Attila Szász discovered that the HFS+ file system implementation in the
Linux Kernel contained a heap overflow vulnerability. An attacker could use
a specially crafted file system image that, when mounted, could cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2025-0927)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- x86 architecture;
- Block layer subsystem;
- ACPI drivers;
- GPU drivers;
- HID subsystem;
- I2C subsystem;
- IIO ADC drivers;
- IIO subsystem;
- InfiniBand drivers;
- IOMMU subsystem;
- IRQ chip drivers;
- Multiple devices driver;
- Media drivers;
- Network drivers;
- STMicroelectronics network drivers;
- Parport drivers;
- Pin controllers subsystem;
- Direct Digital Synthesis drivers;
- TCM subsystem;
- TTY drivers;
- USB Dual Role (OTG-ready) Controller drivers;
- USB Serial drivers;
- USB Type-C support driver;
- USB Type-C Connector System Software Interface driver;
- BTRFS file system;
- File systems infrastructure;
- Network file system (NFS) client;
- NILFS2 file system;
- NTFS3 file system;
- SMB network file system;
- User-space API (UAPI);
- io_uring subsystem;
- BPF subsystem;
- Timer substystem drivers;
- Tracing infrastructure;
- Closures library;
- Memory management;
- Amateur Radio drivers;
- Bluetooth subsystem;
- Networking core;
- IPv4 networking;
- MAC80211 subsystem;
- Multipath TCP;
- Netfilter;
- Network traffic control;
- SCTP protocol;
- XFRM subsystem;
- Key management;
- FireWire sound drivers;
- HD-audio driver;
- QCOM ASoC drivers;
- STMicroelectronics SoC drivers;
- KVM core;
(CVE-2024-50151, CVE-2024-50195, CVE-2024-50117, CVE-2024-53104,
CVE-2024-50171, CVE-2024-53059, CVE-2024-50160, CVE-2024-50163,
CVE-2024-50103,...