Qualcomm Chipsets 加密问题漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A cryptographic issue vulnerability exists in Qualcomm Chipsets that stems from an encryption issue when handling cryptographic API calls, which could lead to corrupted key usage or IV reuse...

SUSE CVE-2025-38227

In the Linux kernel, the following vulnerability has been resolved: media: vidtv: Terminating the subsequent process of initialization failure syzbot reported a slab-use-after-free Read in vidtvmuxinit. 1 After PSI initialization fails, the si member is accessed again, resulting in this uaf. Afte...

webkitgtk: Memory initialization issue possibly leading to memory disclosure

A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may result in the disclosure of process memory...

PT-2025-31075

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in Comedi subdevice instruction handlers where data elements beyond the first insn-n elements may be accessed in certain cases. The do insn ioctl and do...

Vulnerability of components in page.h and init.c of the Linux operating system’s kernel, which allows a hacker to cause a service failure

The vulnerability of the page.h and init.c components in the Linux operating system’s kernel is related to memory initialization errors. Exploiting this vulnerability can allow an attacker to cause a service failure...

CVE-2025-38227

In the Linux kernel, the following vulnerability has been resolved: media: vidtv: Terminating the subsequent process of initialization failure syzbot reported a slab-use-after-free Read in vidtvmuxinit. 1 After PSI initialization fails, the si member is accessed again, resulting in this uaf. Afte...

GHSA-794X-8X6X-QPFC Zipkin Server vulnerable to Insecure Resource Initialization through its /heapdump endpoint

Zipkin through 3.5.1 has a /heapdump endpoint associated with the use of Spring Boot Actuator, a similar issue to CVE-2025-48927...

Zipkin Server vulnerable to Insecure Resource Initialization through its /heapdump endpoint

Zipkin through 3.5.1 has a /heapdump endpoint associated with the use of Spring Boot Actuator, a similar issue to CVE-2025-48927...

SUSE CVE-2025-38153

In the Linux kernel, the following vulnerability has been resolved: net: usb: aqc111: fix error handling of usbnet read calls Syzkaller, courtesy of syzbot, identified an error see report 1 in aqc111 driver, caused by incomplete sanitation of usb read calls' results. This problem is quite similar...

CVE-2025-38227

In the Linux kernel, the following vulnerability has been resolved: media: vidtv: Terminating the subsequent process of initialization failure syzbot reported a slab-use-after-free Read in vidtvmuxinit. 1 After PSI initialization fails, the si member is accessed again, resulting in this uaf. Afte...

AZL-64779 CVE-2025-38227 affecting package kernel for versions less than 6.6.96.1-1

In the Linux kernel, the following vulnerability has been resolved: media: vidtv: Terminating the subsequent process of initialization failure syzbot reported a slab-use-after-free Read in vidtvmuxinit. 1 After PSI initialization fails, the si member is accessed again, resulting in this uaf. Afte...

AZL-64722 CVE-2025-38231 affecting package kernel for versions less than 6.6.96.1-1

In the Linux kernel, the following vulnerability has been resolved: nfsd: Initialize ssc before laundromatwork to prevent NULL dereference In nfs4statestartnet, laundromatwork may access nfsdssc through nfs4laundromat - nfsd4sscexpireumount. If nfsdssc isn't initialized, this can cause NULL point...

DEBIAN-CVE-2025-38227

In the Linux kernel, the following vulnerability has been resolved: media: vidtv: Terminating the subsequent process of initialization failure syzbot reported a slab-use-after-free Read in vidtvmuxinit. 1 After PSI initialization fails, the si member is accessed again, resulting in this uaf. Afte...

CVE-2025-38231

In the Linux kernel, the following vulnerability has been resolved: nfsd: Initialize ssc before laundromatwork to prevent NULL dereference In nfs4statestartnet, laundromatwork may access nfsdssc through nfs4laundromat - nfsd4sscexpireumount. If nfsdssc isn't initialized, this can cause NULL point...

UBUNTU-CVE-2025-38227

In the Linux kernel, the following vulnerability has been resolved: media: vidtv: Terminating the subsequent process of initialization failure syzbot reported a slab-use-after-free Read in vidtvmuxinit. 1 After PSI initialization fails, the si member is accessed again, resulting in this uaf. Afte...

UBUNTU-CVE-2025-38231

In the Linux kernel, the following vulnerability has been resolved: nfsd: Initialize ssc before laundromatwork to prevent NULL dereference In nfs4statestartnet, laundromatwork may access nfsdssc through nfs4laundromat - nfsd4sscexpireumount. If nfsdssc isn't initialized, this can cause NULL point...

CVE-2025-38231 nfsd: Initialize ssc before laundromat_work to prevent NULL dereference

In the Linux kernel, the following vulnerability has been resolved: nfsd: Initialize ssc before laundromatwork to prevent NULL dereference In nfs4statestartnet, laundromatwork may access nfsdssc through nfs4laundromat - nfsd4sscexpireumount. If nfsdssc isn't initialized, this can cause NULL point...

CVE-2025-38231

CVE-2025-38231 affects the Linux kernel nfsd component. The vulnerability arises when laundromat_work starts before nfsd_ssc is initialized, risking a NULL pointer dereference in nfs4_state_start_net() via nfs4_laundromat -> nfsd4_ssc_expire_umount. The documented fix moves nfsd_ssc initializa...

CVE-2025-38231 nfsd: Initialize ssc before laundromat_work to prevent NULL dereference

In the Linux kernel, the following vulnerability has been resolved: nfsd: Initialize ssc before laundromatwork to prevent NULL dereference In nfs4statestartnet, laundromatwork may access nfsdssc through nfs4laundromat - nfsd4sscexpireumount. If nfsdssc isn't initialized, this can cause NULL point...

CVE-2025-38227 media: vidtv: Terminating the subsequent process of initialization failure

In the Linux kernel, the following vulnerability has been resolved: media: vidtv: Terminating the subsequent process of initialization failure syzbot reported a slab-use-after-free Read in vidtvmuxinit. 1 After PSI initialization fails, the si member is accessed again, resulting in this uaf. Afte...