Lucene search
K

372 matches found

OSV
OSV
added 2025/07/25 4:15 p.m.2 views

DEBIAN-CVE-2025-38462

In the Linux kernel, the following vulnerability has been resolved: vsock: Fix transportg2h,h2g TOCTOU vsockfindcid and vsockdevdoioctl may race with module unload. transportg2h,h2g may become NULL after the NULL check. Introduce vsocktransportlocalcid to protect from a potential null-ptr-deref...

4.7CVSS5.3AI score0.00113EPSS
Exploits0References1
NVD
NVD
added 2025/07/25 4:15 p.m.4 views

CVE-2025-38461

In the Linux kernel, the following vulnerability has been resolved: vsock: Fix transport TOCTOU Transport assignment may race with module unload. Protect newtransport from becoming a stale pointer. This also takes care of an insecure call in vsockuselocaltransport; add a lockdep assert. BUG: unab...

4.7CVSS0.00113EPSS
Exploits0References9
OSV
OSV
added 2025/07/25 4:15 p.m.5 views

AZL-72947 CVE-2025-38461 affecting package kernel for versions less than 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: vsock: Fix transport TOCTOU Transport assignment may race with module unload. Protect newtransport from becoming a stale pointer. This also takes care of an insecure call in vsockuselocaltransport; add a lockdep assert. BUG: unab...

4.7CVSS6.4AI score0.00113EPSS
Exploits0References1
OSV
OSV
added 2025/07/25 4:15 p.m.0 views

DEBIAN-CVE-2025-38461

In the Linux kernel, the following vulnerability has been resolved: vsock: Fix transport TOCTOU Transport assignment may race with module unload. Protect newtransport from becoming a stale pointer. This also takes care of an insecure call in vsockuselocaltransport; add a lockdep assert. BUG: unab...

4.7CVSS5.3AI score0.00113EPSS
Exploits0References1
OSV
OSV
added 2025/07/25 4:15 p.m.3 views

UBUNTU-CVE-2025-38461

In the Linux kernel, the following vulnerability has been resolved: vsock: Fix transport TOCTOU Transport assignment may race with module unload. Protect newtransport from becoming a stale pointer. This also takes care of an insecure call in vsockuselocaltransport; add a lockdep assert. BUG: unab...

4.7CVSS6.1AI score0.00113EPSS
Exploits0References41
Cvelist
Cvelist
added 2025/07/25 3:27 p.m.5 views

CVE-2025-38462 vsock: Fix transport_{g2h,h2g} TOCTOU

In the Linux kernel, the following vulnerability has been resolved: vsock: Fix transportg2h,h2g TOCTOU vsockfindcid and vsockdevdoioctl may race with module unload. transportg2h,h2g may become NULL after the NULL check. Introduce vsocktransportlocalcid to protect from a potential null-ptr-deref...

0.00113EPSS
Exploits0References7
Cvelist
Cvelist
added 2025/07/25 3:27 p.m.6 views

CVE-2025-38461 vsock: Fix transport_* TOCTOU

In the Linux kernel, the following vulnerability has been resolved: vsock: Fix transport TOCTOU Transport assignment may race with module unload. Protect newtransport from becoming a stale pointer. This also takes care of an insecure call in vsockuselocaltransport; add a lockdep assert. BUG: unab...

0.00113EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2025/07/25 3:27 p.m.11 views

CVE-2025-38461 vsock: Fix transport_* TOCTOU

In the Linux kernel, the following vulnerability has been resolved: vsock: Fix transport TOCTOU Transport assignment may race with module unload. Protect newtransport from becoming a stale pointer. This also takes care of an insecure call in vsockuselocaltransport; add a lockdep assert. BUG: unab...

6AI score0.00113EPSS
Exploits0References7
OSV
OSV
added 2025/07/10 8:15 a.m.9 views

DEBIAN-CVE-2025-38298

In the Linux kernel, the following vulnerability has been resolved: EDAC/skxcommon: Fix general protection fault After loading i10nmedac which automatically loads skxedaccommon, if unload only i10nmedac, then reload it and perform error injection testing, a general protection fault may occur: mce...

7.8CVSS6.2AI score0.0019EPSS
Exploits0References1
OSV
OSV
added 2025/07/03 9:15 a.m.12 views

AZL-64538 CVE-2025-38131 affecting package kernel for versions less than 6.6.96.1-1

In the Linux kernel, the following vulnerability has been resolved: coresight: prevent deactivate active config while enabling the config While enable active config via cscfgcsdevenableactiveconfig, active config could be deactivated via configfs' sysfs interface. This could make UAF issue in bel...

7.8CVSS5.6AI score0.00166EPSS
Exploits0References1
OSV
OSV
added 2025/07/03 9:15 a.m.9 views

UBUNTU-CVE-2025-38131

In the Linux kernel, the following vulnerability has been resolved: coresight: prevent deactivate active config while enabling the config While enable active config via cscfgcsdevenableactiveconfig, active config could be deactivated via configfs' sysfs interface. This could make UAF issue in bel...

7.8CVSS6.2AI score0.00166EPSS
Exploits0References31
OSV
OSV
added 2025/06/18 10:15 a.m.1 views

UBUNTU-CVE-2025-38076

In the Linux kernel, the following vulnerability has been resolved: alloctag: allocate percpu counters for module tags dynamically When a module gets unloaded it checks whether any of its tags are still in use and if so, we keep the memory containing module's allocation tags alive until all tags...

7.8CVSS6.5AI score0.00153EPSS
Exploits0References12
AstraLinux
AstraLinux
added 2025/06/16 11:28 a.m.3 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: drm/imagination: fixed firmware memory leaks Released the memory used to store the results of firmware image processing when the module is unloaded. Fixed the issue where the same memory was still leaking if the processing of...

5.5CVSS6.9AI score0.00159EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2025/05/13 8:36 a.m.5 views

grub2: command/gpg: Use-after-free due to hooks not being removed on module unload

A flaw was found in command/gpg. In some scenarios, hooks created by loaded modules are not removed when the related module is unloaded. This flaw allows an attacker to force grub2 to call the hooks once the module that registered it was unloaded, leading to a use-after-free vulnerability. If...

6.4CVSS5.9AI score0.00262EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/05/13 8:28 a.m.4 views

kernel: Bluetooth: Call iso_exit() on module unload

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Call isoexit on module unload If isoinit has been called, isoexit must be called on module unload. Without that, the struct proto that isoinit registered with protoregister becomes invalid, which could cause...

5.5CVSS6.8AI score0.00206EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/05/13 8:28 a.m.3 views

kernel: thermal: intel: int340x: processor: Fix warning during module unload

In the Linux kernel, the following vulnerability has been resolved: thermal: intel: int340x: processor: Fix warning during module unload The processorthermal driver uses pcimdeviceenable to enable a PCI device, which means the device will be automatically disabled on driver detach. Thus there is ...

5.5CVSS6.8AI score0.00235EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2025/05/13 4:48 a.m.4 views

SUSE CVE-2022-49847

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ti: am65-cpsw: Fix segmentation fault at module unload Move am65cpswnussphylinkcleanup call to after am65cpswnusscleanupndev so phylink is still valid to prevent the below Segmentation fault on module remove when...

5.5CVSS6.5AI score0.0014EPSS
Exploits0References3
OSV
OSV
added 2025/05/09 7:16 a.m.2 views

UBUNTU-CVE-2025-37845

In the Linux kernel, the following vulnerability has been resolved: tracing: fprobe events: Fix possible UAF on modules Commit ac91052f0ae5 "tracing: tprobe-events: Fix leakage of module refcount" moved trymoduleget from findtracepointmodulecb to findtracepoint caller, but that introduced a...

7.8CVSS6.2AI score0.0024EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2025/05/06 12:0 a.m.8 views

Azure Linux 3.0 Security Update: kernel (CVE-2025-21943)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21943 advisory. - In the Linux kernel, the following vulnerability has been resolved: gpio: aggregator: protect driver attr...

4.7CVSS5.8AI score0.00129EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/05/06 12:0 a.m.13 views

CBL Mariner 2.0 Security Update: kernel (CVE-2025-21943)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21943 advisory. - In the Linux kernel, the following vulnerability has been resolved: gpio: aggregator: protect driver attr...

4.7CVSS5.8AI score0.00129EPSS
Exploits0References2
Rows per page
Query Builder