Attila Szász discovered that the HFS+ file system implementation in the
Linux Kernel contained a heap overflow vulnerability. An attacker could use
a specially crafted file system image that, when mounted, could cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2025-0927)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- MIPS architecture;
- PowerPC architecture;
- RISC-V architecture;
- S390 architecture;
- SuperH RISC architecture;
- User-Mode Linux (UML);
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers;
- Drivers core;
- RAM backed block device driver;
- Virtio block driver;
- Data acquisition framework and drivers;
- Hardware crypto device drivers;
- DMA engine subsystem;
- EDAC drivers;
- ARM SCPI message protocol;
- GPIO subsystem;
- GPU drivers;
- HID subsystem;
- Microsoft Hyper-V drivers;
- I2C subsystem;
- I3C subsystem;
- IIO ADC drivers;
- IIO subsystem;
- InfiniBand drivers;
- IOMMU subsystem;
- IRQ chip drivers;
- LED subsystem;
- Multiple devices driver;
- Media drivers;
- Multifunction device drivers;
- MMC subsystem;
- MTD block device drivers;
- Network drivers;
- Mellanox network drivers;
- Microsoft Azure Network Adapter (MANA) driver;
- STMicroelectronics network drivers;
- NVME drivers;
- Parport drivers;
- PCI subsystem;
- Pin controllers subsystem;
- x86 platform drivers;
- Power supply drivers;
- Real Time Clock drivers;
- SCSI subsystem;
- SuperH / SH-Mobile drivers;
- i.MX SoC drivers;
- QCOM SoC drivers;
- SPI subsystem;
- Direct Digital Synthesis drivers;
- Media staging drivers;
- TCM subsystem;
- TTY drivers;
- UFS subsystem;
- DesignWare USB3 driver;
- USB Gadget drivers;
- USB Dual Role (OTG-ready)...