PT-2025-18777

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved. The issue concerned the codel controlled delay qdisc queueing discipline in the kernel. Specifically, the problem involved the qlen...

SUSE CVE-2025-21921

In the Linux kernel, the following vulnerability has been resolved: net: ethtool: netlink: Allow NULL nlattrs when getting a phydevice ethnlreqgetphydev is used to lookup a phydevice, in the case an ethtool netlink command targets a specific phydev within a netdev's topology. It takes as a...

CVE-2025-21917

In the Linux kernel, the following vulnerability has been resolved: usb: renesasusbhs: Flush the notifyhotplugwork When performing continuous unbind/bind operations on the USB drivers available on the Renesas RZ/G2L SoC, a kernel crash with the message "Unable to handle kernel NULL pointer...

DEBIAN-CVE-2025-21921

In the Linux kernel, the following vulnerability has been resolved: net: ethtool: netlink: Allow NULL nlattrs when getting a phydevice ethnlreqgetphydev is used to lookup a phydevice, in the case an ethtool netlink command targets a specific phydev within a netdev's topology. It takes as a...

CVE-2025-21917 usb: renesas_usbhs: Flush the notify_hotplug_work

In the Linux kernel, the following vulnerability has been resolved: usb: renesasusbhs: Flush the notifyhotplugwork When performing continuous unbind/bind operations on the USB drivers available on the Renesas RZ/G2L SoC, a kernel crash with the message "Unable to handle kernel NULL pointer...

CVE-2025-21917

Summary of CVE-2025-21917 (Renesas USBHS issue) : In the Linux kernel, the USB Renesas USBHS driver (usb: renesas_usbhs) could crash when performing continuous unbind/bind operations on USB drivers for the Renesas RZ/G2L SoC. The root cause is related to the usbhsc_notify_hotplug() path and invol...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel, which stems from an unrefreshed notifyhotplugwork...

The vulnerability of the dcn35_notify_host_router_bw() function in the drivers/gpu/drm/amd/display/dc/clk_mgr/dcn35/dcn35_clk_mgr.c file of the Linux kernel allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the dcn35notifyhostrouterbw function in the drivers/gpu/drm/amd/display/dc/clkmgr/dcn35/dcn35clkmgr.c module of the Linux kernel is related to buffer overflow attacks. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...

CVE-2025-23490

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Michael Stursberg Browser-Update-Notify browser-update-notify allows Reflected XSS.This issue affects Browser-Update-Notify: from n/a through = 0.2.1...

CVE-2025-23490

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Michael Stursberg Browser-Update-Notify browser-update-notify allows Reflected XSS.This issue affects Browser-Update-Notify: from n/a through = 0.2.1...

CVE-2025-23490 WordPress Browser-Update-Notify plugin <= 0.2.1 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Michael Stursberg Browser-Update-Notify browser-update-notify allows Reflected XSS.This issue affects Browser-Update-Notify: from n/a through = 0.2.1...

CVE-2025-23490

CVE-2025-23490 affects the WordPress Browser-Update-Notify plugin (versions

CVE-2025-23490 WordPress Browser-Update-Notify plugin <= 0.2.1 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NotFound Browser-Update-Notify allows Reflected XSS. This issue affects Browser-Update-Notify: from n/a through 0.2.1...

WordPress plugin Browser-Update-Notify 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

AZL-58911 CVE-2025-21763 affecting package kernel for versions less than 5.15.180.1-1

In the Linux kernel, the following vulnerability has been resolved: neighbour: use RCU protection in neighnotify neighnotify can be called without RTNL or RCU protection. Use RCU protection to avoid potential UAF...

DEBIAN-CVE-2025-21763

In the Linux kernel, the following vulnerability has been resolved: neighbour: use RCU protection in neighnotify neighnotify can be called without RTNL or RCU protection. Use RCU protection to avoid potential UAF...

UBUNTU-CVE-2025-21763

In the Linux kernel, the following vulnerability has been resolved: neighbour: use RCU protection in neighnotify neighnotify can be called without RTNL or RCU protection. Use RCU protection to avoid potential UAF...

SUSE CVE-2022-49085

In the Linux kernel, the following vulnerability has been resolved: drbd: Fix five use after free bugs in getinitialstate In getinitialstate, it calls notifyinitialstatedoneskb,.. if cb-args5==1. If genlmsgput failed in notifyinitialstatedone, the skb will be freed by nlmsgfreeskb. Then...

SUSE CVE-2022-49103

In the Linux kernel, the following vulnerability has been resolved: NFSv4.2: fix reference count leaks in nfs42proccopynotify You don't often get email from [email protected]. Learn why this is important at http://aka.ms/LearnAboutSenderIdentification. The reference counting issue happens in...

Linux kernel 资源管理错误漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the neighnotify function not using RCU protection, which could lead to reuse after release...