Lucene search
K

6095 matches found

Debian CVE
Debian CVE
added 2025/07/10 7:42 a.m.4 views

CVE-2025-38316

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: avoid NULL pointer dereference in mt7996setmonitor The function mt7996setmonitor dereferences phy before the NULL sanity check. Fix this to avoid NULL pointer dereference by moving the dereference after the...

5.5CVSS5.3AI score0.00127EPSS
Exploits0
Debian CVE
Debian CVE
added 2025/07/10 7:42 a.m.6 views

CVE-2025-38309

In the Linux kernel, the following vulnerability has been resolved: drm/xe/vm: move xesvminit earlier In xevmcloseandput we need to be able to call xesvmfini, however during vm creation we can call this on the error path, before having actually initialised the svm state, leading to various splats...

5.5CVSS5.4AI score0.0012EPSS
Exploits0
Debian CVE
Debian CVE
added 2025/07/10 7:42 a.m.3 views

CVE-2025-38302

In the Linux kernel, the following vulnerability has been resolved: block: don't use submitbionoacctnocheck in blkzonewplugbiowork Bios queued up in the zone write plug have already gone through all all preparation in the submitbio path, including the freeze protection. Submitting them through...

5.5CVSS5.3AI score0.00121EPSS
Exploits0
Debian CVE
Debian CVE
added 2025/07/10 7:41 a.m.3 views

CVE-2025-38280

In the Linux kernel, the following vulnerability has been resolved: bpf: Avoid bpfprogret0warn when jit fails syzkaller reported an issue: WARNING: CPU: 3 PID: 217 at kernel/bpf/core.c:2357 bpfprogret0warn+0xa/0x20 kernel/bpf/core.c:2357 Modules linked in: CPU: 3 UID: 0 PID: 217 Comm: kworker/u32...

7.8CVSS6.2AI score0.00175EPSS
Exploits0
Debian CVE
Debian CVE
added 2025/07/10 7:41 a.m.8 views

CVE-2025-38268

In the Linux kernel, the following vulnerability has been resolved: usb: typec: tcpm: move tcpmqueuevdmunlocked to asynchronous work A state check was previously added to tcpmqueuevdmunlocked to prevent a deadlock where the DisplayPort Alt Mode driver would be executing work and attempting to gra...

5.5CVSS5.5AI score0.00117EPSS
Exploits0
Debian CVE
Debian CVE
added 2025/07/10 7:41 a.m.3 views

CVE-2025-38267

In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Do not trigger WARNON due to a commitoverrun When reading a memory mapped buffer the reader page is just swapped out with the last page written in the write buffer. If the reader page is the same as the commit buffer...

7.8CVSS6.3AI score0.00172EPSS
Exploits0
Rosalinux
Rosalinux
added 2025/07/08 1:26 p.m.6 views

Advisory ROSA-SA-2025-2907

Software: sudo 1.9.5p2 OS: ROSA Virtualization 3.0 packageevrstring: sudo-1.9.5p2-1.rv30 CVE-ID: CVE-2025-32463 BDU-ID: 2025-07765 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the sudo system administration program is related to the inclusion of functions from an invalid controlled area when usin...

9.3CVSS9.8AI score0.47467EPSS
Exploits70
Debian CVE
Debian CVE
added 2025/07/04 1:37 p.m.3 views

CVE-2025-38210

In the Linux kernel, the following vulnerability has been resolved: configfs-tsm-report: Fix NULL dereference of tsmops Unlike sysfs, the lifetime of configfs objects is controlled by userspace. There is no mechanism for the kernel to find and delete all created config-items. Instead, the...

5.5CVSS5.5AI score0.00146EPSS
Exploits0
Debian CVE
Debian CVE
added 2025/07/04 1:37 p.m.9 views

CVE-2025-38199

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fix memory leak due to multiple rxstats allocation rxstats for each arsta is allocated when adding a station. arsta-rxstats will be freed when a station is removed. Redundant allocations are occurring when the same...

5.5CVSS5.3AI score0.00129EPSS
Exploits0
Debian CVE
Debian CVE
added 2025/07/04 1:37 p.m.3 views

CVE-2025-38193

In the Linux kernel, the following vulnerability has been resolved: netsched: schsfq: reject invalid perturb period Gerrard Tai reported that SFQ perturbperiod has no range check yet, and this can be used to trigger a race condition fixed in a separate patch. We want to make sure ctl-perturbperio...

5.5CVSS5.4AI score0.00162EPSS
Exploits0
OSV
OSV
added 2025/07/04 1:37 p.m.6 views

CVE-2025-38190 atm: Revert atm_account_tx() if copy_from_iter_full() fails.

In the Linux kernel, the following vulnerability has been resolved: atm: Revert atmaccounttx if copyfromiterfull fails. In vccsendmsg, we account skb-truesize to sk-skwmemalloc by atmaccounttx. It is expected to be reverted by atmpopraw later called by vcc-dev-ops-sendvcc, skb. However, vccsendms...

5.5CVSS7.2AI score0.00164EPSS
Exploits0References13
Debian CVE
Debian CVE
added 2025/06/30 7:29 a.m.4 views

CVE-2025-38088

In the Linux kernel, the following vulnerability has been resolved: powerpc/powernv/memtrace: Fix out of bounds issue in memtrace mmap memtrace mmap issue has an out of bounds issue. This patch fixes the by checking that the requested mapping region size should stay within the allocated region si...

7.1CVSS5.7AI score0.0014EPSS
Exploits0
Debian CVE
Debian CVE
added 2025/06/26 6:30 a.m.4 views

CVE-2025-5459

A user with specific node group editing permissions and a specially crafted class parameter could be used to execute commands as root on the primary host. It affects Puppet Enterprise versions 2018.1.8 through 2023.8.3 and 2025.3 and has been resolved in versions 2023.8.4 and 2025.4.0...

8.8CVSS5.5AI score0.00425EPSS
Exploits0
NVD
NVD
added 2025/06/18 11:15 a.m.6 views

CVE-2022-49983

In the Linux kernel, the following vulnerability has been resolved: udmabuf: Set the DMA mask for the udmabuf device v2 If the DMA mask is not set explicitly, the following warning occurs when the userspace tries to access the dma-buf via the CPU as reported by syzbot here: WARNING: CPU: 1 PID:...

5.5CVSS0.00197EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/06/18 11:1 a.m.11 views

CVE-2022-50028 gadgetfs: ep_io - wait until IRQ finishes

In the Linux kernel, the following vulnerability has been resolved: gadgetfs: epio - wait until IRQ finishes after usbepqueue if waitforcompletioninterruptible is interrupted we need to wait until IRQ gets finished. Otherwise complete from epiocomplete can corrupt stack...

0.00156EPSS
Exploits0References8
CVE
CVE
added 2025/06/18 11:0 a.m.70 views

CVE-2022-49987

CVE-2022-49987 concerns the Linux kernel md subsystem. The provided documents show the vulnerability arises from md_stop path handling where __md_stop_writes should be stopped earlier to align with normal md-raid and fix a KASAN issue. Multiple advisories (Unity Linux UTSA-2026-004867/992895 and ...

5.5CVSS6.5AI score0.00205EPSS
Exploits0References7Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.4 views

TencentOS Server 3: systemd (TSSA-2024:0212)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0212 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

5.9CVSS6.8AI score0.00849EPSS
Exploits0References2
Rosalinux
Rosalinux
added 2025/06/09 8:53 a.m.7 views

Advisory ROSA-SA-2025-2882

Software: libtasn1 4.13 OS: ROSA Virtualization 2.1 packageevrstring: libtasn1-4.13-5.rv3 CVE-ID: CVE-2024-12133 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in libtasn1 causes the system to slow down or crash due to inefficient processing of certain certificate data. As a result, an...

5.3CVSS6AI score0.01025EPSS
Exploits0
Rosalinux
Rosalinux
added 2025/06/09 8:53 a.m.5 views

Advisory ROSA-SA-2025-2883

Software: libtiff 4.0.9 OS: ROSA Virtualization 2.1 packageevrstring: libtiff-4.0.9-34.rv3 CVE-ID: CVE-2017-17095 BDU-ID: 2019-03339 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the LibTIFF library is related to a heap-based buffer overflow in TIFFSetupStrips. Exploitation of the vulnerability...

8.8CVSS6.8AI score0.10639EPSS
Exploits1
Debian CVE
Debian CVE
added 2025/06/06 1:43 p.m.6 views

CVE-2025-38002

In the Linux kernel, the following vulnerability has been resolved: iouring/fdinfo: grab ctx-uringlock around iouringshowfdinfo Not everything requires locking in there, which is why the 'haslock' variable exists. But enough does that it's a bit unwieldy to manage. Wrap the whole thing in a...

5.5CVSS5.8AI score0.00175EPSS
Exploits1
Rows per page
Query Builder