CVE-2025-38265 serial: jsm: fix NPE during jsm_uart_port_init

In the Linux kernel, the following vulnerability has been resolved: serial: jsm: fix NPE during jsmuartportinit No device was set which caused serialbasectrladd to crash. BUG: kernel NULL pointer dereference, address: 0000000000000050 Oops: Oops: 0000 1 PREEMPT SMP NOPTI CPU: 16 UID: 0 PID: 368...

PT-2025-31090

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.1.147 bookworm, 6.12.41 trixie, and 5.10.244 bullseye. Linux kernel version 6.6.101 Description The Linux kernel contains vulnerabilities that could lead to privilege escalation, denial of service, or informati...

Multiple Brother devices authentication bypass via default administrator password generation

By leaking a target devices serial number, a remote attacker can generate the target devices default administrator password. The target device may leak its serial number via unauthenticated HTTP, HTTPS, IPP, SNMP, or PJL requests. Module Options msf use...

kernel: usb: typec: ucsi: Limit read size on v1.2

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Limit read size on v1.2 The Linux kernel CVE team has assigned CVE-2024-35924 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024051914-CVE-2024-35924-90f6@gregkh/T...

AZL-64853 CVE-2025-38262 affecting package kernel for versions less than 6.6.96.1-1

In the Linux kernel, the following vulnerability has been resolved: tty: serial: uartlite: register uart driver in init When two instances of uart devices are probing, a concurrency race can occur. If one thread calls uartregisterdriver function, which first allocates and assigns memory to...

DEBIAN-CVE-2025-38262

In the Linux kernel, the following vulnerability has been resolved: tty: serial: uartlite: register uart driver in init When two instances of uart devices are probing, a concurrency race can occur. If one thread calls uartregisterdriver function, which first allocates and assigns memory to...

UBUNTU-CVE-2025-38262

In the Linux kernel, the following vulnerability has been resolved: tty: serial: uartlite: register uart driver in init When two instances of uart devices are probing, a concurrency race can occur. If one thread calls uartregisterdriver function, which first allocates and assigns memory to...

CVE-2025-38262

In the Linux kernel, the following vulnerability has been resolved: tty: serial: uartlite: register uart driver in init When two instances of uart devices are probing, a concurrency race can occur. If one thread calls uartregisterdriver function, which first allocates and assigns memory to...

VulnCheck KEV: CVE-2024-51977

An unauthenticated attacker who can access either the HTTP service TCP port 80, the HTTPS service TCP port 443, or the IPP service TCP port 631, can leak several pieces of sensitive information from a vulnerable device. The URI path /etc/mntinfo.csv can be accessed via a GET request and no...

PT-2025-28890

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A concurrency race condition can occur when two instances of uart devices are probing. If one thread calls the uart register driver function, which allocates memory for the uart state...

FNKvision FNK-GU2 安全漏洞

FNKvision FNK-GU2 is a camera from FNKvision Thailand. A security vulnerability exists in the FNKvision FNK-GU2 version 40.1.7 and earlier, which stems from improper access control of the UART interface and could lead to the on-chip debug and test interface being exploited...

USN-7594-3 linux-aws, linux-oracle vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - PowerPC architecture; - RISC-V architecture; - User-Mode Linux UML; - x...

DEBIAN-CVE-2025-38229

In the Linux kernel, the following vulnerability has been resolved: media: cxusb: no longer judge rbuf when the write fails syzbot reported a uninit-value in cxusbi2cxfer. 1 Only when the write operation of usbbulkmsg in dvbusbgenericrw succeeds and rlen is greater than 0, the read operation of...

SUSE CVE-2025-38134

In the Linux kernel, the following vulnerability has been resolved: usb: acpi: Prevent null pointer dereference in usbacpiaddusb4devlink As demonstrated by the fix for updateportdevicestate, commit 12783c0b9e2c "usb: core: Prevent null pointer dereference in updateportdevicestate",...

AZL-64508 CVE-2025-38157 affecting package kernel for versions less than 6.6.96.1-1

In the Linux kernel, the following vulnerability has been resolved: wifi: ath9khtc: Abort software beacon handling if disabled A malicious USB device can send a WMISWBAEVENTID event from an ath9khtc-managed device before beaconing has been enabled. This causes a device-by-zero error in the driver...

AZL-64544 CVE-2025-38153 affecting package kernel for versions less than 6.6.96.1-1

In the Linux kernel, the following vulnerability has been resolved: net: usb: aqc111: fix error handling of usbnet read calls Syzkaller, courtesy of syzbot, identified an error see report 1 in aqc111 driver, caused by incomplete sanitation of usb read calls' results. This problem is quite similar...

UBUNTU-CVE-2025-38134

In the Linux kernel, the following vulnerability has been resolved: usb: acpi: Prevent null pointer dereference in usbacpiaddusb4devlink As demonstrated by the fix for updateportdevicestate, commit 12783c0b9e2c "usb: core: Prevent null pointer dereference in updateportdevicestate",...

UBUNTU-CVE-2025-38103

In the Linux kernel, the following vulnerability has been resolved: HID: usbhid: Eliminate recurrent out-of-bounds bug in usbhidparse Update struct hiddescriptor to better reflect the mandatory and optional parts of the HID Descriptor as per USB HID 1.11 specification. Note: the kernel currently...

UBUNTU-CVE-2025-38105

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Kill timer properly at removal The USB-audio MIDI code initializes the timer, but in a rare case, the driver might be freed without the disconnect call. This leaves the timer in an active state while the assigned...

The vulnerability of the drivers/spi/spi-fsl-dspi.c component in the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the drivers/spi/spi-fsl-dspi.c component in the Linux operating system is related to pointer dereferencing errors. Exploiting this vulnerability can allow an attacker to cause a service failure...