Lucene search
K

7892 matches found

OSV
OSV
added 2025/06/19 9:8 p.m.5 views

USN-7585-2 linux-aws-fips, linux-gcp-fips vulnerabilities

It was discovered that the CIFS network file system implementation in the Linux kernel did not properly verify the target namespace when handling upcalls. An attacker could use this to expose sensitive information. CVE-2025-2312 Several security issues were discovered in the Linux kernel. An...

7.8CVSS6.8AI score0.00246EPSS
Exploits0References33
Ubuntu
Ubuntu
added 2025/06/19 8:15 p.m.17 views

USN-7585-1: Linux kernel vulnerabilities

It was discovered that the CIFS network file system implementation in the Linux kernel did not properly verify the target namespace when handling upcalls. An attacker could use this to expose sensitive information. CVE-2025-2312 Several security issues were discovered in the Linux kernel. An...

7.8CVSS7.1AI score0.00246EPSS
Exploits0
OSV
OSV
added 2025/06/19 8:15 p.m.6 views

USN-7585-1 linux, linux-aws, linux-aws-5.4, linux-azure, linux-gcp, linux-gcp-5.4, linux-ibm, linux-ibm-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-xilinx-zynqmp vulnerabilities

It was discovered that the CIFS network file system implementation in the Linux kernel did not properly verify the target namespace when handling upcalls. An attacker could use this to expose sensitive information. CVE-2025-2312 Several security issues were discovered in the Linux kernel. An...

7.8CVSS6.8AI score0.00246EPSS
Exploits0References33
RedhatCVE
RedhatCVE
added 2025/06/19 7:29 p.m.4 views

CVE-2022-50220

In the Linux kernel, the following vulnerability has been resolved: usbnet: Fix linkwatch use-after-free on disconnect usbnet uses the work usbnetdeferredkevent to perform tasks which may sleep. On disconnect, completion of the work was originally awaited in -ndostop. But in 2003, that was moved ...

4.2CVSS7.2AI score0.00198EPSS
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/06/19 3:22 p.m.1 views

Malicious code in drivers-kit (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0ba30922790421a31176c5d094f9244d7e2c5aefa5a38c9506763c5adb863f66 Any computer that has this package installed or running should be considered...

6.8AI score
Exploits0References3
OSV
OSV
added 2025/06/18 11:15 a.m.3 views

DEBIAN-CVE-2022-50144

In the Linux kernel, the following vulnerability has been resolved: soundwire: revisit driver bind/unbind and callbacks In the SoundWire probe, we store a pointer from the driver ops into the 'slave' structure. This can lead to kernel oopses when unbinding codec drivers, e.g. with the following...

5.5CVSS5.4AI score0.00155EPSS
Exploits0References1
NVD
NVD
added 2025/06/18 11:15 a.m.8 views

CVE-2022-50144

In the Linux kernel, the following vulnerability has been resolved: soundwire: revisit driver bind/unbind and callbacks In the SoundWire probe, we store a pointer from the driver ops into the 'slave' structure. This can lead to kernel oopses when unbinding codec drivers, e.g. with the following...

5.5CVSS0.00155EPSS
Exploits0References4
CVE
CVE
added 2025/06/18 11:3 a.m.84 views

CVE-2022-50220

CVE-2022-50220 is a Linux kernel vulnerability in the usbnet subsystem where a use-after-free can occur on disconnect due to linkwatch handling after unregister_netdev. The issue stems from usbnet_deferred_kevent() being awaited in a path that may access freed netdev state, potentially enabling m...

7.8CVSS6.5AI score0.00198EPSS
Exploits0References9Affected Software1
OSV
OSV
added 2025/06/18 11:3 a.m.4 views

CVE-2022-50220 usbnet: Fix linkwatch use-after-free on disconnect

In the Linux kernel, the following vulnerability has been resolved: usbnet: Fix linkwatch use-after-free on disconnect usbnet uses the work usbnetdeferredkevent to perform tasks which may sleep. On disconnect, completion of the work was originally awaited in -ndostop. But in 2003, that was moved ...

7.8CVSS6AI score0.00198EPSS
Exploits0References12
Debian CVE
Debian CVE
added 2025/06/18 11:3 a.m.4 views

CVE-2022-50174

In the Linux kernel, the following vulnerability has been resolved: net: hinic: avoid kernel hung in hinicgetstats64 When using hinic device as a bond slave device, and reading device stats of master bond device, the kernel may hung. The kernel panic calltrace as follows: Kernel panic - not...

5.5CVSS5.3AI score0.0015EPSS
Exploits0
Cvelist
Cvelist
added 2025/06/18 11:1 a.m.6 views

CVE-2022-50022 drivers:md:fix a potential use-after-free bug

In the Linux kernel, the following vulnerability has been resolved: drivers:md:fix a potential use-after-free bug In line 2884, "raid5releasestripesh;" drops the reference to sh and may cause sh to be released. However, sh is subsequently used in lines 2886 "if sh-batchhead && sh != sh-batchhead"...

0.0021EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2025/06/18 11:1 a.m.4 views

CVE-2022-50022

In the Linux kernel, the following vulnerability has been resolved: drivers:md:fix a potential use-after-free bug In line 2884, "raid5releasestripesh;" drops the reference to sh and may cause sh to be released. However, sh is subsequently used in lines 2886 "if sh-batchhead && sh != sh-batchhead"...

7.8CVSS5.2AI score0.0021EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2025/06/18 10:15 a.m.3 views

CVE-2025-38022

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fix "KASAN: slab-use-after-free Read in ibregisterdevice" problem Call Trace: dumpstack lib/dumpstack.c:94 inline dumpstacklvl+0x116/0x1f0 lib/dumpstack.c:120 printaddressdescription mm/kasan/report.c:408 inline...

7.8CVSS6.9AI score0.00161EPSS
Exploits0References8Affected Software1
OSV
OSV
added 2025/06/18 10:15 a.m.2 views

DEBIAN-CVE-2025-38009

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: disable napi on driver removal A warning on driver removal started occurring after commit 9dd05df8403b "net: warn if NAPI instance wasn't shut down". Disable tx napi before deleting it in mt76dmacleanup. WARNING: CPU:...

5.5CVSS5.7AI score0.00167EPSS
Exploits0References1
NVD
NVD
added 2025/06/18 10:15 a.m.5 views

CVE-2025-38009

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: disable napi on driver removal A warning on driver removal started occurring after commit 9dd05df8403b "net: warn if NAPI instance wasn't shut down". Disable tx napi before deleting it in mt76dmacleanup. WARNING: CPU:...

5.5CVSS0.00167EPSS
Exploits0References9
OSV
OSV
added 2025/06/18 9:28 a.m.9 views

CVE-2025-38009 wifi: mt76: disable napi on driver removal

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: disable napi on driver removal A warning on driver removal started occurring after commit 9dd05df8403b "net: warn if NAPI instance wasn't shut down". Disable tx napi before deleting it in mt76dmacleanup. WARNING: CPU:...

5.5CVSS6.3AI score0.00167EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2025/06/18 12:0 a.m.7 views

PT-2025-26070 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel's SoundWire driver has been resolved. The issue arises when the driver's bind and unbind operations are not properly handled, leading to potential...

7.8CVSS5.8AI score0.12746EPSS
Exploits16References563
AstraLinux
AstraLinux
added 2025/06/16 11:28 a.m.6 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: net: phy: It is now possible to allow the MDIO bus’s PM operations to initiate/stop the state machine for the phylink-controlled PHY. There are two types of DSA drivers: 1. Those that call dsaswitchsuspend and dsaswitchresume...

5.5CVSS6.4AI score0.00159EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2025/06/16 11:28 a.m.0 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: Driver core: Fixed a potential NULL pointer dereferencing in devuevent. If the user space reads the “uevent” device attribute at the same time as other threads unbinds the device from its driver, changing the value of dev-driver...

5.5CVSS6.2AI score0.0016EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2025/06/16 12:0 a.m.2 views

Ubuntu: Security Advisory (USN-7550-7)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.5AI score0.00234EPSS
Exploits0References2
Rows per page
Query Builder