Lucene search
K

9106 matches found

OSV
OSV
added 2025/04/01 4:15 p.m.7 views

AZL-59943 CVE-2025-21920 affecting package kernel for versions less than 6.6.85.1-2

In the Linux kernel, the following vulnerability has been resolved: vlan: enforce underlying device type Currently, VLAN devices can be created on top of non-ethernet devices. Besides the fact that it doesn't make much sense, this also causes a bug which leaks the address of a kernel function to...

7.1CVSS6.5AI score0.00188EPSS
Exploits0References1
OSV
OSV
added 2025/04/01 4:15 p.m.5 views

AZL-59976 CVE-2025-21920 affecting package kernel for versions less than 5.15.180.1-1

In the Linux kernel, the following vulnerability has been resolved: vlan: enforce underlying device type Currently, VLAN devices can be created on top of non-ethernet devices. Besides the fact that it doesn't make much sense, this also causes a bug which leaks the address of a kernel function to...

7.1CVSS6.5AI score0.00188EPSS
Exploits0References1
OSV
OSV
added 2025/04/01 4:15 p.m.1 views

UBUNTU-CVE-2025-21924

In the Linux kernel, the following vulnerability has been resolved: net: hns3: make sure ptp clock is unregister and freed if hclgeptpgetcycle returns an error During the initialization of ptp, hclgeptpgetcycle might return an error and returned directly without unregister clock and free it. To...

5.5CVSS6.5AI score0.00176EPSS
Exploits0References35
OSV
OSV
added 2025/04/01 4:15 p.m.3 views

UBUNTU-CVE-2025-21959

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconncount: Fully initialize struct nfconncounttuple in inserttree Since commit b36e4523d4d5 "netfilter: nfconncount: fix garbage collection confirm race", cpu and jiffies32 were introduced to the struct...

5.5CVSS6.2AI score0.00185EPSS
Exploits0References42
Vulnrichment
Vulnrichment
added 2025/04/01 3:47 p.m.8 views

CVE-2025-21980 sched: address a potential NULL pointer dereference in the GRED scheduler.

In the Linux kernel, the following vulnerability has been resolved: sched: address a potential NULL pointer dereference in the GRED scheduler. If kzalloc in gredinit returns a NULL pointer, the code follows the error handling path, invoking greddestroy. This, in turn, calls gredoffload, where...

6.8AI score0.00165EPSS
Exploits0References5
CVE
CVE
added 2025/04/01 3:46 p.m.175 views

CVE-2025-21959

CVE-2025-21959 affects the Linux kernel netfilter nf_conncount code. The issue arises from not initializing fields cpu and jiffies32 in struct nf_conncount_tuple during insertion (insert_tree()), after prior fixes added cpu/jiffies32 in nf_conncount_add() but count_tree() path remained uninitiali...

5.5CVSS7.1AI score0.00185EPSS
Exploits0References10Affected Software1
Cvelist
Cvelist
added 2025/04/01 3:46 p.m.15 views

CVE-2025-21959 netfilter: nf_conncount: Fully initialize struct nf_conncount_tuple in insert_tree()

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconncount: Fully initialize struct nfconncounttuple in inserttree Since commit b36e4523d4d5 "netfilter: nfconncount: fix garbage collection confirm race", cpu and jiffies32 were introduced to the struct...

0.00185EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2025/04/01 3:46 p.m.14 views

CVE-2025-21959

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconncount: Fully initialize struct nfconncounttuple in inserttree Since commit b36e4523d4d5 "netfilter: nfconncount: fix garbage collection confirm race", cpu and jiffies32 were introduced to the struct...

5.5CVSS5.7AI score0.00185EPSS
Exploits0
OSV
OSV
added 2025/04/01 3:46 p.m.17 views

CVE-2025-21959 netfilter: nf_conncount: Fully initialize struct nf_conncount_tuple in insert_tree()

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconncount: Fully initialize struct nfconncounttuple in inserttree Since commit b36e4523d4d5 "netfilter: nfconncount: fix garbage collection confirm race", cpu and jiffies32 were introduced to the struct...

5.5CVSS6.1AI score0.00185EPSS
Exploits0References13
CVE
CVE
added 2025/04/01 3:40 p.m.114 views

CVE-2025-21924

The CVE affects the Linux kernel net/ hns3/ hclge_ptp code path. During ptp initialization, if hclge_ptp_get_cycle returns an error, the clock could remain unregistered and not freed. The fix adds a call to hclge_ptp_destroy_clock to unregister and free the clock when ptp_cycle acquisition fails,...

5.5CVSS7.2AI score0.00176EPSS
Exploits0References7Affected Software1
CVE
CVE
added 2025/04/01 3:40 p.m.174 views

CVE-2025-21920

CVE-2025-21920 (Linux kernel VLAN subtype): The issue occurs when creating VLAN devices on non-Ethernet underlying devices, which can trigger an out-of-bounds read by dev_mc_add due to __dev_mc_add using dev->addr_len as the multicast length. The underlying cause is not enforcing the underlyin...

7.1CVSS7.2AI score0.00188EPSS
Exploits0References10Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/04/01 12:0 a.m.6 views

The vulnerability of the manaDestroyTxq() function in the Linux kernel driver allows a hacker to induce a service failure.

The vulnerability of the manaDestroyTxq function in the Linux kernel driver is related to incorrect initialization of resources. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.7AI score0.00207EPSS
Exploits0References19Affected Software5
CNNVD
CNNVD
added 2025/04/01 12:0 a.m.3 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from pmcmdioctl not fully initializing structures potentially leading to information disclosure...

6.4AI score0.00181EPSS
Exploits0References7
OSV
OSV
added 2025/03/31 11:15 p.m.4 views

CVE-2025-24235

A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. A remote attacker may be able to cause unexpected app termination or heap corruption...

5.5CVSS5.8AI score0.00433EPSS
Exploits0References6
NVD
NVD
added 2025/03/31 11:15 p.m.9 views

CVE-2025-24235

A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. A remote attacker may be able to cause unexpected app termination or heap corruption...

5.5CVSS0.00433EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2025/03/31 10:24 p.m.5 views

CVE-2025-24235

A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. A remote attacker may be able to cause unexpected app termination or heap corruption...

7.3AI score0.00433EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/03/31 12:0 a.m.2 views

PT-2025-13917 · Apple · Apple Macos

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 13.7.5 macOS versions prior to 14.7.5 macOS versions prior to 15.4 Description: A memory initialization issue was addressed with improved memory handling. A remote attacker may be able to cause unexpected app terminati...

5.5CVSS8.6AI score0.00433EPSS
Exploits0References13
CNNVD
CNNVD
added 2025/03/31 12:0 a.m.3 views

Apple macOS 安全漏洞

Apple macOS is a suite of specialized operating systems developed for Mac computers by Apple Inc. in the United States. A security vulnerability exists in Apple macOS Sequoia, which stems from a memory initialization issue that could result in application termination or heap corruption...

5.5CVSS8.9AI score0.00433EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/03/29 5:43 p.m.14 views

CVE-2023-53009

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Add sync after creating vram bo There will be data corruption on vram allocated by svm if the initialization is not complete and application is writting on the memory. Adding sync to wait for the initialization...

5.5CVSS7.4AI score0.00159EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2025/03/28 3:41 a.m.2 views

SUSE CVE-2022-49742

In the Linux kernel, the following vulnerability has been resolved: f2fs: initialize locks earlier in f2fsfillsuper syzbot is reporting lockdep warning at f2fshandleerror 1, for spinlock&sbi-errorlock is called before spinlockinit is called. For safe locking in error handling, move initialization...

5.5CVSS6.5AI score0.00114EPSS
Exploits0References3
Rows per page
Query Builder