{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.0688","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49722"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2348117","reference_id":"2348117","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2348117"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6460","reference_id":"RHSA-2022:6460","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6460"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6610","reference_id":"RHSA-2022:6610","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6610"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-49722"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v72v-aj27-27ap"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73202?format=json","vulnerability_id":"VCID-v94w-zmmh-87bh","summary":"kernel: tcp_metrics: use dst_dev_net_rcu()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40075.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40075.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2406780","reference_id":"2406780","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2406780"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2025-40075"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v94w-zmmh-87bh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83274?format=json","vulnerability_id":"VCID-vak5-aa8n-s7dw","summary":"kernel: x86/mm/pat: Fix VM_PAT handling when fork() fails in copy_page_range()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-22090.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-22090.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2360286","reference_id":"2360286","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2360286"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-22090"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vak5-aa8n-s7dw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87404?format=json","vulnerability_id":"VCID-vas8-fy9j-abdy","summary":"In the Linux kernel, the following vulnerability has been resolved:  RDMA/hns: Fix UAF for cq async event  The refcount of CQ is not protected by locks. When CQ asynchronous events and CQ destruction are concurrent, CQ may have been released, which will cause UAF.  Use the xa_lock() to protect the CQ refcount.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38545.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38545.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2293454","reference_id":"2293454","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2293454"},{"reference_url":"https://git.kernel.org/stable/c/330c825e66ef65278e4ebe57fd49c1d6f3f4e34e","reference_id":"330c825e66ef65278e4ebe57fd49c1d6f3f4e34e","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:15:07Z/"}],"url":"https://git.kernel.org/stable/c/330c825e66ef65278e4ebe57fd49c1d6f3f4e34e"},{"reference_url":"https://git.kernel.org/stable/c/37a7559dc1358a8d300437e99ed8ecdab0671507","reference_id":"37a7559dc1358a8d300437e99ed8ecdab0671507","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:15:07Z/"}],"url":"https://git.kernel.org/stable/c/37a7559dc1358a8d300437e99ed8ecdab0671507"},{"reference_url":"https://git.kernel.org/stable/c/39d26cf46306bdc7ae809ecfdbfeff5aa1098911","reference_id":"39d26cf46306bdc7ae809ecfdbfeff5aa1098911","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:15:07Z/"}],"url":"https://git.kernel.org/stable/c/39d26cf46306bdc7ae809ecfdbfeff5aa1098911"},{"reference_url":"https://git.kernel.org/stable/c/63da190eeb5c9d849b71f457b15b308c94cbaf08","reference_id":"63da190eeb5c9d849b71f457b15b308c94cbaf08","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:15:07Z/"}],"url":"https://git.kernel.org/stable/c/63da190eeb5c9d849b71f457b15b308c94cbaf08"},{"reference_url":"https://git.kernel.org/stable/c/763780ef0336a973e933e40e919339381732dcaf","reference_id":"763780ef0336a973e933e40e919339381732dcaf","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:15:07Z/"}],"url":"https://git.kernel.org/stable/c/763780ef0336a973e933e40e919339381732dcaf"},{"reference_url":"https://git.kernel.org/stable/c/a942ec2745ca864cd8512142100e4027dc306a42","reference_id":"a942ec2745ca864cd8512142100e4027dc306a42","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:15:07Z/"}],"url":"https://git.kernel.org/stable/c/a942ec2745ca864cd8512142100e4027dc306a42"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-38545"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vas8-fy9j-abdy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/68289?format=json","vulnerability_id":"VCID-vbwa-vbuk-rket","summary":"kernel: sched/deadline: only set free_cpus for online runqueues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68780.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68780.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2429029","reference_id":"2429029","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2429029"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-68780"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vbwa-vbuk-rket"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84971?format=json","vulnerability_id":"VCID-vcfu-tu2u-9bef","summary":"kernel: ipv6: mcast: add RCU protection to mld_newpack()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21758.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21758.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2348531","reference_id":"2348531","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2348531"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-21758"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vcfu-tu2u-9bef"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85665?format=json","vulnerability_id":"VCID-vg21-yrdf-q3g7","summary":"kernel: net: reenable NETIF_F_IPV6_CSUM offload for BIG TCP packets","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21629.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21629.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2338186","reference_id":"2338186","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2338186"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-21629"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vg21-yrdf-q3g7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69174?format=json","vulnerability_id":"VCID-vkpq-cp8f-zkhk","summary":"kernel: HSI: ssi_protocol: fix potential resource leak in ssip_pn_open()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50708.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50708.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50708","reference_id":"","reference_type":"","scores":[{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.08126","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50708"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2424998","reference_id":"2424998","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2424998"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-50708"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vkpq-cp8f-zkhk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/58979?format=json","vulnerability_id":"VCID-vkt4-bbnd-4bbm","summary":"kernel: regulator: core: fix locking in regulator_resolve_supply() error path","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46252.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46252.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2484457","reference_id":"2484457","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2484457"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2026-46252"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vkt4-bbnd-4bbm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85938?format=json","vulnerability_id":"VCID-vn1s-c4rz-kkg8","summary":"In the Linux kernel, the following vulnerability has been resolved:  btrfs: don't drop extent_map for free space inode on write error  While running the CI for an unrelated change I hit the following panic with generic/648 on btrfs_holes_spacecache.  assertion failed: block_start != EXTENT_MAP_HOLE, in fs/btrfs/extent_io.c:1385 ------------[ cut here ]------------ kernel BUG at fs/btrfs/extent_io.c:1385! invalid opcode: 0000 [#1] PREEMPT SMP NOPTI CPU: 1 PID: 2695096 Comm: fsstress Kdump: loaded Tainted: G        W          6.8.0-rc2+ #1 RIP: 0010:__extent_writepage_io.constprop.0+0x4c1/0x5c0 Call Trace:  <TASK>  extent_write_cache_pages+0x2ac/0x8f0  extent_writepages+0x87/0x110  do_writepages+0xd5/0x1f0  filemap_fdatawrite_wbc+0x63/0x90  __filemap_fdatawrite_range+0x5c/0x80  btrfs_fdatawrite_range+0x1f/0x50  btrfs_write_out_cache+0x507/0x560  btrfs_write_dirty_block_groups+0x32a/0x420  commit_cowonly_roots+0x21b/0x290  btrfs_commit_transaction+0x813/0x1360  btrfs_sync_file+0x51a/0x640  __x64_sys_fdatasync+0x52/0x90  do_syscall_64+0x9c/0x190  entry_SYSCALL_64_after_hwframe+0x6e/0x76  This happens because we fail to write out the free space cache in one instance, come back around and attempt to write it again.  However on the second pass through we go to call btrfs_get_extent() on the inode to get the extent mapping.  Because this is a new block group, and with the free space inode we always search the commit root to avoid deadlocking with the tree, we find nothing and return a EXTENT_MAP_HOLE for the requested range.  This happens because the first time we try to write the space cache out we hit an error, and on an error we drop the extent mapping.  This is normal for normal files, but the free space cache inode is special.  We always expect the extent map to be correct.  Thus the second time through we end up with a bogus extent map.  Since we're deprecating this feature, the most straightforward way to fix this is to simply skip dropping the extent map range for this failed range.  I shortened the test by using error injection to stress the area to make it easier to reproduce.  With this patch in place we no longer panic with my error injection test.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26726.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26726.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/02f2b95b00bf57d20320ee168b30fb7f3db8e555","reference_id":"02f2b95b00bf57d20320ee168b30fb7f3db8e555","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-03T18:10:16Z/"}],"url":"https://git.kernel.org/stable/c/02f2b95b00bf57d20320ee168b30fb7f3db8e555"},{"reference_url":"https://git.kernel.org/stable/c/143842584c1237ebc248b2547c29d16bbe400a92","reference_id":"143842584c1237ebc248b2547c29d16bbe400a92","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-03T18:10:16Z/"}],"url":"https://git.kernel.org/stable/c/143842584c1237ebc248b2547c29d16bbe400a92"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2273128","reference_id":"2273128","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2273128"},{"reference_url":"https://git.kernel.org/stable/c/5571e41ec6e56e35f34ae9f5b3a335ef510e0ade","reference_id":"5571e41ec6e56e35f34ae9f5b3a335ef510e0ade","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-03T18:10:16Z/"}],"url":"https://git.kernel.org/stable/c/5571e41ec6e56e35f34ae9f5b3a335ef510e0ade"},{"reference_url":"https://git.kernel.org/stable/c/7bddf18f474f166c19f91b2baf67bf7c5eda03f7","reference_id":"7bddf18f474f166c19f91b2baf67bf7c5eda03f7","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-03T18:10:16Z/"}],"url":"https://git.kernel.org/stable/c/7bddf18f474f166c19f91b2baf67bf7c5eda03f7"},{"reference_url":"https://git.kernel.org/stable/c/a4b7741c8302e28073bfc6dd1c2e73598e5e535e","reference_id":"a4b7741c8302e28073bfc6dd1c2e73598e5e535e","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-03T18:10:16Z/"}],"url":"https://git.kernel.org/stable/c/a4b7741c8302e28073bfc6dd1c2e73598e5e535e"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-26726"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vn1s-c4rz-kkg8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59563?format=json","vulnerability_id":"VCID-vn83-vb44-zyfj","summary":"kernel: ext4: fix e4b bitmap inconsistency reports","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45942.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45942.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482104","reference_id":"2482104","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482104"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-45942"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vn83-vb44-zyfj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59372?format=json","vulnerability_id":"VCID-vnzt-fkhv-f7ez","summary":"kernel: ipvs: do not keep dest_dst if dev is going down","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45917.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45917.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2481951","reference_id":"2481951","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2481951"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-45917"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vnzt-fkhv-f7ez"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63691?format=json","vulnerability_id":"VCID-vpdg-6g9g-puhe","summary":"kernel: ipv6: add NULL checks for idev in SRv6 paths","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23442.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23442.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2454807","reference_id":"2454807","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2454807"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-23442"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vpdg-6g9g-puhe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75307?format=json","vulnerability_id":"VCID-vqbw-uzfc-zfgf","summary":"kernel: scsi: lpfc: Fix use-after-free KFENCE violation during sysfs firmware write","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53282.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53282.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/21681b81b9ae548c5dae7ae00d931197a27f480c","reference_id":"21681b81b9ae548c5dae7ae00d931197a27f480c","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-14T18:08:49Z/"}],"url":"https://git.kernel.org/stable/c/21681b81b9ae548c5dae7ae00d931197a27f480c"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2395659","reference_id":"2395659","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2395659"},{"reference_url":"https://git.kernel.org/stable/c/51ab4eb1a25e73c7fc2ad9026520c4d8369c93cc","reference_id":"51ab4eb1a25e73c7fc2ad9026520c4d8369c93cc","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-14T18:08:49Z/"}],"url":"https://git.kernel.org/stable/c/51ab4eb1a25e73c7fc2ad9026520c4d8369c93cc"},{"reference_url":"https://git.kernel.org/stable/c/8becb97918f04bb177bc9c4e00c2bdb302e00944","reference_id":"8becb97918f04bb177bc9c4e00c2bdb302e00944","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-14T18:08:49Z/"}],"url":"https://git.kernel.org/stable/c/8becb97918f04bb177bc9c4e00c2bdb302e00944"},{"reference_url":"https://git.kernel.org/stable/c/8dfefa8f424ab208e552df1bfd008b732f3d0ad1","reference_id":"8dfefa8f424ab208e552df1bfd008b732f3d0ad1","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-14T18:08:49Z/"}],"url":"https://git.kernel.org/stable/c/8dfefa8f424ab208e552df1bfd008b732f3d0ad1"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-53282"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vqbw-uzfc-zfgf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85861?format=json","vulnerability_id":"VCID-vqkf-4a3h-kug1","summary":"kernel: nvme-rdma: unquiesce admin_q before destroy it","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-49569.json","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-49569.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2337136","reference_id":"2337136","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2337136"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:6966","reference_id":"RHSA-2025:6966","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:6966"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-49569"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vqkf-4a3h-kug1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66892?format=json","vulnerability_id":"VCID-vsge-v2gk-skfu","summary":"kernel: tracing: Add recursion protection in kernel stack trace recording","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23138.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23138.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2439868","reference_id":"2439868","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2439868"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-23138"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vsge-v2gk-skfu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82822?format=json","vulnerability_id":"VCID-vtwr-sqa6-pfd2","summary":"In the Linux kernel, the following vulnerability has been resolved:  x86/mce: Work around an erratum on fast string copy instructions  A rare kernel panic scenario can happen when the following conditions are met due to an erratum on fast string copy instructions:  1) An uncorrected error. 2) That error must be in first cache line of a page. 3) Kernel must execute page_copy from the page immediately before that page.  The fast string copy instructions (\"REP; MOVS*\") could consume an uncorrectable memory error in the cache line _right after_ the desired region to copy and raise an MCE.  Bit 0 of MSR_IA32_MISC_ENABLE can be cleared to disable fast string copy and will avoid such spurious machine checks. However, that is less preferable due to the permanent performance impact. Considering memory poison is rare, it's desirable to keep fast string copy enabled until an MCE is seen.  Intel has confirmed the following: 1. The CPU erratum of fast string copy only applies to Skylake, Cascade Lake and Cooper Lake generations.  Directly return from the MCE handler: 2. Will result in complete execution of the \"REP; MOVS*\" with no data loss or corruption. 3. Will not result in another MCE firing on the next poisoned cache line due to \"REP; MOVS*\". 4. Will resume execution from a correct point in code. 5. Will result in the same instruction that triggered the MCE firing a second MCE immediately for any other software recoverable data fetch errors. 6. Is not safe without disabling the fast string copy, as the next fast string copy of the same buffer on the same CPU would result in a PANIC MCE.  This should mitigate the erratum completely with the only caveat that the fast string copy is disabled on the affected hyper thread thus performance degradation.  This is still better than the OS crashing on MCEs raised on an irrelevant process due to \"REP; MOVS*' accesses in a kernel context, e.g., copy_page.   Injected errors on 1st cache line of 8 anonymous pages of process 'proc1' and observed MCE consumption from 'proc2' with no panic (directly returned).  Without the fix, the host panicked within a few minutes on a random 'proc2' process due to kernel access from copy_page.    [ bp: Fix comment style + touch ups, zap an unlikely(), improve the     quirk function's readability. ]","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49124.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49124.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49124","reference_id":"","reference_type":"","scores":[{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02567","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49124"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2347834","reference_id":"2347834","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2347834"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9315","reference_id":"RHSA-2024:9315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9315"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-49124"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vtwr-sqa6-pfd2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73287?format=json","vulnerability_id":"VCID-vupy-cyum-qyhv","summary":"kernel: riscv: move memblock_allow_resize() after linear mapping is ready","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53699.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53699.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2405721","reference_id":"2405721","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2405721"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-53699"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vupy-cyum-qyhv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64367?format=json","vulnerability_id":"VCID-vv92-dwsu-tqdj","summary":"kernel: net: sched: avoid qdisc_reset_all_tx_gt() vs dequeue race for lockless qdiscs","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23340.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23340.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451180","reference_id":"2451180","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451180"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2026-23340"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vv92-dwsu-tqdj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80105?format=json","vulnerability_id":"VCID-vvrv-ghfm-37hx","summary":"kernel: soundwire: revisit driver bind/unbind and callbacks","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50144.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50144.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50144","reference_id":"","reference_type":"","scores":[{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20287","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50144"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2373559","reference_id":"2373559","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2373559"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-50144"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vvrv-ghfm-37hx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82127?format=json","vulnerability_id":"VCID-vx75-7ap9-3uhu","summary":"In the Linux kernel, the following vulnerability has been resolved:  ibmvnic: don't release napi in __ibmvnic_open()  If __ibmvnic_open() encounters an error such as when setting link state, it calls release_resources() which frees the napi structures needlessly. Instead, have __ibmvnic_open() only clean up the work it did so far (i.e. disable napi and irqs) and leave the rest to the callers.  If caller of __ibmvnic_open() is ibmvnic_open(), it should release the resources immediately. If the caller is do_reset() or do_hard_reset(), they will release the resources on the next reset.  This fixes following crash that occurred when running the drmgr command several times to add/remove a vnic interface:  \t[102056] ibmvnic 30000003 env3: Disabling rx_scrq[6] irq \t[102056] ibmvnic 30000003 env3: Disabling rx_scrq[7] irq \t[102056] ibmvnic 30000003 env3: Replenished 8 pools \tKernel attempted to read user page (10) - exploit attempt? (uid: 0) \tBUG: Kernel NULL pointer dereference on read at 0x00000010 \tFaulting instruction address: 0xc000000000a3c840 \tOops: Kernel access of bad area, sig: 11 [#1] \tLE PAGE_SIZE=64K MMU=Radix SMP NR_CPUS=2048 NUMA pSeries \t... \tCPU: 9 PID: 102056 Comm: kworker/9:2 Kdump: loaded Not tainted 5.16.0-rc5-autotest-g6441998e2e37 #1 \tWorkqueue: events_long __ibmvnic_reset [ibmvnic] \tNIP:  c000000000a3c840 LR: c0080000029b5378 CTR: c000000000a3c820 \tREGS: c0000000548e37e0 TRAP: 0300   Not tainted  (5.16.0-rc5-autotest-g6441998e2e37) \tMSR:  8000000000009033 <SF,EE,ME,IR,DR,RI,LE>  CR: 28248484  XER: 00000004 \tCFAR: c0080000029bdd24 DAR: 0000000000000010 DSISR: 40000000 IRQMASK: 0 \tGPR00: c0080000029b55d0 c0000000548e3a80 c0000000028f0200 0000000000000000 \t... \tNIP [c000000000a3c840] napi_enable+0x20/0xc0 \tLR [c0080000029b5378] __ibmvnic_open+0xf0/0x430 [ibmvnic] \tCall Trace: \t[c0000000548e3a80] [0000000000000006] 0x6 (unreliable) \t[c0000000548e3ab0] [c0080000029b55d0] __ibmvnic_open+0x348/0x430 [ibmvnic] \t[c0000000548e3b40] [c0080000029bcc28] __ibmvnic_reset+0x500/0xdf0 [ibmvnic] \t[c0000000548e3c60] [c000000000176228] process_one_work+0x288/0x570 \t[c0000000548e3d00] [c000000000176588] worker_thread+0x78/0x660 \t[c0000000548e3da0] [c0000000001822f0] kthread+0x1c0/0x1d0 \t[c0000000548e3e10] [c00000000000cf64] ret_from_kernel_thread+0x5c/0x64 \tInstruction dump: \t7d2948f8 792307e0 4e800020 60000000 3c4c01eb 384239e0 f821ffd1 39430010 \t38a0fff6 e92d1100 f9210028 39200000 <e9030010> f9010020 60420000 e9210020 \t---[ end trace 5f8033b08fd27706 ]---","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48811.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48811.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-48811","reference_id":"","reference_type":"","scores":[{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.08521","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-48811"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2298147","reference_id":"2298147","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2298147"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-48811"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vx75-7ap9-3uhu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/76812?format=json","vulnerability_id":"VCID-vxe2-m4at-yfbk","summary":"kernel: PCI: pnv_php: Fix surprise plug detection and recovery","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38623.json","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38623.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2390402","reference_id":"2390402","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2390402"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-38623"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vxe2-m4at-yfbk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59320?format=json","vulnerability_id":"VCID-vxpa-m3jt-8uet","summary":"kernel: bpf: fix end-of-list detection in cgroup_storage_get_next_key()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45838.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45838.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2481870","reference_id":"2481870","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2481870"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2026-45838"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vxpa-m3jt-8uet"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72258?format=json","vulnerability_id":"VCID-vy7x-yr9y-jbfy","summary":"kernel: bpf: Enforce expected_attach_type for tailcall compatibility","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40123.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40123.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2414511","reference_id":"2414511","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2414511"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-40123"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vy7x-yr9y-jbfy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84581?format=json","vulnerability_id":"VCID-vz5s-3zja-83e6","summary":"In the Linux kernel, the following vulnerability has been resolved:  KVM: s390: vsie: fix race during shadow creation  Right now it is possible to see gmap->private being zero in kvm_s390_vsie_gmap_notifier resulting in a crash.  This is due to the fact that we add gmap->private == kvm after creation:  static int acquire_gmap_shadow(struct kvm_vcpu *vcpu,                                struct vsie_page *vsie_page) { [...]         gmap = gmap_shadow(vcpu->arch.gmap, asce, edat);         if (IS_ERR(gmap))                 return PTR_ERR(gmap);         gmap->private = vcpu->kvm;  Let children inherit the private field of the parent.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52639.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52639.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2273080","reference_id":"2273080","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2273080"},{"reference_url":"https://git.kernel.org/stable/c/28bb27824f25f36e5f80229a358d66ee09244082","reference_id":"28bb27824f25f36e5f80229a358d66ee09244082","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:53:10Z/"}],"url":"https://git.kernel.org/stable/c/28bb27824f25f36e5f80229a358d66ee09244082"},{"reference_url":"https://git.kernel.org/stable/c/5df3b81a567eb565029563f26f374ae3803a1dfc","reference_id":"5df3b81a567eb565029563f26f374ae3803a1dfc","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:53:10Z/"}],"url":"https://git.kernel.org/stable/c/5df3b81a567eb565029563f26f374ae3803a1dfc"},{"reference_url":"https://git.kernel.org/stable/c/f5572c0323cf8b4f1f0618178648a25b8fb8a380","reference_id":"f5572c0323cf8b4f1f0618178648a25b8fb8a380","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:53:10Z/"}],"url":"https://git.kernel.org/stable/c/f5572c0323cf8b4f1f0618178648a25b8fb8a380"},{"reference_url":"https://git.kernel.org/stable/c/fe752331d4b361d43cfd0b89534b4b2176057c32","reference_id":"fe752331d4b361d43cfd0b89534b4b2176057c32","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:53:10Z/"}],"url":"https://git.kernel.org/stable/c/fe752331d4b361d43cfd0b89534b4b2176057c32"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3855","reference_id":"RHSA-2024:3855","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3855"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4740","reference_id":"RHSA-2024:4740","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4740"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5257","reference_id":"RHSA-2024:5257","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5257"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-52639"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vz5s-3zja-83e6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81392?format=json","vulnerability_id":"VCID-w3kn-4sdr-y7dm","summary":"In the Linux kernel, the following vulnerability has been resolved:  net: stmmac: Disable Tx queues when reconfiguring the interface  The Tx queues were not disabled in situations where the driver needed to stop the interface to apply a new configuration. This could result in a kernel panic when doing any of the 3 following actions: * reconfiguring the number of queues (ethtool -L) * reconfiguring the size of the ring buffers (ethtool -G) * installing/removing an XDP program (ip l set dev ethX xdp)  Prevent the panic by making sure netif_tx_disable is called when stopping an interface.  Without this patch, the following kernel panic can be observed when doing any of the actions above:  Unable to handle kernel paging request at virtual address ffff80001238d040 [....]  Call trace:   dwmac4_set_addr+0x8/0x10   dev_hard_start_xmit+0xe4/0x1ac   sch_direct_xmit+0xe8/0x39c   __dev_queue_xmit+0x3ec/0xaf0   dev_queue_xmit+0x14/0x20 [...] [ end trace 0000000000000002 ]---","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47558.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47558.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-47558","reference_id":"","reference_type":"","scores":[{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.09302","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-47558"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2283391","reference_id":"2283391","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2283391"},{"reference_url":"https://git.kernel.org/stable/c/a92f0eebb8dc008b9e8c51c6f7b8c93b27a29a43","reference_id":"a92f0eebb8dc008b9e8c51c6f7b8c93b27a29a43","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-10T18:51:23Z/"}],"url":"https://git.kernel.org/stable/c/a92f0eebb8dc008b9e8c51c6f7b8c93b27a29a43"},{"reference_url":"https://git.kernel.org/stable/c/b270bfe697367776eca2e6759a71d700fb8d82a2","reference_id":"b270bfe697367776eca2e6759a71d700fb8d82a2","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-10T18:51:23Z/"}],"url":"https://git.kernel.org/stable/c/b270bfe697367776eca2e6759a71d700fb8d82a2"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2021-47558"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w3kn-4sdr-y7dm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59906?format=json","vulnerability_id":"VCID-w3nj-xu1p-bfe4","summary":"kernel: Bluetooth: L2CAP: Fix null-ptr-deref in l2cap_sock_get_sndtimeo_cb()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45836.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45836.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2481545","reference_id":"2481545","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2481545"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-45836"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w3nj-xu1p-bfe4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60696?format=json","vulnerability_id":"VCID-w43a-kbdu-3bhm","summary":"kernel: xfrm: Wait for RCU readers during policy netns exit","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43091.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43091.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2466983","reference_id":"2466983","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2466983"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-43091"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w43a-kbdu-3bhm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79760?format=json","vulnerability_id":"VCID-w582-7cs3-z7gc","summary":"kernel: serial: mctrl_gpio: split disable_ms into sync and no_sync APIs","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38040.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38040.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2373385","reference_id":"2373385","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2373385"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-38040"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w582-7cs3-z7gc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60611?format=json","vulnerability_id":"VCID-w5a1-myx4-a3b1","summary":"kernel: nvme-pci: Fix race bug in nvme_poll_irqdisable()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43448.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43448.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2468248","reference_id":"2468248","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2468248"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2026-43448"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w5a1-myx4-a3b1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59574?format=json","vulnerability_id":"VCID-w5uk-j54e-gqau","summary":"kernel: rxrpc: Fix conn-level packet handling to unshare RESPONSE packets","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46000.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46000.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482110","reference_id":"2482110","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482110"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-46000"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w5uk-j54e-gqau"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82855?format=json","vulnerability_id":"VCID-w8aj-2yx4-gqa9","summary":"In the Linux kernel, the following vulnerability has been resolved:  scsi: qla2xxx: Fix warning message due to adisc being flushed  Fix warning message due to adisc being flushed.  Linux kernel triggered a warning message where a different error code type is not matching up with the expected type. Add additional translation of one error code type to another.  WARNING: CPU: 2 PID: 1131623 at drivers/scsi/qla2xxx/qla_init.c:498 qla2x00_async_adisc_sp_done+0x294/0x2b0 [qla2xxx] CPU: 2 PID: 1131623 Comm: drmgr Not tainted 5.13.0-rc1-autotest #1 .. GPR28: c000000aaa9c8890 c0080000079ab678 c00000140a104800 c00000002bd19000 NIP [c00800000790857c] qla2x00_async_adisc_sp_done+0x294/0x2b0 [qla2xxx] LR [c008000007908578] qla2x00_async_adisc_sp_done+0x290/0x2b0 [qla2xxx] Call Trace: [c00000001cdc3620] [c008000007908578] qla2x00_async_adisc_sp_done+0x290/0x2b0 [qla2xxx] (unreliable) [c00000001cdc3710] [c0080000078f3080] __qla2x00_abort_all_cmds+0x1b8/0x580 [qla2xxx] [c00000001cdc3840] [c0080000078f589c] qla2x00_abort_all_cmds+0x34/0xd0 [qla2xxx] [c00000001cdc3880] [c0080000079153d8] qla2x00_abort_isp_cleanup+0x3f0/0x570 [qla2xxx] [c00000001cdc3920] [c0080000078fb7e8] qla2x00_remove_one+0x3d0/0x480 [qla2xxx] [c00000001cdc39b0] [c00000000071c274] pci_device_remove+0x64/0x120 [c00000001cdc39f0] [c0000000007fb818] device_release_driver_internal+0x168/0x2a0 [c00000001cdc3a30] [c00000000070e304] pci_stop_bus_device+0xb4/0x100 [c00000001cdc3a70] [c00000000070e4f0] pci_stop_and_remove_bus_device+0x20/0x40 [c00000001cdc3aa0] [c000000000073940] pci_hp_remove_devices+0x90/0x130 [c00000001cdc3b30] [c0080000070704d0] disable_slot+0x38/0x90 [rpaphp] [ c00000001cdc3b60] [c00000000073eb4c] power_write_file+0xcc/0x180 [c00000001cdc3be0] [c0000000007354bc] pci_slot_attr_store+0x3c/0x60 [c00000001cdc3c00] [c00000000055f820] sysfs_kf_write+0x60/0x80 [c00000001cdc3c20] [c00000000055df10] kernfs_fop_write_iter+0x1a0/0x290 [c00000001cdc3c70] [c000000000447c4c] new_sync_write+0x14c/0x1d0 [c00000001cdc3d10] [c00000000044b134] vfs_write+0x224/0x330 [c00000001cdc3d60] [c00000000044b3f4] ksys_write+0x74/0x130 [c00000001cdc3db0] [c00000000002df70] system_call_exception+0x150/0x2d0 [c00000001cdc3e10] [c00000000000d45c] system_call_common+0xec/0x278","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49158.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49158.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49158","reference_id":"","reference_type":"","scores":[{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00663","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49158"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2348055","reference_id":"2348055","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2348055"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7683","reference_id":"RHSA-2022:7683","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7683"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8267","reference_id":"RHSA-2022:8267","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8267"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-49158"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w8aj-2yx4-gqa9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88930?format=json","vulnerability_id":"VCID-w9p2-je5u-4bca","summary":"In the Linux kernel, the following vulnerability has been resolved:  userfaultfd: fix checks for huge PMDs  Patch series \"userfaultfd: fix races around pmd_trans_huge() check\", v2.  The pmd_trans_huge() code in mfill_atomic() is wrong in three different ways depending on kernel version:  1. The pmd_trans_huge() check is racy and can lead to a BUG_ON() (if you hit    the right two race windows) - I've tested this in a kernel build with    some extra mdelay() calls. See the commit message for a description    of the race scenario.    On older kernels (before 6.5), I think the same bug can even    theoretically lead to accessing transhuge page contents as a page table    if you hit the right 5 narrow race windows (I haven't tested this case). 2. As pointed out by Qi Zheng, pmd_trans_huge() is not sufficient for    detecting PMDs that don't point to page tables.    On older kernels (before 6.5), you'd just have to win a single fairly    wide race to hit this.    I've tested this on 6.1 stable by racing migration (with a mdelay()    patched into try_to_migrate()) against UFFDIO_ZEROPAGE - on my x86    VM, that causes a kernel oops in ptlock_ptr(). 3. On newer kernels (>=6.5), for shmem mappings, khugepaged is allowed    to yank page tables out from under us (though I haven't tested that),    so I think the BUG_ON() checks in mfill_atomic() are just wrong.  I decided to write two separate fixes for these (one fix for bugs 1+2, one fix for bug 3), so that the first fix can be backported to kernels affected by bugs 1+2.   This patch (of 2):  This fixes two issues.  I discovered that the following race can occur:    mfill_atomic                other thread   ============                ============                               <zap PMD>   pmdp_get_lockless() [reads none pmd]   <bail if trans_huge>   <if none:>                               <pagefault creates transhuge zeropage>     __pte_alloc [no-op]                               <zap PMD>   <bail if pmd_trans_huge(*dst_pmd)>   BUG_ON(pmd_none(*dst_pmd))  I have experimentally verified this in a kernel with extra mdelay() calls; the BUG_ON(pmd_none(*dst_pmd)) triggers.  On kernels newer than commit 0d940a9b270b (\"mm/pgtable: allow pte_offset_map[_lock]() to fail\"), this can't lead to anything worse than a BUG_ON(), since the page table access helpers are actually designed to deal with page tables concurrently disappearing; but on older kernels (<=6.4), I think we could probably theoretically race past the two BUG_ON() checks and end up treating a hugepage as a page table.  The second issue is that, as Qi Zheng pointed out, there are other types of huge PMDs that pmd_trans_huge() can't catch: devmap PMDs and swap PMDs (in particular, migration PMDs).  On <=6.4, this is worse than the first issue: If mfill_atomic() runs on a PMD that contains a migration entry (which just requires winning a single, fairly wide race), it will pass the PMD to pte_offset_map_lock(), which assumes that the PMD points to a page table.  Breakage follows: First, the kernel tries to take the PTE lock (which will crash or maybe worse if there is no \"struct page\" for the address bits in the migration entry PMD - I think at least on X86 there usually is no corresponding \"struct page\" thanks to the PTE inversion mitigation, amd64 looks different).  If that didn't crash, the kernel would next try to write a PTE into what it wrongly thinks is a page table.  As part of fixing these issues, get rid of the check for pmd_trans_huge() before __pte_alloc() - that's redundant, we're going to have to check for that after the __pte_alloc() anyway.  Backport note: pmdp_get_lockless() is pmd_read_atomic() in older kernels.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-46787.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-46787.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2313135","reference_id":"2313135","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2313135"},{"reference_url":"https://git.kernel.org/stable/c/3c6b4bcf37845c9359aed926324bed66bdd2448d","reference_id":"3c6b4bcf37845c9359aed926324bed66bdd2448d","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:28:53Z/"}],"url":"https://git.kernel.org/stable/c/3c6b4bcf37845c9359aed926324bed66bdd2448d"},{"reference_url":"https://git.kernel.org/stable/c/71c186efc1b2cf1aeabfeff3b9bd5ac4c5ac14d8","reference_id":"71c186efc1b2cf1aeabfeff3b9bd5ac4c5ac14d8","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:28:53Z/"}],"url":"https://git.kernel.org/stable/c/71c186efc1b2cf1aeabfeff3b9bd5ac4c5ac14d8"},{"reference_url":"https://git.kernel.org/stable/c/98cc18b1b71e23fe81a5194ed432b20c2d81a01a","reference_id":"98cc18b1b71e23fe81a5194ed432b20c2d81a01a","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T14:28:53Z/"}],"url":"https://git.kernel.org/stable/c/98cc18b1b71e23fe81a5194ed432b20c2d81a01a"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:6966","reference_id":"RHSA-2025:6966","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:6966"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-46787"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w9p2-je5u-4bca"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85534?format=json","vulnerability_id":"VCID-w9u4-m7t4-cqad","summary":"A race condition was found in the Linux kernel's scsi device driver in lpfc_unregister_fcf_rescan() function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24855.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24855.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2262983","reference_id":"2262983","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2262983"},{"reference_url":"https://bugzilla.openanolis.cn/show_bug.cgi?id=8149","reference_id":"show_bug.cgi?id=8149","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T16:37:53Z/"}],"url":"https://bugzilla.openanolis.cn/show_bug.cgi?id=8149"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-24855"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w9u4-m7t4-cqad"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59270?format=json","vulnerability_id":"VCID-wadr-eufn-bubc","summary":"kernel: btrfs: fix missing last_unlink_trans update when removing a directory","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46160.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46160.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482647","reference_id":"2482647","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482647"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2026-46160"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wadr-eufn-bubc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79659?format=json","vulnerability_id":"VCID-war3-svzv-skdd","summary":"kernel: espintcp: fix skb leaks","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38057.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38057.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2373338","reference_id":"2373338","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2373338"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-38057"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-war3-svzv-skdd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81087?format=json","vulnerability_id":"VCID-wcpx-aj5f-5kc9","summary":"In the Linux kernel, the following vulnerability has been resolved:  bcache: avoid oversized read request in cache missing code path  In the cache missing code path of cached device, if a proper location from the internal B+ tree is matched for a cache miss range, function cached_dev_cache_miss() will be called in cache_lookup_fn() in the following code block, [code block 1]   526         unsigned int sectors = KEY_INODE(k) == s->iop.inode   527                 ? min_t(uint64_t, INT_MAX,   528                         KEY_START(k) - bio->bi_iter.bi_sector)   529                 : INT_MAX;   530         int ret = s->d->cache_miss(b, s, bio, sectors);  Here s->d->cache_miss() is the call backfunction pointer initialized as cached_dev_cache_miss(), the last parameter 'sectors' is an important hint to calculate the size of read request to backing device of the missing cache data.  Current calculation in above code block may generate oversized value of 'sectors', which consequently may trigger 2 different potential kernel panics by BUG() or BUG_ON() as listed below,  1) BUG_ON() inside bch_btree_insert_key(), [code block 2]    886         BUG_ON(b->ops->is_extents && !KEY_SIZE(k)); 2) BUG() inside biovec_slab(), [code block 3]    51         default:    52                 BUG();    53                 return NULL;  All the above panics are original from cached_dev_cache_miss() by the oversized parameter 'sectors'.  Inside cached_dev_cache_miss(), parameter 'sectors' is used to calculate the size of data read from backing device for the cache missing. This size is stored in s->insert_bio_sectors by the following lines of code, [code block 4]   909    s->insert_bio_sectors = min(sectors, bio_sectors(bio) + reada);  Then the actual key inserting to the internal B+ tree is generated and stored in s->iop.replace_key by the following lines of code, [code block 5]   911   s->iop.replace_key = KEY(s->iop.inode,   912                    bio->bi_iter.bi_sector + s->insert_bio_sectors,   913                    s->insert_bio_sectors); The oversized parameter 'sectors' may trigger panic 1) by BUG_ON() from the above code block.  And the bio sending to backing device for the missing data is allocated with hint from s->insert_bio_sectors by the following lines of code, [code block 6]   926    cache_bio = bio_alloc_bioset(GFP_NOWAIT,   927                 DIV_ROUND_UP(s->insert_bio_sectors, PAGE_SECTORS),   928                 &dc->disk.bio_split); The oversized parameter 'sectors' may trigger panic 2) by BUG() from the agove code block.  Now let me explain how the panics happen with the oversized 'sectors'. In code block 5, replace_key is generated by macro KEY(). From the definition of macro KEY(), [code block 7]   71 #define KEY(inode, offset, size)                                  \\   72 ((struct bkey) {                                                  \\   73      .high = (1ULL << 63) | ((__u64) (size) << 20) | (inode),     \\   74      .low = (offset)                                              \\   75 })  Here 'size' is 16bits width embedded in 64bits member 'high' of struct bkey. But in code block 1, if \"KEY_START(k) - bio->bi_iter.bi_sector\" is very probably to be larger than (1<<16) - 1, which makes the bkey size calculation in code block 5 is overflowed. In one bug report the value of parameter 'sectors' is 131072 (= 1 << 17), the overflowed 'sectors' results the overflowed s->insert_bio_sectors in code block 4, then makes size field of s->iop.replace_key to be 0 in code block 5. Then the 0- sized s->iop.replace_key is inserted into the internal B+ tree as cache missing check key (a special key to detect and avoid a racing between normal write request and cache missing read request) as, [code block 8]   915   ret = bch_btree_insert_check_key(b, &s->op, &s->iop.replace_key);  Then the 0-sized s->iop.replace_key as 3rd parameter triggers the bkey size check BUG_ON() in code block 2, and causes the kernel panic 1).  Another ke ---truncated---","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47275.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47275.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-47275","reference_id":"","reference_type":"","scores":[{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04302","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-47275"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2282524","reference_id":"2282524","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2282524"},{"reference_url":"https://git.kernel.org/stable/c/41fe8d088e96472f63164e213de44ec77be69478","reference_id":"41fe8d088e96472f63164e213de44ec77be69478","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-21T18:49:16Z/"}],"url":"https://git.kernel.org/stable/c/41fe8d088e96472f63164e213de44ec77be69478"},{"reference_url":"https://git.kernel.org/stable/c/555002a840ab88468e252b0eedf0b05e2ce7099c","reference_id":"555002a840ab88468e252b0eedf0b05e2ce7099c","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-21T18:49:16Z/"}],"url":"https://git.kernel.org/stable/c/555002a840ab88468e252b0eedf0b05e2ce7099c"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2021-47275"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wcpx-aj5f-5kc9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61407?format=json","vulnerability_id":"VCID-we1y-vsvr-juay","summary":"kernel: f2fs: fix UAF caused by decrementing sbi->nr_pages[] in f2fs_write_end_io()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31715.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31715.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2464359","reference_id":"2464359","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2464359"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-31715"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-we1y-vsvr-juay"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88016?format=json","vulnerability_id":"VCID-wf7a-4euk-fkhx","summary":"kernel: drm/amd/display: Check null-initialized variables","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-49898.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-49898.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/115b1a3b0944b4d8ef0b4b0c5a625bdd9474131f","reference_id":"115b1a3b0944b4d8ef0b4b0c5a625bdd9474131f","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:43:17Z/"}],"url":"https://git.kernel.org/stable/c/115b1a3b0944b4d8ef0b4b0c5a625bdd9474131f"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2320437","reference_id":"2320437","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2320437"},{"reference_url":"https://git.kernel.org/stable/c/26d262b79a3587aaa84368586a55e9026c67841b","reference_id":"26d262b79a3587aaa84368586a55e9026c67841b","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:43:17Z/"}],"url":"https://git.kernel.org/stable/c/26d262b79a3587aaa84368586a55e9026c67841b"},{"reference_url":"https://git.kernel.org/stable/c/367cd9ceba1933b63bc1d87d967baf6d9fd241d2","reference_id":"367cd9ceba1933b63bc1d87d967baf6d9fd241d2","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:43:17Z/"}],"url":"https://git.kernel.org/stable/c/367cd9ceba1933b63bc1d87d967baf6d9fd241d2"},{"reference_url":"https://git.kernel.org/stable/c/3fc70ae048fe0936761b73b50700a810ff61e853","reference_id":"3fc70ae048fe0936761b73b50700a810ff61e853","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:43:17Z/"}],"url":"https://git.kernel.org/stable/c/3fc70ae048fe0936761b73b50700a810ff61e853"},{"reference_url":"https://git.kernel.org/stable/c/c3a3b6d9a9383e3c1a4a08878ba5046e68647595","reference_id":"c3a3b6d9a9383e3c1a4a08878ba5046e68647595","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:43:17Z/"}],"url":"https://git.kernel.org/stable/c/c3a3b6d9a9383e3c1a4a08878ba5046e68647595"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-49898"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wf7a-4euk-fkhx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66942?format=json","vulnerability_id":"VCID-wjmf-7b1n-efdx","summary":"kernel: ALSA: usb-audio: Prevent excessive number of frames","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23208.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23208.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2439906","reference_id":"2439906","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2439906"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2026-23208"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wjmf-7b1n-efdx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82653?format=json","vulnerability_id":"VCID-wjqb-zpk8-kugs","summary":"kernel: blk-mq: Fix kmemleak in blk_mq_init_allocated_queue","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49901.json","reference_id":"","reference_type":"","scores":[{"value":"4.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49901.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49901","reference_id":"","reference_type":"","scores":[{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22384","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49901"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2363450","reference_id":"2363450","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2363450"},{"reference_url":"https://git.kernel.org/stable/c/2dc97e15a54b7bdf457848aa8c663c98a24e58a6","reference_id":"2dc97e15a54b7bdf457848aa8c663c98a24e58a6","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T14:59:17Z/"}],"url":"https://git.kernel.org/stable/c/2dc97e15a54b7bdf457848aa8c663c98a24e58a6"},{"reference_url":"https://git.kernel.org/stable/c/943f45b9399ed8b2b5190cbc797995edaa97f58f","reference_id":"943f45b9399ed8b2b5190cbc797995edaa97f58f","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T14:59:17Z/"}],"url":"https://git.kernel.org/stable/c/943f45b9399ed8b2b5190cbc797995edaa97f58f"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-49901"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wjqb-zpk8-kugs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80707?format=json","vulnerability_id":"VCID-wkmk-s4ka-g3c6","summary":"In the Linux kernel, the following vulnerability has been resolved:  ALSA: hda: intel-sdw-acpi: harden detection of controller  The existing code currently sets a pointer to an ACPI handle before checking that it's actually a SoundWire controller. This can lead to issues where the graph walk continues and eventually fails, but the pointer was set already.  This patch changes the logic so that the information provided to the caller is set when a controller is found.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46926.json","reference_id":"","reference_type":"","scores":[{"value":"2.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46926.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-46926","reference_id":"","reference_type":"","scores":[{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02929","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-46926"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2266370","reference_id":"2266370","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2266370"},{"reference_url":"https://git.kernel.org/stable/c/385f287f9853da402d94278e59f594501c1d1dad","reference_id":"385f287f9853da402d94278e59f594501c1d1dad","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:02:04Z/"}],"url":"https://git.kernel.org/stable/c/385f287f9853da402d94278e59f594501c1d1dad"},{"reference_url":"https://git.kernel.org/stable/c/cce476954401e3421afafb25bbaa926050688b1d","reference_id":"cce476954401e3421afafb25bbaa926050688b1d","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:02:04Z/"}],"url":"https://git.kernel.org/stable/c/cce476954401e3421afafb25bbaa926050688b1d"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2021-46926"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wkmk-s4ka-g3c6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82234?format=json","vulnerability_id":"VCID-wknj-y3xb-1yg7","summary":"kernel: bonding: restore bond's IFF_SLAVE flag if a non-eth dev enslave fails","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53103.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53103.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2363728","reference_id":"2363728","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2363728"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6583","reference_id":"RHSA-2023:6583","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6583"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3138","reference_id":"RHSA-2024:3138","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3138"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-53103"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wknj-y3xb-1yg7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70456?format=json","vulnerability_id":"VCID-wkzt-yrqg-gyay","summary":"kernel: kcsan: Avoid READ_ONCE() in read_instrumented_memory()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53742.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53742.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2419929","reference_id":"2419929","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2419929"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-53742"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wkzt-yrqg-gyay"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83118?format=json","vulnerability_id":"VCID-wnd2-9jrd-nya2","summary":"In the Linux kernel, the following vulnerability has been resolved:  net: ethernet: bgmac: Fix refcount leak in bcma_mdio_mii_register  of_get_child_by_name() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_node_put() to avoid refcount leak.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49342.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49342.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49342","reference_id":"","reference_type":"","scores":[{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02103","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49342"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2347680","reference_id":"2347680","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2347680"},{"reference_url":"https://git.kernel.org/stable/c/7fb1fe7d9a167205413f1de8db9f7d0f82c78286","reference_id":"7fb1fe7d9a167205413f1de8db9f7d0f82c78286","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:43:03Z/"}],"url":"https://git.kernel.org/stable/c/7fb1fe7d9a167205413f1de8db9f7d0f82c78286"},{"reference_url":"https://git.kernel.org/stable/c/b51996e35bbfcc7a27d94dfeed5cc2429b2c0df4","reference_id":"b51996e35bbfcc7a27d94dfeed5cc2429b2c0df4","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:43:03Z/"}],"url":"https://git.kernel.org/stable/c/b51996e35bbfcc7a27d94dfeed5cc2429b2c0df4"},{"reference_url":"https://git.kernel.org/stable/c/b8d91399775c55162073bb2aca061ec42e3d4bc1","reference_id":"b8d91399775c55162073bb2aca061ec42e3d4bc1","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:43:03Z/"}],"url":"https://git.kernel.org/stable/c/b8d91399775c55162073bb2aca061ec42e3d4bc1"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-49342"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wnd2-9jrd-nya2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70400?format=json","vulnerability_id":"VCID-wnqd-9fqz-c7e1","summary":"kernel: fbcon: Set fb_display[i]->mode to NULL when the mode is released","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40323.json","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40323.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2419883","reference_id":"2419883","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2419883"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-40323"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wnqd-9fqz-c7e1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81932?format=json","vulnerability_id":"VCID-wnuy-wf8k-skes","summary":"In the Linux kernel, the following vulnerability has been resolved:  thermal/int340x_thermal: handle data_vault when the value is ZERO_SIZE_PTR  In some case, the GDDV returns a package with a buffer which has zero length. It causes that kmemdup() returns ZERO_SIZE_PTR (0x10).  Then the data_vault_read() got NULL point dereference problem when accessing the 0x10 value in data_vault.  [   71.024560] BUG: kernel NULL pointer dereference, address: 0000000000000010  This patch uses ZERO_OR_NULL_PTR() for checking ZERO_SIZE_PTR or NULL value in data_vault.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48703.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48703.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-48703","reference_id":"","reference_type":"","scores":[{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00848","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-48703"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2278960","reference_id":"2278960","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2278960"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9315","reference_id":"RHSA-2024:9315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9315"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-48703"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wnuy-wf8k-skes"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88220?format=json","vulnerability_id":"VCID-wqw3-rqx8-wbg7","summary":"kernel: netfilter: xtables: avoid NFPROTO_UNSPEC where needed","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-50038.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-50038.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/0bfcb7b71e735560077a42847f69597ec7dcc326","reference_id":"0bfcb7b71e735560077a42847f69597ec7dcc326","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:25:10Z/"}],"url":"https://git.kernel.org/stable/c/0bfcb7b71e735560077a42847f69597ec7dcc326"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2320587","reference_id":"2320587","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2320587"},{"reference_url":"https://git.kernel.org/stable/c/4cdc55ec6222bb195995cc58f7cb46e4d8907056","reference_id":"4cdc55ec6222bb195995cc58f7cb46e4d8907056","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:25:10Z/"}],"url":"https://git.kernel.org/stable/c/4cdc55ec6222bb195995cc58f7cb46e4d8907056"},{"reference_url":"https://git.kernel.org/stable/c/85ff9a0f793ca52c527e75cd40a69c948627ebde","reference_id":"85ff9a0f793ca52c527e75cd40a69c948627ebde","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:25:10Z/"}],"url":"https://git.kernel.org/stable/c/85ff9a0f793ca52c527e75cd40a69c948627ebde"},{"reference_url":"https://git.kernel.org/stable/c/8f482bb7e27b37f1f734bb9a8eeb28b23d59d189","reference_id":"8f482bb7e27b37f1f734bb9a8eeb28b23d59d189","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:25:10Z/"}],"url":"https://git.kernel.org/stable/c/8f482bb7e27b37f1f734bb9a8eeb28b23d59d189"},{"reference_url":"https://git.kernel.org/stable/c/997f67d813ce0cf5eb3cdb8f124da68141e91b6c","reference_id":"997f67d813ce0cf5eb3cdb8f124da68141e91b6c","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:25:10Z/"}],"url":"https://git.kernel.org/stable/c/997f67d813ce0cf5eb3cdb8f124da68141e91b6c"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:6966","reference_id":"RHSA-2025:6966","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:6966"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-50038"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wqw3-rqx8-wbg7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88622?format=json","vulnerability_id":"VCID-wr26-cnm3-3ucg","summary":"In the Linux kernel, the following vulnerability has been resolved:  jfs: fix null ptr deref in dtInsertEntry  [syzbot reported] general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] PREEMPT SMP KASAN PTI KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f] CPU: 0 PID: 5061 Comm: syz-executor404 Not tainted 6.8.0-syzkaller-08951-gfe46a7dd189e #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 RIP: 0010:dtInsertEntry+0xd0c/0x1780 fs/jfs/jfs_dtree.c:3713 ... [Analyze] In dtInsertEntry(), when the pointer h has the same value as p, after writing name in UniStrncpy_to_le(), p->header.flag will be cleared. This will cause the previously true judgment \"p->header.flag & BT-LEAF\" to change to no after writing the name operation, this leads to entering an incorrect branch and accessing the uninitialized object ih when judging this condition for the second time.  [Fix] After got the page, check freelist first, if freelist == 0 then exit dtInsert() and return -EINVAL.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-44939.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-44939.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2307898","reference_id":"2307898","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2307898"},{"reference_url":"https://git.kernel.org/stable/c/53023ab11836ac56fd75f7a71ec1356e50920fa9","reference_id":"53023ab11836ac56fd75f7a71ec1356e50920fa9","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:27:35Z/"}],"url":"https://git.kernel.org/stable/c/53023ab11836ac56fd75f7a71ec1356e50920fa9"},{"reference_url":"https://git.kernel.org/stable/c/6ea10dbb1e6c58384136e9adfd75f81951e423f6","reference_id":"6ea10dbb1e6c58384136e9adfd75f81951e423f6","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:27:35Z/"}],"url":"https://git.kernel.org/stable/c/6ea10dbb1e6c58384136e9adfd75f81951e423f6"},{"reference_url":"https://git.kernel.org/stable/c/9c2ac38530d1a3ee558834dfa16c85a40fd0e702","reference_id":"9c2ac38530d1a3ee558834dfa16c85a40fd0e702","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:27:35Z/"}],"url":"https://git.kernel.org/stable/c/9c2ac38530d1a3ee558834dfa16c85a40fd0e702"},{"reference_url":"https://git.kernel.org/stable/c/ce6dede912f064a855acf6f04a04cbb2c25b8c8c","reference_id":"ce6dede912f064a855acf6f04a04cbb2c25b8c8c","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:27:35Z/"}],"url":"https://git.kernel.org/stable/c/ce6dede912f064a855acf6f04a04cbb2c25b8c8c"},{"reference_url":"https://git.kernel.org/stable/c/f98bf80b20f4a930589cda48a35f751a64fe0dc2","reference_id":"f98bf80b20f4a930589cda48a35f751a64fe0dc2","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:27:35Z/"}],"url":"https://git.kernel.org/stable/c/f98bf80b20f4a930589cda48a35f751a64fe0dc2"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-44939"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wr26-cnm3-3ucg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81015?format=json","vulnerability_id":"VCID-wry8-4ff1-gkap","summary":"In the Linux kernel, the following vulnerability has been resolved:  drm/prime: Fix use after free in mmap with drm_gem_ttm_mmap  drm_gem_ttm_mmap() drops a reference to the gem object on success. If the gem object's refcount == 1 on entry to drm_gem_prime_mmap(), that drop will free the gem object, and the subsequent drm_gem_object_get() will be a UAF. Fix by grabbing a reference before calling the mmap helper.  This issue was forseen when the reference dropping was adding in commit 9786b65bc61ac (\"drm/ttm: fix mmap refcounting\"):   \"For that to work properly the drm_gem_object_get() call in   drm_gem_ttm_mmap() must be moved so it happens before calling   obj->funcs->mmap(), otherwise the gem refcount would go down   to zero.\"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47200.json","reference_id":"","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47200.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-47200","reference_id":"","reference_type":"","scores":[{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03233","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-47200"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2274609","reference_id":"2274609","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2274609"},{"reference_url":"https://git.kernel.org/stable/c/4f8e469a2384dfa4047145b0093126462cbb6dc0","reference_id":"4f8e469a2384dfa4047145b0093126462cbb6dc0","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-15T14:57:54Z/"}],"url":"https://git.kernel.org/stable/c/4f8e469a2384dfa4047145b0093126462cbb6dc0"},{"reference_url":"https://git.kernel.org/stable/c/8244a3bc27b3efd057da154b8d7e414670d5044f","reference_id":"8244a3bc27b3efd057da154b8d7e414670d5044f","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-15T14:57:54Z/"}],"url":"https://git.kernel.org/stable/c/8244a3bc27b3efd057da154b8d7e414670d5044f"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2021-47200"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wry8-4ff1-gkap"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86403?format=json","vulnerability_id":"VCID-wshk-mbcx-sfhu","summary":"In the Linux kernel, the following vulnerability has been resolved:  drm/amdgpu: Reset IH OVERFLOW_CLEAR bit  Allows us to detect subsequent IH ring buffer overflows as well.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26915.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26915.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2275790","reference_id":"2275790","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2275790"},{"reference_url":"https://git.kernel.org/stable/c/2827633c9dab6304ec4cdbf369363219832e605d","reference_id":"2827633c9dab6304ec4cdbf369363219832e605d","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-07T20:53:44Z/"}],"url":"https://git.kernel.org/stable/c/2827633c9dab6304ec4cdbf369363219832e605d"},{"reference_url":"https://git.kernel.org/stable/c/7330256268664ea0a7dd5b07a3fed363093477dd","reference_id":"7330256268664ea0a7dd5b07a3fed363093477dd","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-07T20:53:44Z/"}],"url":"https://git.kernel.org/stable/c/7330256268664ea0a7dd5b07a3fed363093477dd"},{"reference_url":"https://git.kernel.org/stable/c/8983397951b4b0bd51bb4b4ba9749424e1ccbb70","reference_id":"8983397951b4b0bd51bb4b4ba9749424e1ccbb70","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-07T20:53:44Z/"}],"url":"https://git.kernel.org/stable/c/8983397951b4b0bd51bb4b4ba9749424e1ccbb70"},{"reference_url":"https://git.kernel.org/stable/c/9a9d00c23d170d4ef5a1b28e6b69f5c85dd12bc1","reference_id":"9a9d00c23d170d4ef5a1b28e6b69f5c85dd12bc1","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-07T20:53:44Z/"}],"url":"https://git.kernel.org/stable/c/9a9d00c23d170d4ef5a1b28e6b69f5c85dd12bc1"},{"reference_url":"https://git.kernel.org/stable/c/a28f4d1e0bed85943d309ac243fd1c200f8af9a2","reference_id":"a28f4d1e0bed85943d309ac243fd1c200f8af9a2","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-07T20:53:44Z/"}],"url":"https://git.kernel.org/stable/c/a28f4d1e0bed85943d309ac243fd1c200f8af9a2"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9315","reference_id":"RHSA-2024:9315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9315"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-26915"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wshk-mbcx-sfhu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77348?format=json","vulnerability_id":"VCID-wta9-n4x7-dkdh","summary":"kernel: Bluetooth: eir: Fix using strlen with hdev->{dev_name,short_name}","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50233.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50233.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50233","reference_id":"","reference_type":"","scores":[{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.0899","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50233"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2387390","reference_id":"2387390","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2387390"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-50233"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wta9-n4x7-dkdh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62044?format=json","vulnerability_id":"VCID-wtnv-de29-cke3","summary":"kernel: s390/mm: Add missing secure storage access fixups for donated memory","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31568.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31568.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461528","reference_id":"2461528","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461528"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2026-31568"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wtnv-de29-cke3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85778?format=json","vulnerability_id":"VCID-wtyc-u6n5-gbff","summary":"In the Linux kernel, the following vulnerability has been resolved:  rxrpc: Fix delayed ACKs to not set the reference serial number  Fix the construction of delayed ACKs to not set the reference serial number as they can't be used as an RTT reference.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26677.json","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26677.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/200cb50b9e154434470c8969d32474d38475acc2","reference_id":"200cb50b9e154434470c8969d32474d38475acc2","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-02T14:58:11Z/"}],"url":"https://git.kernel.org/stable/c/200cb50b9e154434470c8969d32474d38475acc2"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2272834","reference_id":"2272834","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2272834"},{"reference_url":"https://git.kernel.org/stable/c/63719f490e6a89896e9a463d2b45e8203eab23ae","reference_id":"63719f490e6a89896e9a463d2b45e8203eab23ae","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-02T14:58:11Z/"}],"url":"https://git.kernel.org/stable/c/63719f490e6a89896e9a463d2b45e8203eab23ae"},{"reference_url":"https://git.kernel.org/stable/c/e7870cf13d20f56bfc19f9c3e89707c69cf104ef","reference_id":"e7870cf13d20f56bfc19f9c3e89707c69cf104ef","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-02T14:58:11Z/"}],"url":"https://git.kernel.org/stable/c/e7870cf13d20f56bfc19f9c3e89707c69cf104ef"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-26677"],"risk_score":1.8,"exploitability":"0.5","weighted_severity":"3.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wtyc-u6n5-gbff"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60501?format=json","vulnerability_id":"VCID-wyky-zzga-v7de","summary":"kernel: powerpc, perf: Check that current->mm is alive before getting user callchain","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43416.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43416.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2468165","reference_id":"2468165","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2468165"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2026-43416"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wyky-zzga-v7de"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/58965?format=json","vulnerability_id":"VCID-wzvy-jd7j-nyf7","summary":"kernel: AppArmor: Allow apparmor to handle unaligned dfa tables","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46254.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46254.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2484445","reference_id":"2484445","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2484445"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-46254"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wzvy-jd7j-nyf7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88244?format=json","vulnerability_id":"VCID-x2qq-4sqz-wqf3","summary":"kernel: thermal: core: Reference count the zone in thermal_zone_get_by_id()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-50028.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-50028.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2320610","reference_id":"2320610","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2320610"},{"reference_url":"https://git.kernel.org/stable/c/a42a5839f400e929c489bb1b58f54596c4535167","reference_id":"a42a5839f400e929c489bb1b58f54596c4535167","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:26:28Z/"}],"url":"https://git.kernel.org/stable/c/a42a5839f400e929c489bb1b58f54596c4535167"},{"reference_url":"https://git.kernel.org/stable/c/c95538b286efc6109c987e97a051bc7844ede802","reference_id":"c95538b286efc6109c987e97a051bc7844ede802","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:26:28Z/"}],"url":"https://git.kernel.org/stable/c/c95538b286efc6109c987e97a051bc7844ede802"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:6966","reference_id":"RHSA-2025:6966","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:6966"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-50028"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x2qq-4sqz-wqf3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72185?format=json","vulnerability_id":"VCID-x4q6-jsjv-zbh7","summary":"kernel: smc: Use __sk_dst_get() and dst_dev_rcu() in in smc_clc_prfx_set()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40139.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40139.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2414464","reference_id":"2414464","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2414464"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2025-40139"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x4q6-jsjv-zbh7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83101?format=json","vulnerability_id":"VCID-x5ex-c6c6-yke7","summary":"kernel: spufs: fix a leak in spufs_create_context()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-22071.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-22071.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2360207","reference_id":"2360207","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2360207"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-22071"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x5ex-c6c6-yke7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75518?format=json","vulnerability_id":"VCID-x5j4-g36v-5fen","summary":"kernel: genirq/ipi: Fix NULL pointer deref in irq_data_get_affinity_mask()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53332.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53332.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2395884","reference_id":"2395884","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2395884"},{"reference_url":"https://git.kernel.org/stable/c/7448c73d64075051f50caed2c62f46553b69ab8a","reference_id":"7448c73d64075051f50caed2c62f46553b69ab8a","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T18:30:29Z/"}],"url":"https://git.kernel.org/stable/c/7448c73d64075051f50caed2c62f46553b69ab8a"},{"reference_url":"https://git.kernel.org/stable/c/926aef60ea64cd9becf2829f7388f48dbe8bcb11","reference_id":"926aef60ea64cd9becf2829f7388f48dbe8bcb11","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T18:30:29Z/"}],"url":"https://git.kernel.org/stable/c/926aef60ea64cd9becf2829f7388f48dbe8bcb11"},{"reference_url":"https://git.kernel.org/stable/c/feabecaff5902f896531dde90646ca5dfa9d4f7d","reference_id":"feabecaff5902f896531dde90646ca5dfa9d4f7d","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T18:30:29Z/"}],"url":"https://git.kernel.org/stable/c/feabecaff5902f896531dde90646ca5dfa9d4f7d"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-53332"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x5j4-g36v-5fen"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83955?format=json","vulnerability_id":"VCID-x6fw-mmsb-nydr","summary":"A use-after-free flaw was found in smb2_is_status_io_timeout() in CIFS in the Linux Kernel. After CIFS transfers response data to a system call, there are still local variable points to the memory region, and if the system call frees it faster than CIFS uses it, CIFS will access a free memory region, leading to a denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-1192.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-1192.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-1192","reference_id":"","reference_type":"","scores":[{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07797","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-1192"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2154178","reference_id":"2154178","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-26T21:48:41Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2154178"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9","reference_id":"cpe:/o:redhat:enterprise_linux:9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2023-1192","reference_id":"CVE-2023-1192","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-26T21:48:41Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2023-1192"},{"reference_url":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d527f51331cace562393a8038d870b3e9916686f","reference_id":"?id=d527f51331cace562393a8038d870b3e9916686f","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-26T21:48:41Z/"}],"url":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d527f51331cace562393a8038d870b3e9916686f"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7539","reference_id":"RHSA-2023:7539","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7539"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7548","reference_id":"RHSA-2023:7548","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7548"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7549","reference_id":"RHSA-2023:7549","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7549"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7749","reference_id":"RHSA-2023:7749","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7749"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0412","reference_id":"RHSA-2024:0412","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0412"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0439","reference_id":"RHSA-2024:0439","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0439"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0448","reference_id":"RHSA-2024:0448","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0448"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0562","reference_id":"RHSA-2024:0562","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0562"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0563","reference_id":"RHSA-2024:0563","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0563"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1250","reference_id":"RHSA-2024:1250","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1250"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1306","reference_id":"RHSA-2024:1306","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1306"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2006","reference_id":"RHSA-2024:2006","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2006"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2008","reference_id":"RHSA-2024:2008","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2008"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-1192"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x6fw-mmsb-nydr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/76031?format=json","vulnerability_id":"VCID-x6hz-en37-n7c8","summary":"kernel: drm/hisilicon/hibmc: fix the hibmc loaded failed bug","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39772.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39772.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2394622","reference_id":"2394622","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2394622"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-39772"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x6hz-en37-n7c8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82150?format=json","vulnerability_id":"VCID-x75k-dk59-9qey","summary":"kernel: KVM: VMX: Do _all_ initialization before exposing /dev/kvm to userspace","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49932.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49932.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49932","reference_id":"","reference_type":"","scores":[{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.1313","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49932"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2363684","reference_id":"2363684","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2363684"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-49932"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x75k-dk59-9qey"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80179?format=json","vulnerability_id":"VCID-x985-t6s3-g7hu","summary":"kernel: venus: pm_helpers: Fix warning in OPP during probe","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50011.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50011.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50011","reference_id":"","reference_type":"","scores":[{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.1313","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50011"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2373597","reference_id":"2373597","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2373597"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-50011"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x985-t6s3-g7hu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86269?format=json","vulnerability_id":"VCID-x9jq-hs51-nfhb","summary":"kernel: Bluetooth: hci_conn: Use disable_delayed_work_sync","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56591.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56591.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2334426","reference_id":"2334426","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2334426"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:6966","reference_id":"RHSA-2025:6966","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:6966"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-56591"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x9jq-hs51-nfhb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88491?format=json","vulnerability_id":"VCID-xbjr-1gre-fufw","summary":"In the Linux kernel, the following vulnerability has been resolved:  PCI: endpoint: pci-epf-test: Make use of cached 'epc_features' in pci_epf_test_core_init()  Instead of getting the epc_features from pci_epc_get_features() API, use the cached pci_epf_test::epc_features value to avoid the NULL check. Since the NULL check is already performed in pci_epf_test_bind(), having one more check in pci_epf_test_core_init() is redundant and it is not possible to hit the NULL pointer dereference.  Also with commit a01e7214bef9 (\"PCI: endpoint: Remove \"core_init_notifier\" flag\"), 'epc_features' got dereferenced without the NULL check, leading to the following false positive Smatch warning:    drivers/pci/endpoint/functions/pci-epf-test.c:784 pci_epf_test_core_init() error: we previously assumed 'epc_features' could be null (see line 747)  Thus, remove the redundant NULL check and also use the epc_features:: {msix_capable/msi_capable} flags directly to avoid local variables.  [kwilczynski: commit log]","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-43824.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-43824.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2305482","reference_id":"2305482","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2305482"},{"reference_url":"https://git.kernel.org/stable/c/5a5095a8bd1bd349cce1c879e5e44407a34dda8a","reference_id":"5a5095a8bd1bd349cce1c879e5e44407a34dda8a","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:08:51Z/"}],"url":"https://git.kernel.org/stable/c/5a5095a8bd1bd349cce1c879e5e44407a34dda8a"},{"reference_url":"https://git.kernel.org/stable/c/af4ad016abb1632ff7ee598a6037952b495e5b80","reference_id":"af4ad016abb1632ff7ee598a6037952b495e5b80","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:08:51Z/"}],"url":"https://git.kernel.org/stable/c/af4ad016abb1632ff7ee598a6037952b495e5b80"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-43824"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xbjr-1gre-fufw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/67775?format=json","vulnerability_id":"VCID-xbus-p7jr-8kfp","summary":"kernel: ALSA: ac97: fix a double free in snd_ac97_controller_register()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-71192.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-71192.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2436772","reference_id":"2436772","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2436772"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-71192"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xbus-p7jr-8kfp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/76742?format=json","vulnerability_id":"VCID-xcdt-k4cy-jbgz","summary":"kernel: tls: separate no-async decryption request handling from async","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-58240.json","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-58240.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2391431","reference_id":"2391431","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2391431"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19268","reference_id":"RHSA-2025:19268","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19268"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19492","reference_id":"RHSA-2025:19492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21667","reference_id":"RHSA-2025:21667","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21667"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22752","reference_id":"RHSA-2025:22752","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22752"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-58240"],"risk_score":3.3,"exploitability":"0.5","weighted_severity":"6.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xcdt-k4cy-jbgz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69282?format=json","vulnerability_id":"VCID-xdn5-ndpg-gkf4","summary":"kernel: octeontx2-af: Add validation for lmac type","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-54129.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-54129.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2425090","reference_id":"2425090","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2425090"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6583","reference_id":"RHSA-2023:6583","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6583"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-54129"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xdn5-ndpg-gkf4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84591?format=json","vulnerability_id":"VCID-xegy-tsah-5kf3","summary":"kernel: btrfs: fix double accounting race when btrfs_run_delalloc_range() failed","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-58089.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-58089.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/0283ee1912c8e243c931f4ee5b3672e954fe0384","reference_id":"0283ee1912c8e243c931f4ee5b3672e954fe0384","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:26:46Z/"}],"url":"https://git.kernel.org/stable/c/0283ee1912c8e243c931f4ee5b3672e954fe0384"},{"reference_url":"https://git.kernel.org/stable/c/21333148b5c9e52f41fafcedec3810b56a5e0e40","reference_id":"21333148b5c9e52f41fafcedec3810b56a5e0e40","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:26:46Z/"}],"url":"https://git.kernel.org/stable/c/21333148b5c9e52f41fafcedec3810b56a5e0e40"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2351607","reference_id":"2351607","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2351607"},{"reference_url":"https://git.kernel.org/stable/c/72dad8e377afa50435940adfb697e070d3556670","reference_id":"72dad8e377afa50435940adfb697e070d3556670","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:26:46Z/"}],"url":"https://git.kernel.org/stable/c/72dad8e377afa50435940adfb697e070d3556670"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-58089"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xegy-tsah-5kf3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59907?format=json","vulnerability_id":"VCID-xgqt-yrgv-fyhq","summary":"kernel: Bluetooth: L2CAP: Fix null-ptr-deref in l2cap_sock_state_change_cb()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45834.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45834.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2481554","reference_id":"2481554","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2481554"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-45834"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xgqt-yrgv-fyhq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84175?format=json","vulnerability_id":"VCID-xgs6-2jcg-c7g7","summary":"kernel: cifs: fix potential memory leaks in session setup","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53008.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53008.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2355536","reference_id":"2355536","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2355536"},{"reference_url":"https://git.kernel.org/stable/c/2fe58d977ee05da5bb89ef5dc4f5bf2dc15db46f","reference_id":"2fe58d977ee05da5bb89ef5dc4f5bf2dc15db46f","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T20:08:03Z/"}],"url":"https://git.kernel.org/stable/c/2fe58d977ee05da5bb89ef5dc4f5bf2dc15db46f"},{"reference_url":"https://git.kernel.org/stable/c/893d45394dbe4b5cbf3723c19e2ccc8b93a6ac9b","reference_id":"893d45394dbe4b5cbf3723c19e2ccc8b93a6ac9b","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T20:08:03Z/"}],"url":"https://git.kernel.org/stable/c/893d45394dbe4b5cbf3723c19e2ccc8b93a6ac9b"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-53008"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xgs6-2jcg-c7g7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83569?format=json","vulnerability_id":"VCID-xhn1-3fjd-33au","summary":"In the Linux kernel, the following vulnerability has been resolved:  tcp: Fix a data-race around sysctl_tcp_ecn_fallback.  While reading sysctl_tcp_ecn_fallback, it can be changed concurrently. Thus, we need to add READ_ONCE() to its reader.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49630.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49630.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49630","reference_id":"","reference_type":"","scores":[{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19548","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49630"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/12b8d9ca7e678abc48195294494f1815b555d658","reference_id":"12b8d9ca7e678abc48195294494f1815b555d658","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:34:27Z/"}],"url":"https://git.kernel.org/stable/c/12b8d9ca7e678abc48195294494f1815b555d658"},{"reference_url":"https://git.kernel.org/stable/c/1ec3d6c2626ee6e1b36b7bd006873a271406ba61","reference_id":"1ec3d6c2626ee6e1b36b7bd006873a271406ba61","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:34:27Z/"}],"url":"https://git.kernel.org/stable/c/1ec3d6c2626ee6e1b36b7bd006873a271406ba61"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2348249","reference_id":"2348249","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2348249"},{"reference_url":"https://git.kernel.org/stable/c/8bcf7339f2cf70ea4461df6ea045d1aadfabfa11","reference_id":"8bcf7339f2cf70ea4461df6ea045d1aadfabfa11","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:34:27Z/"}],"url":"https://git.kernel.org/stable/c/8bcf7339f2cf70ea4461df6ea045d1aadfabfa11"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2458","reference_id":"RHSA-2023:2458","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2458"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-49630"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xhn1-3fjd-33au"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82953?format=json","vulnerability_id":"VCID-xje7-3bkv-fkdq","summary":"In the Linux kernel, the following vulnerability has been resolved:  ASoC: atmel: Fix error handling in snd_proto_probe  The device_node pointer is returned by of_parse_phandle()  with refcount incremented. We should use of_node_put() on it when done.  This function only calls of_node_put() in the regular path. And it will cause refcount leak in error paths. Fix this by calling of_node_put() in error handling too.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49246.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49246.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49246","reference_id":"","reference_type":"","scores":[{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29051","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49246"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2347811","reference_id":"2347811","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2347811"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-49246"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xje7-3bkv-fkdq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80656?format=json","vulnerability_id":"VCID-xkqg-6qdw-p3ba","summary":"A vulnerability was found in btrfs_alloc_tree_b in fs/btrfs/extent-tree.c in the Linux kernel due to an improper lock operation in btrfs. In this flaw, a user with a local privilege may cause a denial of service (DOS) due to a deadlock problem.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4149.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4149.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-4149","reference_id":"","reference_type":"","scores":[{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.2937","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-4149"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2026485","reference_id":"2026485","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2026485"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2021-4149"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xkqg-6qdw-p3ba"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59908?format=json","vulnerability_id":"VCID-xmy4-ksbp-h7b4","summary":"kernel: Bluetooth: L2CAP: Fix null-ptr-deref in l2cap_sock_new_connection_cb()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45835.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45835.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2481560","reference_id":"2481560","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2481560"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-45835"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xmy4-ksbp-h7b4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82035?format=json","vulnerability_id":"VCID-xmyh-av2e-tyew","summary":"kernel: net/niu: Niu requires MSIX ENTRY_DATA fields touch before entry reads","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-37833.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-37833.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2365019","reference_id":"2365019","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2365019"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2025-37833"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xmyh-av2e-tyew"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62013?format=json","vulnerability_id":"VCID-xn1z-quwh-fufe","summary":"kernel: rxrpc: reject undecryptable rxkad response tickets","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31637.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31637.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461506","reference_id":"2461506","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461506"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-31637"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xn1z-quwh-fufe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79924?format=json","vulnerability_id":"VCID-xns4-gw1z-w3gg","summary":"kernel: net: 9p: fix refcount leak in p9_read_work() error handling","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50114.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50114.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50114","reference_id":"","reference_type":"","scores":[{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20287","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50114"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2373472","reference_id":"2373472","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2373472"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-50114"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xns4-gw1z-w3gg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83449?format=json","vulnerability_id":"VCID-xpe5-2jrg-mqbd","summary":"In the Linux kernel, the following vulnerability has been resolved:  loop: implement ->free_disk  Ensure that the lo_device which is stored in the gendisk private data is valid until the gendisk is freed.  Currently the loop driver uses a lot of effort to make sure a device is not freed when it is still in use, but to to fix a potential deadlock this will be relaxed a bit soon.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49531.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49531.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49531","reference_id":"","reference_type":"","scores":[{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.05044","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49531"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2347714","reference_id":"2347714","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2347714"},{"reference_url":"https://git.kernel.org/stable/c/aadd1443aae7fe8956e3b11157827067f034406a","reference_id":"aadd1443aae7fe8956e3b11157827067f034406a","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:37:55Z/"}],"url":"https://git.kernel.org/stable/c/aadd1443aae7fe8956e3b11157827067f034406a"},{"reference_url":"https://git.kernel.org/stable/c/d2c7f56f8b5256d57f9e3fc7794c31361d43bdd9","reference_id":"d2c7f56f8b5256d57f9e3fc7794c31361d43bdd9","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:37:55Z/"}],"url":"https://git.kernel.org/stable/c/d2c7f56f8b5256d57f9e3fc7794c31361d43bdd9"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8267","reference_id":"RHSA-2022:8267","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8267"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-49531"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xpe5-2jrg-mqbd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83218?format=json","vulnerability_id":"VCID-xpht-n5ft-43hq","summary":"kernel: spufs: fix a leak on spufs_new_file() failure","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-22073.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-22073.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2360260","reference_id":"2360260","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2360260"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-22073"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xpht-n5ft-43hq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88798?format=json","vulnerability_id":"VCID-xpkm-ggp9-9yea","summary":"In the Linux kernel, the following vulnerability has been resolved:  pktgen: use cpus_read_lock() in pg_net_init()  I have seen the WARN_ON(smp_processor_id() != cpu) firing in pktgen_thread_worker() during tests.  We must use cpus_read_lock()/cpus_read_unlock() around the for_each_online_cpu(cpu) loop.  While we are at it use WARN_ON_ONCE() to avoid a possible syslog flood.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-46681.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-46681.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2312069","reference_id":"2312069","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2312069"},{"reference_url":"https://git.kernel.org/stable/c/5f5f7366dda8ae870e8305d6e7b3c0c2686cd2cf","reference_id":"5f5f7366dda8ae870e8305d6e7b3c0c2686cd2cf","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T15:09:32Z/"}],"url":"https://git.kernel.org/stable/c/5f5f7366dda8ae870e8305d6e7b3c0c2686cd2cf"},{"reference_url":"https://git.kernel.org/stable/c/979b581e4c69257acab1af415ddad6b2d78a2fa5","reference_id":"979b581e4c69257acab1af415ddad6b2d78a2fa5","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T15:09:32Z/"}],"url":"https://git.kernel.org/stable/c/979b581e4c69257acab1af415ddad6b2d78a2fa5"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-46681"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xpkm-ggp9-9yea"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83320?format=json","vulnerability_id":"VCID-xsr2-1kkv-3ycu","summary":"In the Linux kernel, the following vulnerability has been resolved:  module: fix [e_shstrndx].sh_size=0 OOB access  It is trivial to craft a module to trigger OOB access in this line:  \tif (info->secstrings[strhdr->sh_size - 1] != '\\0') {  BUG: unable to handle page fault for address: ffffc90000aa0fff PGD 100000067 P4D 100000067 PUD 100066067 PMD 10436f067 PTE 0 Oops: 0000 [#1] PREEMPT SMP PTI CPU: 7 PID: 1215 Comm: insmod Not tainted 5.18.0-rc5-00007-g9bf578647087-dirty #10 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.14.0-4.fc34 04/01/2014 RIP: 0010:load_module+0x19b/0x2391  [rebased patch onto modules-next]","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49444.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49444.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49444","reference_id":"","reference_type":"","scores":[{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02811","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49444"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2348257","reference_id":"2348257","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2348257"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-49444"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xsr2-1kkv-3ycu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61581?format=json","vulnerability_id":"VCID-xuvj-rasz-yqgy","summary":"kernel: usb: gadget: f_eem: Fix net_device lifecycle with device_move","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31724.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31724.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2464499","reference_id":"2464499","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2464499"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-31724"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xuvj-rasz-yqgy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85701?format=json","vulnerability_id":"VCID-xvfk-rjbz-q7en","summary":"kernel: RDMA/rxe: Remove the direct link to net_device","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-57795.json","reference_id":"","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-57795.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2338215","reference_id":"2338215","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2338215"},{"reference_url":"https://git.kernel.org/stable/c/2ac5415022d16d63d912a39a06f32f1f51140261","reference_id":"2ac5415022d16d63d912a39a06f32f1f51140261","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-13T13:56:40Z/"}],"url":"https://git.kernel.org/stable/c/2ac5415022d16d63d912a39a06f32f1f51140261"},{"reference_url":"https://git.kernel.org/stable/c/32ca3557d968e662957131374a5f81c9c9cdbba8","reference_id":"32ca3557d968e662957131374a5f81c9c9cdbba8","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-13T13:56:40Z/"}],"url":"https://git.kernel.org/stable/c/32ca3557d968e662957131374a5f81c9c9cdbba8"},{"reference_url":"https://git.kernel.org/stable/c/9f6f54e6a6863131442b40e14d1792b090c7ce21","reference_id":"9f6f54e6a6863131442b40e14d1792b090c7ce21","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-13T13:56:40Z/"}],"url":"https://git.kernel.org/stable/c/9f6f54e6a6863131442b40e14d1792b090c7ce21"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-57795"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xvfk-rjbz-q7en"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59507?format=json","vulnerability_id":"VCID-xwxf-z5wk-43b9","summary":"kernel: net: qrtr: ns: Free the node during ctrl_cmd_bye()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46038.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46038.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482060","reference_id":"2482060","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482060"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-46038"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xwxf-z5wk-43b9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61837?format=json","vulnerability_id":"VCID-xx64-m5k1-eff1","summary":"kernel: driver core: enforce device_lock for driver_match_device()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31688.json","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31688.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2463259","reference_id":"2463259","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2463259"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2026-31688"],"risk_score":2.9,"exploitability":"0.5","weighted_severity":"5.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xx64-m5k1-eff1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77947?format=json","vulnerability_id":"VCID-xx65-dxjz-qkex","summary":"kernel: ASoC: SOF: Intel: hda: Use devm_kstrdup() to avoid memleak.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38438.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38438.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2383490","reference_id":"2383490","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2383490"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:20095","reference_id":"RHSA-2025:20095","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:20095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:20518","reference_id":"RHSA-2025:20518","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:20518"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2025-38438"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xx65-dxjz-qkex"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70284?format=json","vulnerability_id":"VCID-xxvp-jc43-9ygx","summary":"kernel: f2fs: flush inode if atomic file is aborted","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53829.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53829.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2420359","reference_id":"2420359","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2420359"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-53829"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xxvp-jc43-9ygx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61025?format=json","vulnerability_id":"VCID-xzy4-ghsd-s7aq","summary":"kernel: dlm: validate length in dlm_search_rsb_tree","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43125.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43125.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467234","reference_id":"2467234","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467234"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-43125"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xzy4-ghsd-s7aq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73773?format=json","vulnerability_id":"VCID-y1ue-44xx-wydf","summary":"kernel: Bluetooth: hci_event: call disconnect callback before deleting conn","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53673.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53673.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2402193","reference_id":"2402193","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2402193"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2394","reference_id":"RHSA-2024:2394","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2394"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1142","reference_id":"RHSA-2026:1142","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1142"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1148","reference_id":"RHSA-2026:1148","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1148"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2490","reference_id":"RHSA-2026:2490","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2490"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2535","reference_id":"RHSA-2026:2535","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2535"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2560","reference_id":"RHSA-2026:2560","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2560"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2573","reference_id":"RHSA-2026:2573","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2573"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2577","reference_id":"RHSA-2026:2577","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2577"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2583","reference_id":"RHSA-2026:2583","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2583"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3360","reference_id":"RHSA-2026:3360","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3360"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-53673"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y1ue-44xx-wydf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79978?format=json","vulnerability_id":"VCID-y2hr-8xgf-g3cy","summary":"kernel: octeontx2-af: Fix mcam entry resource leak","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50060.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50060.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50060","reference_id":"","reference_type":"","scores":[{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15613","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50060"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2373503","reference_id":"2373503","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2373503"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-50060"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y2hr-8xgf-g3cy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87027?format=json","vulnerability_id":"VCID-y45k-crkr-m7cv","summary":"kernel: nvme-multipath: defer partition scanning","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-53093.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-53093.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/1f021341eef41e77a633186e9be5223de2ce5d48","reference_id":"1f021341eef41e77a633186e9be5223de2ce5d48","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T20:11:24Z/"}],"url":"https://git.kernel.org/stable/c/1f021341eef41e77a633186e9be5223de2ce5d48"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2327890","reference_id":"2327890","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2327890"},{"reference_url":"https://git.kernel.org/stable/c/4a57f42e5ed42cb8f1beb262c4f6d3e698939e4e","reference_id":"4a57f42e5ed42cb8f1beb262c4f6d3e698939e4e","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T20:11:24Z/"}],"url":"https://git.kernel.org/stable/c/4a57f42e5ed42cb8f1beb262c4f6d3e698939e4e"},{"reference_url":"https://git.kernel.org/stable/c/60de2e03f984cfbcdc12fa552f95087c35a05a98","reference_id":"60de2e03f984cfbcdc12fa552f95087c35a05a98","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T20:11:24Z/"}],"url":"https://git.kernel.org/stable/c/60de2e03f984cfbcdc12fa552f95087c35a05a98"},{"reference_url":"https://git.kernel.org/stable/c/a91b7eddf45afeeb9c5ece11dddff5de0921b00f","reference_id":"a91b7eddf45afeeb9c5ece11dddff5de0921b00f","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T20:11:24Z/"}],"url":"https://git.kernel.org/stable/c/a91b7eddf45afeeb9c5ece11dddff5de0921b00f"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:6966","reference_id":"RHSA-2025:6966","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:6966"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-53093"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y45k-crkr-m7cv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70328?format=json","vulnerability_id":"VCID-y5gz-zw7d-n3fr","summary":"kernel: net: stmmac: Correctly handle Rx checksum offload errors","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40337.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40337.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2420419","reference_id":"2420419","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2420419"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2025-40337"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y5gz-zw7d-n3fr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84298?format=json","vulnerability_id":"VCID-y62r-p9ef-zfgs","summary":"A use-after-free vulnerability was found in the cxgb4 driver in the Linux kernel. The bug occurs when the cxgb4 device is detaching due to a possible rearming of the flower_stats_timer from the work queue. This flaw allows a local user to crash the system, causing a denial of service condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4133.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4133.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2221702","reference_id":"2221702","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-26T21:51:04Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2221702"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb","reference_id":"cpe:/a:redhat:enterprise_linux:8::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::nfv","reference_id":"cpe:/a:redhat:enterprise_linux:8::nfv","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::nfv"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::realtime","reference_id":"cpe:/a:redhat:enterprise_linux:8::realtime","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::realtime"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::nfv","reference_id":"cpe:/a:redhat:enterprise_linux:9::nfv","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::nfv"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::realtime","reference_id":"cpe:/a:redhat:enterprise_linux:9::realtime","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::realtime"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos","reference_id":"cpe:/o:redhat:enterprise_linux:8::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9","reference_id":"cpe:/o:redhat:enterprise_linux:9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos","reference_id":"cpe:/o:redhat:enterprise_linux:9::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2023-4133","reference_id":"CVE-2023-4133","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-26T21:51:04Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2023-4133"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2394","reference_id":"RHSA-2024:2394","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-26T21:51:04Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2394"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2950","reference_id":"RHSA-2024:2950","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-26T21:51:04Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2950"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3138","reference_id":"RHSA-2024:3138","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-26T21:51:04Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:3138"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2023-4133"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y62r-p9ef-zfgs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83876?format=json","vulnerability_id":"VCID-y8yf-dpf6-f3eh","summary":"kernel: hwpoison, memory_hotplug: lock folio before unmap hwpoisoned folio","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21931.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21931.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2356641","reference_id":"2356641","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2356641"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:20095","reference_id":"RHSA-2025:20095","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:20095"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-21931"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y8yf-dpf6-f3eh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84958?format=json","vulnerability_id":"VCID-ya76-mjq3-tyfu","summary":"In the Linux kernel, the following vulnerability has been resolved:  media: pci: cx23885: check cx23885_vdev_init() return  cx23885_vdev_init() can return a NULL pointer, but that pointer is used in the next line without a check.  Add a NULL pointer check and go to the error unwind if it is NULL.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52918.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52918.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/06ee04a907d64ee3910fecedd05d7f1be4b1b70e","reference_id":"06ee04a907d64ee3910fecedd05d7f1be4b1b70e","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:10:51Z/"}],"url":"https://git.kernel.org/stable/c/06ee04a907d64ee3910fecedd05d7f1be4b1b70e"},{"reference_url":"https://git.kernel.org/stable/c/15126b916e39b0cb67026b0af3c014bfeb1f76b3","reference_id":"15126b916e39b0cb67026b0af3c014bfeb1f76b3","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:10:51Z/"}],"url":"https://git.kernel.org/stable/c/15126b916e39b0cb67026b0af3c014bfeb1f76b3"},{"reference_url":"https://git.kernel.org/stable/c/199a42fc4c45e8b7f19efeb15dbc36889a599ac2","reference_id":"199a42fc4c45e8b7f19efeb15dbc36889a599ac2","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:10:51Z/"}],"url":"https://git.kernel.org/stable/c/199a42fc4c45e8b7f19efeb15dbc36889a599ac2"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2320876","reference_id":"2320876","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2320876"},{"reference_url":"https://git.kernel.org/stable/c/8e31b096e2e1949bc8f0be019c9ae70d414404c6","reference_id":"8e31b096e2e1949bc8f0be019c9ae70d414404c6","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:10:51Z/"}],"url":"https://git.kernel.org/stable/c/8e31b096e2e1949bc8f0be019c9ae70d414404c6"},{"reference_url":"https://git.kernel.org/stable/c/a5f1d30c51c485cec7a7de60205667c3ff86c303","reference_id":"a5f1d30c51c485cec7a7de60205667c3ff86c303","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:10:51Z/"}],"url":"https://git.kernel.org/stable/c/a5f1d30c51c485cec7a7de60205667c3ff86c303"},{"reference_url":"https://git.kernel.org/stable/c/b1397fb4a779fca560c43d2acf6702d41b4a495b","reference_id":"b1397fb4a779fca560c43d2acf6702d41b4a495b","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:10:51Z/"}],"url":"https://git.kernel.org/stable/c/b1397fb4a779fca560c43d2acf6702d41b4a495b"},{"reference_url":"https://git.kernel.org/stable/c/e7385510e2550a9f8b6f3d5f33c5b894ab9ba976","reference_id":"e7385510e2550a9f8b6f3d5f33c5b894ab9ba976","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:10:51Z/"}],"url":"https://git.kernel.org/stable/c/e7385510e2550a9f8b6f3d5f33c5b894ab9ba976"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-52918"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ya76-mjq3-tyfu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88487?format=json","vulnerability_id":"VCID-yacn-fzdz-vqcz","summary":"kernel: nilfs2: fix state management in error path of log writing function","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47669.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47669.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/036441e8438b29111fa75008f0ce305fb4e83c0a","reference_id":"036441e8438b29111fa75008f0ce305fb4e83c0a","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:20:56Z/"}],"url":"https://git.kernel.org/stable/c/036441e8438b29111fa75008f0ce305fb4e83c0a"},{"reference_url":"https://git.kernel.org/stable/c/0a1a961bde4351dc047ffdeb2f1311ca16a700cc","reference_id":"0a1a961bde4351dc047ffdeb2f1311ca16a700cc","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:20:56Z/"}],"url":"https://git.kernel.org/stable/c/0a1a961bde4351dc047ffdeb2f1311ca16a700cc"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2317598","reference_id":"2317598","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2317598"},{"reference_url":"https://git.kernel.org/stable/c/30562eff4a6dd35c4b5be9699ef61ad9f5f20a06","reference_id":"30562eff4a6dd35c4b5be9699ef61ad9f5f20a06","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:20:56Z/"}],"url":"https://git.kernel.org/stable/c/30562eff4a6dd35c4b5be9699ef61ad9f5f20a06"},{"reference_url":"https://git.kernel.org/stable/c/3e349d7191f0688fc9808ef24fd4e4b4ef5ca876","reference_id":"3e349d7191f0688fc9808ef24fd4e4b4ef5ca876","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:20:56Z/"}],"url":"https://git.kernel.org/stable/c/3e349d7191f0688fc9808ef24fd4e4b4ef5ca876"},{"reference_url":"https://git.kernel.org/stable/c/40a2757de2c376ef8a08d9ee9c81e77f3c750adf","reference_id":"40a2757de2c376ef8a08d9ee9c81e77f3c750adf","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:20:56Z/"}],"url":"https://git.kernel.org/stable/c/40a2757de2c376ef8a08d9ee9c81e77f3c750adf"},{"reference_url":"https://git.kernel.org/stable/c/6576dd6695f2afca3f4954029ac4a64f82ba60ab","reference_id":"6576dd6695f2afca3f4954029ac4a64f82ba60ab","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:20:56Z/"}],"url":"https://git.kernel.org/stable/c/6576dd6695f2afca3f4954029ac4a64f82ba60ab"},{"reference_url":"https://git.kernel.org/stable/c/74866c16ea2183f52925fa5d76061a1fe7f7737b","reference_id":"74866c16ea2183f52925fa5d76061a1fe7f7737b","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:20:56Z/"}],"url":"https://git.kernel.org/stable/c/74866c16ea2183f52925fa5d76061a1fe7f7737b"},{"reference_url":"https://git.kernel.org/stable/c/efdde00d4a1ef10bb71e09ebc67823a3d3ad725b","reference_id":"efdde00d4a1ef10bb71e09ebc67823a3d3ad725b","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:20:56Z/"}],"url":"https://git.kernel.org/stable/c/efdde00d4a1ef10bb71e09ebc67823a3d3ad725b"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-47669"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yacn-fzdz-vqcz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79837?format=json","vulnerability_id":"VCID-yc1s-kgbu-ebh3","summary":"kernel: dmaengine: dw-axi-dmac: ignore interrupt if no descriptor","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50023.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50023.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50023","reference_id":"","reference_type":"","scores":[{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.1313","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50023"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2373429","reference_id":"2373429","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2373429"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-50023"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yc1s-kgbu-ebh3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70363?format=json","vulnerability_id":"VCID-ydeg-t4nz-hke4","summary":"kernel: Linux kernel (CIFS): Use-after-free vulnerability allows data integrity compromise and denial of service","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53751.json","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53751.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2419858","reference_id":"2419858","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2419858"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2394","reference_id":"RHSA-2024:2394","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2394"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19447","reference_id":"RHSA-2025:19447","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19447"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1512","reference_id":"RHSA-2026:1512","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1512"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1886","reference_id":"RHSA-2026:1886","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1886"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1909","reference_id":"RHSA-2026:1909","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1909"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1946","reference_id":"RHSA-2026:1946","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1946"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2490","reference_id":"RHSA-2026:2490","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2490"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2535","reference_id":"RHSA-2026:2535","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2535"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2573","reference_id":"RHSA-2026:2573","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2573"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2577","reference_id":"RHSA-2026:2577","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2577"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-53751"],"risk_score":3.2,"exploitability":"0.5","weighted_severity":"6.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ydeg-t4nz-hke4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81849?format=json","vulnerability_id":"VCID-ydpf-xvam-jfew","summary":"In the Linux kernel, the following vulnerability has been resolved:  net: enetc: deny offload of tc-based TSN features on VF interfaces  TSN features on the ENETC (taprio, cbs, gate, police) are configured through a mix of command BD ring messages and port registers: enetc_port_rd(), enetc_port_wr().  Port registers are a region of the ENETC memory map which are only accessible from the PCIe Physical Function. They are not accessible from the Virtual Functions.  Moreover, attempting to access these registers crashes the kernel:  $ echo 1 > /sys/bus/pci/devices/0000\\:00\\:00.0/sriov_numvfs pci 0000:00:01.0: [1957:ef00] type 00 class 0x020001 fsl_enetc_vf 0000:00:01.0: Adding to iommu group 15 fsl_enetc_vf 0000:00:01.0: enabling device (0000 -> 0002) fsl_enetc_vf 0000:00:01.0 eno0vf0: renamed from eth0 $ tc qdisc replace dev eno0vf0 root taprio num_tc 8 map 0 1 2 3 4 5 6 7 \\ \tqueues 1@0 1@1 1@2 1@3 1@4 1@5 1@6 1@7 base-time 0 \\ \tsched-entry S 0x7f 900000 sched-entry S 0x80 100000 flags 0x2 Unable to handle kernel paging request at virtual address ffff800009551a08 Internal error: Oops: 96000007 [#1] PREEMPT SMP pc : enetc_setup_tc_taprio+0x170/0x47c lr : enetc_setup_tc_taprio+0x16c/0x47c Call trace:  enetc_setup_tc_taprio+0x170/0x47c  enetc_setup_tc+0x38/0x2dc  taprio_change+0x43c/0x970  taprio_init+0x188/0x1e0  qdisc_create+0x114/0x470  tc_modify_qdisc+0x1fc/0x6c0  rtnetlink_rcv_msg+0x12c/0x390  Split enetc_setup_tc() into separate functions for the PF and for the VF drivers. Also remove enetc_qos.o from being included into enetc-vf.ko, since it serves absolutely no purpose there.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48645.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48645.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-48645","reference_id":"","reference_type":"","scores":[{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03344","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-48645"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2277818","reference_id":"2277818","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2277818"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-48645"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ydpf-xvam-jfew"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60467?format=json","vulnerability_id":"VCID-yey3-ker9-fbh3","summary":"kernel: netfilter: flowtable: strictly check for maximum number of actions","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43329.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43329.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2468124","reference_id":"2468124","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2468124"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:23329","reference_id":"RHSA-2026:23329","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:23329"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2026-43329"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yey3-ker9-fbh3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79259?format=json","vulnerability_id":"VCID-ygvp-qhm7-8fd8","summary":"kernel: bpf: fix ktls panic with sockmap","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38166.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38166.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2376065","reference_id":"2376065","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2376065"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:18134","reference_id":"RHSA-2026:18134","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:18134"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:18587","reference_id":"RHSA-2026:18587","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:18587"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-38166"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ygvp-qhm7-8fd8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74403?format=json","vulnerability_id":"VCID-yhyk-gm7w-f7b8","summary":"kernel: wifi: rtw88: fix memory leak in rtw_usb_probe()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53460.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53460.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2400771","reference_id":"2400771","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2400771"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2023-53460"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yhyk-gm7w-f7b8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59360?format=json","vulnerability_id":"VCID-yjgj-wxwm-tfha","summary":"kernel: drm/display/dp_mst: Add protection against 0 vcpi","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-71305.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-71305.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2481941","reference_id":"2481941","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2481941"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-71305"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yjgj-wxwm-tfha"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69789?format=json","vulnerability_id":"VCID-yjzg-x64u-b3aa","summary":"kernel: Linux kernel: Denial of Service due to race condition in fbcon setup","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68296.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68296.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2422813","reference_id":"2422813","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2422813"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2025-68296"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yjzg-x64u-b3aa"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/68360?format=json","vulnerability_id":"VCID-ykt3-9fsa-wucd","summary":"kernel: iommu: disable SVA when CONFIG_X86 is set","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-71089.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-71089.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2429104","reference_id":"2429104","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2429104"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21556","reference_id":"RHSA-2026:21556","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21556"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:23237","reference_id":"RHSA-2026:23237","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:23237"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-71089"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ykt3-9fsa-wucd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80069?format=json","vulnerability_id":"VCID-ym14-2hzq-abgd","summary":"kernel: netfilter: flowtable: fix stuck flows on cleanup due to pending work","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50000.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50000.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50000","reference_id":"","reference_type":"","scores":[{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15613","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50000"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2373543","reference_id":"2373543","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2373543"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8267","reference_id":"RHSA-2022:8267","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8267"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0101","reference_id":"RHSA-2023:0101","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0101"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0512","reference_id":"RHSA-2023:0512","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0512"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2951","reference_id":"RHSA-2023:2951","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2951"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15660","reference_id":"RHSA-2025:15660","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15660"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-50000"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ym14-2hzq-abgd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73165?format=json","vulnerability_id":"VCID-ym1k-kvqg-pub6","summary":"kernel: hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40082.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40082.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2406755","reference_id":"2406755","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2406755"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-40082"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ym1k-kvqg-pub6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83071?format=json","vulnerability_id":"VCID-ymwr-msjt-sbd6","summary":"kernel: f2fs: quota: fix to avoid warning in dquot_writeback_dquots()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-23132.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-23132.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2360191","reference_id":"2360191","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2360191"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2025-23132"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ymwr-msjt-sbd6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59116?format=json","vulnerability_id":"VCID-yn8x-2eqt-2bfh","summary":"kernel: staging: media: atomisp: Disallow all private IOCTLs","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46205.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46205.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482544","reference_id":"2482544","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482544"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-46205"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yn8x-2eqt-2bfh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85867?format=json","vulnerability_id":"VCID-ynyh-mnvj-ebgm","summary":"kernel: s390/cpum_sf: Handle CPU hotplug remove during sampling","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-57849.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-57849.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2337144","reference_id":"2337144","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2337144"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-57849"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ynyh-mnvj-ebgm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62061?format=json","vulnerability_id":"VCID-yq3g-yxng-hygt","summary":"kernel: KVM: SEV: Drop WARN on large size for KVM_MEMORY_ENCRYPT_REG_REGION","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31590.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31590.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461540","reference_id":"2461540","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461540"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-31590"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yq3g-yxng-hygt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80115?format=json","vulnerability_id":"VCID-ysqp-fhb6-xyc2","summary":"kernel: ASoC: SOF: Intel: cnl: Do not process IPC reply before firmware boot","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50016.json","reference_id":"","reference_type":"","scores":[{"value":"4.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50016.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50016","reference_id":"","reference_type":"","scores":[{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22384","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50016"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2373563","reference_id":"2373563","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2373563"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2458","reference_id":"RHSA-2023:2458","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2951","reference_id":"RHSA-2023:2951","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2951"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-50016"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ysqp-fhb6-xyc2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72341?format=json","vulnerability_id":"VCID-yubt-cxyt-1qe6","summary":"kernel: xtensa: simdisk: add input size check in proc_write_simdisk","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40193.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40193.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2414743","reference_id":"2414743","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2414743"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-40193"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yubt-cxyt-1qe6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88486?format=json","vulnerability_id":"VCID-yveu-2n3k-x3hb","summary":"kernel: i3c: mipi-i3c-hci: Error out instead on BUG_ON() in IBI DMA setup","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47665.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47665.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2317597","reference_id":"2317597","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2317597"},{"reference_url":"https://git.kernel.org/stable/c/2666085335bdfedf90d91f4071490ad3980be785","reference_id":"2666085335bdfedf90d91f4071490ad3980be785","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:21:57Z/"}],"url":"https://git.kernel.org/stable/c/2666085335bdfedf90d91f4071490ad3980be785"},{"reference_url":"https://git.kernel.org/stable/c/5a022269abb22809f2a174b90f200fc4b9526058","reference_id":"5a022269abb22809f2a174b90f200fc4b9526058","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:21:57Z/"}],"url":"https://git.kernel.org/stable/c/5a022269abb22809f2a174b90f200fc4b9526058"},{"reference_url":"https://git.kernel.org/stable/c/8a2be2f1db268ec735419e53ef04ca039fc027dc","reference_id":"8a2be2f1db268ec735419e53ef04ca039fc027dc","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:21:57Z/"}],"url":"https://git.kernel.org/stable/c/8a2be2f1db268ec735419e53ef04ca039fc027dc"},{"reference_url":"https://git.kernel.org/stable/c/cacb76df247a7cd842ff29755a523b1cba6c0508","reference_id":"cacb76df247a7cd842ff29755a523b1cba6c0508","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:21:57Z/"}],"url":"https://git.kernel.org/stable/c/cacb76df247a7cd842ff29755a523b1cba6c0508"},{"reference_url":"https://git.kernel.org/stable/c/e2d14bfda9eb5393f8a17008afe2aa7fe0a29815","reference_id":"e2d14bfda9eb5393f8a17008afe2aa7fe0a29815","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:21:57Z/"}],"url":"https://git.kernel.org/stable/c/e2d14bfda9eb5393f8a17008afe2aa7fe0a29815"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-47665"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yveu-2n3k-x3hb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84064?format=json","vulnerability_id":"VCID-yzpp-kk7f-dffy","summary":"kernel: mm: memcg: fix NULL pointer in mem_cgroup_track_foreign_dirty_slowpath()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52939.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52939.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2355456","reference_id":"2355456","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2355456"},{"reference_url":"https://git.kernel.org/stable/c/ac86f547ca1002aec2ef66b9e64d03f45bbbfbb9","reference_id":"ac86f547ca1002aec2ef66b9e64d03f45bbbfbb9","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T17:37:07Z/"}],"url":"https://git.kernel.org/stable/c/ac86f547ca1002aec2ef66b9e64d03f45bbbfbb9"},{"reference_url":"https://git.kernel.org/stable/c/b79ba5953f6fdc5559389ad415620bffc24f024b","reference_id":"b79ba5953f6fdc5559389ad415620bffc24f024b","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T17:37:07Z/"}],"url":"https://git.kernel.org/stable/c/b79ba5953f6fdc5559389ad415620bffc24f024b"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2394","reference_id":"RHSA-2024:2394","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2394"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-52939"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yzpp-kk7f-dffy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60885?format=json","vulnerability_id":"VCID-z13c-pza3-9uaa","summary":"kernel: xfrm: always flush state and policy upon NETDEV_UNREGISTER event","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43167.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43167.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467136","reference_id":"2467136","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467136"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-43167"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z13c-pza3-9uaa"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69171?format=json","vulnerability_id":"VCID-z2uw-ty5u-dkc2","summary":"kernel: USB: gadget: Fix use-after-free during usb config switch","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50704.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50704.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50704","reference_id":"","reference_type":"","scores":[{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.08126","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50704"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2424995","reference_id":"2424995","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2424995"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6583","reference_id":"RHSA-2023:6583","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6583"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-50704"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z2uw-ty5u-dkc2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82232?format=json","vulnerability_id":"VCID-z35b-4emt-nyeq","summary":"In the Linux kernel, the following vulnerability has been resolved:  net: marvell: prestera: Add missing of_node_put() in prestera_switch_set_base_mac_addr  This node pointer is returned by of_find_compatible_node() with refcount incremented. Calling of_node_put() to aovid the refcount leak.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48859.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48859.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-48859","reference_id":"","reference_type":"","scores":[{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09947","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-48859"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2298203","reference_id":"2298203","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2298203"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-48859"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z35b-4emt-nyeq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59206?format=json","vulnerability_id":"VCID-z6st-wx3k-8kcs","summary":"kernel: drm/amdgpu/sdma4: replace BUG_ON with WARN_ON in fence emission","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46220.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46220.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482607","reference_id":"2482607","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482607"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-46220"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z6st-wx3k-8kcs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79678?format=json","vulnerability_id":"VCID-z7uh-avjr-augj","summary":"kernel: btrfs: avoid NULL pointer dereference if no valid csum tree","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38059.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38059.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2373350","reference_id":"2373350","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2373350"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2025-38059"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z7uh-avjr-augj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75615?format=json","vulnerability_id":"VCID-z943-4snd-8bga","summary":"kernel: Linux kernel: Denial of Service in btrfs due to use-after-free vulnerability","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50300.json","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-50300.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50300","reference_id":"","reference_type":"","scores":[{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06562","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-50300"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2395243","reference_id":"2395243","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2395243"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2022-50300"],"risk_score":2.9,"exploitability":"0.5","weighted_severity":"5.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z943-4snd-8bga"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86326?format=json","vulnerability_id":"VCID-zagc-dx8q-zufb","summary":"kernel: iio: adc: ad7923: Fix buffer overflow for tx_buf and ring_xfer","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56557.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56557.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/00663d3e000c31d0d49ef86a809f5c107c2d09cd","reference_id":"00663d3e000c31d0d49ef86a809f5c107c2d09cd","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-18T16:03:56Z/"}],"url":"https://git.kernel.org/stable/c/00663d3e000c31d0d49ef86a809f5c107c2d09cd"},{"reference_url":"https://git.kernel.org/stable/c/218ecc35949129171ca39bcc0d407c8dc4cd0bbc","reference_id":"218ecc35949129171ca39bcc0d407c8dc4cd0bbc","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-18T16:03:56Z/"}],"url":"https://git.kernel.org/stable/c/218ecc35949129171ca39bcc0d407c8dc4cd0bbc"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2334466","reference_id":"2334466","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2334466"},{"reference_url":"https://git.kernel.org/stable/c/3a4187ec454e19903fd15f6e1825a4b84e59a4cd","reference_id":"3a4187ec454e19903fd15f6e1825a4b84e59a4cd","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-18T16:03:56Z/"}],"url":"https://git.kernel.org/stable/c/3a4187ec454e19903fd15f6e1825a4b84e59a4cd"},{"reference_url":"https://git.kernel.org/stable/c/6e4d236d9c4b38571c394d3ab6e85dfb71c33ed3","reference_id":"6e4d236d9c4b38571c394d3ab6e85dfb71c33ed3","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-18T16:03:56Z/"}],"url":"https://git.kernel.org/stable/c/6e4d236d9c4b38571c394d3ab6e85dfb71c33ed3"},{"reference_url":"https://git.kernel.org/stable/c/e5cac32721997cb8bcb208a29f4598b3faf46338","reference_id":"e5cac32721997cb8bcb208a29f4598b3faf46338","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-18T16:03:56Z/"}],"url":"https://git.kernel.org/stable/c/e5cac32721997cb8bcb208a29f4598b3faf46338"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-56557"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zagc-dx8q-zufb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/68363?format=json","vulnerability_id":"VCID-zc8x-3a6m-w7g6","summary":"kernel: Kernel: Denial of Service via NULL pointer dereference in drm/ttm","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-71083.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-71083.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2429107","reference_id":"2429107","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2429107"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-71083"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zc8x-3a6m-w7g6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81385?format=json","vulnerability_id":"VCID-zchf-gebn-3fd5","summary":"In the Linux kernel, the following vulnerability has been resolved:  blk-mq: cancel blk-mq dispatch work in both blk_cleanup_queue and disk_release()  For avoiding to slow down queue destroy, we don't call blk_mq_quiesce_queue() in blk_cleanup_queue(), instead of delaying to cancel dispatch work in blk_release_queue().  However, this way has caused kernel oops[1], reported by Changhui. The log shows that scsi_device can be freed before running blk_release_queue(), which is expected too since scsi_device is released after the scsi disk is closed and the scsi_device is removed.  Fixes the issue by canceling blk-mq dispatch work in both blk_cleanup_queue() and disk_release():  1) when disk_release() is run, the disk has been closed, and any sync dispatch activities have been done, so canceling dispatch work is enough to quiesce filesystem I/O dispatch activity.  2) in blk_cleanup_queue(), we only focus on passthrough request, and passthrough request is always explicitly allocated & freed by its caller, so once queue is frozen, all sync dispatch activity for passthrough request has been done, then it is enough to just cancel dispatch work for avoiding any dispatch activity.  [1] kernel panic log [12622.769416] BUG: kernel NULL pointer dereference, address: 0000000000000300 [12622.777186] #PF: supervisor read access in kernel mode [12622.782918] #PF: error_code(0x0000) - not-present page [12622.788649] PGD 0 P4D 0 [12622.791474] Oops: 0000 [#1] PREEMPT SMP PTI [12622.796138] CPU: 10 PID: 744 Comm: kworker/10:1H Kdump: loaded Not tainted 5.15.0+ #1 [12622.804877] Hardware name: Dell Inc. PowerEdge R730/0H21J3, BIOS 1.5.4 10/002/2015 [12622.813321] Workqueue: kblockd blk_mq_run_work_fn [12622.818572] RIP: 0010:sbitmap_get+0x75/0x190 [12622.823336] Code: 85 80 00 00 00 41 8b 57 08 85 d2 0f 84 b1 00 00 00 45 31 e4 48 63 cd 48 8d 1c 49 48 c1 e3 06 49 03 5f 10 4c 8d 6b 40 83 f0 01 <48> 8b 33 44 89 f2 4c 89 ef 0f b6 c8 e8 fa f3 ff ff 83 f8 ff 75 58 [12622.844290] RSP: 0018:ffffb00a446dbd40 EFLAGS: 00010202 [12622.850120] RAX: 0000000000000001 RBX: 0000000000000300 RCX: 0000000000000004 [12622.858082] RDX: 0000000000000006 RSI: 0000000000000082 RDI: ffffa0b7a2dfe030 [12622.866042] RBP: 0000000000000004 R08: 0000000000000001 R09: ffffa0b742721334 [12622.874003] R10: 0000000000000008 R11: 0000000000000008 R12: 0000000000000000 [12622.881964] R13: 0000000000000340 R14: 0000000000000000 R15: ffffa0b7a2dfe030 [12622.889926] FS:  0000000000000000(0000) GS:ffffa0baafb40000(0000) knlGS:0000000000000000 [12622.898956] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [12622.905367] CR2: 0000000000000300 CR3: 0000000641210001 CR4: 00000000001706e0 [12622.913328] Call Trace: [12622.916055]  <TASK> [12622.918394]  scsi_mq_get_budget+0x1a/0x110 [12622.922969]  __blk_mq_do_dispatch_sched+0x1d4/0x320 [12622.928404]  ? pick_next_task_fair+0x39/0x390 [12622.933268]  __blk_mq_sched_dispatch_requests+0xf4/0x140 [12622.939194]  blk_mq_sched_dispatch_requests+0x30/0x60 [12622.944829]  __blk_mq_run_hw_queue+0x30/0xa0 [12622.949593]  process_one_work+0x1e8/0x3c0 [12622.954059]  worker_thread+0x50/0x3b0 [12622.958144]  ? rescuer_thread+0x370/0x370 [12622.962616]  kthread+0x158/0x180 [12622.966218]  ? set_kthread_struct+0x40/0x40 [12622.970884]  ret_from_fork+0x22/0x30 [12622.974875]  </TASK> [12622.977309] Modules linked in: scsi_debug rpcsec_gss_krb5 auth_rpcgss nfsv4 dns_resolver nfs lockd grace fscache netfs sunrpc dm_multipath intel_rapl_msr intel_rapl_common dell_wmi_descriptor sb_edac rfkill video x86_pkg_temp_thermal intel_powerclamp dcdbas coretemp kvm_intel kvm mgag200 irqbypass i2c_algo_bit rapl drm_kms_helper ipmi_ssif intel_cstate intel_uncore syscopyarea sysfillrect sysimgblt fb_sys_fops pcspkr cec mei_me lpc_ich mei ipmi_si ipmi_devintf ipmi_msghandler acpi_power_meter drm fuse xfs libcrc32c sr_mod cdrom sd_mod t10_pi sg ixgbe ahci libahci crct10dif_pclmul crc32_pclmul crc32c_intel libata megaraid_sas ghash_clmulni_intel tg3 wdat_w ---truncated---","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47552.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47552.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-47552","reference_id":"","reference_type":"","scores":[{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.00201","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-47552"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2283397","reference_id":"2283397","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2283397"},{"reference_url":"https://git.kernel.org/stable/c/2a19b28f7929866e1cec92a3619f4de9f2d20005","reference_id":"2a19b28f7929866e1cec92a3619f4de9f2d20005","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-10T18:51:40Z/"}],"url":"https://git.kernel.org/stable/c/2a19b28f7929866e1cec92a3619f4de9f2d20005"},{"reference_url":"https://git.kernel.org/stable/c/e03513f58919d9e2bc6df765ca2c9da863d03d90","reference_id":"e03513f58919d9e2bc6df765ca2c9da863d03d90","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-10T18:51:40Z/"}],"url":"https://git.kernel.org/stable/c/e03513f58919d9e2bc6df765ca2c9da863d03d90"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2021-47552"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zchf-gebn-3fd5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59677?format=json","vulnerability_id":"VCID-zcn5-uyym-nfdx","summary":"kernel: ibmasm: fix heap over-read in ibmasm_send_i2o_message()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46064.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46064.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482190","reference_id":"2482190","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482190"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-46064"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zcn5-uyym-nfdx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62391?format=json","vulnerability_id":"VCID-zd9v-xtpc-pudh","summary":"kernel: ext4: fix use-after-free in update_super_work when racing with umount","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31446.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31446.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460704","reference_id":"2460704","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460704"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2026-31446"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zd9v-xtpc-pudh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59480?format=json","vulnerability_id":"VCID-zdb5-yqsu-eqhs","summary":"kernel: scsi: sd: fix missing put_disk() when device_add(&#38;disk_dev) fails","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45997.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-45997.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482039","reference_id":"2482039","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482039"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-45997"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zdb5-yqsu-eqhs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87078?format=json","vulnerability_id":"VCID-zdcv-5u23-6bcm","summary":"kernel: media: av7110: fix a spectre vulnerability","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-50289.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-50289.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2327185","reference_id":"2327185","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2327185"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-50289"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zdcv-5u23-6bcm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62417?format=json","vulnerability_id":"VCID-zde8-8w83-uye6","summary":"kernel: spi: meson-spicc: Fix double-put in remove path","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31489.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31489.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460729","reference_id":"2460729","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460729"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-31489"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zde8-8w83-uye6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75993?format=json","vulnerability_id":"VCID-ze12-k7zt-guf7","summary":"kernel: net: gso: Forbid IPv6 TSO with extensions on devices with only IPV6_CSUM","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39770.json","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39770.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2394597","reference_id":"2394597","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2394597"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15782","reference_id":"RHSA-2025:15782","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15782"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-39770"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ze12-k7zt-guf7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60584?format=json","vulnerability_id":"VCID-zej7-fnqf-4kgw","summary":"kernel: usb: gadget: f_ncm: Fix net_device lifecycle with device_move","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43421.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43421.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2468230","reference_id":"2468230","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2468230"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-43421"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zej7-fnqf-4kgw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88751?format=json","vulnerability_id":"VCID-zfx8-6mbv-3qgg","summary":"In the Linux kernel, the following vulnerability has been resolved:  s390/dasd: fix error recovery leading to data corruption on ESE devices  Extent Space Efficient (ESE) or thin provisioned volumes need to be formatted on demand during usual IO processing.  The dasd_ese_needs_format function checks for error codes that signal the non existence of a proper track format.  The check for incorrect length is to imprecise since other error cases leading to transport of insufficient data also have this flag set. This might lead to data corruption in certain error cases for example during a storage server warmstart.  Fix by removing the check for incorrect length and replacing by explicitly checking for invalid track format in transport mode.  Also remove the check for file protected since this is not a valid ESE handling case.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45026.json","reference_id":"","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45026.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/0a228896a1b3654cd461ff654f6a64e97a9c3246","reference_id":"0a228896a1b3654cd461ff654f6a64e97a9c3246","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T15:46:39Z/"}],"url":"https://git.kernel.org/stable/c/0a228896a1b3654cd461ff654f6a64e97a9c3246"},{"reference_url":"https://git.kernel.org/stable/c/19f60a55b2fda49bc4f6134a5f6356ef62ee69d8","reference_id":"19f60a55b2fda49bc4f6134a5f6356ef62ee69d8","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T15:46:39Z/"}],"url":"https://git.kernel.org/stable/c/19f60a55b2fda49bc4f6134a5f6356ef62ee69d8"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2311723","reference_id":"2311723","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2311723"},{"reference_url":"https://git.kernel.org/stable/c/5d4a304338daf83ace2887aaacafd66fe99ed5cc","reference_id":"5d4a304338daf83ace2887aaacafd66fe99ed5cc","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T15:46:39Z/"}],"url":"https://git.kernel.org/stable/c/5d4a304338daf83ace2887aaacafd66fe99ed5cc"},{"reference_url":"https://git.kernel.org/stable/c/7db4042336580dfd75cb5faa82c12cd51098c90b","reference_id":"7db4042336580dfd75cb5faa82c12cd51098c90b","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T15:46:39Z/"}],"url":"https://git.kernel.org/stable/c/7db4042336580dfd75cb5faa82c12cd51098c90b"},{"reference_url":"https://git.kernel.org/stable/c/93a7e2856951680cd7fe6ebd705ac10c8a8a5efd","reference_id":"93a7e2856951680cd7fe6ebd705ac10c8a8a5efd","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T15:46:39Z/"}],"url":"https://git.kernel.org/stable/c/93a7e2856951680cd7fe6ebd705ac10c8a8a5efd"},{"reference_url":"https://git.kernel.org/stable/c/a665e3b7ac7d5cdc26e00e3d0fc8fd490e00316a","reference_id":"a665e3b7ac7d5cdc26e00e3d0fc8fd490e00316a","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T15:46:39Z/"}],"url":"https://git.kernel.org/stable/c/a665e3b7ac7d5cdc26e00e3d0fc8fd490e00316a"},{"reference_url":"https://git.kernel.org/stable/c/e245a18281c252c8dbc467492e09bb5d4b012118","reference_id":"e245a18281c252c8dbc467492e09bb5d4b012118","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-29T15:46:39Z/"}],"url":"https://git.kernel.org/stable/c/e245a18281c252c8dbc467492e09bb5d4b012118"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10941","reference_id":"RHSA-2024:10941","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10941"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7000","reference_id":"RHSA-2024:7000","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7000"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-45026"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zfx8-6mbv-3qgg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59338?format=json","vulnerability_id":"VCID-zgnq-1rb8-kbb1","summary":"kernel: crypto: nx - fix bounce buffer leaks in nx842_crypto_{alloc,free}_ctx","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46068.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46068.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2481921","reference_id":"2481921","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2481921"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-46068"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zgnq-1rb8-kbb1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74295?format=json","vulnerability_id":"VCID-zgya-1yrr-43ew","summary":"kernel: media: cx23885: Fix a null-ptr-deref bug in buffer_prepare() and buffer_finish()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53458.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-53458.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2400690","reference_id":"2400690","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2400690"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-53458"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zgya-1yrr-43ew"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87570?format=json","vulnerability_id":"VCID-zj8c-cyr7-n7de","summary":"In the Linux kernel, the following vulnerability has been resolved:  Bluetooth: HCI: Remove HCI_AMP support  Since BT_HS has been remove HCI_AMP controllers no longer has any use so remove it along with the capability of creating AMP controllers.  Since we no longer need to differentiate between AMP and Primary controllers, as only HCI_PRIMARY is left, this also remove hdev->dev_type altogether.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38620.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38620.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2293275","reference_id":"2293275","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2293275"},{"reference_url":"https://git.kernel.org/stable/c/5af2e235b0d5b797e9531a00c50058319130e156","reference_id":"5af2e235b0d5b797e9531a00c50058319130e156","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-20T16:21:10Z/"}],"url":"https://git.kernel.org/stable/c/5af2e235b0d5b797e9531a00c50058319130e156"},{"reference_url":"https://git.kernel.org/stable/c/84a4bb6548a29326564f0e659fb8064503ecc1c7","reference_id":"84a4bb6548a29326564f0e659fb8064503ecc1c7","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-20T16:21:10Z/"}],"url":"https://git.kernel.org/stable/c/84a4bb6548a29326564f0e659fb8064503ecc1c7"},{"reference_url":"https://git.kernel.org/stable/c/af1d425b6dc67cd67809f835dd7afb6be4d43e03","reference_id":"af1d425b6dc67cd67809f835dd7afb6be4d43e03","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-20T16:21:10Z/"}],"url":"https://git.kernel.org/stable/c/af1d425b6dc67cd67809f835dd7afb6be4d43e03"},{"reference_url":"https://git.kernel.org/stable/c/d3c7b012d912b31ad23b9349c0e499d6dddd48ec","reference_id":"d3c7b012d912b31ad23b9349c0e499d6dddd48ec","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-20T16:21:10Z/"}],"url":"https://git.kernel.org/stable/c/d3c7b012d912b31ad23b9349c0e499d6dddd48ec"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-38620"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zj8c-cyr7-n7de"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62380?format=json","vulnerability_id":"VCID-zjvw-63bu-tfhv","summary":"kernel: module: Fix kernel panic when a symbol st_shndx is out of bounds","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31521.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31521.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460695","reference_id":"2460695","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460695"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2026-31521"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zjvw-63bu-tfhv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86293?format=json","vulnerability_id":"VCID-zn5q-eemq-13cd","summary":"In the Linux kernel, the following vulnerability has been resolved:  Bluetooth: af_bluetooth: Fix deadlock  Attemting to do sock_lock on .recvmsg may cause a deadlock as shown bellow, so instead of using sock_sock this uses sk_receive_queue.lock on bt_sock_ioctl to avoid the UAF:  INFO: task kworker/u9:1:121 blocked for more than 30 seconds.       Not tainted 6.7.6-lemon #183 Workqueue: hci0 hci_rx_work Call Trace:  <TASK>  __schedule+0x37d/0xa00  schedule+0x32/0xe0  __lock_sock+0x68/0xa0  ? __pfx_autoremove_wake_function+0x10/0x10  lock_sock_nested+0x43/0x50  l2cap_sock_recv_cb+0x21/0xa0  l2cap_recv_frame+0x55b/0x30a0  ? psi_task_switch+0xeb/0x270  ? finish_task_switch.isra.0+0x93/0x2a0  hci_rx_work+0x33a/0x3f0  process_one_work+0x13a/0x2f0  worker_thread+0x2f0/0x410  ? __pfx_worker_thread+0x10/0x10  kthread+0xe0/0x110  ? __pfx_kthread+0x10/0x10  ret_from_fork+0x2c/0x50  ? __pfx_kthread+0x10/0x10  ret_from_fork_asm+0x1b/0x30  </TASK>","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26886.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26886.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2275678","reference_id":"2275678","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2275678"},{"reference_url":"https://git.kernel.org/stable/c/2c9e2df022ef8b9d7fac58a04a2ef4ed25288955","reference_id":"2c9e2df022ef8b9d7fac58a04a2ef4ed25288955","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-17T17:41:20Z/"}],"url":"https://git.kernel.org/stable/c/2c9e2df022ef8b9d7fac58a04a2ef4ed25288955"},{"reference_url":"https://git.kernel.org/stable/c/60673f442984fe689d4127a5dd4be414247b3d67","reference_id":"60673f442984fe689d4127a5dd4be414247b3d67","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-17T17:41:20Z/"}],"url":"https://git.kernel.org/stable/c/60673f442984fe689d4127a5dd4be414247b3d67"},{"reference_url":"https://git.kernel.org/stable/c/64be3c6154886200708da0dfe259705fb992416c","reference_id":"64be3c6154886200708da0dfe259705fb992416c","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-17T17:41:20Z/"}],"url":"https://git.kernel.org/stable/c/64be3c6154886200708da0dfe259705fb992416c"},{"reference_url":"https://git.kernel.org/stable/c/817e8138ce86001b2fa5c63d6ede756e205a01f7","reference_id":"817e8138ce86001b2fa5c63d6ede756e205a01f7","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-17T17:41:20Z/"}],"url":"https://git.kernel.org/stable/c/817e8138ce86001b2fa5c63d6ede756e205a01f7"},{"reference_url":"https://git.kernel.org/stable/c/f7b94bdc1ec107c92262716b073b3e816d4784fb","reference_id":"f7b94bdc1ec107c92262716b073b3e816d4784fb","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-17T17:41:20Z/"}],"url":"https://git.kernel.org/stable/c/f7b94bdc1ec107c92262716b073b3e816d4784fb"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6567","reference_id":"RHSA-2024:6567","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6567"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6744","reference_id":"RHSA-2024:6744","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6744"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6745","reference_id":"RHSA-2024:6745","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6745"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-26886"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zn5q-eemq-13cd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/76810?format=json","vulnerability_id":"VCID-zpau-gbbm-9keh","summary":"kernel: fbdev: imxfb: Check fb_add_videomode to prevent null-ptr-deref","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38630.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38630.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2390397","reference_id":"2390397","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2390397"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2025-38630"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zpau-gbbm-9keh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86880?format=json","vulnerability_id":"VCID-zpdg-wp4m-kbe3","summary":"In the Linux kernel, the following vulnerability has been resolved:  x86/coco: Require seeding RNG with RDRAND on CoCo systems  There are few uses of CoCo that don't rely on working cryptography and hence a working RNG. Unfortunately, the CoCo threat model means that the VM host cannot be trusted and may actively work against guests to extract secrets or manipulate computation. Since a malicious host can modify or observe nearly all inputs to guests, the only remaining source of entropy for CoCo guests is RDRAND.  If RDRAND is broken -- due to CPU hardware fault -- the RNG as a whole is meant to gracefully continue on gathering entropy from other sources, but since there aren't other sources on CoCo, this is catastrophic. This is mostly a concern at boot time when initially seeding the RNG, as after that the consequences of a broken RDRAND are much more theoretical.  So, try at boot to seed the RNG using 256 bits of RDRAND output. If this fails, panic(). This will also trigger if the system is booted without RDRAND, as RDRAND is essential for a safe CoCo boot.  Add this deliberately to be \"just a CoCo x86 driver feature\" and not part of the RNG itself. Many device drivers and platforms have some desire to contribute something to the RNG, and add_device_randomness() is specifically meant for this purpose.  Any driver can call it with seed data of any quality, or even garbage quality, and it can only possibly make the quality of the RNG better or have no effect, but can never make it worse.  Rather than trying to build something into the core of the RNG, consider the particular CoCo issue just a CoCo issue, and therefore separate it all out into driver (well, arch/platform) code.    [ bp: Massage commit message. ]","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-35875.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-35875.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/08044b08b37528b82f70a87576c692b4e4b7716e","reference_id":"08044b08b37528b82f70a87576c692b4e4b7716e","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-17T17:38:48Z/"}],"url":"https://git.kernel.org/stable/c/08044b08b37528b82f70a87576c692b4e4b7716e"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2281727","reference_id":"2281727","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2281727"},{"reference_url":"https://git.kernel.org/stable/c/22943e4fe4b3a2dcbadc3d38d5bf840bbdbfe374","reference_id":"22943e4fe4b3a2dcbadc3d38d5bf840bbdbfe374","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-17T17:38:48Z/"}],"url":"https://git.kernel.org/stable/c/22943e4fe4b3a2dcbadc3d38d5bf840bbdbfe374"},{"reference_url":"https://git.kernel.org/stable/c/453b5f2dec276c1bb4ea078bf8c0da57ee4627e5","reference_id":"453b5f2dec276c1bb4ea078bf8c0da57ee4627e5","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-17T17:38:48Z/"}],"url":"https://git.kernel.org/stable/c/453b5f2dec276c1bb4ea078bf8c0da57ee4627e5"},{"reference_url":"https://git.kernel.org/stable/c/99485c4c026f024e7cb82da84c7951dbe3deb584","reference_id":"99485c4c026f024e7cb82da84c7951dbe3deb584","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-17T17:38:48Z/"}],"url":"https://git.kernel.org/stable/c/99485c4c026f024e7cb82da84c7951dbe3deb584"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6267","reference_id":"RHSA-2024:6267","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6267"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6268","reference_id":"RHSA-2024:6268","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6268"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6567","reference_id":"RHSA-2024:6567","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6567"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-35875"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zpdg-wp4m-kbe3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69586?format=json","vulnerability_id":"VCID-zpkv-xd42-abge","summary":"kernel: sysfs: check visibility before changing group attribute ownership","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40355.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40355.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2422664","reference_id":"2422664","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2422664"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2025-40355"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zpkv-xd42-abge"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85821?format=json","vulnerability_id":"VCID-zt77-2zhc-r7ch","summary":"kernel: f2fs: fix to shrink read extent node in batches","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-41935.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-41935.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2337108","reference_id":"2337108","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2337108"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-41935"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zt77-2zhc-r7ch"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/68596?format=json","vulnerability_id":"VCID-zttj-3r8z-9kft","summary":"kernel: RDMA/efa: Fix wrong resources deallocation order","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-54201.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-54201.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2426049","reference_id":"2426049","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2426049"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2394","reference_id":"RHSA-2024:2394","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2394"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3138","reference_id":"RHSA-2024:3138","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3138"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2023-54201"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zttj-3r8z-9kft"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/68481?format=json","vulnerability_id":"VCID-zu5z-s9tf-tqg7","summary":"kernel: staging: most: remove broken i2c driver","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68755.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68755.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2427119","reference_id":"2427119","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2427119"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195391?format=json","purl":"pkg:deb/debian/linux@6.12.88-1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.88-1~bpo12%252B1"}],"aliases":["CVE-2025-68755"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zu5z-s9tf-tqg7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85973?format=json","vulnerability_id":"VCID-zuf7-p8px-eff7","summary":"In the Linux kernel, the following vulnerability has been resolved:  md: Don't ignore read-only array in md_check_recovery()  Usually if the array is not read-write, md_check_recovery() won't register new sync_thread in the first place. And if the array is read-write and sync_thread is registered, md_set_readonly() will unregister sync_thread before setting the array read-only. md/raid follow this behavior hence there is no problem.  After commit f52f5c71f3d4 (\"md: fix stopping sync thread\"), following hang can be triggered by test shell/integrity-caching.sh:  1) array is read-only. dm-raid update super block: rs_update_sbs  ro = mddev->ro  mddev->ro = 0   -> set array read-write  md_update_sb  2) register new sync thread concurrently.  3) dm-raid set array back to read-only: rs_update_sbs  mddev->ro = ro  4) stop the array: raid_dtr  md_stop   stop_sync_thread     set_bit(MD_RECOVERY_INTR, &mddev->recovery);     md_wakeup_thread_directly(mddev->sync_thread);     wait_event(..., !test_bit(MD_RECOVERY_RUNNING, &mddev->recovery))  5) sync thread done:  md_do_sync  set_bit(MD_RECOVERY_DONE, &mddev->recovery);  md_wakeup_thread(mddev->thread);  6) daemon thread can't unregister sync thread:  md_check_recovery   if (!md_is_rdwr(mddev) &&       !test_bit(MD_RECOVERY_NEEDED, &mddev->recovery))    return;   -> -> MD_RECOVERY_RUNNING can't be cleared, hence step 4 hang;  The root cause is that dm-raid manipulate 'mddev->ro' by itself, however, dm-raid really should stop sync thread before setting the array read-only. Unfortunately, I need to read more code before I can refacter the handler of 'mddev->ro' in dm-raid, hence let's fix the problem the easy way for now to prevent dm-raid regression.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26757.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26757.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2273208","reference_id":"2273208","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2273208"},{"reference_url":"https://git.kernel.org/stable/c/2ea169c5a0b1134d573d07fc27a16f327ad0e7d3","reference_id":"2ea169c5a0b1134d573d07fc27a16f327ad0e7d3","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-03T19:35:42Z/"}],"url":"https://git.kernel.org/stable/c/2ea169c5a0b1134d573d07fc27a16f327ad0e7d3"},{"reference_url":"https://git.kernel.org/stable/c/55a48ad2db64737f7ffc0407634218cc6e4c513b","reference_id":"55a48ad2db64737f7ffc0407634218cc6e4c513b","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-03T19:35:42Z/"}],"url":"https://git.kernel.org/stable/c/55a48ad2db64737f7ffc0407634218cc6e4c513b"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9315","reference_id":"RHSA-2024:9315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9315"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-26757"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zuf7-p8px-eff7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83305?format=json","vulnerability_id":"VCID-zv37-z9rq-g3ab","summary":"kernel: wifi: ath11k: fix RCU stall while reaping monitor destination ring","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-58097.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-58097.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/16c6c35c03ea73054a1f6d3302a4ce4a331b427d","reference_id":"16c6c35c03ea73054a1f6d3302a4ce4a331b427d","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T17:05:53Z/"}],"url":"https://git.kernel.org/stable/c/16c6c35c03ea73054a1f6d3302a4ce4a331b427d"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2360307","reference_id":"2360307","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2360307"},{"reference_url":"https://git.kernel.org/stable/c/8db5de0cf02fccf4c759aa58edbe65659daf607c","reference_id":"8db5de0cf02fccf4c759aa58edbe65659daf607c","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T17:05:53Z/"}],"url":"https://git.kernel.org/stable/c/8db5de0cf02fccf4c759aa58edbe65659daf607c"},{"reference_url":"https://git.kernel.org/stable/c/9f1a002f0171d27f3554e529f3c70df438f05dfe","reference_id":"9f1a002f0171d27f3554e529f3c70df438f05dfe","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T17:05:53Z/"}],"url":"https://git.kernel.org/stable/c/9f1a002f0171d27f3554e529f3c70df438f05dfe"},{"reference_url":"https://git.kernel.org/stable/c/b4991fc41745645f8050506f5a8578bd11e6b378","reference_id":"b4991fc41745645f8050506f5a8578bd11e6b378","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T17:05:53Z/"}],"url":"https://git.kernel.org/stable/c/b4991fc41745645f8050506f5a8578bd11e6b378"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-58097"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zv37-z9rq-g3ab"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63622?format=json","vulnerability_id":"VCID-zwjc-1aur-pbb2","summary":"kernel: Bluetooth: SCO: Fix use-after-free in sco_recv_frame() due to missing sock_hold","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31408.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31408.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2455334","reference_id":"2455334","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2455334"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19569","reference_id":"RHSA-2026:19569","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19569"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21556","reference_id":"RHSA-2026:21556","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21556"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21706","reference_id":"RHSA-2026:21706","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21706"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21745","reference_id":"RHSA-2026:21745","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21745"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2026-31408"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zwjc-1aur-pbb2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88634?format=json","vulnerability_id":"VCID-zx7q-fe6z-ykfx","summary":"In the Linux kernel, the following vulnerability has been resolved:  parisc: fix a possible DMA corruption  ARCH_DMA_MINALIGN was defined as 16 - this is too small - it may be possible that two unrelated 16-byte allocations share a cache line. If one of these allocations is written using DMA and the other is written using cached write, the value that was written with DMA may be corrupted.  This commit changes ARCH_DMA_MINALIGN to be 128 on PA20 and 32 on PA1.1 - that's the largest possible cache line size.  As different parisc microarchitectures have different cache line size, we define arch_slab_minalign(), cache_line_size() and dma_get_cache_alignment() so that the kernel may tune slab cache parameters dynamically, based on the detected cache line size.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-44949.json","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-44949.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/00baca74fb5879e5f9034b6156671301f500f8ee","reference_id":"00baca74fb5879e5f9034b6156671301f500f8ee","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:40:26Z/"}],"url":"https://git.kernel.org/stable/c/00baca74fb5879e5f9034b6156671301f500f8ee"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2309780","reference_id":"2309780","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2309780"},{"reference_url":"https://git.kernel.org/stable/c/533de2f470baac40d3bf622fe631f15231a03c9f","reference_id":"533de2f470baac40d3bf622fe631f15231a03c9f","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:40:26Z/"}],"url":"https://git.kernel.org/stable/c/533de2f470baac40d3bf622fe631f15231a03c9f"},{"reference_url":"https://git.kernel.org/stable/c/642a0b7453daff0295310774016fcb56d1f5bc7f","reference_id":"642a0b7453daff0295310774016fcb56d1f5bc7f","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:40:26Z/"}],"url":"https://git.kernel.org/stable/c/642a0b7453daff0295310774016fcb56d1f5bc7f"},{"reference_url":"https://git.kernel.org/stable/c/7ae04ba36b381bffe2471eff3a93edced843240f","reference_id":"7ae04ba36b381bffe2471eff3a93edced843240f","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T17:40:26Z/"}],"url":"https://git.kernel.org/stable/c/7ae04ba36b381bffe2471eff3a93edced843240f"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-44949"],"risk_score":3.2,"exploitability":"0.5","weighted_severity":"6.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zx7q-fe6z-ykfx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61929?format=json","vulnerability_id":"VCID-zyed-py3j-gqe6","summary":"kernel: media: hackrf: fix to not free memory after the device is registered in hackrf_probe()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31576.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31576.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461445","reference_id":"2461445","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461445"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2026-31576"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zyed-py3j-gqe6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86112?format=json","vulnerability_id":"VCID-zyfz-thvx-cqfy","summary":"In the Linux kernel, the following vulnerability has been resolved:  i40e: Do not allow untrusted VF to remove administratively set MAC  Currently when PF administratively sets VF's MAC address and the VF is put down (VF tries to delete all MACs) then the MAC is removed from MAC filters and primary VF MAC is zeroed.  Do not allow untrusted VF to remove primary MAC when it was set administratively by PF.  Reproducer: 1) Create VF 2) Set VF interface up 3) Administratively set the VF's MAC 4) Put VF interface down  [root@host ~]# echo 1 > /sys/class/net/enp2s0f0/device/sriov_numvfs [root@host ~]# ip link set enp2s0f0v0 up [root@host ~]# ip link set enp2s0f0 vf 0 mac fe:6c:b5:da:c7:7d [root@host ~]# ip link show enp2s0f0 23: enp2s0f0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP mode DEFAULT group default qlen 1000     link/ether 3c:ec:ef:b7:dd:04 brd ff:ff:ff:ff:ff:ff     vf 0     link/ether fe:6c:b5:da:c7:7d brd ff:ff:ff:ff:ff:ff, spoof checking on, link-state auto, trust off [root@host ~]# ip link set enp2s0f0v0 down [root@host ~]# ip link show enp2s0f0 23: enp2s0f0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP mode DEFAULT group default qlen 1000     link/ether 3c:ec:ef:b7:dd:04 brd ff:ff:ff:ff:ff:ff     vf 0     link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff, spoof checking on, link-state auto, trust off","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26830.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26830.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/stable/c/1c981792e4ccbc134b468797acdd7781959e6893","reference_id":"1c981792e4ccbc134b468797acdd7781959e6893","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-17T17:41:40Z/"}],"url":"https://git.kernel.org/stable/c/1c981792e4ccbc134b468797acdd7781959e6893"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2275596","reference_id":"2275596","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2275596"},{"reference_url":"https://git.kernel.org/stable/c/73d9629e1c8c1982f13688c4d1019c3994647ccc","reference_id":"73d9629e1c8c1982f13688c4d1019c3994647ccc","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-17T17:41:40Z/"}],"url":"https://git.kernel.org/stable/c/73d9629e1c8c1982f13688c4d1019c3994647ccc"},{"reference_url":"https://git.kernel.org/stable/c/be147926140ac48022c9605d7ab0a67387e4b404","reference_id":"be147926140ac48022c9605d7ab0a67387e4b404","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-17T17:41:40Z/"}],"url":"https://git.kernel.org/stable/c/be147926140ac48022c9605d7ab0a67387e4b404"},{"reference_url":"https://git.kernel.org/stable/c/d250a81ba813a93563be68072c563aa1e346346d","reference_id":"d250a81ba813a93563be68072c563aa1e346346d","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-17T17:41:40Z/"}],"url":"https://git.kernel.org/stable/c/d250a81ba813a93563be68072c563aa1e346346d"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10941","reference_id":"RHSA-2024:10941","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10941"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2394","reference_id":"RHSA-2024:2394","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2394"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3138","reference_id":"RHSA-2024:3138","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3138"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8161","reference_id":"RHSA-2024:8161","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8161"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0063","reference_id":"RHSA-2025:0063","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0063"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0064","reference_id":"RHSA-2025:0064","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0064"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"}],"aliases":["CVE-2024-26830"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zyfz-thvx-cqfy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88210?format=json","vulnerability_id":"VCID-zyhz-n7b9-bkfh","summary":"kernel: drm/amd/display: Add null check for head_pipe in dcn32_acquire_idle_pipe_for_head_pipe_in_layer","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-49918.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-49918.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2320575","reference_id":"2320575","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2320575"},{"reference_url":"https://git.kernel.org/stable/c/4f47292f488fa7041284dca1f1244116c18721f1","reference_id":"4f47292f488fa7041284dca1f1244116c18721f1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:40:44Z/"}],"url":"https://git.kernel.org/stable/c/4f47292f488fa7041284dca1f1244116c18721f1"},{"reference_url":"https://git.kernel.org/stable/c/96d4c2ee18d732a248d053aae8c4a27cb1d68d1c","reference_id":"96d4c2ee18d732a248d053aae8c4a27cb1d68d1c","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:40:44Z/"}],"url":"https://git.kernel.org/stable/c/96d4c2ee18d732a248d053aae8c4a27cb1d68d1c"},{"reference_url":"https://git.kernel.org/stable/c/ac2140449184a26eac99585b7f69814bd3ba8f2d","reference_id":"ac2140449184a26eac99585b7f69814bd3ba8f2d","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T13:40:44Z/"}],"url":"https://git.kernel.org/stable/c/ac2140449184a26eac99585b7f69814bd3ba8f2d"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195353?format=json","purl":"pkg:deb/debian/linux@6.1.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.4-1"},{"url":"http://public2.vulnerablecode.io/api/packages/195355?format=json","purl":"pkg:deb/debian/linux@6.1.172-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.1.172-1"}],"aliases":["CVE-2024-49918"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zyhz-n7b9-bkfh"}],"fixing_vulnerabilities":[],"risk_score":"3.8","resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@5.10.223-1"}