CVE-2025-38082

In the Linux kernel, the following vulnerability has been resolved: gpio: virtuser: fix potential out-of-bound write If the caller wrote more characters, count is truncated to the max available space in "simplewritetobuffer". Check that the input size does not exceed the buffer size. Write a zero...

CVE-2025-38054

In the Linux kernel, the following vulnerability has been resolved: ptp: ocp: Limit signal/freq counts in summary output functions The debugfs summary output could access uninitialized elements in the freqin and signalout arrays, causing NULL pointer dereferences and triggering a kernel Oops...

CVE-2025-38072

In the Linux kernel, the following vulnerability has been resolved: libnvdimm/labels: Fix divide error in ndlabeldatainit If a faulty CXL memory device returns a broken zero LSA size in its memory device information Identify Memory Device Opcode 4000h, CXL spec. 3.1, 8.2.9.9.1.1, a divide error...

CVE-2025-38073

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2025-38036

In the Linux kernel, the following vulnerability has been resolved: drm/xe/vf: Perform early GT MMIO initialization to read GMDID VFs need to communicate with the GuC to obtain the GMDID value and existing GuC functions used for that assume that the GT has it's MMIO members already setup. However...

CVE-2025-38032

In the Linux kernel, the following vulnerability has been resolved: mr: consolidate the ipmrcanfreetable checks. Guoyu Yin reported a splat in the ipmr netns cleanup path: WARNING: CPU: 2 PID: 14564 at net/ipv4/ipmr.c:440 ipmrfreetable net/ipv4/ipmr.c:440 inline WARNING: CPU: 2 PID: 14564 at...

CVE-2025-38033

In the Linux kernel, the following vulnerability has been resolved: x86/Kconfig: make CFIAUTODEFAULT depend on !RUST or Rust = 1.88 Calling core::fmt::write from rust code while FineIBT is enabled results in a kernel panic: 4614.199779 kernel BUG at arch/x86/kernel/cet.c:132! 4614.205343 Oops:...

CVE-2025-38019

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumrouter: Fix use-after-free when deleting GRE net devices The driver only offloads neighbors that are constructed on top of net devices registered by it or their uppers which are all Ethernet. The device supports GR...

CVE-2025-38048

In the Linux kernel, the following vulnerability has been resolved: virtioring: Fix data race by tagging eventtriggered as racy for KCSAN syzbot reports a data-race when accessing the eventtriggered, here is the simplified stack when the issue occurred:...

CVE-2025-38037

In the Linux kernel, the following vulnerability has been resolved: vxlan: Annotate FDB data races The 'used' and 'updated' fields in the FDB entry structure can be accessed concurrently by multiple threads, leading to reports such as 1. Can be reproduced using 2. Suppress these reports by...

CVE-2025-38015

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: fix memory leak in error handling path of idxdalloc Memory allocated for idxd is not freed if an error occurs during idxdalloc. To fix it, free the allocated memory in the reverse order of allocation before exiti...

CVE-2025-38054

In the Linux kernel, the following vulnerability has been resolved: ptp: ocp: Limit signal/freq counts in summary output functions The debugfs summary output could access uninitialized elements in the freqin and signalout arrays, causing NULL pointer dereferences and triggering a kernel Oops...

CVE-2025-38029

In the Linux kernel, the following vulnerability has been resolved: kasan: avoid sleepable page allocation from atomic context applytopterange enters the lazy MMU mode and then invokes kasanpopulatevmallocpte callback on each page table walk iteration. However, the callback can go into sleep when...

CVE-2025-38012

In the Linux kernel, the following vulnerability has been resolved: schedext: bpfiterscxdsqnew should always initialize iterator BPF programs may call next and destroy on BPF iterators even after new returns an error value e.g. bpfforeach macro ignores error returns from new. bpfiterscxdsqnew cou...

GHSA-22V5-Q59J-H85M vulnerabilities

Vulnerabilities for packages: chromium...

CVE-2025-6196

A flaw was found in libgepub, a library used to read EPUB files. The software mishandles file size calculations when opening specially crafted EPUB files, leading to incorrect memory allocations. This issue causes the application to crash. Known affected usage includes desktop services like...

CVE-2025-6069

The html.parser.HTMLParser class had worse-case quadratic complexity when processing certain crafted malformed inputs potentially leading to amplified denial-of-service...

CVE-2025-6141

A vulnerability has been found in GNU ncurses up to 6.5-20250322 and classified as problematic. This vulnerability affects the function postprocesstermcap of the file tinfo/parseentry.c. The manipulation leads to stack-based buffer overflow. The attack needs to be approached locally. Upgrading to...

CVE-2025-49794

A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program's...

CVE-2025-4748

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Erlang OTP stdlib modules allows Absolute Path Traversal, File Manipulation. This vulnerability is associated with program files lib/stdlib/src/zip.erl and program routines zip:unzip/1, zip:unzip/2,...