9002 matches found
CVE-2025-38309 drm/xe/vm: move xe_svm_init() earlier
In the Linux kernel, the following vulnerability has been resolved: drm/xe/vm: move xesvminit earlier In xevmcloseandput we need to be able to call xesvmfini, however during vm creation we can call this on the error path, before having actually initialised the svm state, leading to various splats...
CVE-2025-38308
CVE-2025-38308 affects the Linux kernel ASoC Intel AVS path during hardware initialization. The root cause is a potential null pointer dereference in avs_dai_find_path_template(); the fix drops the search since the template is already known when avs_hw_constraints_init() fires. Affected/impacted:...
CVE-2025-38308 ASoC: Intel: avs: Fix possible null-ptr-deref when initing hw
In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Fix possible null-ptr-deref when initing hw Search result of avsdaifindpathtemplate shall be verified before being used. As 'template' is already known when avshwconstraintsinit is fired, drop the search entirel...
CVE-2025-38308 ASoC: Intel: avs: Fix possible null-ptr-deref when initing hw
In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Fix possible null-ptr-deref when initing hw Search result of avsdaifindpathtemplate shall be verified before being used. As 'template' is already known when avshwconstraintsinit is fired, drop the search entirel...
CVE-2025-38296
CVE-2025-38296 affects the Linux kernel platform_profile driver. On non-ACPI platforms, sysfs entries were initialized during module init, requiring acpi_kobj and triggering a warning. The fix is to check that ACPI is enabled before creating the sysfs entries (platform_profile_init) to prevent in...
CVE-2025-38296 ACPI: platform_profile: Avoid initializing on non-ACPI platforms
In the Linux kernel, the following vulnerability has been resolved: ACPI: platformprofile: Avoid initializing on non-ACPI platforms The platform profile driver is loaded even on platforms that do not have ACPI enabled. The initialization of the sysfs entries was recently moved from...
CVE-2025-38297 PM: EM: Fix potential division-by-zero error in em_compute_costs()
In the Linux kernel, the following vulnerability has been resolved: PM: EM: Fix potential division-by-zero error in emcomputecosts When the device is of a non-CPU type, tablei.performance won't be initialized in the previous eminitperformance, resulting in division by zero when calculating costs ...
CVE-2025-38281
Public technical details about CVE-2025-38281 are not provided in the connected documents. The available descriptions indicate a NULL check addition in mt7996_thermal_init for Linux kernel wifi mt76 mt7996, but no further specifics.
CVE-2025-38265 serial: jsm: fix NPE during jsm_uart_port_init
In the Linux kernel, the following vulnerability has been resolved: serial: jsm: fix NPE during jsmuartportinit No device was set which caused serialbasectrladd to crash. BUG: kernel NULL pointer dereference, address: 0000000000000050 Oops: Oops: 0000 1 PREEMPT SMP NOPTI CPU: 16 UID: 0 PID: 368...
llama.cpp 安全漏洞
llama.cpp is a multimodal model by the individual developer Georgi Gerganov. A security vulnerability exists in llama.cpp, which stems from an integer overflow in the ggufinitfromfileimpl function, which could lead to a heap out-of-bounds read or write...
SUSE CVE-2025-38262
In the Linux kernel, the following vulnerability has been resolved: tty: serial: uartlite: register uart driver in init When two instances of uart devices are probing, a concurrency race can occur. If one thread calls uartregisterdriver function, which first allocates and assigns memory to...
AZL-64853 CVE-2025-38262 affecting package kernel for versions less than 6.6.96.1-1
In the Linux kernel, the following vulnerability has been resolved: tty: serial: uartlite: register uart driver in init When two instances of uart devices are probing, a concurrency race can occur. If one thread calls uartregisterdriver function, which first allocates and assigns memory to...
DEBIAN-CVE-2025-38262
In the Linux kernel, the following vulnerability has been resolved: tty: serial: uartlite: register uart driver in init When two instances of uart devices are probing, a concurrency race can occur. If one thread calls uartregisterdriver function, which first allocates and assigns memory to...
UBUNTU-CVE-2025-38262
In the Linux kernel, the following vulnerability has been resolved: tty: serial: uartlite: register uart driver in init When two instances of uart devices are probing, a concurrency race can occur. If one thread calls uartregisterdriver function, which first allocates and assigns memory to...
podman: podman missing TLS verification
A flaw was found in Podman. The podman machine init command fails to verify the TLS certificate when downloading the VM images from an OCI registry. This issue results in a Man In The Middle attack...
CVE-2025-21422
Cryptographic issue while processing crypto API calls, missing checks may lead to corrupted key usage or IV reuses...
PT-2025-28647
Name of the Vulnerable Software and Affected Versions Git versions 2.43.7 through 2.50.1 Description Git contains a link following vulnerability stemming from inconsistent handling of carriage return characters in configuration files. This flaw allows attackers to execute arbitrary code via...
libvpx security update
1.3.0-8.0.1 - Fixes CVE-2025-5283 vpxcodecencinitmulti fix double free on init fail Orabug: 38103810...
Qualcomm Chipsets 加密问题漏洞
Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A cryptographic issue vulnerability exists in Qualcomm Chipsets that stems from an encryption issue when handling cryptographic API calls, which could lead to corrupted key usage or IV reuse...
SUSE CVE-2025-38227
In the Linux kernel, the following vulnerability has been resolved: media: vidtv: Terminating the subsequent process of initialization failure syzbot reported a slab-use-after-free Read in vidtvmuxinit. 1 After PSI initialization fails, the si member is accessed again, resulting in this uaf. Afte...