Lucene search
K

118 matches found

SUSE CVE
SUSE CVE
added 2025/08/16 11:22 p.m.3 views

SUSE CVE-2025-38536

In the Linux kernel, the following vulnerability has been resolved: net: airoha: fix potential use-after-free in airohanpuget np-name was being used after calling ofnodeputnp, which releases the node and can lead to a use-after-free bug. Previously, ofnodeputnp was called unconditionally after...

7.8CVSS6.5AI score0.00133EPSS
Exploits0References3
NVD
NVD
added 2025/08/16 12:15 p.m.6 views

CVE-2025-38536

In the Linux kernel, the following vulnerability has been resolved: net: airoha: fix potential use-after-free in airohanpuget np-name was being used after calling ofnodeputnp, which releases the node and can lead to a use-after-free bug. Previously, ofnodeputnp was called unconditionally after...

7.8CVSS0.00133EPSS
Exploits0References2
OSV
OSV
added 2025/08/16 12:15 p.m.4 views

UBUNTU-CVE-2025-38536

In the Linux kernel, the following vulnerability has been resolved: net: airoha: fix potential use-after-free in airohanpuget np-name was being used after calling ofnodeputnp, which releases the node and can lead to a use-after-free bug. Previously, ofnodeputnp was called unconditionally after...

7.8CVSS5.7AI score0.00133EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2025/08/16 11:12 a.m.5 views

CVE-2025-38536

In the Linux kernel, the following vulnerability has been resolved: net: airoha: fix potential use-after-free in airohanpuget np-name was being used after calling ofnodeputnp, which releases the node and can lead to a use-after-free bug. Previously, ofnodeputnp was called unconditionally after...

7.8CVSS5.7AI score0.00133EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2025/08/16 11:12 a.m.12 views

CVE-2025-38536 net: airoha: fix potential use-after-free in airoha_npu_get()

In the Linux kernel, the following vulnerability has been resolved: net: airoha: fix potential use-after-free in airohanpuget np-name was being used after calling ofnodeputnp, which releases the node and can lead to a use-after-free bug. Previously, ofnodeputnp was called unconditionally after...

0.00133EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2025/08/16 11:12 a.m.5 views

CVE-2025-38536

In the Linux kernel, the following vulnerability has been resolved: net: airoha: fix potential use-after-free in airohanpuget np-name was being used after calling ofnodeputnp, which releases the node and can lead to a use-after-free bug. Previously, ofnodeputnp was called unconditionally after...

7.8CVSS6.3AI score0.00133EPSS
Exploits0
CVE
CVE
added 2025/08/16 11:12 a.m.26 views

CVE-2025-38536

CVE-2025-38536 affects the Linux kernel in the net:airoha path, where np->name could be used after a call to of_node_put(np). This release-after-check pattern could cause a use-after-free if pdev is NULL. The documented fix moves of_node_put(np) to execute only after both the error and success...

7.8CVSS6.6AI score0.00133EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2025/08/16 11:12 a.m.6 views

CVE-2025-38536 net: airoha: fix potential use-after-free in airoha_npu_get()

In the Linux kernel, the following vulnerability has been resolved: net: airoha: fix potential use-after-free in airohanpuget np-name was being used after calling ofnodeputnp, which releases the node and can lead to a use-after-free bug. Previously, ofnodeputnp was called unconditionally after...

7.8CVSS6.2AI score0.00133EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/08/16 12:0 a.m.7 views

PT-2025-33579 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a use-after-free flaw within the airoha npu get function. The vulnerability occurs because the np-name field is accessed after the associated node has been...

6AI score0.00133EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/08/09 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2025-22061

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net: airoha: Fix qid report in airohatcgethtbgetleafqueue Fix the following kernel warning...

5.5CVSS5.9AI score0.0019EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/08/06 7:31 a.m.5 views

CVE-2025-20701

In the Airoha Bluetooth audio SDK, there is a possible way to pair Bluetooth audio device without user consent. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

8.8CVSS7.8AI score0.04372EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/06 7:31 a.m.4 views

CVE-2025-20702

In the Airoha Bluetooth audio SDK, there is a possible unauthorized access to the RACE protocol. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

8.8CVSS7.8AI score0.05413EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/06 7:31 a.m.4 views

CVE-2025-20700

In the Airoha Bluetooth audio SDK, there is a possible permission bypass that allows access critical data of RACE protocol through Bluetooth LE GATT service. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

8.8CVSS7.9AI score0.06496EPSS
Exploits0References1
NVD
NVD
added 2025/08/04 7:15 a.m.10 views

CVE-2025-20702

In the Airoha Bluetooth audio SDK, there is a possible unauthorized access to the RACE protocol. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

8.8CVSS0.05413EPSS
Exploits0References1
NVD
NVD
added 2025/08/04 7:15 a.m.3 views

CVE-2025-20700

In the Airoha Bluetooth audio SDK, there is a possible permission bypass that allows access critical data of RACE protocol through Bluetooth LE GATT service. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

8.8CVSS0.06496EPSS
Exploits0References1
CVE
CVE
added 2025/08/04 6:20 a.m.116 views

CVE-2025-20702

CVE-2025-20702 affects the Airoha Bluetooth audio SDK, enabling unauthorized access to the RACE protocol with remote privilege escalation, no user interaction required, and proximity-based exploitation. Affected details and root cause are described across multiple sources (Red Hat, NVD, NIST CVE ...

8.8CVSS7.9AI score0.05413EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/04 6:20 a.m.4 views

CVE-2025-20702

In the Airoha Bluetooth audio SDK, there is a possible unauthorized access to the RACE protocol. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.6AI score0.05413EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/04 6:20 a.m.16 views

CVE-2025-20702

In the Airoha Bluetooth audio SDK, there is a possible unauthorized access to the RACE protocol. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

0.05413EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/04 6:20 a.m.8 views

CVE-2025-20701

In the Airoha Bluetooth audio SDK, there is a possible way to pair Bluetooth audio device without user consent. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

0.04372EPSS
Exploits0References1
CVE
CVE
added 2025/08/04 6:20 a.m.34 views

CVE-2025-20701

CVE-2025-20701 affects the Airoha Bluetooth audio SDK and describes a flaw allowing Bluetooth pairing without user consent, enabling remote privilege escalation with no user interaction. The PT-2025-27363 entry lists the flaw and notes affected product as Airoha Bluetooth audio SDK but does not s...

8.8CVSS7.9AI score0.04372EPSS
Exploits0References2
Rows per page
Query Builder